-
Many DllHost processes- High RAM usage when online
Hello,
Firstly, I'd like to thank y'all in advance for any help. I have posted here quite a few years ago, and the problems were solved rather painlessly.
Yesterday, I noitced my laptop was running at 100% CPU usage, checked task manager and noticed a large amount of dllhost.exe (about 20, COM Surrogate as the description), all running at high memory usage (over 100K). Disconnected from the internet, all dropped down slowly till about 3,500K memory and computer seemed to run normally. Ran a malware bytes scan which found nothing. Reconnected to the internet, again all the dllhost.exe processes jumped back up in memory usage until effectively crashing the machine while I ran another malware bytes scan after updating their virus definitions. Again, it found nothing. I can end the dllhost processes but they reappear instantly. If I open the file location of any of them, it takes me to "C:\Windows\System32". I have also tired disabling all startup programs through msconfig and a reboot, no luck there. I just installed Spybot and ran a system scan, it found 11 tracking cookies which were deleted. I was not able to find a way to get a log file from that.
I can recreate the high memory usage by just connecting to the internet; something is definitely wrong here. Aside from it being some sort of malware, I don't see any reason for this process to be running as much as it is.
I have followed the before you post sticky, and ran ERUNT. Below are the contents from the dds.txt file. attach.txt was zipped up and attached. The MBR.txt contents are pasted below as well.
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16686 BrowserJavaVersion: 1.6.0_22
Run by Patrick at 15:28:03 on 2013-11-05
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4023.1668 [GMT -5:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\Explorer.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\taskmgr.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://google.com/
mWinlogon: Userinit = userinit.exe,
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file>
mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
dRunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
LSP: mswsock.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {C49134CC-B5EF-458C-A442-E8DFE7B4645F} - hxxp://www.yoyogames.com/plugins/activex/YoYo.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
TCP: NameServer = 130.85.1.3 130.85.1.4 130.85.1.5
TCP: Interfaces\{8D10E40F-39D7-49E9-878E-7221E17CE639} : NameServer = 8.8.8.8
TCP: Interfaces\{8D10E40F-39D7-49E9-878E-7221E17CE639} : DHCPNameServer = 130.85.1.3 130.85.1.4 130.85.1.5
TCP: Interfaces\{8D10E40F-39D7-49E9-878E-7221E17CE639}\55D42434026596379647F627 : NameServer = 8.8.8.8
TCP: Interfaces\{8D10E40F-39D7-49E9-878E-7221E17CE639}\55D42434026596379647F627 : DHCPNameServer = 130.85.1.3 130.85.1.4 130.85.1.5
TCP: Interfaces\{8D10E40F-39D7-49E9-878E-7221E17CE639}\F42716E676563456461627 : NameServer = 8.8.8.8
TCP: Interfaces\{8D10E40F-39D7-49E9-878E-7221E17CE639}\F42716E676563456461627 : DHCPNameServer = 192.168.1.1 75.75.75.75 75.75.76.76
TCP: Interfaces\{8D10E40F-39D7-49E9-878E-7221E17CE639}\F42716E676563456461627D27657563747 : NameServer = 8.8.8.8
TCP: Interfaces\{8D10E40F-39D7-49E9-878E-7221E17CE639}\F42716E676563456461627D27657563747 : DHCPNameServer = 192.168.33.1 75.75.75.75 75.75.76.76
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WebCheck - <orphaned>
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\wbamu2pn.default\
FF - prefs.js: browser.startup.homepage - google.com
FF - component: C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
FF - plugin: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\3.0.40624.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Patrick\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll
FF - plugin: C:\Users\Patrick\AppData\Local\HuluDesktop\instances\0.9.14.1\nphdplg.dll
FF - plugin: C:\Users\Patrick\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\Patrick\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Users\Patrick\AppData\Roaming\Mozilla\plugins\npo1d.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll
.
============= SERVICES / DRIVERS ===============
.
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2012-6-8 283200]
R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [2009-3-2 89600]
R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2010-7-16 30520]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-11-5 3921880]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-11-5 1042272]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-11-5 171416]
R3 enecir;ENE CIR Receiver;C:\Windows\System32\drivers\enecir.sys [2009-6-29 70656]
R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2009-10-12 151040]
R3 JMCR;JMCR;C:\Windows\System32\drivers\jmcr.sys [2009-7-20 140712]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 Com4QLBEx;Com4QLBEx;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-1-9 228408]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-2-27 258560]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-7-7 59392]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-5-30 1255736]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120]
.
=============== Created Last 30 ================
.
2013-11-05 20:18:09 21040 ----a-w- C:\Windows\System32\sdnclean64.exe
2013-11-05 20:18:08 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2013-11-05 20:18:04 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-11-03 20:12:38 -------- d-----w- C:\Program Files (x86)\Audacity
.
==================== Find3M ====================
.
2013-08-10 05:22:18 2241024 ----a-w- C:\Windows\System32\wininet.dll
2013-08-10 05:20:59 3959296 ----a-w- C:\Windows\System32\jscript9.dll
2013-08-10 05:20:55 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-08-10 05:20:55 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-08-10 03:59:10 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-08-10 03:58:09 2876928 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-08-10 03:58:06 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-08-10 03:58:06 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-08-10 03:17:38 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-08-10 03:07:50 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-08-10 02:27:59 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-08-10 02:17:19 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-08-08 01:20:43 3155456 ----a-w- C:\Windows\System32\win32k.sys
.
============= FINISH: 15:28:31.18 ===============
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-11-05 15:32:20
-----------------------------
15:32:20.373 OS Version: Windows x64 6.1.7601 Service Pack 1
15:32:20.373 Number of processors: 4 586 0x2502
15:32:20.374 ComputerName: PATRICK-LAPTOP UserName: Patrick
15:32:21.728 Initialize success
15:33:32.638 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
15:33:32.644 Disk 0 Vendor: Hitachi_ PC4O Size: 476940MB BusType: 3
15:33:32.729 Disk 0 MBR read successfully
15:33:32.733 Disk 0 MBR scan
15:33:32.737 Disk 0 unknown MBR code
15:33:32.754 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
15:33:32.769 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 459474 MB offset 409600
15:33:32.797 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 17162 MB offset 941412352
15:33:32.816 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 103 MB offset 976560128
15:33:32.857 Disk 0 scanning C:\Windows\system32\drivers
15:33:39.408 Service scanning
15:33:54.435 Service ?etadpug C:\Program Files (x86)\Google\Desktop\Install\{b6deba4e-a8e0-94fb-6532-d70db4eb65a9}\ **HIDDEN**
15:33:54.954 Modules scanning
15:33:54.962 Disk 0 trace - called modules:
15:33:55.321 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys iaStor.sys
15:33:55.330 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800586b060]
15:33:55.339 3 CLASSPNP.SYS[fffff88000e4f43f] -> nt!IofCallDriver -> [0xfffffa8005714b10]
15:33:55.344 5 hpdskflt.sys[fffff88001c022bd] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004a3b050]
15:33:55.349 Scan finished successfully
15:34:09.728 Disk 0 MBR has been saved successfully to "C:\Users\Patrick\Desktop\MBR.dat"
15:34:09.733 The log file has been saved successfully to "C:\Users\Patrick\Desktop\aswMBR.txt"
-
Sorry for the delay, sometimes we may miss a thread here and there, thanks for being patient.
Lets run a different scanner and lets see if it picks up anything
OTL by OldTimer
- Download OTL to your desktop.
- Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
- When the window appears, underneath Output at the top change it to Minimal Output.
- Click the "Scan All Users" checkbox.
- Check the boxes beside LOP Check and Purity Check.
- Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
- When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.
Note:These logs can be located in the OTL. folder on you C:\ drive if they fail to open automatically. - Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them both in.
-
Hi, no worries.
It is worth noting that after my last post, and before this, I have also ran a adwcleaner scan. The report is below, I will not do anything else on my own now since you have posted. I have also ran the otl tool you provided, logs are shown below that; first otl.txt. It looks like I will need 2 posts to fit it all in.
# AdwCleaner v3.012 - Report created 13/11/2013 at 20:11:35
# Updated 11/11/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Patrick - PATRICK-LAPTOP
# Running from : C:\Users\Patrick\Downloads\AdwCleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Users\Patrick\AppData\Roaming\iWin
Folder Deleted : C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\wbamu2pn.default\StumbleUpon
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
Key Deleted : HKCU\Software\YahooPartnerToolbar
***** [ Browsers ] *****
-\\ Internet Explorer v10.0.9200.16686
-\\ Mozilla Firefox v24.0 (en-US)
[ File : C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\wbamu2pn.default\prefs.js ]
-\\ Google Chrome v
[ File : C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [1576 octets] - [13/11/2013 20:04:32]
AdwCleaner[S0].txt - [1466 octets] - [13/11/2013 20:11:35]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1526 octets] ##########
otl.txt :
OTL logfile created on: 11/16/2013 10:08:11 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Patrick\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16686)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.93 Gb Total Physical Memory | 1.22 Gb Available Physical Memory | 30.95% Memory free
7.86 Gb Paging File | 3.93 Gb Available in Paging File | 50.04% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 448.71 Gb Total Space | 346.22 Gb Free Space | 77.16% Space Free | Partition Type: NTFS
Drive D: | 16.76 Gb Total Space | 2.70 Gb Free Space | 16.09% Space Free | Partition Type: NTFS
Drive E: | 99.02 Mb Total Space | 92.44 Mb Free Space | 93.35% Space Free | Partition Type: FAT32
Computer Name: PATRICK-LAPTOP | User Name: Patrick | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Patrick\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.)
========== Modules (No Company Name) ==========
========== Services (SafeList) ==========
SRV:64bit: - (hpsrv) -- C:\Windows\SysNative\hpservice.exe (Hewlett-Packard Company)
SRV:64bit: - (STacSV) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\stacsv64.exe (IDT, Inc.)
SRV:64bit: - (AESTFilters) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe (Andrea Electronics Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (STacSV) -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe (IDT, Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (AESTFilters) -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe (Andrea Electronics Corporation)
SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
========== Driver Services (SafeList) ==========
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (hpdskflt) -- C:\Windows\SysNative\drivers\hpdskflt.sys (Hewlett-Packard Company)
DRV:64bit: - (Accelerometer) -- C:\Windows\SysNative\drivers\Accelerometer.sys (Hewlett-Packard Company)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.)
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (JMCR) -- C:\Windows\SysNative\drivers\jmcr.sys (JMicron Technology Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (enecir) -- C:\Windows\SysNative\drivers\enecir.sys (ENE TECHNOLOGY INC.)
DRV:64bit: - (SrvHsfV92) -- C:\Windows\SysNative\drivers\VSTDPV6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfWinac) -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfHDA) -- C:\Windows\SysNative\drivers\VSTAZL6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (AgereSoftModem) -- C:\Windows\SysNative\drivers\agrsm64.sys (LSI Corp)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell)
DRV:64bit: - (netw5v64) -- C:\Windows\SysNative\drivers\netw5v64.sys (Intel Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (HpqKbFiltr) -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.)
DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys (Nokia)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (TFsExDisk) -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys (Teruten Inc)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0FA521FE-BDE5-4076-AA10-1EC9B31C7804}
IE:64bit: - HKLM\..\SearchScopes\{0FA521FE-BDE5-4076-AA10-1EC9B31C7804}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{74EE8F2B-E42A-479E-B24C-0D3E8EF1FAA7}: "URL" = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{0FA521FE-BDE5-4076-AA10-1EC9B31C7804}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{74EE8F2B-E42A-479E-B24C-0D3E8EF1FAA7}: "URL" = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = D3 49 C4 0E 1E D6 8A 46 A4 AC BC 6C 90 13 33 0F [binary data]
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = D3 49 C4 0E 1E D6 8A 46 A4 AC BC 6C 90 13 33 0F [binary data]
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-206255447-465052432-3297643694-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE - HKU\S-1-5-21-206255447-465052432-3297643694-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
IE - HKU\S-1-5-21-206255447-465052432-3297643694-1000\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = D3 49 C4 0E 1E D6 8A 46 A4 AC BC 6C 90 13 33 0F [binary data]
IE - HKU\S-1-5-21-206255447-465052432-3297643694-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-206255447-465052432-3297643694-1000\..\SearchScopes\{0FA521FE-BDE5-4076-AA10-1EC9B31C7804}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
IE - HKU\S-1-5-21-206255447-465052432-3297643694-1000\..\SearchScopes\{74EE8F2B-E42A-479E-B24C-0D3E8EF1FAA7}: "URL" = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
IE - HKU\S-1-5-21-206255447-465052432-3297643694-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "google.com"
FF - prefs.js..extensions.enabledAddons: %7Bb65be3e8-1a83-48dd-863a-bec63c527446%7D:1.0
FF - prefs.js..extensions.enabledAddons: %7BAE93811A-5C9A-4d34-8462-F7B864FC4696%7D:4.16
FF - prefs.js..extensions.enabledAddons: %7Bdc572301-7619-498c-a57d-39143191b318%7D:0.4.1.1.01
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:24.0
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.10
FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.7
FF - prefs.js..extensions.enabledItems: yyginstantplay@yoyogames.com:1.1.0.24
FF - prefs.js..extensions.enabledItems: {AE93811A-5C9A-4d34-8462-F7B864FC4696}:3.97
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {b65be3e8-1a83-48dd-863a-bec63c527446}:1.0
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.9.0.9216
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\3.0.40624.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@hulu.com/Hulu Desktop: C:\Users\Patrick\AppData\Local\HuluDesktop\instances\0.9.14.1\nphdplg.dll (Hulu LLC)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Patrick\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Patrick\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Patrick\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Patrick\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Patrick\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/10/04 22:15:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/10/04 22:15:29 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/10/04 22:15:28 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/10/04 22:15:29 | 000,000,000 | ---D | M]
[2010/05/29 21:14:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Patrick\AppData\Roaming\Mozilla\Extensions
[2013/10/04 22:24:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\wbamu2pn.default\extensions
[2011/07/29 22:12:38 | 000,000,000 | ---D | M] (XUL Cache) -- C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\wbamu2pn.default\extensions\{b65be3e8-1a83-48dd-863a-bec63c527446}
[2010/07/22 19:05:39 | 000,000,000 | ---D | M] ("YoYo Games InstantPlay") -- C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\wbamu2pn.default\extensions\yyginstantplay@yoyogames.com
[2012/12/30 16:12:06 | 000,377,738 | ---- | M] () (No name found) -- C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\wbamu2pn.default\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}.xpi
[2013/07/30 21:30:22 | 000,824,302 | ---- | M] () (No name found) -- C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\wbamu2pn.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/10/04 21:20:13 | 000,767,307 | ---- | M] () (No name found) -- C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\wbamu2pn.default\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi
[2013/10/04 22:15:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/10/04 22:15:34 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2011/03/29 16:32:59 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Patrick\AppData\Local\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Patrick\AppData\Local\Google\Chrome\Application\30.0.1599.101\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Patrick\AppData\Local\Google\Chrome\Application\30.0.1599.101\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: YoYoGames InstantPlay XPCOM Plugin for Firefox (Enabled) = C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcfejfmpolpnopihlomibjllpdpiihem\1.1.0.26_0\plugins/NPYYGInstantPlay.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.220.4 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U22 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.1.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.1.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.1.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.1.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.1.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.1.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.1.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Patrick\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Hulu Desktop (Enabled) = C:\Users\Patrick\AppData\Local\HuluDesktop\instances\0.9.14.1\nphdplg.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\3.0.40624.0\npctrl.dll
CHR - Extension: Easy Auto Refresh = C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\aabcgdmkeabbnleenpncegpcngjpnjkc\2.9_0\
CHR - Extension: YouTube = C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Slinky Elegant = C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmanlajnpdncmhfkiccmbgeocgbncfln\19.6_0\
CHR - Extension: Google Search = C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Tampermonkey = C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo\3.5.3630.66_0\
CHR - Extension: AdBlock = C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.11_0\
CHR - Extension: YYGInstantPlay Control = C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcfejfmpolpnopihlomibjllpdpiihem\1.1.0.26_0\
CHR - Extension: YYGInstantPlay Control = C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcfejfmpolpnopihlomibjllpdpiihem\1.1.0.26_0\.svn\text-base\.svn-base
CHR - Extension: StumbleUpon = C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcahibnffhnnjcedflmchmokndkjnhpg\5.9.19.1_0\
CHR - Extension: Google Wallet = C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\
CHR - Extension: Gmail = C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3 - HKU\S-1-5-21-206255447-465052432-3297643694-1000\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-206255447-465052432-3297643694-1000..\Run: [Google Update] Reg Error: Value error. File not found
O4 - HKU\.DEFAULT..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found
O4 - HKU\S-1-5-18..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - mmswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - %SystemRoot%\System32\winrnr.dll File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_23)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_23)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {C49134CC-B5EF-458C-A442-E8DFE7B4645F} http://www.yoyogames.com/plugins/activex/YoYo.cab (YYGInstantPlay Control)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8D10E40F-39D7-49E9-878E-7221E17CE639}: DhcpNameServer = 192.168.1.1 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8D10E40F-39D7-49E9-878E-7221E17CE639}: NameServer = 8.8.8.8
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{3d82ac88-b177-11e1-8e7a-cd65ebe7dae6}\Shell - "" = AutoRun
O33 - MountPoints2\{3d82ac88-b177-11e1-8e7a-cd65ebe7dae6}\Shell\AutoRun\command - "" = G:\Setup.exe
O33 - MountPoints2\{3d82ac88-b177-11e1-8e7a-cd65ebe7dae6}\Shell\setup\command - "" = G:\setup.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013/11/13 20:04:28 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/11/09 16:11:27 | 000,000,000 | ---D | C] -- C:\Users\Patrick\Documents\ProcAlyzer Dumps
[2013/11/06 13:53:02 | 000,000,000 | ---D | C] -- C:\310 Theater
[2013/11/05 15:27:32 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2013/11/05 15:26:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2013/11/05 15:26:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2013/11/05 15:24:53 | 004,745,728 | ---- | C] (AVAST Software) -- C:\Users\Patrick\Desktop\aswMBR.exe
[2013/11/05 15:24:45 | 000,688,992 | R--- | C] (Swearware) -- C:\Users\Patrick\Desktop\dds.scr
[2013/11/05 15:24:37 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Users\Patrick\Desktop\erunt-setup.exe
[2013/11/05 15:18:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2013/11/05 15:18:09 | 000,021,040 | ---- | C] (Safer Networking Limited) -- C:\Windows\SysNative\sdnclean64.exe
[2013/11/05 15:18:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2013/11/05 15:18:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2013/11/05 15:15:53 | 040,658,208 | ---- | C] (Safer-Networking Ltd. ) -- C:\Users\Patrick\Desktop\spybot-2.2.exe
[2013/11/03 15:12:47 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Audacity
[2013/11/03 15:12:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Audacity
[2013/10/29 13:11:06 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2013/10/24 21:07:07 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013/10/23 19:24:37 | 000,000,000 | ---D | C] -- C:\Users\Patrick\Desktop\pr
[2013/10/21 21:26:47 | 000,000,000 | ---D | C] -- C:\Users\Patrick\Desktop\Cavaold
[2013/10/21 10:15:31 | 000,000,000 | ---D | C] -- C:\Users\Patrick\Documents\Webcam
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013/11/16 10:11:54 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/11/16 10:11:54 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/11/16 10:10:55 | 000,778,942 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/11/16 10:10:55 | 000,660,546 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/11/16 10:10:55 | 000,121,442 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/11/16 10:06:00 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-206255447-465052432-3297643694-1000UA.job
[2013/11/16 10:04:42 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/11/16 10:04:31 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/11/16 10:04:30 | 3163,709,440 | -HS- | M] () -- C:\hiberfil.sys
[2013/11/13 21:57:32 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/11/13 20:06:00 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-206255447-465052432-3297643694-1000Core.job
[2013/11/06 23:37:26 | 000,000,600 | ---- | M] () -- C:\Users\Patrick\AppData\Roaming\winscp.rnd
[2013/11/06 17:36:49 | 000,000,600 | ---- | M] () -- C:\Users\Patrick\AppData\Local\PUTTY.RND
[2013/11/05 15:59:43 | 000,003,019 | ---- | M] () -- C:\Users\Patrick\Desktop\attach.zip
[2013/11/05 15:34:09 | 000,000,512 | ---- | M] () -- C:\Users\Patrick\Desktop\MBR.dat
[2013/11/05 15:26:48 | 000,000,865 | ---- | M] () -- C:\Users\Patrick\Desktop\ERUNT.lnk
[2013/11/05 15:25:08 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Users\Patrick\Desktop\aswMBR.exe
[2013/11/05 15:24:44 | 000,688,992 | R--- | M] (Swearware) -- C:\Users\Patrick\Desktop\dds.scr
[2013/11/05 15:24:42 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Users\Patrick\Desktop\erunt-setup.exe
[2013/11/05 15:18:12 | 000,001,339 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2013/11/05 15:15:14 | 040,658,208 | ---- | M] (Safer-Networking Ltd. ) -- C:\Users\Patrick\Desktop\spybot-2.2.exe
[2013/11/05 15:11:37 | 000,002,044 | ---- | M] () -- C:\Users\Patrick\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/11/03 15:12:43 | 000,000,967 | ---- | M] () -- C:\Users\Public\Desktop\Audacity.lnk
[2013/11/03 11:28:38 | 000,000,308 | ---- | M] () -- C:\Users\Patrick\Desktop\GitHub.appref-ms
[2013/10/29 00:30:29 | 000,001,181 | ---- | M] () -- C:\Users\Patrick\Desktop\Location.java
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013/11/05 15:59:43 | 000,003,019 | ---- | C] () -- C:\Users\Patrick\Desktop\attach.zip
[2013/11/05 15:34:09 | 000,000,512 | ---- | C] () -- C:\Users\Patrick\Desktop\MBR.dat
[2013/11/05 15:26:48 | 000,000,865 | ---- | C] () -- C:\Users\Patrick\Desktop\ERUNT.lnk
[2013/11/05 15:18:12 | 000,001,351 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2013/11/05 15:18:12 | 000,001,339 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2013/11/03 15:12:43 | 000,000,979 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
[2013/11/03 15:12:43 | 000,000,967 | ---- | C] () -- C:\Users\Public\Desktop\Audacity.lnk
[2013/11/03 11:28:38 | 000,000,308 | ---- | C] () -- C:\Users\Patrick\Desktop\GitHub.appref-ms
[2013/10/30 12:25:22 | 000,001,181 | ---- | C] () -- C:\Users\Patrick\Desktop\Location.java
[2013/09/12 14:21:28 | 000,216,064 | ---- | C] () -- C:\Windows\SysWow64\gcapi_dll.dll
[2013/04/30 13:38:41 | 000,000,047 | ---- | C] () -- C:\Users\Patrick\.gitconfig
[2013/03/11 10:39:29 | 000,773,522 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/10/05 11:30:48 | 000,000,600 | ---- | C] () -- C:\Users\Patrick\AppData\Roaming\winscp.rnd
[2012/10/03 12:02:51 | 000,000,600 | ---- | C] () -- C:\Users\Patrick\AppData\Local\PUTTY.RND
[2011/04/07 19:47:14 | 000,000,145 | ---- | C] () -- C:\Users\Patrick\.appletviewer
[2011/02/18 19:48:04 | 000,007,606 | ---- | C] () -- C:\Users\Patrick\AppData\Local\Resmon.ResmonCfg
[2011/02/06 19:15:04 | 000,000,905 | ---- | C] () -- C:\Users\Patrick\AppData\Roaming\Roaming - Shortcut (2).lnk
[2011/02/06 19:15:03 | 000,000,905 | ---- | C] () -- C:\Users\Patrick\AppData\Roaming\Roaming - Shortcut.lnk
[2010/07/22 20:58:43 | 000,002,528 | ---- | C] () -- C:\Users\Patrick\AppData\Roaming\$_hpcst$.hpc
[2010/05/29 21:10:00 | 000,000,000 | ---- | C] () -- C:\Users\Patrick\AppData\Roaming\wklnhst.dat
========== ZeroAccess Check ==========
[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[2013/10/02 15:10:35 | 000,005,632 | -HS- | M] () -- C:\Windows\assembly\GAC_32\Desktop.ini
[2013/10/02 15:10:35 | 000,007,168 | -HS- | M] () -- C:\Windows\assembly\GAC_64\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
"" = \\?\globalroot\Device\HarddiskVolume2\Users\Patrick\AppData\Local\Temp\smwpxcs\ssvdmbq\wow.dll
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 21:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 20:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 07:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013/10/26 15:07:56 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\.minecraft
[2011/02/12 22:39:59 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\.minecraft.OLD
[2011/01/31 19:39:31 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\.minecraft.SUCK
[2013/11/03 16:48:54 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\Audacity
[2012/12/10 14:06:12 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\DAEMON Tools Lite
[2012/12/01 19:07:47 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\digipen
[2013/10/02 15:31:24 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\Dropbox
[2013/09/23 11:43:40 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\Foxit Software
[2013/04/27 10:13:04 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\ftblauncher
[2013/11/11 22:17:10 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\GitHub
[2011/05/17 21:45:11 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\LolClient
[2012/05/23 19:30:49 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\LolClient2
[2011/03/29 16:34:59 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\OpenOffice.org
[2010/07/23 19:46:16 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\PC Suite
[2010/07/24 11:52:51 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\Samsung
[2013/09/12 14:35:22 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\Softland
[2010/05/29 21:10:01 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\Template
========== Purity Check ==========
< End of report >
-
extras.txt :
OTL Extras logfile created on: 11/16/2013 10:08:11 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Patrick\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16686)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.93 Gb Total Physical Memory | 1.22 Gb Available Physical Memory | 30.95% Memory free
7.86 Gb Paging File | 3.93 Gb Available in Paging File | 50.04% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 448.71 Gb Total Space | 346.22 Gb Free Space | 77.16% Space Free | Partition Type: NTFS
Drive D: | 16.76 Gb Total Space | 2.70 Gb Free Space | 16.09% Space Free | Partition Type: NTFS
Drive E: | 99.02 Mb Total Space | 92.44 Mb Free Space | 93.35% Space Free | Partition Type: FAT32
Computer Name: PATRICK-LAPTOP | User Name: Patrick | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{26A24AE4-039D-4CA4-87B4-2F86416023FF}" = Java(TM) 6 Update 23 (64-bit)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}" = Paint.NET v3.5.10
"{64A3A4F4-B792-11D6-A78A-00B0D0160230}" = Java(TM) SE Development Kit 6 Update 23 (64-bit)
"{85A42FF0-F0D0-44A3-B226-C124D6E8B1D5}" = HP 3D DriveGuard
"{88E60521-1E4E-4785-B9F1-1798A4BD0C30}" = HP MediaSmart SmartMenu
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 276.00
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 276.00
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"BC15EA930074932BB2C4B4493C9FD4EA95087D1A" = Windows Driver Package - Nokia pccsmcfd (10/12/2007 6.85.4.0)
"Broadcom 802.11 Wireless LAN Adapter" = Broadcom 802.11 Wireless LAN Adapter
"doPDF 7 printer_is1" = doPDF 7.3 printer
"FFE7D41DF3C645075BB149E21988B63996C34187" = ENE CIR Receiver Driver
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"NVIDIA Drivers" = NVIDIA Drivers
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile phone USB driver Drive" = Samsung Mobile phone USB driver Drive Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{1747DF05-6890-440B-B094-2146F5DC50E0}" = HP MediaSmart SlingPlayer
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{17B4760F-334B-475D-829F-1A3E94A6A4E6}" = HP Setup
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons
"{35021DFB-F9CA-402A-89A2-47F91E506465}" = HP MediaSmart/TouchSmart Netflix
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Windows 7
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3E171899-0175-47CC-84C4-562ACDD4C021}" = OpenOffice.org 3.3
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{43AC7CBC-1D6A-3B5B-81B1-A0C166FE48F4}" = Google Talk Plugin
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{54CC7901-804D-4155-B353-21F0CC9112AB}" = HP Wireless Assistant
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{70F8B183-99EB-4304-BA35-080E2DFFD2A3}" = Age of Empires III
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{82A213BD-B6AA-4281-A2D3-59D51893CC56}" = HP MediaSmart Software Notebook Demo
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows Vista and Later
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8AB8D458-939E-403F-0097-9BA1C1F013D5}" = The Sims 2
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}" = Google Earth
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC2C1BDB-1E91-4F94-B99C-E716FE2E9C75}_is1" = MinGW-Get version 0.3-alpha-2.1
"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution
"{AF7E85DC-317C-47F5-810E-B82EE093A612}" = Samsung New PC Studio USB Driver Installer
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{D12E3E7F-1B13-4933-A915-16C7DD37A095}" = HP MediaSmart Video
"{D46D081B-F60E-467E-A7C4-117B70D76731}" = HP Update
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{D8DFA46A-39F7-4368-810D-18AFCFDDAEAF}" = Adobe Shockwave Player
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}" = HP MediaSmart Internet TV
"{F07B861C-72B9-40A4-8B1A-AAED4C06A7E8}" = QuickTime
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Age of Mythology 1.0" = Age of Mythology
"Age of Mythology Expansion Pack 1.0" = Age of Mythology - The Titans Expansion
"Audacity_is1" = Audacity 2.0.5
"CVSNT_is1" = CVSNT
"D2D77DC2-8299-11D1-8949-444553540000_is1" = WinCvs 2.0
"DAEMON Tools Lite" = DAEMON Tools Lite
"ERUNT_is1" = ERUNT 1.1j
"Foxit Reader_is1" = Foxit Reader
"Game Maker 8.0" = Game Maker 8.0
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}" = Age of Empires III
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}" = HP MediaSmart Video
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"InstallShield_{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}" = HP MediaSmart Internet TV
"jGRASP" = jGRASP
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Mozilla Firefox 24.0 (x86 en-US)" = Mozilla Firefox 24.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"OpenAL" = OpenAL
"Steam App 440" = Team Fortress 2
"TmNationsForever_is1" = TmNationsForever
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.01 (32-bit)
"winscp3_is1" = WinSCP 5.1
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-206255447-465052432-3297643694-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"5f7eb300e2ea4ebf" = GitHub
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"HuluDesktop" = Hulu Desktop
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 1/7/2012 2:20:00 AM | Computer Name = Patrick-Laptop | Source = Application Hang | ID = 1002
Description = The program rads_user_kernel.exe version 0.0.0.0 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 12d0 Start
Time: 01cccd045a134329 Termination Time: 0 Application Path: C:\Riot Games\League
of Legends\RADS\system\rads_user_kernel.exe Report Id: 9dbcc43b-38f7-11e1-a74f-8bc4d4db94e4
Error - 1/15/2012 12:13:46 AM | Computer Name = Patrick-Laptop | Source = Application Hang | ID = 1002
Description = The program chrome.exe version 16.0.912.75 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 1034 Start
Time: 01ccd2ee30658f17 Termination Time: 30 Application Path: C:\Users\Patrick\AppData\Local\Google\Chrome\Application\chrome.exe
Report
Id: 495cd3b5-3f2f-11e1-be79-86cb07bd36e6
Error - 1/26/2012 11:48:19 PM | Computer Name = Patrick-Laptop | Source = Application Hang | ID = 1002
Description = The program chrome.exe version 16.0.912.77 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: f70 Start
Time: 01ccdc60d5d43b81 Termination Time: 21 Application Path: C:\Users\Patrick\AppData\Local\Google\Chrome\Application\chrome.exe
Report
Id: bb4e182f-4899-11e1-91db-ab955a6d10e7
Error - 1/28/2012 12:03:04 AM | Computer Name = Patrick-Laptop | Source = Application Hang | ID = 1002
Description = The program chrome.exe version 16.0.912.77 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 720 Start
Time: 01ccdd43396818b4 Termination Time: 38 Application Path: C:\Users\Patrick\AppData\Local\Google\Chrome\Application\chrome.exe
Report
Id: ec297bfb-4964-11e1-8c77-babfd4d696e5
Error - 1/28/2012 2:28:16 AM | Computer Name = Patrick-Laptop | Source = Application Hang | ID = 1002
Description = The program chrome.exe version 16.0.912.77 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 12cc Start
Time: 01ccdd71bd5122ec Termination Time: 22 Application Path: C:\Users\Patrick\AppData\Local\Google\Chrome\Application\chrome.exe
Report
Id: 411a8870-4979-11e1-8c77-babfd4d696e5
Error - 1/28/2012 8:57:07 PM | Computer Name = Patrick-Laptop | Source = Application Hang | ID = 1002
Description = The program chrome.exe version 16.0.912.77 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 159c Start
Time: 01ccde1446e69e87 Termination Time: 15 Application Path: C:\Users\Patrick\AppData\Local\Google\Chrome\Application\chrome.exe
Report
Id: 27c31a4a-4a14-11e1-b4cb-938bff4f51e7
Error - 1/30/2012 11:19:31 PM | Computer Name = Patrick-Laptop | Source = Application Error | ID = 1000
Description = Faulting application name: Skype.exe, version: 4.0.0.227, time stamp:
0x4a1c1b91 Faulting module name: YCWebCameraSource.ax, version: 2.0.8342.3407, time
stamp: 0x4acc3fd6 Exception code: 0xc0000005 Fault offset: 0x00004fca Faulting process
id: 0x9a4 Faulting application start time: 0x01ccdfae29eda0c4 Faulting application
path: C:\Program Files (x86)\Skype\Phone\Skype.exe Faulting module path: c:\Program
Files (x86)\Hewlett-Packard\Media\Webcam\YCWebCameraSource.ax Report Id: 63c30523-4bba-11e1-ba10-a1f4bc5cb6e1
Error - 1/30/2012 11:20:17 PM | Computer Name = Patrick-Laptop | Source = Application Error | ID = 1000
Description = Faulting application name: Skype.exe, version: 4.0.0.227, time stamp:
0x4a1c1b91 Faulting module name: YCWebCameraSource.ax, version: 2.0.8342.3407, time
stamp: 0x4acc3fd6 Exception code: 0xc0000005 Fault offset: 0x00004fca Faulting process
id: 0x8ec Faulting application start time: 0x01ccdfc72b36230f Faulting application
path: C:\Program Files (x86)\Skype\Phone\Skype.exe Faulting module path: c:\Program
Files (x86)\Hewlett-Packard\Media\Webcam\YCWebCameraSource.ax Report Id: 7f4cadbc-4bba-11e1-ba10-a1f4bc5cb6e1
Error - 1/30/2012 11:39:34 PM | Computer Name = Patrick-Laptop | Source = Application Hang | ID = 1002
Description = The program Skype.exe version 5.5.0.124 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Action Center control panel. Process ID: 117c Start Time:
01ccdfc7a960e602 Termination Time: 447 Application Path: C:\Program Files (x86)\Skype\Phone\Skype.exe
Report
Id:
Error - 1/31/2012 5:33:58 PM | Computer Name = Patrick-Laptop | Source = Application Error | ID = 1000
Description = Faulting application name: chrome.exe, version: 16.0.912.77, time
stamp: 0x4f18cd7b Faulting module name: chrome.dll, version: 16.0.912.77, time stamp:
0x4f18cd27 Exception code: 0x40000015 Fault offset: 0x00ff470b Faulting process id:
0xf48 Faulting application start time: 0x01cce03ac7e5e103 Faulting application path:
C:\Users\Patrick\AppData\Local\Google\Chrome\Application\chrome.exe Faulting module
path: C:\Users\Patrick\AppData\Local\Google\Chrome\Application\16.0.912.77\chrome.dll
Report
Id: 47f7751c-4c53-11e1-950e-a3e203ba1ceb
[ Hewlett-Packard Events ]
Error - 3/23/2012 9:46:56 PM | Computer Name = Patrick-Laptop | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find file 'C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Logs\SystemInfoAA.xml'. mscorlib at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String
msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode
mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)
at System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) at System.IO.StreamReader..ctor(String path, Encoding encoding)
at System.IO.File.ReadAllText(String path, Encoding encoding) at n.a(Object
A_0, EventArgs A_1)
Error - 5/25/2012 9:56:26 PM | Computer Name = Patrick-Laptop | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find file 'C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Logs\SystemInfoAA.xml'. mscorlib at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String
msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode
mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)
at System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) at System.IO.StreamReader..ctor(String path, Encoding encoding)
at System.IO.File.ReadAllText(String path, Encoding encoding) at n.a(Object
A_0, EventArgs A_1)
Error - 5/25/2012 9:56:27 PM | Computer Name = Patrick-Laptop | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find file 'C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Logs\SystemInfoAA.xml'. mscorlib at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String
msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode
mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)
at System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) at System.IO.StreamReader..ctor(String path, Encoding encoding)
at System.IO.File.ReadAllText(String path, Encoding encoding) at n.a(Object
A_0, EventArgs A_1)
Error - 10/19/2012 9:59:36 PM | Computer Name = Patrick-Laptop | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find file 'C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Logs\SystemInfoAA.xml'. mscorlib at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String
msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode
mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)
at System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) at System.IO.StreamReader..ctor(String path, Encoding encoding)
at System.IO.File.ReadAllText(String path, Encoding encoding) at n.a(Object
A_0, EventArgs A_1)
Error - 10/19/2012 9:59:36 PM | Computer Name = Patrick-Laptop | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find file 'C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Logs\SystemInfoAA.xml'. mscorlib at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String
msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode
mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)
at System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) at System.IO.StreamReader..ctor(String path, Encoding encoding)
at System.IO.File.ReadAllText(String path, Encoding encoding) at n.a(Object
A_0, EventArgs A_1)
Error - 11/2/2012 9:18:50 PM | Computer Name = Patrick-Laptop | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find file 'C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Logs\SystemInfoAA.xml'. mscorlib at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String
msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode
mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)
at System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) at System.IO.StreamReader..ctor(String path, Encoding encoding)
at System.IO.File.ReadAllText(String path, Encoding encoding) at n.a(Object
A_0, EventArgs A_1)
Error - 11/2/2012 9:18:51 PM | Computer Name = Patrick-Laptop | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find file 'C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Logs\SystemInfoAA.xml'. mscorlib at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String
msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode
mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)
at System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) at System.IO.StreamReader..ctor(String path, Encoding encoding)
at System.IO.File.ReadAllText(String path, Encoding encoding) at n.a(Object
A_0, EventArgs A_1)
Error - 11/23/2012 10:57:58 PM | Computer Name = Patrick-Laptop | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find file 'C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Logs\SystemInfoAA.xml'. mscorlib at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String
msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode
mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)
at System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) at System.IO.StreamReader..ctor(String path, Encoding encoding)
at System.IO.File.ReadAllText(String path, Encoding encoding) at n.a(Object
A_0, EventArgs A_1)
Error - 11/23/2012 10:57:59 PM | Computer Name = Patrick-Laptop | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find file 'C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Logs\SystemInfoAA.xml'. mscorlib at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String
msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode
mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)
at System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) at System.IO.StreamReader..ctor(String path, Encoding encoding)
at System.IO.File.ReadAllText(String path, Encoding encoding) at n.a(Object
A_0, EventArgs A_1)
Error - 12/7/2012 11:01:19 PM | Computer Name = Patrick-Laptop | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find file 'C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Logs\SystemInfoAA.xml'. mscorlib at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String
msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode
mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)
at System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) at System.IO.StreamReader..ctor(String path, Encoding encoding)
at System.IO.File.ReadAllText(String path, Encoding encoding) at n.a(Object
A_0, EventArgs A_1)
[ System Events ]
Error - 11/11/2013 11:13:55 PM | Computer Name = Patrick-Laptop | Source = Service Control Manager | ID = 7001
Description = The HomeGroup Provider service depends on the Function Discovery Resource
Publication service which failed to start because of the following error: %%-2147024891
Error - 11/13/2013 7:18:00 PM | Computer Name = Patrick-Laptop | Source = Service Control Manager | ID = 7003
Description = The Spybot-S&D 2 Security Center Service service depends the following
service: wscsvc. This service might not be installed.
Error - 11/13/2013 7:28:56 PM | Computer Name = Patrick-Laptop | Source = Service Control Manager | ID = 7023
Description = The Function Discovery Resource Publication service terminated with
the following error: %%-2147024891
Error - 11/13/2013 7:28:56 PM | Computer Name = Patrick-Laptop | Source = Service Control Manager | ID = 7001
Description = The HomeGroup Provider service depends on the Function Discovery Resource
Publication service which failed to start because of the following error: %%-2147024891
Error - 11/13/2013 9:03:12 PM | Computer Name = Patrick-Laptop | Source = Service Control Manager | ID = 7001
Description = The HomeGroup Provider service depends on the Function Discovery Resource
Publication service which failed to start because of the following error: %%-2147024891
Error - 11/13/2013 9:03:12 PM | Computer Name = Patrick-Laptop | Source = Service Control Manager | ID = 7023
Description = The Function Discovery Resource Publication service terminated with
the following error: %%-2147024891
Error - 11/13/2013 9:13:41 PM | Computer Name = Patrick-Laptop | Source = Service Control Manager | ID = 7003
Description = The Spybot-S&D 2 Security Center Service service depends the following
service: wscsvc. This service might not be installed.
Error - 11/16/2013 11:04:47 AM | Computer Name = Patrick-Laptop | Source = Service Control Manager | ID = 7003
Description = The Spybot-S&D 2 Security Center Service service depends the following
service: wscsvc. This service might not be installed.
Error - 11/16/2013 11:06:27 AM | Computer Name = Patrick-Laptop | Source = Service Control Manager | ID = 7023
Description = The Function Discovery Resource Publication service terminated with
the following error: %%-2147024891
Error - 11/16/2013 11:06:27 AM | Computer Name = Patrick-Laptop | Source = Service Control Manager | ID = 7001
Description = The HomeGroup Provider service depends on the Function Discovery Resource
Publication service which failed to start because of the following error: %%-2147024891
< End of report >
-
Hi,
Lets run this program.
Download ComboFix from one of these locations:
Link 1
Link 2
* IMPORTANT !!! Save ComboFix.exe to your Desktop
- Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
- See this Link for programs that need to be disabled and instruction on how to disable them.
- Remember to re-enable them when we're done.
- Double click on ComboFix.exe & follow the prompts.
- As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
- Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
Click on Yes, to continue scanning for malware.
When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.
*If there is no internet connection when Combofix has completely finished then restart your computer to restore back the connections.
-
Combofix ran without problems, log is provided below. Checked task manager; no dllhost.exe processes displayed anymore.
ComboFix 13-11-16.01 - Patrick 11/16/2013 12:34:39.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4023.1065 [GMT -5:00]
Running from: c:\users\Patrick\Downloads\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\program files (x86)\Google\Desktop\Install
c:\program files (x86)\Google\Desktop\Install\{b6deba4e-a8e0-94fb-6532-d70db4eb65a9}\9519~1\A535~1\E628~1\{b6deba4e-a8e0-94fb-6532-d70db4eb65a9}\@
c:\program files (x86)\Google\Desktop\Install\{b6deba4e-a8e0-94fb-6532-d70db4eb65a9}\9519~1\A535~1\E628~1\{b6deba4e-a8e0-94fb-6532-d70db4eb65a9}\L\00000004.@
c:\program files (x86)\Google\Desktop\Install\{b6deba4e-a8e0-94fb-6532-d70db4eb65a9}\9519~1\A535~1\E628~1\{b6deba4e-a8e0-94fb-6532-d70db4eb65a9}\L\201d3dde
c:\program files (x86)\Google\Desktop\Install\{b6deba4e-a8e0-94fb-6532-d70db4eb65a9}\9519~1\A535~1\E628~1\{b6deba4e-a8e0-94fb-6532-d70db4eb65a9}\L\76603ac3
c:\program files (x86)\Google\Desktop\Install\{b6deba4e-a8e0-94fb-6532-d70db4eb65a9}\9519~1\A535~1\E628~1\{b6deba4e-a8e0-94fb-6532-d70db4eb65a9}\U\00000004.@
c:\program files (x86)\Google\Desktop\Install\{b6deba4e-a8e0-94fb-6532-d70db4eb65a9}\9519~1\A535~1\E628~1\{b6deba4e-a8e0-94fb-6532-d70db4eb65a9}\U\00000008.@
c:\program files (x86)\Google\Desktop\Install\{b6deba4e-a8e0-94fb-6532-d70db4eb65a9}\9519~1\A535~1\E628~1\{b6deba4e-a8e0-94fb-6532-d70db4eb65a9}\U\80000000.@
c:\program files (x86)\Google\Desktop\Install\{b6deba4e-a8e0-94fb-6532-d70db4eb65a9}\9519~1\A535~1\E628~1\{b6deba4e-a8e0-94fb-6532-d70db4eb65a9}\U\80000032.@
c:\program files (x86)\Google\Desktop\Install\{b6deba4e-a8e0-94fb-6532-d70db4eb65a9}\9519~1\A535~1\E628~1\{b6deba4e-a8e0-94fb-6532-d70db4eb65a9}\U\80000064.@
c:\programdata\ntuser.dat
c:\users\Patrick\AppData\Local\Google\Desktop\Install
c:\users\Patrick\AppData\Local\Google\Desktop\Install\{b6deba4e-a8e0-94fb-6532-d70db4eb65a9}\2E2F~1\28F0~1\E628~1\{b6deba4e-a8e0-94fb-6532-d70db4eb65a9}\@
c:\users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\wbamu2pn.default\extensions\{b65be3e8-1a83-48dd-863a-bec63c527446}
c:\users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\wbamu2pn.default\extensions\{b65be3e8-1a83-48dd-863a-bec63c527446}\chrome.manifest
c:\users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\wbamu2pn.default\extensions\{b65be3e8-1a83-48dd-863a-bec63c527446}\chrome\xulcache.jar
c:\users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\wbamu2pn.default\extensions\{b65be3e8-1a83-48dd-863a-bec63c527446}\defaults\preferences\xulcache.js
c:\users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\wbamu2pn.default\extensions\{b65be3e8-1a83-48dd-863a-bec63c527446}\install.rdf
c:\windows\assembly\GAC_32\Desktop.ini
c:\windows\assembly\GAC_64\Desktop.ini
c:\windows\PFRO.log
c:\windows\SwSys1.bmp
c:\windows\SwSys2.bmp
c:\windows\SysWow64\FlashPlayerApp.exe
c:\windows\SysWow64\tmp622F.tmp
.
.
((((((((((((((((((((((((( Files Created from 2013-10-16 to 2013-11-16 )))))))))))))))))))))))))))))))
.
.
2013-11-16 17:40 . 2013-11-16 17:40 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-11-14 01:04 . 2013-11-14 01:12 -------- d-----w- C:\AdwCleaner
2013-11-06 18:53 . 2013-11-06 18:53 -------- d-----w- C:\310 Theater
2013-11-05 20:26 . 2013-11-05 20:27 -------- d-----w- c:\program files (x86)\ERUNT
2013-11-05 20:18 . 2013-09-20 15:49 21040 ----a-w- c:\windows\system32\sdnclean64.exe
2013-11-05 20:18 . 2013-11-09 21:10 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2013-11-05 20:18 . 2013-11-05 20:18 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2
2013-11-03 20:12 . 2013-11-03 21:48 -------- d-----w- c:\users\Patrick\AppData\Roaming\Audacity
2013-11-03 20:12 . 2013-11-03 20:12 -------- d-----w- c:\program files (x86)\Audacity
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-02 20:20 . 2013-10-02 20:20 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6297CAC0-9434-452E-9444-D20EDA561080}\offreg.dll
2013-09-12 05:27 . 2010-05-30 14:08 79143768 ----a-w- c:\windows\system32\MRT.exe
2013-09-05 05:32 . 2013-10-01 18:30 9694160 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6297CAC0-9434-452E-9444-D20EDA561080}\mpengine.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\Patrick\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\Patrick\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\Patrick\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [x]
R3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [x]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys;c:\windows\SYSNATIVE\Drivers\TFsExDisk.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe;c:\windows\SYSNATIVE\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [x]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [x]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys;c:\windows\SYSNATIVE\DRIVERS\enecir.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
Contents of the 'Scheduled Tasks' folder
.
2013-11-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-10-16 16:47]
.
2013-11-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-10-16 16:47]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\Patrick\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\Patrick\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\Patrick\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\Patrick\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
------- Supplementary Scan -------
.
uStart Page = hxxp://google.com/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~4\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1 75.75.75.75 75.75.76.76
TCP: Interfaces\{8D10E40F-39D7-49E9-878E-7221E17CE639}: NameServer = 8.8.8.8
TCP: Interfaces\{8D10E40F-39D7-49E9-878E-7221E17CE639}\55D42434026596379647F627: NameServer = 8.8.8.8
TCP: Interfaces\{8D10E40F-39D7-49E9-878E-7221E17CE639}\F42716E676563456461627D27657563747: NameServer = 8.8.8.8
DPF: {C49134CC-B5EF-458C-A442-E8DFE7B4645F} - hxxp://www.yoyogames.com/plugins/activex/YoYo.cab
FF - ProfilePath - c:\users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\wbamu2pn.default\
FF - prefs.js: browser.startup.homepage - google.com
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
Notify-SDWinLogon - SDWinLogon.dll
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-11-16 12:48:08 - machine was rebooted
ComboFix-quarantined-files.txt 2013-11-16 17:48
.
Pre-Run: 370,566,258,688 bytes free
Post-Run: 370,580,905,984 bytes free
.
- - End Of File - - 2887AED9070924FCDF6ECBC5294148A5
A7E7BE339D9C58830FF6977CC431A93B
-
Hey,
One of the files that CF found may suggest a rootkit, lets do this
Please download TDSSKiller.zip
- Extract it to your desktop
- Double click TDSSKiller.exe
- when the window opens, click on Change Parameters
- under ”Additional options”, put a check mark in the box next to “Detect TDLFS File System”
- click OK
- Press Start Scan
- As we are only looking for a log of what is on the machine right now > choose to skip whatever is found
- Then click Continue > Reboot now
- Copy and paste the log in your next reply
- A copy of the log will be saved automatically to the root of the drive (typically C:\)
-
Downloaded and ran TDSSKiller, scan ran quickly and didn't appear to have found anything, no option to do anything after the scan ran except for view the report, which was rather large, so is copied in the next three posts.
17:48:36.0603 0x1788 TDSS rootkit removing tool 3.0.0.17 Nov 12 2013 19:54:52
17:48:39.0905 0x1788 ============================================================
17:48:39.0905 0x1788 Current date / time: 2013/11/16 17:48:39.0905
17:48:39.0905 0x1788 SystemInfo:
17:48:39.0905 0x1788
17:48:39.0905 0x1788 OS Version: 6.1.7601 ServicePack: 1.0
17:48:39.0905 0x1788 Product type: Workstation
17:48:39.0905 0x1788 ComputerName: PATRICK-LAPTOP
17:48:39.0905 0x1788 UserName: Patrick
17:48:39.0905 0x1788 Windows directory: C:\Windows
17:48:39.0905 0x1788 System windows directory: C:\Windows
17:48:39.0905 0x1788 Running under WOW64
17:48:39.0905 0x1788 Processor architecture: Intel x64
17:48:39.0905 0x1788 Number of processors: 4
17:48:39.0905 0x1788 Page size: 0x1000
17:48:39.0905 0x1788 Boot type: Normal boot
17:48:39.0905 0x1788 ============================================================
17:48:40.0373 0x1788 System UUID: {EF9CD768-D1E7-6AE7-F4A4-AFA6CE149886}
17:48:41.0067 0x1788 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:48:41.0075 0x1788 ============================================================
17:48:41.0075 0x1788 \Device\Harddisk0\DR0:
17:48:41.0075 0x1788 MBR partitions:
17:48:41.0075 0x1788 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
17:48:41.0075 0x1788 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x38169000
17:48:41.0075 0x1788 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x381CD000, BlocksNum 0x2185000
17:48:41.0075 0x1788 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x3A352000, BlocksNum 0x33830
17:48:41.0075 0x1788 ============================================================
17:48:41.0105 0x1788 C: <-> \Device\Harddisk0\DR0\Partition2
17:48:41.0146 0x1788 D: <-> \Device\Harddisk0\DR0\Partition3
17:48:41.0163 0x1788 E: <-> \Device\Harddisk0\DR0\Partition4
17:48:41.0163 0x1788 ============================================================
17:48:41.0163 0x1788 Initialize success
17:48:41.0163 0x1788 ============================================================
17:49:53.0022 0x07fc ============================================================
17:49:53.0022 0x07fc Scan started
17:49:53.0022 0x07fc Mode: Manual; TDLFS;
17:49:53.0022 0x07fc ============================================================
17:49:53.0022 0x07fc KSN ping started
17:49:55.0894 0x07fc KSN ping finished: true
17:49:56.0192 0x07fc ================ Scan system memory ========================
17:49:56.0192 0x07fc System memory - ok
17:49:56.0193 0x07fc ================ Scan services =============================
17:49:56.0403 0x07fc [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
17:49:56.0414 0x07fc 1394ohci - ok
17:49:56.0466 0x07fc [ 3E2427D4966C7606097341E55AB4E105, 59A06E65A746D511BF76736A11DF4DA0692D8212ECEB2419238D6615A83388A4 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
17:49:56.0469 0x07fc Accelerometer - ok
17:49:56.0501 0x07fc [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:49:56.0510 0x07fc ACPI - ok
17:49:56.0528 0x07fc [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
17:49:56.0529 0x07fc AcpiPmi - ok
17:49:56.0581 0x07fc [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
17:49:56.0594 0x07fc adp94xx - ok
17:49:56.0639 0x07fc [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
17:49:56.0649 0x07fc adpahci - ok
17:49:56.0674 0x07fc [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
17:49:56.0679 0x07fc adpu320 - ok
17:49:56.0720 0x07fc [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:49:56.0723 0x07fc AeLookupSvc - ok
17:49:56.0818 0x07fc [ A6FB9DB8F1A86861D955FD6975977AE0, 788C6EE50719227D7A9B7F08C8D5E1289FCD0E8AC23A1021A5093D2E8368F696 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
17:49:56.0823 0x07fc AESTFilters - ok
17:49:56.0885 0x07fc [ 1C7857B62DE5994A75B054A9FD4C3825, 83F963D7E636532B1AD30B1E727EC429317CA540F6EB3BB268FCC0B163B67767 ] AFD C:\Windows\system32\drivers\afd.sys
17:49:56.0900 0x07fc AFD - ok
17:49:56.0961 0x07fc [ 98022774D9930ECBB292E70DB7601DF6, BE64A40B9BE997D73C0FC14D97E204C9D886EDA07EC4C9391A70CE477084E5F1 ] AgereSoftModem C:\Windows\system32\DRIVERS\agrsm64.sys
17:49:56.0991 0x07fc AgereSoftModem - ok
17:49:57.0034 0x07fc [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
17:49:57.0037 0x07fc agp440 - ok
17:49:57.0065 0x07fc [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
17:49:57.0069 0x07fc ALG - ok
17:49:57.0112 0x07fc [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
17:49:57.0113 0x07fc aliide - ok
17:49:57.0151 0x07fc [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
17:49:57.0152 0x07fc amdide - ok
17:49:57.0193 0x07fc [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
17:49:57.0197 0x07fc AmdK8 - ok
17:49:57.0205 0x07fc [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
17:49:57.0209 0x07fc AmdPPM - ok
17:49:57.0254 0x07fc [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:49:57.0260 0x07fc amdsata - ok
17:49:57.0300 0x07fc [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
17:49:57.0309 0x07fc amdsbs - ok
17:49:57.0325 0x07fc [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:49:57.0328 0x07fc amdxata - ok
17:49:57.0358 0x07fc [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
17:49:57.0362 0x07fc AppID - ok
17:49:57.0397 0x07fc [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:49:57.0399 0x07fc AppIDSvc - ok
17:49:57.0430 0x07fc [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
17:49:57.0433 0x07fc Appinfo - ok
17:49:57.0444 0x07fc [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
17:49:57.0449 0x07fc arc - ok
17:49:57.0467 0x07fc [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
17:49:57.0470 0x07fc arcsas - ok
17:49:57.0561 0x07fc [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:49:57.0564 0x07fc aspnet_state - ok
17:49:57.0591 0x07fc [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:49:57.0593 0x07fc AsyncMac - ok
17:49:57.0622 0x07fc [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
17:49:57.0624 0x07fc atapi - ok
17:49:57.0691 0x07fc [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:49:57.0709 0x07fc AudioEndpointBuilder - ok
17:49:57.0731 0x07fc [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:49:57.0746 0x07fc AudioSrv - ok
17:49:57.0790 0x07fc [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:49:57.0794 0x07fc AxInstSV - ok
17:49:57.0836 0x07fc [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
17:49:57.0850 0x07fc b06bdrv - ok
17:49:57.0875 0x07fc [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
17:49:57.0883 0x07fc b57nd60a - ok
17:49:58.0009 0x07fc [ 7B6EAAA086DDE01D4C7FF215720987C6, 83FD154271D4134DD16E9EF3C245BD5085EFF39CF081F63B311AD2C5E3504AB7 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
17:49:58.0081 0x07fc BCM43XX - ok
17:49:58.0109 0x07fc [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
17:49:58.0113 0x07fc BDESVC - ok
17:49:58.0128 0x07fc [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
17:49:58.0128 0x07fc Beep - ok
17:49:58.0183 0x07fc [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
17:49:58.0197 0x07fc BFE - ok
17:49:58.0249 0x07fc [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\system32\qmgr.dll
17:49:58.0272 0x07fc BITS - ok
17:49:58.0286 0x07fc [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:49:58.0288 0x07fc blbdrive - ok
17:49:58.0319 0x07fc [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:49:58.0322 0x07fc bowser - ok
17:49:58.0345 0x07fc [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:49:58.0346 0x07fc BrFiltLo - ok
17:49:58.0350 0x07fc [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:49:58.0351 0x07fc BrFiltUp - ok
17:49:58.0372 0x07fc [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
17:49:58.0375 0x07fc BridgeMP - ok
17:49:58.0429 0x07fc [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
17:49:58.0436 0x07fc Browser - ok
17:49:58.0466 0x07fc [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:49:58.0477 0x07fc Brserid - ok
17:49:58.0486 0x07fc [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:49:58.0488 0x07fc BrSerWdm - ok
17:49:58.0501 0x07fc [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:49:58.0503 0x07fc BrUsbMdm - ok
17:49:58.0520 0x07fc [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:49:58.0521 0x07fc BrUsbSer - ok
17:49:58.0527 0x07fc [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
17:49:58.0529 0x07fc BTHMODEM - ok
17:49:58.0565 0x07fc [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
17:49:58.0568 0x07fc bthserv - ok
17:49:58.0570 0x07fc catchme - ok
17:49:58.0589 0x07fc [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:49:58.0592 0x07fc cdfs - ok
17:49:58.0626 0x07fc [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\drivers\cdrom.sys
17:49:58.0634 0x07fc cdrom - ok
17:49:58.0673 0x07fc [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
17:49:58.0676 0x07fc CertPropSvc - ok
17:49:58.0696 0x07fc [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
17:49:58.0697 0x07fc circlass - ok
17:49:58.0732 0x07fc [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
17:49:58.0741 0x07fc CLFS - ok
17:49:58.0795 0x07fc [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:49:58.0799 0x07fc clr_optimization_v2.0.50727_32 - ok
17:49:58.0834 0x07fc [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:49:58.0838 0x07fc clr_optimization_v2.0.50727_64 - ok
17:49:58.0877 0x07fc [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:49:58.0883 0x07fc clr_optimization_v4.0.30319_32 - ok
17:49:58.0898 0x07fc [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:49:58.0904 0x07fc clr_optimization_v4.0.30319_64 - ok
17:49:58.0921 0x07fc [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:49:58.0923 0x07fc CmBatt - ok
17:49:58.0946 0x07fc [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:49:58.0947 0x07fc cmdide - ok
17:49:59.0004 0x07fc [ 9AC4F97C2D3E93367E2148EA940CD2CD, 530E089E5CF868AECDB2B5548EBE76E0CA98FC74A72897292AB2485734402E3B ] CNG C:\Windows\system32\Drivers\cng.sys
17:49:59.0023 0x07fc CNG - ok
17:49:59.0103 0x07fc [ F9A79C5B27037821112C50A9C8FB367A, D9990AE1A0CA767E54C9D3FD2C6EA2A068DFD5A270102E915F71648A0C59097B ] Com4QLBEx C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
17:49:59.0115 0x07fc Com4QLBEx - ok
17:49:59.0130 0x07fc [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:49:59.0132 0x07fc Compbatt - ok
17:49:59.0160 0x07fc [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
17:49:59.0162 0x07fc CompositeBus - ok
17:49:59.0167 0x07fc COMSysApp - ok
17:49:59.0191 0x07fc [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
17:49:59.0193 0x07fc crcdisk - ok
17:49:59.0234 0x07fc [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:49:59.0241 0x07fc CryptSvc - ok
17:49:59.0290 0x07fc [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:49:59.0309 0x07fc DcomLaunch - ok
17:49:59.0339 0x07fc [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
17:49:59.0347 0x07fc defragsvc - ok
17:49:59.0388 0x07fc [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:49:59.0392 0x07fc DfsC - ok
17:49:59.0433 0x07fc [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
17:49:59.0441 0x07fc Dhcp - ok
17:49:59.0483 0x07fc [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
17:49:59.0485 0x07fc discache - ok
17:49:59.0513 0x07fc [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
17:49:59.0516 0x07fc Disk - ok
17:49:59.0561 0x07fc [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:49:59.0567 0x07fc Dnscache - ok
17:49:59.0612 0x07fc [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
17:49:59.0621 0x07fc dot3svc - ok
17:49:59.0680 0x07fc [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
17:49:59.0685 0x07fc DPS - ok
17:49:59.0701 0x07fc [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:49:59.0702 0x07fc drmkaud - ok
17:49:59.0744 0x07fc [ 46571ED73AE84469DCA53081D33CF3C8, 8BB386BB4F6AD39F06A8607CD1DF3D67CFA45BBE52E40EDB90EB8C862283EBFF ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
17:49:59.0751 0x07fc dtsoftbus01 - ok
17:49:59.0817 0x07fc [ AF2E16242AA723F68F461B6EAE2EAD3D, 3973633C6D231DB8D92DE310D3A0836C64639B9A20C6C56385FB218A707C1BC3 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:49:59.0843 0x07fc DXGKrnl - ok
17:49:59.0870 0x07fc [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
17:49:59.0873 0x07fc EapHost - ok
17:49:59.0991 0x07fc [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
17:50:00.0073 0x07fc ebdrv - ok
17:50:00.0102 0x07fc [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] EFS C:\Windows\System32\lsass.exe
17:50:00.0104 0x07fc EFS - ok
17:50:00.0193 0x07fc [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:50:00.0215 0x07fc ehRecvr - ok
17:50:00.0247 0x07fc [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
17:50:00.0251 0x07fc ehSched - ok
17:50:00.0296 0x07fc [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
17:50:00.0311 0x07fc elxstor - ok
17:50:00.0339 0x07fc [ 524C79054636D2E5751169005006460B, 1EBA5972E13C5BB07BBD94D6647B86469B4910F60A3C8BDDC6BB5736EF99C9C3 ] enecir C:\Windows\system32\DRIVERS\enecir.sys
17:50:00.0342 0x07fc enecir - ok
17:50:00.0371 0x07fc [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:50:00.0372 0x07fc ErrDev - ok
17:50:00.0429 0x07fc [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
17:50:00.0443 0x07fc EventSystem - ok
17:50:00.0471 0x07fc [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
17:50:00.0477 0x07fc exfat - ok
17:50:00.0493 0x07fc [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:50:00.0499 0x07fc fastfat - ok
17:50:00.0558 0x07fc [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
17:50:00.0577 0x07fc Fax - ok
17:50:00.0603 0x07fc [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
17:50:00.0604 0x07fc fdc - ok
17:50:00.0621 0x07fc [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
17:50:00.0623 0x07fc fdPHost - ok
17:50:00.0633 0x07fc [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
17:50:00.0634 0x07fc FDResPub - ok
17:50:00.0644 0x07fc [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:50:00.0647 0x07fc FileInfo - ok
17:50:00.0673 0x07fc [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:50:00.0674 0x07fc Filetrace - ok
17:50:00.0685 0x07fc [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
17:50:00.0686 0x07fc flpydisk - ok
17:50:00.0705 0x07fc [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:50:00.0713 0x07fc FltMgr - ok
17:50:00.0776 0x07fc [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
17:50:00.0811 0x07fc FontCache - ok
17:50:00.0868 0x07fc [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:50:00.0871 0x07fc FontCache3.0.0.0 - ok
17:50:00.0898 0x07fc [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:50:00.0901 0x07fc FsDepends - ok
17:50:00.0937 0x07fc [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:50:00.0938 0x07fc Fs_Rec - ok
17:50:00.0968 0x07fc [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:50:00.0976 0x07fc fvevol - ok
17:50:00.0994 0x07fc [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
17:50:00.0996 0x07fc gagp30kx - ok
17:50:01.0061 0x07fc [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
17:50:01.0086 0x07fc gpsvc - ok
17:50:01.0102 0x07fc [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:50:01.0104 0x07fc hcw85cir - ok
17:50:01.0145 0x07fc [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:50:01.0155 0x07fc HdAudAddService - ok
17:50:01.0173 0x07fc [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
17:50:01.0176 0x07fc HDAudBus - ok
17:50:01.0181 0x07fc [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
17:50:01.0182 0x07fc HidBatt - ok
17:50:01.0212 0x07fc [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
17:50:01.0215 0x07fc HidBth - ok
17:50:01.0229 0x07fc [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
17:50:01.0231 0x07fc HidIr - ok
17:50:01.0250 0x07fc [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\System32\hidserv.dll
17:50:01.0252 0x07fc hidserv - ok
17:50:01.0265 0x07fc [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\drivers\hidusb.sys
17:50:01.0267 0x07fc HidUsb - ok
17:50:01.0299 0x07fc [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:50:01.0303 0x07fc hkmsvc - ok
17:50:01.0338 0x07fc [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:50:01.0346 0x07fc HomeGroupListener - ok
17:50:01.0383 0x07fc [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:50:01.0389 0x07fc HomeGroupProvider - ok
17:50:01.0418 0x07fc [ CCBE758967CC0F53F5BA3B271653C4E6, B050B39A209CC30A801E0F903AE441B0F0C50DFAE747E71E4016F8D7552B2AE8 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
17:50:01.0419 0x07fc hpdskflt - ok
17:50:01.0431 0x07fc [ 9AF482D058BE59CC28BCE52E7C4B747C, 2D150CD0C82B575CDE2E1B3941FD72EFCB254850D6FF1D7C40D3B29643018EFF ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
17:50:01.0432 0x07fc HpqKbFiltr - ok
17:50:01.0471 0x07fc [ FDF273A845F1FFCCEADF363AAF47582F, 9BB99346A977225EF77261CD3CF4219A238EB06FFE2DB91D00A0037BDCFECEF1 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
17:50:01.0477 0x07fc hpqwmiex - ok
17:50:01.0514 0x07fc [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:50:01.0521 0x07fc HpSAMD - ok
17:50:01.0569 0x07fc [ E2223A37896A76861D7F79FD81A2A193, 9AFB0188CA5ED8A4F01FC7C8C4835097312AC15B754684880C6A1E48634ED687 ] hpsrv C:\Windows\system32\Hpservice.exe
17:50:01.0571 0x07fc hpsrv - ok
17:50:01.0625 0x07fc [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:50:01.0644 0x07fc HTTP - ok
17:50:01.0686 0x07fc [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:50:01.0687 0x07fc hwpolicy - ok
17:50:01.0725 0x07fc [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
17:50:01.0730 0x07fc i8042prt - ok
17:50:01.0773 0x07fc [ BBB3B6DF1ABB0FE35802EDE85CC1C011, 6E1FA8519A7D417969244E807D2863B39656169A925966045036A989A5EB611D ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
17:50:01.0788 0x07fc iaStor - ok
17:50:01.0825 0x07fc [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:50:01.0842 0x07fc iaStorV - ok
17:50:01.0906 0x07fc [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:50:01.0930 0x07fc idsvc - ok
17:50:02.0157 0x07fc [ A87261EF1546325B559374F5689CF5BC, 8DE48A8A13A32AAAC54CDDF58F3F61BE3E2802C1D9CA1CA98E57EB0D65FB6002 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
17:50:02.0312 0x07fc igfx - ok
17:50:02.0387 0x07fc [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
17:50:02.0390 0x07fc iirsp - ok
17:50:02.0457 0x07fc [ FCD84C381E0140AF901E58D48882D26B, 76955FFC230C801E8ED890E32076075F04CD6E5EC79E594FDE6D23797A36B406 ] IKEEXT C:\Windows\System32\ikeext.dll
17:50:02.0484 0x07fc IKEEXT - ok
17:50:02.0520 0x07fc [ 4FF8A2082D78255D2EB169F986BCC981, FC3AB8C5845ABBB0CC0C5860281997537B42FF39D873B90F82EF1E8393AF40CF ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
17:50:02.0525 0x07fc Impcd - ok
17:50:02.0545 0x07fc [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
17:50:02.0547 0x07fc intelide - ok
17:50:02.0578 0x07fc [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:50:02.0580 0x07fc intelppm - ok
17:50:02.0613 0x07fc [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:50:02.0618 0x07fc IPBusEnum - ok
17:50:02.0646 0x07fc [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:50:02.0650 0x07fc IpFilterDriver - ok
17:50:02.0718 0x07fc [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:50:02.0737 0x07fc iphlpsvc - ok
17:50:02.0770 0x07fc [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
17:50:02.0773 0x07fc IPMIDRV - ok
17:50:02.0799 0x07fc [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:50:02.0802 0x07fc IPNAT - ok
17:50:02.0822 0x07fc [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:50:02.0823 0x07fc IRENUM - ok
17:50:02.0842 0x07fc [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:50:02.0844 0x07fc isapnp - ok
17:50:02.0874 0x07fc [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
17:50:02.0881 0x07fc iScsiPrt - ok
17:50:02.0908 0x07fc [ F8844B00C10E386C704C610E95A9847D, 3E3CFDDD0DD9E98542BAE07ED9CF922D98370C94BE364BA84F677EAA01ED775A ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
17:50:02.0912 0x07fc JMCR - ok
17:50:02.0925 0x07fc [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
17:50:02.0928 0x07fc kbdclass - ok
17:50:02.0938 0x07fc [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
17:50:02.0939 0x07fc kbdhid - ok
17:50:02.0952 0x07fc [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] KeyIso C:\Windows\system32\lsass.exe
17:50:02.0954 0x07fc KeyIso - ok
17:50:02.0983 0x07fc [ 97A7070AEA4C058B6418519E869A63B4, 15345C2D6CA159BD498002974A0BD21CAB611124D85E3320248B47652AEF23C8 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:50:02.0987 0x07fc KSecDD - ok
17:50:03.0015 0x07fc [ 26C43A7C2862447EC59DEDA188D1DA07, 5363BF87E650FE2010ACA9417D6920FF4ED752256FF47732882E9B2BA1ED154B ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:50:03.0020 0x07fc KSecPkg - ok
17:50:03.0038 0x07fc [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:50:03.0040 0x07fc ksthunk - ok
17:50:03.0075 0x07fc [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
17:50:03.0086 0x07fc KtmRm - ok
17:50:03.0125 0x07fc [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\System32\srvsvc.dll
17:50:03.0132 0x07fc LanmanServer - ok
17:50:03.0168 0x07fc [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:50:03.0172 0x07fc LanmanWorkstation - ok
17:50:03.0184 0x07fc [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:50:03.0186 0x07fc lltdio - ok
17:50:03.0225 0x07fc [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:50:03.0241 0x07fc lltdsvc - ok
17:50:03.0258 0x07fc [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:50:03.0260 0x07fc lmhosts - ok
17:50:03.0281 0x07fc [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
17:50:03.0284 0x07fc LSI_FC - ok
17:50:03.0301 0x07fc [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
17:50:03.0305 0x07fc LSI_SAS - ok
17:50:03.0330 0x07fc [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:50:03.0333 0x07fc LSI_SAS2 - ok
17:50:03.0357 0x07fc [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:50:03.0360 0x07fc LSI_SCSI - ok
17:50:03.0382 0x07fc [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
17:50:03.0385 0x07fc luafv - ok
17:50:03.0417 0x07fc [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:50:03.0421 0x07fc Mcx2Svc - ok
17:50:03.0444 0x07fc [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
17:50:03.0446 0x07fc megasas - ok
17:50:03.0461 0x07fc [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
17:50:03.0469 0x07fc MegaSR - ok
17:50:03.0503 0x07fc [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
17:50:03.0506 0x07fc MMCSS - ok
17:50:03.0522 0x07fc [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
17:50:03.0524 0x07fc Modem - ok
17:50:03.0550 0x07fc [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:50:03.0551 0x07fc monitor - ok
17:50:03.0587 0x07fc [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\drivers\mouclass.sys
17:50:03.0589 0x07fc mouclass - ok
17:50:03.0624 0x07fc [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:50:03.0625 0x07fc mouhid - ok
17:50:03.0666 0x07fc [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:50:03.0673 0x07fc mountmgr - ok
17:50:03.0724 0x07fc [ 0329A45C849C9D77901094B8FFE8BBB9, 2151C15A4185FABBC3367B8213017B45E08C43E26E1D8942E707E217C6A5EDA7 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:50:03.0730 0x07fc MozillaMaintenance - ok
17:50:03.0751 0x07fc [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
17:50:03.0758 0x07fc mpio - ok
17:50:03.0780 0x07fc [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:50:03.0782 0x07fc mpsdrv - ok
17:50:03.0862 0x07fc [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:50:03.0889 0x07fc MpsSvc - ok
17:50:03.0930 0x07fc [ DC722758B8261E1ABAFD31A3C0A66380, 88BBE073E2CCD1DAB4656DDC53D5161E8A91D035ADAC1465D0CEBA86F1BB6D9A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:50:03.0935 0x07fc MRxDAV - ok
17:50:03.0977 0x07fc [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:50:03.0986 0x07fc mrxsmb - ok
17:50:04.0029 0x07fc [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:50:04.0039 0x07fc mrxsmb10 - ok
17:50:04.0052 0x07fc [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:50:04.0056 0x07fc mrxsmb20 - ok
17:50:04.0076 0x07fc [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
17:50:04.0078 0x07fc msahci - ok
17:50:04.0105 0x07fc [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:50:04.0109 0x07fc msdsm - ok
17:50:04.0134 0x07fc [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
17:50:04.0139 0x07fc MSDTC - ok
17:50:04.0184 0x07fc [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:50:04.0185 0x07fc Msfs - ok
17:50:04.0200 0x07fc [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:50:04.0201 0x07fc mshidkmdf - ok
17:50:04.0235 0x07fc [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:50:04.0236 0x07fc msisadrv - ok
17:50:04.0273 0x07fc [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:50:04.0282 0x07fc MSiSCSI - ok
17:50:04.0287 0x07fc msiserver - ok
17:50:04.0305 0x07fc [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:50:04.0306 0x07fc MSKSSRV - ok
17:50:04.0319 0x07fc [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:50:04.0321 0x07fc MSPCLOCK - ok
17:50:04.0335 0x07fc [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:50:04.0336 0x07fc MSPQM - ok
17:50:04.0376 0x07fc [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:50:04.0388 0x07fc MsRPC - ok
17:50:04.0408 0x07fc [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
17:50:04.0409 0x07fc mssmbios - ok
17:50:04.0424 0x07fc [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:50:04.0426 0x07fc MSTEE - ok
17:50:04.0455 0x07fc [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
17:50:04.0457 0x07fc MTConfig - ok
17:50:04.0480 0x07fc [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
17:50:04.0483 0x07fc Mup - ok
17:50:04.0529 0x07fc [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
17:50:04.0543 0x07fc napagent - ok
17:50:04.0579 0x07fc [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:50:04.0588 0x07fc NativeWifiP - ok
17:50:04.0658 0x07fc [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
17:50:04.0682 0x07fc NDIS - ok
17:50:04.0709 0x07fc [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:50:04.0710 0x07fc NdisCap - ok
17:50:04.0722 0x07fc [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:50:04.0723 0x07fc NdisTapi - ok
17:50:04.0757 0x07fc [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:50:04.0761 0x07fc Ndisuio - ok
17:50:04.0801 0x07fc [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:50:04.0809 0x07fc NdisWan - ok
17:50:04.0845 0x07fc [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:50:04.0848 0x07fc NDProxy - ok
17:50:04.0862 0x07fc [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:50:04.0864 0x07fc NetBIOS - ok
17:50:04.0905 0x07fc [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:50:04.0916 0x07fc NetBT - ok
17:50:04.0927 0x07fc [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] Netlogon C:\Windows\system32\lsass.exe
17:50:04.0929 0x07fc Netlogon - ok
17:50:04.0975 0x07fc [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
17:50:04.0990 0x07fc Netman - ok
17:50:05.0015 0x07fc [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:50:05.0019 0x07fc NetMsmqActivator - ok
17:50:05.0025 0x07fc [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:50:05.0028 0x07fc NetPipeActivator - ok
17:50:05.0052 0x07fc [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
17:50:05.0065 0x07fc netprofm - ok
17:50:05.0071 0x07fc [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:50:05.0074 0x07fc NetTcpActivator - ok
17:50:05.0080 0x07fc [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:50:05.0083 0x07fc NetTcpPortSharing - ok
17:50:05.0292 0x07fc [ 64428DFDAF6E88366CB51F45A79C5F69, 31187D38C1AB52120A3CB7AC3CE47ED9682AC37B0F06B9A9610C0065DD4E7B13 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
17:50:05.0439 0x07fc netw5v64 - ok
17:50:05.0466 0x07fc [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
17:50:05.0469 0x07fc nfrd960 - ok
17:50:05.0507 0x07fc [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:50:05.0517 0x07fc NlaSvc - ok
17:50:05.0580 0x07fc [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:50:05.0582 0x07fc Npfs - ok
17:50:05.0619 0x07fc [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
17:50:05.0623 0x07fc nsi - ok
17:50:05.0648 0x07fc [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:50:05.0650 0x07fc nsiproxy - ok
17:50:05.0732 0x07fc [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:50:05.0773 0x07fc Ntfs - ok
17:50:05.0792 0x07fc [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
17:50:05.0793 0x07fc Null - ok
17:50:05.0826 0x07fc [ AD37248BD442D41C9A896E53EB8A85EE, 9CC50602480544DBD0B873B3444D355CC13CB97EC1BCA97F85668C45DEFE78C1 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
17:50:05.0829 0x07fc NVHDA - ok
17:50:06.0280 0x07fc [ 9FC53830053787FAD2078F39D3AB68DC, 784DD662FCEF60C131917728ABD27D6F004C605C6425E367041EDBCBC87BAEAB ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:50:06.0717 0x07fc nvlddmkm - ok
17:50:06.0775 0x07fc [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:50:06.0780 0x07fc nvraid - ok
17:50:06.0793 0x07fc [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:50:06.0798 0x07fc nvstor - ok
17:50:06.0866 0x07fc [ 9943F143D62C6A546C0995FEAE4B4784, 03D38184CD80D5272DEB1E1A55BD9EC24798A46451681094850226B022C4D978 ] nvsvc C:\Windows\system32\nvvsvc.exe
17:50:06.0894 0x07fc nvsvc - ok
17:50:06.0919 0x07fc [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:50:06.0923 0x07fc nv_agp - ok
17:50:07.0013 0x07fc [ 84DE1DD996B48B05ACE31AD015FA108A, 4B9D1E4EF83ECED6C77F23D9879C124534F7053D7423E3A2D0F67A4A720CEA94 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
17:50:07.0031 0x07fc odserv - ok
17:50:07.0065 0x07fc [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
17:50:07.0068 0x07fc ohci1394 - ok
17:50:07.0095 0x07fc [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:50:07.0103 0x07fc ose - ok
17:50:07.0162 0x07fc [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:50:07.0179 0x07fc p2pimsvc - ok
17:50:07.0211 0x07fc [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
17:50:07.0224 0x07fc p2psvc - ok
17:50:07.0247 0x07fc [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
17:50:07.0250 0x07fc Parport - ok
17:50:07.0281 0x07fc [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:50:07.0284 0x07fc partmgr - ok
17:50:07.0297 0x07fc [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
17:50:07.0303 0x07fc PcaSvc - ok
17:50:07.0327 0x07fc [ 81B5E63131090879AD6EF9F32109B88D, 581680BFE9B2BACBD5E55D807EFB17C69488AE3F5C61358B0955E1494FD3514E ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
17:50:07.0329 0x07fc pccsmcfd - ok
17:50:07.0365 0x07fc [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
17:50:07.0370 0x07fc pci - ok
17:50:07.0395 0x07fc [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
17:50:07.0396 0x07fc pciide - ok
17:50:07.0416 0x07fc [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
17:50:07.0423 0x07fc pcmcia - ok
17:50:07.0462 0x07fc [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
17:50:07.0464 0x07fc pcw - ok
17:50:07.0491 0x07fc [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:50:07.0509 0x07fc PEAUTH - ok
17:50:07.0592 0x07fc [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:50:07.0594 0x07fc PerfHost - ok
17:50:07.0734 0x07fc [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
17:50:07.0770 0x07fc pla - ok
17:50:07.0809 0x07fc [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:50:07.0821 0x07fc PlugPlay - ok
17:50:07.0848 0x07fc [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:50:07.0850 0x07fc PNRPAutoReg - ok
17:50:07.0872 0x07fc [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:50:07.0880 0x07fc PNRPsvc - ok
17:50:07.0926 0x07fc [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:50:07.0940 0x07fc PolicyAgent - ok
17:50:07.0975 0x07fc [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
17:50:07.0981 0x07fc Power - ok
17:50:08.0016 0x07fc [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:50:08.0023 0x07fc PptpMiniport - ok
17:50:08.0052 0x07fc [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
17:50:08.0055 0x07fc Processor - ok
17:50:08.0086 0x07fc [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
17:50:08.0095 0x07fc ProfSvc - ok
17:50:08.0111 0x07fc [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] ProtectedStorage C:\Windows\system32\lsass.exe
17:50:08.0113 0x07fc ProtectedStorage - ok
17:50:08.0145 0x07fc [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:50:08.0150 0x07fc Psched - ok
17:50:08.0231 0x07fc [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
17:50:08.0272 0x07fc ql2300 - ok
17:50:08.0291 0x07fc [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
17:50:08.0295 0x07fc ql40xx - ok
17:50:08.0330 0x07fc [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
17:50:08.0338 0x07fc QWAVE - ok
17:50:08.0355 0x07fc [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:50:08.0357 0x07fc QWAVEdrv - ok
17:50:08.0371 0x07fc [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:50:08.0373 0x07fc RasAcd - ok
17:50:08.0406 0x07fc [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:50:08.0409 0x07fc RasAgileVpn - ok
17:50:08.0445 0x07fc [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
17:50:08.0452 0x07fc RasAuto - ok
17:50:08.0487 0x07fc [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:50:08.0495 0x07fc Rasl2tp - ok
17:50:08.0548 0x07fc [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
17:50:08.0560 0x07fc RasMan - ok
17:50:08.0575 0x07fc [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:50:08.0579 0x07fc RasPppoe - ok
17:50:08.0595 0x07fc [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:50:08.0598 0x07fc RasSstp - ok
17:50:08.0624 0x07fc [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:50:08.0633 0x07fc rdbss - ok
17:50:08.0661 0x07fc [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
17:50:08.0662 0x07fc rdpbus - ok
17:50:08.0673 0x07fc [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:50:08.0674 0x07fc RDPCDD - ok
17:50:08.0689 0x07fc [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:50:08.0690 0x07fc RDPENCDD - ok
17:50:08.0712 0x07fc [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:50:08.0713 0x07fc RDPREFMP - ok
17:50:08.0754 0x07fc [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:50:08.0759 0x07fc RDPWD - ok
17:50:08.0800 0x07fc [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:50:08.0806 0x07fc rdyboost - ok
17:50:08.0848 0x07fc [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:50:08.0854 0x07fc RemoteRegistry - ok
17:50:08.0914 0x07fc [ 498EB62A160674E793FA40FD65390625, F7EFD480E6C95F5B6202EEB87F519A8A8187F7F26281FB3E302EDD1AD5771025 ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
17:50:08.0926 0x07fc RichVideo - ok
17:50:08.0937 0x07fc [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:50:08.0942 0x07fc RpcEptMapper - ok
17:50:08.0968 0x07fc [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
17:50:08.0970 0x07fc RpcLocator - ok
17:50:09.0017 0x07fc [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\System32\rpcss.dll
17:50:09.0040 0x07fc RpcSs - ok
17:50:09.0073 0x07fc [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:50:09.0075 0x07fc rspndr - ok
17:50:09.0109 0x07fc [ 5B04929EF24F87E239B880FAAE410E3A, 9159BBE85BE13AC7BD90A4B5F2BF591FED5C895E36BC65BE695FA146582EF8A8 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
17:50:09.0116 0x07fc RTL8167 - ok
17:50:09.0128 0x07fc [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] SamSs C:\Windows\system32\lsass.exe
17:50:09.0130 0x07fc SamSs - ok
17:50:09.0155 0x07fc [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:50:09.0159 0x07fc sbp2port - ok
17:50:09.0193 0x07fc [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:50:09.0199 0x07fc SCardSvr - ok
17:50:09.0229 0x07fc [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:50:09.0230 0x07fc scfilter - ok
17:50:09.0311 0x07fc [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
17:50:09.0342 0x07fc Schedule - ok
-
Second section of TDSSkiller :
17:50:09.0374 0x07fc [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
17:50:09.0377 0x07fc SCPolicySvc - ok
17:50:09.0403 0x07fc [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus C:\Windows\system32\drivers\sdbus.sys
17:50:09.0406 0x07fc sdbus - ok
17:50:09.0442 0x07fc [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:50:09.0447 0x07fc SDRSVC - ok
17:50:09.0606 0x07fc [ 98EF79CC2B07398AC525F9EA1AE0366F, D0D5D69696ED339F363024AF3271867F4C55572C67FD0F2AA27D24B37982E39A ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
17:50:09.0686 0x07fc SDScannerService - ok
17:50:09.0741 0x07fc [ 14BF6B3AB327D519ED007CDDC56F6900, 4E5DC4AF45347C885E0E87F205EE1F95BB4713A0B581CD7317FBEEE2A9628982 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
17:50:09.0767 0x07fc SDUpdateService - ok
17:50:09.0794 0x07fc [ 820EBE67AB99F033FDE25B2692157991, A9E86FE6EFD3CFD4EA1A26121C706335A6791CC6F81EE98AE2BE7EA566ECFEBB ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
17:50:09.0799 0x07fc SDWSCService - ok
17:50:09.0834 0x07fc [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:50:09.0836 0x07fc secdrv - ok
17:50:09.0869 0x07fc [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
17:50:09.0873 0x07fc seclogon - ok
17:50:09.0907 0x07fc [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\system32\sens.dll
17:50:09.0912 0x07fc SENS - ok
17:50:09.0927 0x07fc [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:50:09.0931 0x07fc SensrSvc - ok
17:50:09.0954 0x07fc [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
17:50:09.0956 0x07fc Serenum - ok
17:50:09.0975 0x07fc [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
17:50:09.0979 0x07fc Serial - ok
17:50:10.0006 0x07fc [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
17:50:10.0007 0x07fc sermouse - ok
17:50:10.0078 0x07fc [ 9D38320BB32230349379DF5DDBBF7FCE, 8AAA8B0B60E65F596C3276DCCD0D8146B40172B6D509B597EDFDA46AC8A72A4C ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
17:50:10.0094 0x07fc ServiceLayer - ok
17:50:10.0150 0x07fc [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
17:50:10.0154 0x07fc SessionEnv - ok
17:50:10.0188 0x07fc [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:50:10.0190 0x07fc sffdisk - ok
17:50:10.0204 0x07fc [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:50:10.0205 0x07fc sffp_mmc - ok
17:50:10.0214 0x07fc [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:50:10.0215 0x07fc sffp_sd - ok
17:50:10.0227 0x07fc [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
17:50:10.0229 0x07fc sfloppy - ok
17:50:10.0278 0x07fc [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:50:10.0288 0x07fc SharedAccess - ok
17:50:10.0317 0x07fc [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:50:10.0328 0x07fc ShellHWDetection - ok
17:50:10.0355 0x07fc [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:50:10.0357 0x07fc SiSRaid2 - ok
17:50:10.0380 0x07fc [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
17:50:10.0382 0x07fc SiSRaid4 - ok
17:50:10.0407 0x07fc [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:50:10.0411 0x07fc Smb - ok
17:50:10.0433 0x07fc [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:50:10.0435 0x07fc SNMPTRAP - ok
17:50:10.0459 0x07fc [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
17:50:10.0461 0x07fc spldr - ok
17:50:10.0505 0x07fc [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
17:50:10.0521 0x07fc Spooler - ok
17:50:10.0654 0x07fc [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
17:50:10.0743 0x07fc sppsvc - ok
17:50:10.0817 0x07fc [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:50:10.0823 0x07fc sppuinotify - ok
17:50:10.0873 0x07fc [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
17:50:10.0894 0x07fc srv - ok
17:50:10.0913 0x07fc [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:50:10.0923 0x07fc srv2 - ok
17:50:10.0958 0x07fc [ 0C4540311E11664B245A263E1154CEF8, 63376322BFFAFF2F166AF3FDD3F1A346C21FAE21F406F659F8630779D1D6525D ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
17:50:10.0966 0x07fc SrvHsfHDA - ok
17:50:11.0026 0x07fc [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11688F4252F4B89E ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
17:50:11.0069 0x07fc SrvHsfV92 - ok
17:50:11.0106 0x07fc [ 18E40C245DBFAF36FD0134A7EF2DF396, 0138A68958112101A5D3BD94114F320CE80B0C9A93E009AC78DE7415FCCC7DE7 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
17:50:11.0125 0x07fc SrvHsfWinac - ok
17:50:11.0158 0x07fc [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:50:11.0163 0x07fc srvnet - ok
17:50:11.0220 0x07fc [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:50:11.0227 0x07fc SSDPSRV - ok
17:50:11.0241 0x07fc [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:50:11.0244 0x07fc SstpSvc - ok
17:50:11.0334 0x07fc [ 7595D53EE8E8B0BAA9A2DDDE867EBB0C, 8EBBFA456D93E63AF9D64CC95A58651E2C1B1398B6052C0E65D3005AD5AC8CB5 ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe
17:50:11.0340 0x07fc STacSV - ok
17:50:11.0367 0x07fc Steam Client Service - ok
17:50:11.0393 0x07fc [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
17:50:11.0395 0x07fc stexstor - ok
17:50:11.0442 0x07fc [ DFFBC024DFC7BB05B2129E05CBC7A201, CA07944B864D7F3DA673040CF6314FECCAF80B8EADAF648392AE79697DAC15B4 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
17:50:11.0460 0x07fc STHDA - ok
17:50:11.0526 0x07fc [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
17:50:11.0543 0x07fc stisvc - ok
17:50:11.0581 0x07fc [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
17:50:11.0582 0x07fc swenum - ok
17:50:11.0626 0x07fc [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
17:50:11.0650 0x07fc swprv - ok
17:50:11.0701 0x07fc [ 3A706A967295E16511E40842B1A2761D, 593C53373AB6026DA80168CA8F636A67F831D4A07F6B8B601E17C486A22CA25C ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
17:50:11.0710 0x07fc SynTP - ok
17:50:11.0827 0x07fc [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
17:50:11.0876 0x07fc SysMain - ok
17:50:11.0923 0x07fc [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:50:11.0930 0x07fc TabletInputService - ok
17:50:11.0987 0x07fc [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
17:50:12.0005 0x07fc TapiSrv - ok
17:50:12.0030 0x07fc [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
17:50:12.0034 0x07fc TBS - ok
17:50:12.0127 0x07fc [ DB74544B75566C974815E79A62433F29, 035EBF70FDA28CF2B6C1FD7EE0ED703DB4B647064B5DBA6E258878A19B1BCCA4 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:50:12.0175 0x07fc Tcpip - ok
17:50:12.0229 0x07fc [ DB74544B75566C974815E79A62433F29, 035EBF70FDA28CF2B6C1FD7EE0ED703DB4B647064B5DBA6E258878A19B1BCCA4 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:50:12.0268 0x07fc TCPIP6 - ok
17:50:12.0318 0x07fc [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:50:12.0320 0x07fc tcpipreg - ok
17:50:12.0343 0x07fc [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:50:12.0344 0x07fc TDPIPE - ok
17:50:12.0378 0x07fc [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:50:12.0380 0x07fc TDTCP - ok
17:50:12.0415 0x07fc [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:50:12.0419 0x07fc tdx - ok
17:50:12.0451 0x07fc [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
17:50:12.0454 0x07fc TermDD - ok
17:50:12.0502 0x07fc [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
17:50:12.0524 0x07fc TermService - ok
17:50:12.0529 0x07fc TFsExDisk - ok
17:50:12.0591 0x07fc [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
17:50:12.0597 0x07fc Themes - ok
17:50:12.0622 0x07fc [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
17:50:12.0626 0x07fc THREADORDER - ok
17:50:12.0645 0x07fc [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
17:50:12.0653 0x07fc TrkWks - ok
17:50:12.0711 0x07fc [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:50:12.0721 0x07fc TrustedInstaller - ok
17:50:12.0747 0x07fc [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:50:12.0749 0x07fc tssecsrv - ok
17:50:12.0779 0x07fc [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
17:50:12.0781 0x07fc TsUsbFlt - ok
17:50:12.0813 0x07fc [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:50:12.0817 0x07fc tunnel - ok
17:50:12.0842 0x07fc [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
17:50:12.0844 0x07fc uagp35 - ok
17:50:12.0868 0x07fc [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:50:12.0877 0x07fc udfs - ok
17:50:12.0908 0x07fc [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:50:12.0911 0x07fc UI0Detect - ok
17:50:12.0938 0x07fc [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:50:12.0940 0x07fc uliagpkx - ok
17:50:12.0958 0x07fc [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
17:50:12.0960 0x07fc umbus - ok
17:50:12.0986 0x07fc [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
17:50:12.0987 0x07fc UmPass - ok
17:50:13.0028 0x07fc [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
17:50:13.0040 0x07fc upnphost - ok
17:50:13.0055 0x07fc [ 6F1A3157A1C89435352CEB543CDB359C, 325B46220779C5FE3B6F19FF794474837FAB9675D9C98ACB68CCE47B1CFE5F12 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:50:13.0058 0x07fc usbccgp - ok
17:50:13.0079 0x07fc [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:50:13.0082 0x07fc usbcir - ok
17:50:13.0098 0x07fc [ C025055FE7B87701EB042095DF1A2D7B, D7B34B6C2C5BD3C8141895AC21BB637EA5E3C4F7A85EEF4C4C36E6BB2045A3D9 ] usbehci C:\Windows\system32\drivers\usbehci.sys
17:50:13.0101 0x07fc usbehci - ok
17:50:13.0124 0x07fc [ 287C6C9410B111B68B52CA298F7B8C24, 98900C08FE662A00DF8B37837B2BEBF9ACB7989C387AF36B2109B05A4F462D4E ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:50:13.0134 0x07fc usbhub - ok
17:50:13.0156 0x07fc [ 9840FC418B4CBD632D3D0A667A725C31, 776D86A032DCA2842EF7AADB35473193CA80547223EFAA7F110F296C377077B0 ] usbohci C:\Windows\system32\drivers\usbohci.sys
17:50:13.0158 0x07fc usbohci - ok
17:50:13.0179 0x07fc [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:50:13.0181 0x07fc usbprint - ok
17:50:13.0198 0x07fc [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
17:50:13.0201 0x07fc USBSTOR - ok
17:50:13.0213 0x07fc [ 62069A34518BCF9C1FD9E74B3F6DB7CD, C58E21424718729324B285BEE1C96551540FCC3FD650B2D10895EBA48D981E25 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
17:50:13.0215 0x07fc usbuhci - ok
17:50:13.0236 0x07fc [ 454800C2BC7F3927CE030141EE4F4C50, 10901E62DAA70657C499AD590DECCCA6E46FDDF4A193B2F19279E1B8ED7B1E44 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
17:50:13.0241 0x07fc usbvideo - ok
17:50:13.0268 0x07fc [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
17:50:13.0270 0x07fc UxSms - ok
17:50:13.0278 0x07fc [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] VaultSvc C:\Windows\system32\lsass.exe
17:50:13.0280 0x07fc VaultSvc - ok
17:50:13.0310 0x07fc [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
17:50:13.0311 0x07fc vdrvroot - ok
17:50:13.0363 0x07fc [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
17:50:13.0388 0x07fc vds - ok
17:50:13.0411 0x07fc [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:50:13.0413 0x07fc vga - ok
17:50:13.0424 0x07fc [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
17:50:13.0426 0x07fc VgaSave - ok
17:50:13.0446 0x07fc [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
17:50:13.0452 0x07fc vhdmp - ok
17:50:13.0476 0x07fc [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
17:50:13.0477 0x07fc viaide - ok
17:50:13.0493 0x07fc [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:50:13.0496 0x07fc volmgr - ok
17:50:13.0533 0x07fc [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:50:13.0544 0x07fc volmgrx - ok
17:50:13.0581 0x07fc [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:50:13.0589 0x07fc volsnap - ok
17:50:13.0617 0x07fc [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
17:50:13.0622 0x07fc vsmraid - ok
17:50:13.0715 0x07fc [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
17:50:13.0757 0x07fc VSS - ok
17:50:13.0780 0x07fc [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
17:50:13.0781 0x07fc vwifibus - ok
17:50:13.0795 0x07fc [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
17:50:13.0798 0x07fc vwififlt - ok
17:50:13.0834 0x07fc [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
17:50:13.0846 0x07fc W32Time - ok
17:50:13.0861 0x07fc [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
17:50:13.0863 0x07fc WacomPen - ok
17:50:13.0894 0x07fc [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:50:13.0897 0x07fc WANARP - ok
17:50:13.0902 0x07fc [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:50:13.0904 0x07fc Wanarpv6 - ok
17:50:13.0974 0x07fc [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
17:50:14.0006 0x07fc WatAdminSvc - ok
17:50:14.0095 0x07fc [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
17:50:14.0135 0x07fc wbengine - ok
17:50:14.0172 0x07fc [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:50:14.0179 0x07fc WbioSrvc - ok
17:50:14.0214 0x07fc [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:50:14.0225 0x07fc wcncsvc - ok
17:50:14.0237 0x07fc [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:50:14.0241 0x07fc WcsPlugInService - ok
17:50:14.0266 0x07fc [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
17:50:14.0267 0x07fc Wd - ok
17:50:14.0317 0x07fc [ 442783E2CB0DA19873B7A63833FF4CB4, 09254970265476214F3187CC22A4F9C7C2769D419600E83FBE302C3A103E527F ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:50:14.0337 0x07fc Wdf01000 - ok
17:50:14.0352 0x07fc [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:50:14.0357 0x07fc WdiServiceHost - ok
17:50:14.0363 0x07fc [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:50:14.0366 0x07fc WdiSystemHost - ok
17:50:14.0401 0x07fc [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient C:\Windows\System32\webclnt.dll
17:50:14.0409 0x07fc WebClient - ok
17:50:14.0439 0x07fc [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:50:14.0447 0x07fc Wecsvc - ok
17:50:14.0467 0x07fc [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:50:14.0470 0x07fc wercplsupport - ok
17:50:14.0481 0x07fc [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
17:50:14.0485 0x07fc WerSvc - ok
17:50:14.0511 0x07fc [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:50:14.0512 0x07fc WfpLwf - ok
17:50:14.0525 0x07fc [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:50:14.0527 0x07fc WIMMount - ok
17:50:14.0549 0x07fc WinDefend - ok
17:50:14.0556 0x07fc WinHttpAutoProxySvc - ok
17:50:14.0608 0x07fc [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:50:14.0614 0x07fc Winmgmt - ok
17:50:14.0704 0x07fc [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
17:50:14.0756 0x07fc WinRM - ok
17:50:14.0796 0x07fc [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\drivers\WinUsb.sys
17:50:14.0798 0x07fc WinUsb - ok
17:50:14.0853 0x07fc [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
17:50:14.0877 0x07fc Wlansvc - ok
17:50:14.0909 0x07fc [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
17:50:14.0910 0x07fc WmiAcpi - ok
17:50:14.0938 0x07fc [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:50:14.0944 0x07fc wmiApSrv - ok
17:50:14.0976 0x07fc WMPNetworkSvc - ok
17:50:14.0992 0x07fc [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:50:14.0996 0x07fc WPCSvc - ok
17:50:15.0039 0x07fc [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:50:15.0047 0x07fc WPDBusEnum - ok
17:50:15.0071 0x07fc [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:50:15.0073 0x07fc ws2ifsl - ok
17:50:15.0104 0x07fc [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\system32\wscsvc.dll
17:50:15.0110 0x07fc wscsvc - ok
17:50:15.0115 0x07fc WSearch - ok
17:50:15.0242 0x07fc [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
17:50:15.0306 0x07fc wuauserv - ok
17:50:15.0336 0x07fc [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:50:15.0339 0x07fc WudfPf - ok
17:50:15.0364 0x07fc [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\drivers\WUDFRd.sys
17:50:15.0371 0x07fc WUDFRd - ok
17:50:15.0402 0x07fc [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:50:15.0406 0x07fc wudfsvc - ok
17:50:15.0442 0x07fc [ FE90B750AB808FB9DD8FBB428B5FF83B, 3F8F592EC813BE292D305A87C5BA852F8BC3D7CE610612D9871F209A17326AA8 ] WwanSvc C:\Windows\System32\wwansvc.dll
17:50:15.0450 0x07fc WwanSvc - ok
17:50:15.0498 0x07fc [ B3EEACF62445E24FBB2CD4B0FB4DB026, 2E5B6220094C47754233EDA59E6514CE47AC6C6879F367C72B2C02330EABE8E0 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
17:50:15.0517 0x07fc yukonw7 - ok
17:50:15.0524 0x07fc ================ Scan global ===============================
17:50:15.0584 0x07fc [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
17:50:15.0638 0x07fc [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
17:50:15.0661 0x07fc [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
17:50:15.0703 0x07fc [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
17:50:15.0720 0x07fc [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
17:50:15.0730 0x07fc [ Global ] - ok
17:50:15.0730 0x07fc ================ Scan MBR ==================================
17:50:15.0738 0x07fc [ A7E7BE339D9C58830FF6977CC431A93B ] \Device\Harddisk0\DR0
17:50:16.0055 0x07fc \Device\Harddisk0\DR0 - ok
17:50:16.0056 0x07fc ================ Scan VBR ==================================
17:50:16.0059 0x07fc [ 80E5B6E1006F0F5E2B295D0B7DA9FCAF ] \Device\Harddisk0\DR0\Partition1
17:50:16.0063 0x07fc \Device\Harddisk0\DR0\Partition1 - ok
17:50:16.0095 0x07fc [ 0D3EC40A050C6A9398A9F57B97287594 ] \Device\Harddisk0\DR0\Partition2
17:50:16.0096 0x07fc \Device\Harddisk0\DR0\Partition2 - ok
17:50:16.0123 0x07fc [ 189198D8D7B9418CFEA6674273890776 ] \Device\Harddisk0\DR0\Partition3
17:50:16.0125 0x07fc \Device\Harddisk0\DR0\Partition3 - ok
17:50:16.0143 0x07fc [ BB3597AD0364199CFBE1A72A4E2D5146 ] \Device\Harddisk0\DR0\Partition4
17:50:16.0145 0x07fc \Device\Harddisk0\DR0\Partition4 - ok
17:50:16.0145 0x07fc Waiting for KSN requests completion. In queue: 318
17:50:17.0145 0x07fc Waiting for KSN requests completion. In queue: 318
17:50:18.0145 0x07fc Waiting for KSN requests completion. In queue: 318
17:50:19.0145 0x07fc Waiting for KSN requests completion. In queue: 306
17:50:20.0145 0x07fc Waiting for KSN requests completion. In queue: 306
17:50:21.0307 0x07fc Win FW state via NFP2: enabled
17:50:23.0787 0x07fc ============================================================
17:50:23.0787 0x07fc Scan finished
17:50:23.0787 0x07fc ============================================================
17:50:23.0797 0x11bc Detected object count: 0
17:50:23.0797 0x11bc Actual detected object count: 0
17:51:24.0592 0x0f58 ============================================================
17:51:24.0592 0x0f58 Scan started
17:51:24.0592 0x0f58 Mode: Manual; TDLFS;
17:51:24.0592 0x0f58 ============================================================
17:51:24.0592 0x0f58 KSN ping started
17:51:27.0088 0x0f58 KSN ping finished: true
17:51:27.0281 0x0f58 ================ Scan system memory ========================
17:51:27.0281 0x0f58 System memory - ok
17:51:27.0282 0x0f58 ================ Scan services =============================
17:51:27.0466 0x0f58 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
17:51:27.0476 0x0f58 1394ohci - ok
17:51:27.0513 0x0f58 [ 3E2427D4966C7606097341E55AB4E105, 59A06E65A746D511BF76736A11DF4DA0692D8212ECEB2419238D6615A83388A4 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
17:51:27.0514 0x0f58 Accelerometer - ok
17:51:27.0554 0x0f58 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:51:27.0567 0x0f58 ACPI - ok
17:51:27.0591 0x0f58 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
17:51:27.0592 0x0f58 AcpiPmi - ok
17:51:27.0627 0x0f58 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
17:51:27.0638 0x0f58 adp94xx - ok
17:51:27.0668 0x0f58 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
17:51:27.0675 0x0f58 adpahci - ok
17:51:27.0712 0x0f58 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
17:51:27.0716 0x0f58 adpu320 - ok
17:51:27.0750 0x0f58 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:51:27.0752 0x0f58 AeLookupSvc - ok
17:51:27.0851 0x0f58 [ A6FB9DB8F1A86861D955FD6975977AE0, 788C6EE50719227D7A9B7F08C8D5E1289FCD0E8AC23A1021A5093D2E8368F696 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
17:51:27.0854 0x0f58 AESTFilters - ok
17:51:27.0924 0x0f58 [ 1C7857B62DE5994A75B054A9FD4C3825, 83F963D7E636532B1AD30B1E727EC429317CA540F6EB3BB268FCC0B163B67767 ] AFD C:\Windows\system32\drivers\afd.sys
17:51:27.0941 0x0f58 AFD - ok
17:51:27.0996 0x0f58 [ 98022774D9930ECBB292E70DB7601DF6, BE64A40B9BE997D73C0FC14D97E204C9D886EDA07EC4C9391A70CE477084E5F1 ] AgereSoftModem C:\Windows\system32\DRIVERS\agrsm64.sys
17:51:28.0020 0x0f58 AgereSoftModem - ok
17:51:28.0047 0x0f58 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
17:51:28.0049 0x0f58 agp440 - ok
17:51:28.0076 0x0f58 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
17:51:28.0078 0x0f58 ALG - ok
17:51:28.0099 0x0f58 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
17:51:28.0100 0x0f58 aliide - ok
17:51:28.0130 0x0f58 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
17:51:28.0131 0x0f58 amdide - ok
17:51:28.0155 0x0f58 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
17:51:28.0156 0x0f58 AmdK8 - ok
17:51:28.0162 0x0f58 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
17:51:28.0164 0x0f58 AmdPPM - ok
17:51:28.0181 0x0f58 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:51:28.0184 0x0f58 amdsata - ok
17:51:28.0209 0x0f58 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
17:51:28.0213 0x0f58 amdsbs - ok
17:51:28.0246 0x0f58 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:51:28.0247 0x0f58 amdxata - ok
17:51:28.0279 0x0f58 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
17:51:28.0280 0x0f58 AppID - ok
17:51:28.0310 0x0f58 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:51:28.0312 0x0f58 AppIDSvc - ok
17:51:28.0351 0x0f58 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
17:51:28.0354 0x0f58 Appinfo - ok
17:51:28.0367 0x0f58 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
17:51:28.0370 0x0f58 arc - ok
17:51:28.0388 0x0f58 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
17:51:28.0391 0x0f58 arcsas - ok
17:51:28.0473 0x0f58 [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:51:28.0476 0x0f58 aspnet_state - ok
17:51:28.0504 0x0f58 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:51:28.0506 0x0f58 AsyncMac - ok
17:51:28.0535 0x0f58 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
17:51:28.0537 0x0f58 atapi - ok
17:51:28.0586 0x0f58 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:51:28.0600 0x0f58 AudioEndpointBuilder - ok
17:51:28.0621 0x0f58 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:51:28.0635 0x0f58 AudioSrv - ok
17:51:28.0669 0x0f58 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:51:28.0672 0x0f58 AxInstSV - ok
17:51:28.0705 0x0f58 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
17:51:28.0715 0x0f58 b06bdrv - ok
17:51:28.0747 0x0f58 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
17:51:28.0752 0x0f58 b57nd60a - ok
17:51:28.0873 0x0f58 [ 7B6EAAA086DDE01D4C7FF215720987C6, 83FD154271D4134DD16E9EF3C245BD5085EFF39CF081F63B311AD2C5E3504AB7 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
17:51:28.0931 0x0f58 BCM43XX - ok
17:51:28.0955 0x0f58 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
17:51:28.0958 0x0f58 BDESVC - ok
17:51:28.0974 0x0f58 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
17:51:28.0974 0x0f58 Beep - ok
17:51:29.0029 0x0f58 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
17:51:29.0044 0x0f58 BFE - ok
17:51:29.0094 0x0f58 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\system32\qmgr.dll
17:51:29.0113 0x0f58 BITS - ok
17:51:29.0133 0x0f58 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:51:29.0134 0x0f58 blbdrive - ok
17:51:29.0165 0x0f58 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:51:29.0167 0x0f58 bowser - ok
17:51:29.0191 0x0f58 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:51:29.0192 0x0f58 BrFiltLo - ok
17:51:29.0196 0x0f58 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:51:29.0197 0x0f58 BrFiltUp - ok
17:51:29.0218 0x0f58 [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
17:51:29.0220 0x0f58 BridgeMP - ok
17:51:29.0264 0x0f58 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
17:51:29.0267 0x0f58 Browser - ok
17:51:29.0292 0x0f58 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:51:29.0298 0x0f58 Brserid - ok
17:51:29.0304 0x0f58 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:51:29.0305 0x0f58 BrSerWdm - ok
17:51:29.0314 0x0f58 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:51:29.0315 0x0f58 BrUsbMdm - ok
17:51:29.0332 0x0f58 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:51:29.0333 0x0f58 BrUsbSer - ok
17:51:29.0339 0x0f58 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
17:51:29.0341 0x0f58 BTHMODEM - ok
17:51:29.0378 0x0f58 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
17:51:29.0380 0x0f58 bthserv - ok
17:51:29.0383 0x0f58 catchme - ok
17:51:29.0402 0x0f58 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:51:29.0404 0x0f58 cdfs - ok
17:51:29.0439 0x0f58 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\drivers\cdrom.sys
17:51:29.0442 0x0f58 cdrom - ok
17:51:29.0470 0x0f58 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
17:51:29.0472 0x0f58 CertPropSvc - ok
17:51:29.0483 0x0f58 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
17:51:29.0485 0x0f58 circlass - ok
17:51:29.0503 0x0f58 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
17:51:29.0511 0x0f58 CLFS - ok
17:51:29.0566 0x0f58 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:51:29.0569 0x0f58 clr_optimization_v2.0.50727_32 - ok
17:51:29.0622 0x0f58 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:51:29.0627 0x0f58 clr_optimization_v2.0.50727_64 - ok
17:51:29.0681 0x0f58 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:51:29.0686 0x0f58 clr_optimization_v4.0.30319_32 - ok
17:51:29.0709 0x0f58 [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:51:29.0713 0x0f58 clr_optimization_v4.0.30319_64 - ok
17:51:29.0726 0x0f58 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:51:29.0726 0x0f58 CmBatt - ok
17:51:29.0742 0x0f58 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:51:29.0742 0x0f58 cmdide - ok
17:51:29.0782 0x0f58 [ 9AC4F97C2D3E93367E2148EA940CD2CD, 530E089E5CF868AECDB2B5548EBE76E0CA98FC74A72897292AB2485734402E3B ] CNG C:\Windows\system32\Drivers\cng.sys
17:51:29.0792 0x0f58 CNG - ok
17:51:29.0864 0x0f58 [ F9A79C5B27037821112C50A9C8FB367A, D9990AE1A0CA767E54C9D3FD2C6EA2A068DFD5A270102E915F71648A0C59097B ] Com4QLBEx C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
17:51:29.0871 0x0f58 Com4QLBEx - ok
17:51:29.0885 0x0f58 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:51:29.0886 0x0f58 Compbatt - ok
17:51:29.0915 0x0f58 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
17:51:29.0916 0x0f58 CompositeBus - ok
17:51:29.0922 0x0f58 COMSysApp - ok
17:51:29.0946 0x0f58 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
17:51:29.0948 0x0f58 crcdisk - ok
17:51:29.0982 0x0f58 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:51:29.0989 0x0f58 CryptSvc - ok
17:51:30.0043 0x0f58 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:51:30.0061 0x0f58 DcomLaunch - ok
17:51:30.0107 0x0f58 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
17:51:30.0120 0x0f58 defragsvc - ok
17:51:30.0162 0x0f58 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:51:30.0167 0x0f58 DfsC - ok
17:51:30.0190 0x0f58 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
17:51:30.0198 0x0f58 Dhcp - ok
17:51:30.0221 0x0f58 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
17:51:30.0222 0x0f58 discache - ok
17:51:30.0234 0x0f58 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
17:51:30.0236 0x0f58 Disk - ok
17:51:30.0273 0x0f58 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:51:30.0278 0x0f58 Dnscache - ok
17:51:30.0316 0x0f58 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
17:51:30.0323 0x0f58 dot3svc - ok
17:51:30.0359 0x0f58 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
17:51:30.0364 0x0f58 DPS - ok
17:51:30.0380 0x0f58 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:51:30.0381 0x0f58 drmkaud - ok
17:51:30.0425 0x0f58 [ 46571ED73AE84469DCA53081D33CF3C8, 8BB386BB4F6AD39F06A8607CD1DF3D67CFA45BBE52E40EDB90EB8C862283EBFF ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
17:51:30.0432 0x0f58 dtsoftbus01 - ok
17:51:30.0502 0x0f58 [ AF2E16242AA723F68F461B6EAE2EAD3D, 3973633C6D231DB8D92DE310D3A0836C64639B9A20C6C56385FB218A707C1BC3 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:51:30.0526 0x0f58 DXGKrnl - ok
17:51:30.0550 0x0f58 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
17:51:30.0552 0x0f58 EapHost - ok
17:51:30.0660 0x0f58 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
17:51:30.0730 0x0f58 ebdrv - ok
17:51:30.0765 0x0f58 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] EFS C:\Windows\System32\lsass.exe
17:51:30.0767 0x0f58 EFS - ok
17:51:30.0832 0x0f58 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:51:30.0849 0x0f58 ehRecvr - ok
17:51:30.0885 0x0f58 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
17:51:30.0888 0x0f58 ehSched - ok
17:51:30.0924 0x0f58 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
17:51:30.0935 0x0f58 elxstor - ok
17:51:30.0961 0x0f58 [ 524C79054636D2E5751169005006460B, 1EBA5972E13C5BB07BBD94D6647B86469B4910F60A3C8BDDC6BB5736EF99C9C3 ] enecir C:\Windows\system32\DRIVERS\enecir.sys
17:51:30.0962 0x0f58 enecir - ok
17:51:30.0992 0x0f58 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:51:30.0993 0x0f58 ErrDev - ok
17:51:31.0032 0x0f58 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
17:51:31.0048 0x0f58 EventSystem - ok
17:51:31.0084 0x0f58 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
17:51:31.0088 0x0f58 exfat - ok
17:51:31.0106 0x0f58 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:51:31.0111 0x0f58 fastfat - ok
17:51:31.0184 0x0f58 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
17:51:31.0209 0x0f58 Fax - ok
17:51:31.0233 0x0f58 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
17:51:31.0233 0x0f58 fdc - ok
17:51:31.0243 0x0f58 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
17:51:31.0244 0x0f58 fdPHost - ok
17:51:31.0254 0x0f58 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
17:51:31.0255 0x0f58 FDResPub - ok
17:51:31.0266 0x0f58 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:51:31.0267 0x0f58 FileInfo - ok
17:51:31.0277 0x0f58 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:51:31.0278 0x0f58 Filetrace - ok
17:51:31.0289 0x0f58 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
17:51:31.0290 0x0f58 flpydisk - ok
17:51:31.0310 0x0f58 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:51:31.0316 0x0f58 FltMgr - ok
17:51:31.0396 0x0f58 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
17:51:31.0423 0x0f58 FontCache - ok
17:51:31.0471 0x0f58 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:51:31.0473 0x0f58 FontCache3.0.0.0 - ok
17:51:31.0486 0x0f58 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:51:31.0489 0x0f58 FsDepends - ok
17:51:31.0525 0x0f58 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:51:31.0527 0x0f58 Fs_Rec - ok
17:51:31.0566 0x0f58 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:51:31.0575 0x0f58 fvevol - ok
17:51:31.0599 0x0f58 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
17:51:31.0601 0x0f58 gagp30kx - ok
17:51:31.0673 0x0f58 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
17:51:31.0701 0x0f58 gpsvc - ok
17:51:31.0709 0x0f58 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:51:31.0710 0x0f58 hcw85cir - ok
17:51:31.0751 0x0f58 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:51:31.0759 0x0f58 HdAudAddService - ok
17:51:31.0778 0x0f58 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
17:51:31.0781 0x0f58 HDAudBus - ok
17:51:31.0786 0x0f58 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
17:51:31.0787 0x0f58 HidBatt - ok
17:51:31.0817 0x0f58 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
17:51:31.0819 0x0f58 HidBth - ok
17:51:31.0834 0x0f58 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
17:51:31.0835 0x0f58 HidIr - ok
17:51:31.0855 0x0f58 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\System32\hidserv.dll
17:51:31.0857 0x0f58 hidserv - ok
17:51:31.0870 0x0f58 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\drivers\hidusb.sys
17:51:31.0871 0x0f58 HidUsb - ok
17:51:31.0904 0x0f58 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:51:31.0907 0x0f58 hkmsvc - ok
17:51:31.0944 0x0f58 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:51:31.0950 0x0f58 HomeGroupListener - ok
17:51:31.0991 0x0f58 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:51:32.0001 0x0f58 HomeGroupProvider - ok
17:51:32.0031 0x0f58 [ CCBE758967CC0F53F5BA3B271653C4E6, B050B39A209CC30A801E0F903AE441B0F0C50DFAE747E71E4016F8D7552B2AE8 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
17:51:32.0032 0x0f58 hpdskflt - ok
17:51:32.0044 0x0f58 [ 9AF482D058BE59CC28BCE52E7C4B747C, 2D150CD0C82B575CDE2E1B3941FD72EFCB254850D6FF1D7C40D3B29643018EFF ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
17:51:32.0044 0x0f58 HpqKbFiltr - ok
17:51:32.0088 0x0f58 [ FDF273A845F1FFCCEADF363AAF47582F, 9BB99346A977225EF77261CD3CF4219A238EB06FFE2DB91D00A0037BDCFECEF1 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
17:51:32.0098 0x0f58 hpqwmiex - ok
17:51:32.0144 0x0f58 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:51:32.0148 0x0f58 HpSAMD - ok
17:51:32.0183 0x0f58 [ E2223A37896A76861D7F79FD81A2A193, 9AFB0188CA5ED8A4F01FC7C8C4835097312AC15B754684880C6A1E48634ED687 ] hpsrv C:\Windows\system32\Hpservice.exe
17:51:32.0185 0x0f58 hpsrv - ok
17:51:32.0255 0x0f58 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:51:32.0275 0x0f58 HTTP - ok
17:51:32.0307 0x0f58 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:51:32.0308 0x0f58 hwpolicy - ok
17:51:32.0336 0x0f58 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
17:51:32.0338 0x0f58 i8042prt - ok
17:51:32.0372 0x0f58 [ BBB3B6DF1ABB0FE35802EDE85CC1C011, 6E1FA8519A7D417969244E807D2863B39656169A925966045036A989A5EB611D ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
17:51:32.0381 0x0f58 iaStor - ok
17:51:32.0407 0x0f58 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:51:32.0416 0x0f58 iaStorV - ok
17:51:32.0461 0x0f58 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:51:32.0479 0x0f58 idsvc - ok
17:51:32.0703 0x0f58 [ A87261EF1546325B559374F5689CF5BC, 8DE48A8A13A32AAAC54CDDF58F3F61BE3E2802C1D9CA1CA98E57EB0D65FB6002 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
17:51:32.0827 0x0f58 igfx - ok
17:51:32.0866 0x0f58 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
17:51:32.0867 0x0f58 iirsp - ok
17:51:32.0924 0x0f58 [ FCD84C381E0140AF901E58D48882D26B, 76955FFC230C801E8ED890E32076075F04CD6E5EC79E594FDE6D23797A36B406 ] IKEEXT C:\Windows\System32\ikeext.dll
17:51:32.0943 0x0f58 IKEEXT - ok
17:51:32.0974 0x0f58 [ 4FF8A2082D78255D2EB169F986BCC981, FC3AB8C5845ABBB0CC0C5860281997537B42FF39D873B90F82EF1E8393AF40CF ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
17:51:32.0977 0x0f58 Impcd - ok
17:51:33.0000 0x0f58 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
17:51:33.0001 0x0f58 intelide - ok
17:51:33.0024 0x0f58 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:51:33.0026 0x0f58 intelppm - ok
17:51:33.0051 0x0f58 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:51:33.0053 0x0f58 IPBusEnum - ok
17:51:33.0084 0x0f58 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:51:33.0086 0x0f58 IpFilterDriver - ok
17:51:33.0137 0x0f58 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:51:33.0151 0x0f58 iphlpsvc - ok
-
3/3 TDSSkiller :
17:51:33.0183 0x0f58 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
17:51:33.0185 0x0f58 IPMIDRV - ok
17:51:33.0212 0x0f58 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:51:33.0215 0x0f58 IPNAT - ok
17:51:33.0227 0x0f58 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:51:33.0228 0x0f58 IRENUM - ok
17:51:33.0239 0x0f58 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:51:33.0239 0x0f58 isapnp - ok
17:51:33.0263 0x0f58 [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
17:51:33.0270 0x0f58 iScsiPrt - ok
17:51:33.0296 0x0f58 [ F8844B00C10E386C704C610E95A9847D, 3E3CFDDD0DD9E98542BAE07ED9CF922D98370C94BE364BA84F677EAA01ED775A ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
17:51:33.0299 0x0f58 JMCR - ok
17:51:33.0313 0x0f58 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
17:51:33.0315 0x0f58 kbdclass - ok
17:51:33.0326 0x0f58 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
17:51:33.0327 0x0f58 kbdhid - ok
17:51:33.0340 0x0f58 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] KeyIso C:\Windows\system32\lsass.exe
17:51:33.0342 0x0f58 KeyIso - ok
17:51:33.0371 0x0f58 [ 97A7070AEA4C058B6418519E869A63B4, 15345C2D6CA159BD498002974A0BD21CAB611124D85E3320248B47652AEF23C8 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:51:33.0373 0x0f58 KSecDD - ok
17:51:33.0403 0x0f58 [ 26C43A7C2862447EC59DEDA188D1DA07, 5363BF87E650FE2010ACA9417D6920FF4ED752256FF47732882E9B2BA1ED154B ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:51:33.0406 0x0f58 KSecPkg - ok
17:51:33.0417 0x0f58 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:51:33.0418 0x0f58 ksthunk - ok
17:51:33.0455 0x0f58 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
17:51:33.0463 0x0f58 KtmRm - ok
17:51:33.0505 0x0f58 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\System32\srvsvc.dll
17:51:33.0511 0x0f58 LanmanServer - ok
17:51:33.0539 0x0f58 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:51:33.0543 0x0f58 LanmanWorkstation - ok
17:51:33.0572 0x0f58 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:51:33.0573 0x0f58 lltdio - ok
17:51:33.0623 0x0f58 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:51:33.0637 0x0f58 lltdsvc - ok
17:51:33.0654 0x0f58 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:51:33.0656 0x0f58 lmhosts - ok
17:51:33.0685 0x0f58 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
17:51:33.0688 0x0f58 LSI_FC - ok
17:51:33.0697 0x0f58 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
17:51:33.0700 0x0f58 LSI_SAS - ok
17:51:33.0728 0x0f58 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:51:33.0730 0x0f58 LSI_SAS2 - ok
17:51:33.0753 0x0f58 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:51:33.0755 0x0f58 LSI_SCSI - ok
17:51:33.0778 0x0f58 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
17:51:33.0781 0x0f58 luafv - ok
17:51:33.0814 0x0f58 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:51:33.0816 0x0f58 Mcx2Svc - ok
17:51:33.0840 0x0f58 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
17:51:33.0841 0x0f58 megasas - ok
17:51:33.0866 0x0f58 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
17:51:33.0872 0x0f58 MegaSR - ok
17:51:33.0899 0x0f58 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
17:51:33.0902 0x0f58 MMCSS - ok
17:51:33.0918 0x0f58 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
17:51:33.0919 0x0f58 Modem - ok
17:51:33.0924 0x0f58 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:51:33.0925 0x0f58 monitor - ok
17:51:33.0958 0x0f58 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\drivers\mouclass.sys
17:51:33.0960 0x0f58 mouclass - ok
17:51:33.0970 0x0f58 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:51:33.0971 0x0f58 mouhid - ok
17:51:34.0004 0x0f58 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:51:34.0006 0x0f58 mountmgr - ok
17:51:34.0051 0x0f58 [ 0329A45C849C9D77901094B8FFE8BBB9, 2151C15A4185FABBC3367B8213017B45E08C43E26E1D8942E707E217C6A5EDA7 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:51:34.0054 0x0f58 MozillaMaintenance - ok
17:51:34.0071 0x0f58 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
17:51:34.0074 0x0f58 mpio - ok
17:51:34.0093 0x0f58 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:51:34.0095 0x0f58 mpsdrv - ok
17:51:34.0160 0x0f58 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:51:34.0181 0x0f58 MpsSvc - ok
17:51:34.0227 0x0f58 [ DC722758B8261E1ABAFD31A3C0A66380, 88BBE073E2CCD1DAB4656DDC53D5161E8A91D035ADAC1465D0CEBA86F1BB6D9A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:51:34.0230 0x0f58 MRxDAV - ok
17:51:34.0274 0x0f58 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:51:34.0281 0x0f58 mrxsmb - ok
17:51:34.0361 0x0f58 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:51:34.0369 0x0f58 mrxsmb10 - ok
17:51:34.0398 0x0f58 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:51:34.0401 0x0f58 mrxsmb20 - ok
17:51:34.0623 0x0f58 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
17:51:34.0624 0x0f58 msahci - ok
17:51:34.0772 0x0f58 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:51:34.0777 0x0f58 msdsm - ok
17:51:34.0850 0x0f58 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
17:51:34.0858 0x0f58 MSDTC - ok
17:51:34.0938 0x0f58 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:51:34.0940 0x0f58 Msfs - ok
17:51:34.0972 0x0f58 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:51:34.0972 0x0f58 mshidkmdf - ok
17:51:35.0023 0x0f58 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:51:35.0024 0x0f58 msisadrv - ok
17:51:35.0103 0x0f58 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:51:35.0109 0x0f58 MSiSCSI - ok
17:51:35.0116 0x0f58 msiserver - ok
17:51:35.0151 0x0f58 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:51:35.0152 0x0f58 MSKSSRV - ok
17:51:35.0174 0x0f58 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:51:35.0175 0x0f58 MSPCLOCK - ok
17:51:35.0206 0x0f58 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:51:35.0206 0x0f58 MSPQM - ok
17:51:35.0255 0x0f58 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:51:35.0263 0x0f58 MsRPC - ok
17:51:35.0287 0x0f58 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
17:51:35.0288 0x0f58 mssmbios - ok
17:51:35.0304 0x0f58 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:51:35.0304 0x0f58 MSTEE - ok
17:51:35.0335 0x0f58 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
17:51:35.0336 0x0f58 MTConfig - ok
17:51:35.0351 0x0f58 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
17:51:35.0353 0x0f58 Mup - ok
17:51:35.0474 0x0f58 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
17:51:35.0498 0x0f58 napagent - ok
17:51:35.0545 0x0f58 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:51:35.0556 0x0f58 NativeWifiP - ok
17:51:35.0810 0x0f58 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
17:51:35.0837 0x0f58 NDIS - ok
17:51:35.0864 0x0f58 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:51:35.0865 0x0f58 NdisCap - ok
17:51:35.0877 0x0f58 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:51:35.0878 0x0f58 NdisTapi - ok
17:51:35.0920 0x0f58 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:51:35.0922 0x0f58 Ndisuio - ok
17:51:35.0962 0x0f58 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:51:35.0968 0x0f58 NdisWan - ok
17:51:36.0009 0x0f58 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:51:36.0012 0x0f58 NDProxy - ok
17:51:36.0042 0x0f58 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:51:36.0043 0x0f58 NetBIOS - ok
17:51:36.0106 0x0f58 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:51:36.0112 0x0f58 NetBT - ok
17:51:36.0133 0x0f58 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] Netlogon C:\Windows\system32\lsass.exe
17:51:36.0134 0x0f58 Netlogon - ok
17:51:36.0214 0x0f58 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
17:51:36.0231 0x0f58 Netman - ok
17:51:36.0254 0x0f58 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:51:36.0258 0x0f58 NetMsmqActivator - ok
17:51:36.0270 0x0f58 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:51:36.0273 0x0f58 NetPipeActivator - ok
17:51:36.0327 0x0f58 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
17:51:36.0343 0x0f58 netprofm - ok
17:51:36.0355 0x0f58 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:51:36.0358 0x0f58 NetTcpActivator - ok
17:51:36.0365 0x0f58 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:51:36.0368 0x0f58 NetTcpPortSharing - ok
17:51:36.0677 0x0f58 [ 64428DFDAF6E88366CB51F45A79C5F69, 31187D38C1AB52120A3CB7AC3CE47ED9682AC37B0F06B9A9610C0065DD4E7B13 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
17:51:36.0788 0x0f58 netw5v64 - ok
17:51:36.0813 0x0f58 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
17:51:36.0815 0x0f58 nfrd960 - ok
17:51:36.0899 0x0f58 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:51:36.0910 0x0f58 NlaSvc - ok
17:51:36.0936 0x0f58 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:51:36.0938 0x0f58 Npfs - ok
17:51:36.0966 0x0f58 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
17:51:36.0968 0x0f58 nsi - ok
17:51:36.0994 0x0f58 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:51:36.0995 0x0f58 nsiproxy - ok
17:51:37.0130 0x0f58 [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:51:37.0164 0x0f58 Ntfs - ok
17:51:37.0197 0x0f58 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
17:51:37.0198 0x0f58 Null - ok
17:51:37.0242 0x0f58 [ AD37248BD442D41C9A896E53EB8A85EE, 9CC50602480544DBD0B873B3444D355CC13CB97EC1BCA97F85668C45DEFE78C1 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
17:51:37.0246 0x0f58 NVHDA - ok
17:51:37.0911 0x0f58 [ 9FC53830053787FAD2078F39D3AB68DC, 784DD662FCEF60C131917728ABD27D6F004C605C6425E367041EDBCBC87BAEAB ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:51:38.0195 0x0f58 nvlddmkm - ok
17:51:38.0292 0x0f58 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:51:38.0298 0x0f58 nvraid - ok
17:51:38.0318 0x0f58 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:51:38.0324 0x0f58 nvstor - ok
17:51:38.0403 0x0f58 [ 9943F143D62C6A546C0995FEAE4B4784, 03D38184CD80D5272DEB1E1A55BD9EC24798A46451681094850226B022C4D978 ] nvsvc C:\Windows\system32\nvvsvc.exe
17:51:38.0426 0x0f58 nvsvc - ok
17:51:38.0450 0x0f58 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:51:38.0452 0x0f58 nv_agp - ok
17:51:38.0552 0x0f58 [ 84DE1DD996B48B05ACE31AD015FA108A, 4B9D1E4EF83ECED6C77F23D9879C124534F7053D7423E3A2D0F67A4A720CEA94 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
17:51:38.0565 0x0f58 odserv - ok
17:51:38.0596 0x0f58 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
17:51:38.0598 0x0f58 ohci1394 - ok
17:51:38.0631 0x0f58 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:51:38.0634 0x0f58 ose - ok
17:51:38.0733 0x0f58 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:51:38.0747 0x0f58 p2pimsvc - ok
17:51:38.0804 0x0f58 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
17:51:38.0814 0x0f58 p2psvc - ok
17:51:38.0853 0x0f58 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
17:51:38.0855 0x0f58 Parport - ok
17:51:38.0887 0x0f58 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:51:38.0889 0x0f58 partmgr - ok
17:51:38.0919 0x0f58 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
17:51:38.0924 0x0f58 PcaSvc - ok
17:51:38.0958 0x0f58 [ 81B5E63131090879AD6EF9F32109B88D, 581680BFE9B2BACBD5E55D807EFB17C69488AE3F5C61358B0955E1494FD3514E ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
17:51:38.0959 0x0f58 pccsmcfd - ok
17:51:39.0013 0x0f58 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
17:51:39.0017 0x0f58 pci - ok
17:51:39.0042 0x0f58 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
17:51:39.0043 0x0f58 pciide - ok
17:51:39.0064 0x0f58 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
17:51:39.0069 0x0f58 pcmcia - ok
17:51:39.0084 0x0f58 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
17:51:39.0086 0x0f58 pcw - ok
17:51:39.0115 0x0f58 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:51:39.0132 0x0f58 PEAUTH - ok
17:51:39.0240 0x0f58 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:51:39.0242 0x0f58 PerfHost - ok
17:51:39.0330 0x0f58 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
17:51:39.0361 0x0f58 pla - ok
17:51:39.0407 0x0f58 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:51:39.0416 0x0f58 PlugPlay - ok
17:51:39.0437 0x0f58 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:51:39.0439 0x0f58 PNRPAutoReg - ok
17:51:39.0461 0x0f58 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:51:39.0468 0x0f58 PNRPsvc - ok
17:51:39.0498 0x0f58 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:51:39.0509 0x0f58 PolicyAgent - ok
17:51:39.0548 0x0f58 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
17:51:39.0552 0x0f58 Power - ok
17:51:39.0588 0x0f58 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:51:39.0591 0x0f58 PptpMiniport - ok
17:51:39.0632 0x0f58 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
17:51:39.0633 0x0f58 Processor - ok
17:51:39.0678 0x0f58 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
17:51:39.0689 0x0f58 ProfSvc - ok
17:51:39.0716 0x0f58 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] ProtectedStorage C:\Windows\system32\lsass.exe
17:51:39.0718 0x0f58 ProtectedStorage - ok
17:51:39.0769 0x0f58 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:51:39.0775 0x0f58 Psched - ok
17:51:39.0866 0x0f58 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
17:51:39.0902 0x0f58 ql2300 - ok
17:51:39.0941 0x0f58 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
17:51:39.0947 0x0f58 ql40xx - ok
17:51:39.0982 0x0f58 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
17:51:39.0993 0x0f58 QWAVE - ok
17:51:40.0011 0x0f58 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:51:40.0012 0x0f58 QWAVEdrv - ok
17:51:40.0027 0x0f58 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:51:40.0028 0x0f58 RasAcd - ok
17:51:40.0054 0x0f58 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:51:40.0055 0x0f58 RasAgileVpn - ok
17:51:40.0073 0x0f58 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
17:51:40.0076 0x0f58 RasAuto - ok
17:51:40.0106 0x0f58 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:51:40.0109 0x0f58 Rasl2tp - ok
17:51:40.0153 0x0f58 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
17:51:40.0170 0x0f58 RasMan - ok
17:51:40.0188 0x0f58 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:51:40.0191 0x0f58 RasPppoe - ok
17:51:40.0200 0x0f58 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:51:40.0202 0x0f58 RasSstp - ok
17:51:40.0220 0x0f58 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:51:40.0227 0x0f58 rdbss - ok
17:51:40.0257 0x0f58 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
17:51:40.0258 0x0f58 rdpbus - ok
17:51:40.0269 0x0f58 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:51:40.0270 0x0f58 RDPCDD - ok
17:51:40.0277 0x0f58 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:51:40.0278 0x0f58 RDPENCDD - ok
17:51:40.0291 0x0f58 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:51:40.0292 0x0f58 RDPREFMP - ok
17:51:40.0338 0x0f58 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:51:40.0348 0x0f58 RDPWD - ok
17:51:40.0388 0x0f58 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:51:40.0398 0x0f58 rdyboost - ok
17:51:40.0430 0x0f58 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:51:40.0437 0x0f58 RemoteRegistry - ok
17:51:40.0502 0x0f58 [ 498EB62A160674E793FA40FD65390625, F7EFD480E6C95F5B6202EEB87F519A8A8187F7F26281FB3E302EDD1AD5771025 ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
17:51:40.0512 0x0f58 RichVideo - ok
17:51:40.0533 0x0f58 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:51:40.0537 0x0f58 RpcEptMapper - ok
17:51:40.0573 0x0f58 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
17:51:40.0575 0x0f58 RpcLocator - ok
17:51:40.0659 0x0f58 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\System32\rpcss.dll
17:51:40.0671 0x0f58 RpcSs - ok
17:51:40.0702 0x0f58 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:51:40.0704 0x0f58 rspndr - ok
17:51:40.0747 0x0f58 [ 5B04929EF24F87E239B880FAAE410E3A, 9159BBE85BE13AC7BD90A4B5F2BF591FED5C895E36BC65BE695FA146582EF8A8 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
17:51:40.0753 0x0f58 RTL8167 - ok
17:51:40.0766 0x0f58 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] SamSs C:\Windows\system32\lsass.exe
17:51:40.0768 0x0f58 SamSs - ok
17:51:40.0793 0x0f58 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:51:40.0796 0x0f58 sbp2port - ok
17:51:40.0842 0x0f58 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:51:40.0852 0x0f58 SCardSvr - ok
17:51:40.0891 0x0f58 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:51:40.0893 0x0f58 scfilter - ok
17:51:40.0939 0x0f58 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
17:51:40.0963 0x0f58 Schedule - ok
17:51:40.0996 0x0f58 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
17:51:40.0998 0x0f58 SCPolicySvc - ok
17:51:41.0024 0x0f58 [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus C:\Windows\system32\drivers\sdbus.sys
17:51:41.0027 0x0f58 sdbus - ok
17:51:41.0055 0x0f58 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:51:41.0060 0x0f58 SDRSVC - ok
17:51:41.0230 0x0f58 [ 98EF79CC2B07398AC525F9EA1AE0366F, D0D5D69696ED339F363024AF3271867F4C55572C67FD0F2AA27D24B37982E39A ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
17:51:41.0311 0x0f58 SDScannerService - ok
17:51:41.0424 0x0f58 [ 14BF6B3AB327D519ED007CDDC56F6900, 4E5DC4AF45347C885E0E87F205EE1F95BB4713A0B581CD7317FBEEE2A9628982 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
17:51:41.0448 0x0f58 SDUpdateService - ok
17:51:41.0482 0x0f58 [ 820EBE67AB99F033FDE25B2692157991, A9E86FE6EFD3CFD4EA1A26121C706335A6791CC6F81EE98AE2BE7EA566ECFEBB ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
17:51:41.0486 0x0f58 SDWSCService - ok
17:51:41.0514 0x0f58 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:51:41.0515 0x0f58 secdrv - ok
17:51:41.0549 0x0f58 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
17:51:41.0551 0x0f58 seclogon - ok
17:51:41.0586 0x0f58 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\system32\sens.dll
17:51:41.0590 0x0f58 SENS - ok
17:51:41.0623 0x0f58 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:51:41.0626 0x0f58 SensrSvc - ok
17:51:41.0651 0x0f58 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
17:51:41.0652 0x0f58 Serenum - ok
17:51:41.0673 0x0f58 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
17:51:41.0677 0x0f58 Serial - ok
17:51:41.0710 0x0f58 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
17:51:41.0712 0x0f58 sermouse - ok
17:51:41.0773 0x0f58 [ 9D38320BB32230349379DF5DDBBF7FCE, 8AAA8B0B60E65F596C3276DCCD0D8146B40172B6D509B597EDFDA46AC8A72A4C ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
17:51:41.0782 0x0f58 ServiceLayer - ok
17:51:41.0832 0x0f58 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
17:51:41.0840 0x0f58 SessionEnv - ok
17:51:41.0868 0x0f58 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:51:41.0869 0x0f58 sffdisk - ok
17:51:41.0883 0x0f58 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:51:41.0884 0x0f58 sffp_mmc - ok
17:51:41.0893 0x0f58 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:51:41.0894 0x0f58 sffp_sd - ok
17:51:41.0915 0x0f58 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
17:51:41.0916 0x0f58 sfloppy - ok
17:51:41.0949 0x0f58 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:51:41.0957 0x0f58 SharedAccess - ok
17:51:41.0982 0x0f58 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:51:41.0991 0x0f58 ShellHWDetection - ok
17:51:42.0018 0x0f58 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:51:42.0020 0x0f58 SiSRaid2 - ok
17:51:42.0043 0x0f58 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
17:51:42.0045 0x0f58 SiSRaid4 - ok
17:51:42.0071 0x0f58 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:51:42.0073 0x0f58 Smb - ok
17:51:42.0096 0x0f58 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:51:42.0098 0x0f58 SNMPTRAP - ok
17:51:42.0106 0x0f58 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
17:51:42.0107 0x0f58 spldr - ok
17:51:42.0151 0x0f58 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
17:51:42.0164 0x0f58 Spooler - ok
17:51:42.0310 0x0f58 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
17:51:42.0381 0x0f58 sppsvc - ok
17:51:42.0412 0x0f58 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:51:42.0415 0x0f58 sppuinotify - ok
17:51:42.0455 0x0f58 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
17:51:42.0464 0x0f58 srv - ok
17:51:42.0484 0x0f58 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:51:42.0493 0x0f58 srv2 - ok
17:51:42.0530 0x0f58 [ 0C4540311E11664B245A263E1154CEF8, 63376322BFFAFF2F166AF3FDD3F1A346C21FAE21F406F659F8630779D1D6525D ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
17:51:42.0537 0x0f58 SrvHsfHDA - ok
17:51:42.0597 0x0f58 [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11688F4252F4B89E ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
17:51:42.0627 0x0f58 SrvHsfV92 - ok
17:51:42.0669 0x0f58 [ 18E40C245DBFAF36FD0134A7EF2DF396, 0138A68958112101A5D3BD94114F320CE80B0C9A93E009AC78DE7415FCCC7DE7 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
17:51:42.0684 0x0f58 SrvHsfWinac - ok
17:51:42.0721 0x0f58 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:51:42.0725 0x0f58 srvnet - ok
17:51:42.0757 0x0f58 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:51:42.0762 0x0f58 SSDPSRV - ok
17:51:42.0770 0x0f58 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:51:42.0773 0x0f58 SstpSvc - ok
17:51:42.0875 0x0f58 [ 7595D53EE8E8B0BAA9A2DDDE867EBB0C, 8EBBFA456D93E63AF9D64CC95A58651E2C1B1398B6052C0E65D3005AD5AC8CB5 ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe
17:51:42.0884 0x0f58 STacSV - ok
17:51:42.0913 0x0f58 Steam Client Service - ok
17:51:42.0939 0x0f58 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
17:51:42.0940 0x0f58 stexstor - ok
17:51:42.0985 0x0f58 [ DFFBC024DFC7BB05B2129E05CBC7A201, CA07944B864D7F3DA673040CF6314FECCAF80B8EADAF648392AE79697DAC15B4 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
17:51:42.0996 0x0f58 STHDA - ok
17:51:43.0043 0x0f58 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
17:51:43.0056 0x0f58 stisvc - ok
17:51:43.0086 0x0f58 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
17:51:43.0087 0x0f58 swenum - ok
17:51:43.0120 0x0f58 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
17:51:43.0132 0x0f58 swprv - ok
17:51:43.0186 0x0f58 [ 3A706A967295E16511E40842B1A2761D, 593C53373AB6026DA80168CA8F636A67F831D4A07F6B8B601E17C486A22CA25C ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
17:51:43.0200 0x0f58 SynTP - ok
17:51:43.0295 0x0f58 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
17:51:43.0333 0x0f58 SysMain - ok
17:51:43.0367 0x0f58 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:51:43.0371 0x0f58 TabletInputService - ok
17:51:43.0394 0x0f58 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
17:51:43.0401 0x0f58 TapiSrv - ok
17:51:43.0435 0x0f58 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
17:51:43.0438 0x0f58 TBS - ok
17:51:43.0535 0x0f58 [ DB74544B75566C974815E79A62433F29, 035EBF70FDA28CF2B6C1FD7EE0ED703DB4B647064B5DBA6E258878A19B1BCCA4 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:51:43.0574 0x0f58 Tcpip - ok
17:51:43.0631 0x0f58 [ DB74544B75566C974815E79A62433F29, 035EBF70FDA28CF2B6C1FD7EE0ED703DB4B647064B5DBA6E258878A19B1BCCA4 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:51:43.0669 0x0f58 TCPIP6 - ok
17:51:43.0706 0x0f58 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:51:43.0707 0x0f58 tcpipreg - ok
17:51:43.0731 0x0f58 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:51:43.0731 0x0f58 TDPIPE - ok
17:51:43.0757 0x0f58 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:51:43.0758 0x0f58 TDTCP - ok
17:51:43.0785 0x0f58 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:51:43.0788 0x0f58 tdx - ok
17:51:43.0822 0x0f58 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
17:51:43.0823 0x0f58 TermDD - ok
17:51:43.0870 0x0f58 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
17:51:43.0885 0x0f58 TermService - ok
17:51:43.0890 0x0f58 TFsExDisk - ok
17:51:43.0920 0x0f58 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
17:51:43.0922 0x0f58 Themes - ok
17:51:43.0950 0x0f58 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
17:51:43.0953 0x0f58 THREADORDER - ok
17:51:43.0965 0x0f58 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
17:51:43.0968 0x0f58 TrkWks - ok
17:51:44.0023 0x0f58 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:51:44.0032 0x0f58 TrustedInstaller - ok
17:51:44.0060 0x0f58 [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:51:44.0062 0x0f58 tssecsrv - ok
17:51:44.0092 0x0f58 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
17:51:44.0094 0x0f58 TsUsbFlt - ok
17:51:44.0126 0x0f58 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:51:44.0129 0x0f58 tunnel - ok
17:51:44.0155 0x0f58 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
17:51:44.0157 0x0f58 uagp35 - ok
17:51:44.0183 0x0f58 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:51:44.0191 0x0f58 udfs - ok
17:51:44.0221 0x0f58 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:51:44.0223 0x0f58 UI0Detect - ok
17:51:44.0269 0x0f58 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:51:44.0272 0x0f58 uliagpkx - ok
17:51:44.0297 0x0f58 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
17:51:44.0299 0x0f58 umbus - ok
17:51:44.0324 0x0f58 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
17:51:44.0325 0x0f58 UmPass - ok
17:51:44.0354 0x0f58 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
17:51:44.0368 0x0f58 upnphost - ok
17:51:44.0384 0x0f58 [ 6F1A3157A1C89435352CEB543CDB359C, 325B46220779C5FE3B6F19FF794474837FAB9675D9C98ACB68CCE47B1CFE5F12 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:51:44.0387 0x0f58 usbccgp - ok
17:51:44.0409 0x0f58 [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:51:44.0411 0x0f58 usbcir - ok
17:51:44.0428 0x0f58 [ C025055FE7B87701EB042095DF1A2D7B, D7B34B6C2C5BD3C8141895AC21BB637EA5E3C4F7A85EEF4C4C36E6BB2045A3D9 ] usbehci C:\Windows\system32\drivers\usbehci.sys
17:51:44.0429 0x0f58 usbehci - ok
17:51:44.0453 0x0f58 [ 287C6C9410B111B68B52CA298F7B8C24, 98900C08FE662A00DF8B37837B2BEBF9ACB7989C387AF36B2109B05A4F462D4E ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:51:44.0461 0x0f58 usbhub - ok
17:51:44.0477 0x0f58 [ 9840FC418B4CBD632D3D0A667A725C31, 776D86A032DCA2842EF7AADB35473193CA80547223EFAA7F110F296C377077B0 ] usbohci C:\Windows\system32\drivers\usbohci.sys
17:51:44.0478 0x0f58 usbohci - ok
17:51:44.0501 0x0f58 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:51:44.0501 0x0f58 usbprint - ok
17:51:44.0520 0x0f58 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
17:51:44.0522 0x0f58 USBSTOR - ok
17:51:44.0535 0x0f58 [ 62069A34518BCF9C1FD9E74B3F6DB7CD, C58E21424718729324B285BEE1C96551540FCC3FD650B2D10895EBA48D981E25 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
17:51:44.0536 0x0f58 usbuhci - ok
17:51:44.0557 0x0f58 [ 454800C2BC7F3927CE030141EE4F4C50, 10901E62DAA70657C499AD590DECCCA6E46FDDF4A193B2F19279E1B8ED7B1E44 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
17:51:44.0561 0x0f58 usbvideo - ok
17:51:44.0589 0x0f58 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
17:51:44.0591 0x0f58 UxSms - ok
17:51:44.0599 0x0f58 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] VaultSvc C:\Windows\system32\lsass.exe
17:51:44.0601 0x0f58 VaultSvc - ok
17:51:44.0631 0x0f58 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
17:51:44.0632 0x0f58 vdrvroot - ok
17:51:44.0673 0x0f58 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
17:51:44.0685 0x0f58 vds - ok
17:51:44.0716 0x0f58 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:51:44.0717 0x0f58 vga - ok
17:51:44.0729 0x0f58 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
17:51:44.0730 0x0f58 VgaSave - ok
17:51:44.0750 0x0f58 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
17:51:44.0755 0x0f58 vhdmp - ok
17:51:44.0780 0x0f58 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
17:51:44.0781 0x0f58 viaide - ok
17:51:44.0790 0x0f58 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:51:44.0791 0x0f58 volmgr - ok
17:51:44.0829 0x0f58 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:51:44.0837 0x0f58 volmgrx - ok
17:51:44.0878 0x0f58 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:51:44.0884 0x0f58 volsnap - ok
17:51:44.0947 0x0f58 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
17:51:44.0954 0x0f58 vsmraid - ok
17:51:45.0053 0x0f58 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
17:51:45.0087 0x0f58 VSS - ok
17:51:45.0143 0x0f58 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
17:51:45.0145 0x0f58 vwifibus - ok
17:51:45.0184 0x0f58 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
17:51:45.0187 0x0f58 vwififlt - ok
17:51:45.0229 0x0f58 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
17:51:45.0246 0x0f58 W32Time - ok
17:51:45.0257 0x0f58 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
17:51:45.0258 0x0f58 WacomPen - ok
17:51:45.0290 0x0f58 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:51:45.0292 0x0f58 WANARP - ok
17:51:45.0297 0x0f58 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:51:45.0300 0x0f58 Wanarpv6 - ok
17:51:45.0384 0x0f58 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
17:51:45.0411 0x0f58 WatAdminSvc - ok
17:51:45.0503 0x0f58 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
17:51:45.0537 0x0f58 wbengine - ok
17:51:45.0568 0x0f58 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:51:45.0573 0x0f58 WbioSrvc - ok
17:51:45.0610 0x0f58 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:51:45.0619 0x0f58 wcncsvc - ok
17:51:45.0634 0x0f58 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:51:45.0636 0x0f58 WcsPlugInService - ok
17:51:45.0654 0x0f58 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
17:51:45.0655 0x0f58 Wd - ok
17:51:45.0704 0x0f58 [ 442783E2CB0DA19873B7A63833FF4CB4, 09254970265476214F3187CC22A4F9C7C2769D419600E83FBE302C3A103E527F ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:51:45.0720 0x0f58 Wdf01000 - ok
17:51:45.0731 0x0f58 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:51:45.0735 0x0f58 WdiServiceHost - ok
17:51:45.0740 0x0f58 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:51:45.0743 0x0f58 WdiSystemHost - ok
17:51:45.0780 0x0f58 [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient C:\Windows\System32\webclnt.dll
17:51:45.0787 0x0f58 WebClient - ok
17:51:45.0827 0x0f58 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:51:45.0834 0x0f58 Wecsvc - ok
17:51:45.0863 0x0f58 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:51:45.0866 0x0f58 wercplsupport - ok
17:51:45.0886 0x0f58 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
17:51:45.0889 0x0f58 WerSvc - ok
17:51:45.0915 0x0f58 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:51:45.0916 0x0f58 WfpLwf - ok
17:51:45.0930 0x0f58 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:51:45.0931 0x0f58 WIMMount - ok
17:51:45.0945 0x0f58 WinDefend - ok
17:51:45.0951 0x0f58 WinHttpAutoProxySvc - ok
17:51:46.0008 0x0f58 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:51:46.0019 0x0f58 Winmgmt - ok
17:51:46.0136 0x0f58 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
17:51:46.0178 0x0f58 WinRM - ok
17:51:46.0209 0x0f58 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\drivers\WinUsb.sys
17:51:46.0210 0x0f58 WinUsb - ok
17:51:46.0262 0x0f58 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
17:51:46.0282 0x0f58 Wlansvc - ok
17:51:46.0314 0x0f58 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
17:51:46.0315 0x0f58 WmiAcpi - ok
17:51:46.0343 0x0f58 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:51:46.0347 0x0f58 wmiApSrv - ok
17:51:46.0364 0x0f58 WMPNetworkSvc - ok
17:51:46.0379 0x0f58 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:51:46.0381 0x0f58 WPCSvc - ok
17:51:46.0417 0x0f58 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:51:46.0421 0x0f58 WPDBusEnum - ok
17:51:46.0451 0x0f58 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:51:46.0452 0x0f58 ws2ifsl - ok
17:51:46.0483 0x0f58 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\system32\wscsvc.dll
17:51:46.0487 0x0f58 wscsvc - ok
17:51:46.0490 0x0f58 WSearch - ok
17:51:46.0594 0x0f58 [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
17:51:46.0645 0x0f58 wuauserv - ok
17:51:46.0674 0x0f58 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:51:46.0676 0x0f58 WudfPf - ok
17:51:46.0694 0x0f58 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\drivers\WUDFRd.sys
17:51:46.0698 0x0f58 WUDFRd - ok
17:51:46.0723 0x0f58 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:51:46.0727 0x0f58 wudfsvc - ok
17:51:46.0763 0x0f58 [ FE90B750AB808FB9DD8FBB428B5FF83B, 3F8F592EC813BE292D305A87C5BA852F8BC3D7CE610612D9871F209A17326AA8 ] WwanSvc C:\Windows\System32\wwansvc.dll
17:51:46.0769 0x0f58 WwanSvc - ok
17:51:46.0820 0x0f58 [ B3EEACF62445E24FBB2CD4B0FB4DB026, 2E5B6220094C47754233EDA59E6514CE47AC6C6879F367C72B2C02330EABE8E0 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
17:51:46.0837 0x0f58 yukonw7 - ok
17:51:46.0842 0x0f58 ================ Scan global ===============================
17:51:46.0871 0x0f58 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
17:51:46.0914 0x0f58 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
17:51:46.0927 0x0f58 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
17:51:46.0949 0x0f58 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
17:51:46.0983 0x0f58 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
17:51:46.0991 0x0f58 [ Global ] - ok
17:51:46.0991 0x0f58 ================ Scan MBR ==================================
17:51:47.0001 0x0f58 [ A7E7BE339D9C58830FF6977CC431A93B ] \Device\Harddisk0\DR0
17:51:47.0304 0x0f58 \Device\Harddisk0\DR0 - ok
17:51:47.0304 0x0f58 ================ Scan VBR ==================================
17:51:47.0308 0x0f58 [ 80E5B6E1006F0F5E2B295D0B7DA9FCAF ] \Device\Harddisk0\DR0\Partition1
17:51:47.0310 0x0f58 \Device\Harddisk0\DR0\Partition1 - ok
17:51:47.0341 0x0f58 [ 0D3EC40A050C6A9398A9F57B97287594 ] \Device\Harddisk0\DR0\Partition2
17:51:47.0343 0x0f58 \Device\Harddisk0\DR0\Partition2 - ok
17:51:47.0370 0x0f58 [ 189198D8D7B9418CFEA6674273890776 ] \Device\Harddisk0\DR0\Partition3
17:51:47.0372 0x0f58 \Device\Harddisk0\DR0\Partition3 - ok
17:51:47.0389 0x0f58 [ BB3597AD0364199CFBE1A72A4E2D5146 ] \Device\Harddisk0\DR0\Partition4
17:51:47.0390 0x0f58 \Device\Harddisk0\DR0\Partition4 - ok
17:51:47.0404 0x0f58 Win FW state via NFP2: enabled
17:51:49.0898 0x0f58 ============================================================
17:51:49.0898 0x0f58 Scan finished
17:51:49.0898 0x0f58 ============================================================
17:51:49.0907 0x113c Detected object count: 0
17:51:49.0907 0x113c Actual detected object count: 0
17:52:24.0885 0x168c Deinitialize success
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
