Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
dllhost.exe com surrogate issue
Message
<blockquote data-quote="scottynola" data-source="post: 286260" data-attributes="member: 29718"><p>First off thanks for offering to help me with this issue. Also, to apologize for not uploading simple text files of the requested logfiles, when I tried to upload them as .txt files I couldn't get the upload to run so I am cutting and pasting them as plain text. One other note, I started having the issue yesterday, I also did a Java update yesterday, I have since deleted Java and uploaded the most recent version (version 8 update 25). I have not had a new occurrence of the issue since I did that (right before I ran the 2 programs you recommended which involved restarts so not sure if this is coincidental or not).</p><p></p><p></p><p></p><p><strong>ComboFix LogFile</strong></p><p></p><p></p><p></p><p>ComboFix 14-10-27.01 - user 10/28/2014 4:51.1.8 - x64</p><p>Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.16301.13294 [GMT -5:00]</p><p>Running from: c:\users\user\Downloads\ComboFix.exe</p><p>AV: AVG AntiVirus Free Edition 2015 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}</p><p>SP: AVG AntiVirus Free Edition 2015 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}</p><p>SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}</p><p>.</p><p>.</p><p>((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))</p><p>.</p><p>.</p><p>c:\programdata\pmt_0piot.pad</p><p>c:\programdata\ras_0oed.pad</p><p>c:\windows\SysWow64\~GLH00c4.TMP</p><p>c:\windows\SysWow64\Cache</p><p>c:\windows\SysWow64\Cache\075884af680ff6dc.fb</p><p>c:\windows\SysWow64\Cache\0c8c64a3cdcdeed2.fb</p><p>c:\windows\SysWow64\Cache\1249cb9530315a49.fb</p><p>c:\windows\SysWow64\Cache\227113dfa1ca894d.fb</p><p>c:\windows\SysWow64\Cache\26c630d098e22dd5.fb</p><p>c:\windows\SysWow64\Cache\272512937d9e61a4.fb</p><p>c:\windows\SysWow64\Cache\27ca4ee8ba7a1d1c.fb</p><p>c:\windows\SysWow64\Cache\287204568329e189.fb</p><p>c:\windows\SysWow64\Cache\28bc8f716fd76a47.fb</p><p>c:\windows\SysWow64\Cache\2cc6a8fb60e97331.fb</p><p>c:\windows\SysWow64\Cache\31a0997e9a5b5eb3.fb</p><p>c:\windows\SysWow64\Cache\32c84fe32bb74d60.fb</p><p>c:\windows\SysWow64\Cache\3917078cb68ec657.fb</p><p>c:\windows\SysWow64\Cache\49fbbc5a8678d502.fb</p><p>c:\windows\SysWow64\Cache\501d3325cef2edec.fb</p><p>c:\windows\SysWow64\Cache\51445ca5df18def4.fb</p><p>c:\windows\SysWow64\Cache\56c0cd2ba685a591.fb</p><p>c:\windows\SysWow64\Cache\590ba23ce359fd0c.fb</p><p>c:\windows\SysWow64\Cache\5c54eb1a1655b076.fb</p><p>c:\windows\SysWow64\Cache\610289e025a3ee9a.fb</p><p>c:\windows\SysWow64\Cache\613e8ce7ab7106af.fb</p><p>c:\windows\SysWow64\Cache\633a76311867bd11.fb</p><p>c:\windows\SysWow64\Cache\651c5d3cdbfb8bd1.fb</p><p>c:\windows\SysWow64\Cache\691f14230153a9e1.fb</p><p>c:\windows\SysWow64\Cache\696eb444553d1ff0.fb</p><p>c:\windows\SysWow64\Cache\6c59ac5e7e7a3ad0.fb</p><p>c:\windows\SysWow64\Cache\6cb409d7ac73d9f1.fb</p><p>c:\windows\SysWow64\Cache\6d03dad1035885d3.fb</p><p>c:\windows\SysWow64\Cache\7614bd6cfa99e546.fb</p><p>c:\windows\SysWow64\Cache\77664b6ccc36be9f.fb</p><p>c:\windows\SysWow64\Cache\881b3593316772f0.fb</p><p>c:\windows\SysWow64\Cache\95f567698be8a182.fb</p><p>c:\windows\SysWow64\Cache\98657d0579ae1930.fb</p><p>c:\windows\SysWow64\Cache\a8556537add6dfc5.fb</p><p>c:\windows\SysWow64\Cache\ad10a52aff5e038d.fb</p><p>c:\windows\SysWow64\Cache\aea1ededcf0893cd.fb</p><p>c:\windows\SysWow64\Cache\b5f8457e8c5e0ab8.fb</p><p>c:\windows\SysWow64\Cache\bebb5f430e011300.fb</p><p>c:\windows\SysWow64\Cache\c1fa887b03019701.fb</p><p>c:\windows\SysWow64\Cache\c4d28dca2e7648be.fb</p><p>c:\windows\SysWow64\Cache\c65a30e694aa648a.fb</p><p>c:\windows\SysWow64\Cache\d201ef9910cd39de.fb</p><p>c:\windows\SysWow64\Cache\d2e94710a5708128.fb</p><p>c:\windows\SysWow64\Cache\d5c0f4e7bbe35bf3.fb</p><p>c:\windows\SysWow64\Cache\d79b9dfe81484ec4.fb</p><p>c:\windows\SysWow64\Cache\d9ca663388d21ec0.fb</p><p>c:\windows\SysWow64\Cache\da2504bea2368c47.fb</p><p>c:\windows\SysWow64\Cache\f2cda51fd108941f.fb</p><p>c:\windows\SysWow64\Cache\f310145ea8fdd46f.fb</p><p>c:\windows\SysWow64\Cache\f34d8db84131d925.fb</p><p>c:\windows\SysWow64\Cache\f5f168a258f8f421.fb</p><p>c:\windows\SysWow64\Cache\f998975c9cc711ee.fb</p><p>c:\windows\SysWow64\Cache\fe4c684a03929bd1.fb</p><p>.</p><p>.</p><p>CLSID={AB8902B4-09CA-4bb6-B78D-A8F59079A8D5} - infected with Poweliks and removed.</p><p>You should verify if current CLSID data is correct:</p><p>.</p><p>HKEY_CLASSES_ROOT\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}</p><p> (Default) REG_SZ Thumbnail Cache Class Factory for Out of Proc Server</p><p> AppID REG_SZ {AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}</p><p>.</p><p>HKEY_CLASSES_ROOT\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\InprocServer32</p><p> (Default) REG_SZ c:\windows\system32\thumbcache.dll</p><p> ThreadingModel REG_SZ Apartment</p><p>.</p><p>.</p><p>((((((((((((((((((((((((( Files Created from 2014-09-28 to 2014-10-28 )))))))))))))))))))))))))))))))</p><p>.</p><p>.</p><p>2014-10-28 10:16 . 2014-10-28 10:16 -------- d-----w- c:\users\hedev\AppData\Local\temp</p><p>2014-10-28 10:16 . 2014-10-28 10:16 -------- d-----w- c:\users\DefaultAppPool\AppData\Local\temp</p><p>2014-10-28 10:16 . 2014-10-28 10:16 -------- d-----w- c:\users\Default\AppData\Local\temp</p><p>2014-10-28 10:16 . 2014-10-28 10:16 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp</p><p>2014-10-28 09:28 . 2014-10-28 09:28 -------- d-----w- c:\program files (x86)\Common Files\Java</p><p>2014-10-28 09:25 . 2014-10-28 09:25 -------- d-----w- c:\users\user\AppData\Roaming\Oracle</p><p>2014-10-28 09:22 . 2014-10-28 09:28 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll</p><p>2014-10-28 04:01 . 2014-10-28 04:08 -------- d-----w- C:\FRST</p><p>2014-10-28 02:53 . 2014-10-28 02:53 -------- d-----w- c:\users\user\AppData\Roaming\ParetoLogic</p><p>2014-10-28 02:53 . 2014-10-28 02:53 -------- d-----w- c:\users\user\AppData\Roaming\DriverCure</p><p>2014-10-28 02:53 . 2014-10-28 03:01 -------- d-----w- c:\programdata\ParetoLogic</p><p>2014-10-28 00:31 . 2014-10-28 01:55 -------- d-----w- C:\AdwCleaner</p><p>2014-10-28 00:31 . 2014-10-28 00:31 -------- d-----w- c:\users\user\AppData\Roaming\AVG2015</p><p>2014-10-28 00:25 . 2014-10-28 01:58 -------- d-----w- c:\programdata\AVG2015</p><p>2014-10-28 00:25 . 2014-10-28 00:33 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\Avg2015</p><p>2014-10-28 00:21 . 2014-10-28 03:12 -------- d-----w- c:\users\user\AppData\Local\Avg2015</p><p>2014-10-15 06:05 . 2014-08-19 03:08 503808 ----a-w- c:\windows\system32\srcore.dll</p><p>2014-10-15 06:04 . 2014-09-05 01:52 5703168 ----a-w- c:\windows\SysWow64\mstscax.dll</p><p>2014-10-15 06:04 . 2014-09-13 01:58 77312 ----a-w- c:\windows\system32\packager.dll</p><p>2014-10-15 06:04 . 2014-09-13 01:40 67072 ----a-w- c:\windows\SysWow64\packager.dll</p><p>2014-10-01 01:31 . 2014-09-25 02:08 371712 ----a-w- c:\windows\system32\qdvd.dll</p><p>2014-10-01 01:31 . 2014-09-25 01:40 519680 ----a-w- c:\windows\SysWow64\qdvd.dll</p><p>.</p><p>.</p><p>.</p><p>(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))</p><p>.</p><p>2014-10-28 00:04 . 2012-04-10 17:25 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe</p><p>2014-10-28 00:04 . 2012-03-11 08:29 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl</p><p>2014-10-27 23:30 . 2014-07-01 16:41 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys</p><p>2014-10-27 03:43 . 2012-08-05 18:00 43520 ----a-w- c:\windows\SysWow64\CmdLineExt03.dll</p><p>2014-10-15 08:01 . 2012-09-14 04:35 103265616 ----a-w- c:\windows\system32\MRT.exe</p><p>2014-10-01 16:11 . 2014-07-01 16:41 63704 ----a-w- c:\windows\system32\drivers\mwac.sys</p><p>2014-10-01 16:11 . 2014-07-01 16:41 93400 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys</p><p>2014-10-01 16:11 . 2013-04-13 19:38 25816 ----a-w- c:\windows\system32\drivers\mbam.sys</p><p>2014-09-09 22:11 . 2014-09-24 03:15 2048 ----a-w- c:\windows\system32\tzres.dll</p><p>2014-09-09 21:47 . 2014-09-24 03:15 2048 ----a-w- c:\windows\SysWow64\tzres.dll</p><p>2014-08-23 02:07 . 2014-08-28 10:59 404480 ----a-w- c:\windows\system32\gdi32.dll</p><p>2014-08-23 01:45 . 2014-08-28 10:59 311808 ----a-w- c:\windows\SysWow64\gdi32.dll</p><p>2014-08-21 02:45 . 2014-08-21 02:45 243480 ----a-w- c:\windows\system32\drivers\avgldx64.sys</p><p>2014-08-07 02:39 . 2014-08-07 02:39 123672 ----a-w- c:\windows\system32\drivers\avgmfx64.sys</p><p>2014-08-01 11:53 . 2014-09-12 02:52 1031168 ----a-w- c:\windows\system32\TSWorkspace.dll</p><p>2014-08-01 11:35 . 2014-09-12 02:52 793600 ----a-w- c:\windows\SysWow64\TSWorkspace.dll</p><p>2014-07-31 20:55 . 2014-08-25 14:58 29288 ----a-w- c:\windows\system32\drivers\WsAudioDevice_383S(1).sys</p><p>.</p><p>.</p><p>((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))</p><p>.</p><p>.</p><p>*Note* empty entries & legit default entries are not shown</p><p>REGEDIT4</p><p>.</p><p>[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]</p><p>"Messenger (Yahoo!)"="c:\progra~2\Yahoo!\Messenger\YahooMessenger.exe" [2012-02-23 6591800]</p><p>.</p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]</p><p>"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176]</p><p>"RIMBBLaunchAgent.exe"="c:\program files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2011-11-02 90448]</p><p>"AVG_UI"="c:\program files (x86)\AVG\AVG2015\avgui.exe" [2014-09-05 3593744]</p><p>"vProt"="c:\program files (x86)\AVG Web TuneUp\vprot.exe" [2014-09-04 2575896]</p><p>"Wondershare Helper Compact.exe"="c:\program files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe" [2012-02-28 1679360]</p><p>"DelaypluginInstall"="c:\programdata\Wondershare\Player\DelayPluginI.exe" [2013-09-28 1960008]</p><p>"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-01-21 91520]</p><p>"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-10-07 507776]</p><p>.</p><p>c:\users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\</p><p>Dropbox.lnk - c:\users\user\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-9-20 36414624]</p><p>Intel Diagnostics.lnk - c:\windows\system32\rundll32.exe "c:\programdata\Intel\diagagnt.dll",#1 [2009-7-13 45568]</p><p>.</p><p>c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\</p><p>McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.150\SSScheduler.exe [2014-4-9 332016]</p><p>.</p><p>[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]</p><p>"ConsentPromptBehaviorAdmin"= 5 (0x5)</p><p>"ConsentPromptBehaviorUser"= 3 (0x3)</p><p>"EnableUIADesktopToggle"= 0 (0x0)</p><p>.</p><p>[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]</p><p>"LoadAppInit_DLLs"=1 (0x1)</p><p>"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll</p><p>.</p><p>2;2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]</p><p>R2 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [x]</p><p>R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]</p><p>R3 cpuz135;cpuz135;c:\windows\TEMP\cpuz135\cpuz135_x64.sys;c:\windows\TEMP\cpuz135\cpuz135_x64.sys [x]</p><p>R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]</p><p>R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]</p><p>R3 LVUVC64;Logitech Webcam C160(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]</p><p>R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.150\McCHSvc.exe;c:\program files\McAfee Security Scan\3.8.150\McCHSvc.exe [x]</p><p>R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]</p><p>R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]</p><p>R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]</p><p>R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]</p><p>R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]</p><p>S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]</p><p>S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]</p><p>S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]</p><p>S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]</p><p>S1 Avgdiska;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiska.sys;c:\windows\SYSNATIVE\DRIVERS\avgdiska.sys [x]</p><p>S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]</p><p>S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]</p><p>S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]</p><p>S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]</p><p>S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2015\avgidsagent.exe;c:\program files (x86)\AVG\AVG2015\avgidsagent.exe [x]</p><p>S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2015\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2015\avgwdsvc.exe [x]</p><p>S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [x]</p><p>S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]</p><p>S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]</p><p>S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [x]</p><p>S2 vToolbarUpdater3.1.0;vToolbarUpdater3.1.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.1.0\ToolbarUpdater.exe;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.1.0\ToolbarUpdater.exe [x]</p><p>S3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service;c:\program files\BitComet\tools\BitCometService.exe;c:\program files\BitComet\tools\BitCometService.exe [x]</p><p>S3 BthAvrcp;Bluetooth AVRCP Profile;c:\windows\system32\DRIVERS\BthAvrcp.sys;c:\windows\SYSNATIVE\DRIVERS\BthAvrcp.sys [x]</p><p>S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys;c:\windows\SYSNATIVE\Drivers\EtronHub3.sys [x]</p><p>S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys;c:\windows\SYSNATIVE\Drivers\EtronXHCI.sys [x]</p><p>S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]</p><p>S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]</p><p>S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]</p><p>S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]</p><p>S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]</p><p>S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]</p><p>S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]</p><p>S3 WsAudioDevice_383S(1);WsAudioDevice_383S(1);c:\windows\system32\drivers\WsAudioDevice_383S(1).sys;c:\windows\SYSNATIVE\drivers\WsAudioDevice_383S(1).sys [x]</p><p>.</p><p>.</p><p>--- Other Services/Drivers In Memory ---</p><p>.</p><p>*NewlyCreated* - 29713838</p><p>*Deregistered* - 29713838</p><p>.</p><p>[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]</p><p>iissvcs REG_MULTI_SZ w3svc was</p><p>apphost REG_MULTI_SZ apphostsvc</p><p>.</p><p>Contents of the 'Scheduled Tasks' folder</p><p>.</p><p>2014-10-28 c:\windows\Tasks\Adobe Flash Player Updater.job</p><p>- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-10 00:04]</p><p>.</p><p>.</p><p>--------- X64 Entries -----------</p><p>.</p><p>.</p><p>[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]</p><p>@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"</p><p>[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]</p><p>2014-08-17 04:10 164760 ----a-w- c:\users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll</p><p>.</p><p>[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]</p><p>@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"</p><p>[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]</p><p>2014-08-17 04:10 164760 ----a-w- c:\users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll</p><p>.</p><p>[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]</p><p>@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"</p><p>[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]</p><p>2014-08-17 04:10 164760 ----a-w- c:\users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll</p><p>.</p><p>[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]</p><p>@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"</p><p>[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]</p><p>2014-08-17 04:10 164760 ----a-w- c:\users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll</p><p>.</p><p>[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]</p><p>@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"</p><p>[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]</p><p>2014-08-17 04:10 164760 ----a-w- c:\users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll</p><p>.</p><p>[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]</p><p>@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"</p><p>[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]</p><p>2014-08-17 04:10 164760 ----a-w- c:\users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll</p><p>.</p><p>[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]</p><p>@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"</p><p>[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]</p><p>2014-08-17 04:10 164760 ----a-w- c:\users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll</p><p>.</p><p>[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]</p><p>@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"</p><p>[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]</p><p>2014-08-17 04:10 164760 ----a-w- c:\users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll</p><p>.</p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]</p><p>"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-06-07 11858536]</p><p>"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-03-21 1797064]</p><p>"IgfxTray"="c:\windows\system32\igfxtray.exe" [2014-01-30 171992]</p><p>"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2014-01-30 399832]</p><p>"Persistence"="c:\windows\system32\igfxpers.exe" [2014-01-30 442328]</p><p>.</p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]</p><p>"AppInit_DLLs"=c:\windows\System32\nvinitx.dll</p><p>.</p><p>------- Supplementary Scan -------</p><p>.</p><p>uLocal Page = c:\windows\system32\blank.htm</p><p>uStart Page = <a href="https://www.google.com/" target="_blank">https://www.google.com/</a></p><p>mLocal Page = c:\windows\SysWOW64\blank.htm</p><p>IE: E&xport to Microsoft Excel - c:\progra~2\MIF5BA~1\Office14\EXCEL.EXE/3000</p><p>IE: Se&nd to OneNote - c:\progra~2\MIF5BA~1\Office14\ONBttnIE.dll/105</p><p>Trusted Zone: com\*.Wondershare</p><p>TCP: DhcpNameServer = 68.105.28.12 68.105.29.12 68.105.28.11</p><p>Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\3.1.0\ViProtocol.dll</p><p>FF - ProfilePath - c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\pl9232es.default-1396708666426\</p><p>FF - prefs.js: browser.startup.homepage - hxxps://<a href="http://www.google.com/" target="_blank">www.google.com/</a></p><p>FF - prefs.js: keyword.URL -</p><p>.</p><p>- - - - ORPHANS REMOVED - - - -</p><p>.</p><p>BHO-{95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)</p><p>Toolbar-Locked - (no file)</p><p>Wow6432Node-HKCU-Run-ROC_ROC_APR2013_AV - c:\users\user\AppData\Roaming\AVG April 2013 Campaign\AVG-Secure-Search-Update.exe</p><p>Wow6432Node-HKCU-Run-AVG-Secure-Search-Update_0913a - c:\users\user\AppData\Roaming\AVG 0913a Campaign\AVG-Secure-Search-Update-0913a.exe</p><p>c:\users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Axis & Allies Registration.lnk - c:\users\user\AppData\Local\Temp\{2EA6149D-1277-4E67-88DA-BA7BDC9BAC7B}\{47836B39-2465-4F39-9D7E-52F70A1C3D72}\ATR1.EXE /remind /language=ENU /PRNM="Axis & Allies"/PRMP="AXIS"/SKUN="PCXX"/GTYP="STRY"</p><p>SafeBoot-29713838.sys</p><p>HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start</p><p>Toolbar-Locked - (no file)</p><p>AddRemove-00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1 - c:\program files (x86)\Advanced System Protector\unins000.exe</p><p>.</p><p>.</p><p>.</p><p>--------------------- LOCKED REGISTRY KEYS ---------------------</p><p>.</p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]</p><p>@Denied: (A 2) (Everyone)</p><p>@="FlashBroker"</p><p>"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_167_ActiveX.exe,-101"</p><p>.</p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]</p><p>"Enabled"=dword:00000001</p><p>.</p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]</p><p>@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_167_ActiveX.exe"</p><p>.</p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]</p><p>@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"</p><p>.</p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]</p><p>@Denied: (A 2) (Everyone)</p><p>@="IFlashBroker6"</p><p>.</p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]</p><p>@="{00020424-0000-0000-C000-000000000046}"</p><p>.</p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]</p><p>@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"</p><p>"Version"="1.0"</p><p>.</p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]</p><p>@Denied: (A 2) (Everyone)</p><p>@="FlashBroker"</p><p>"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_167_ActiveX.exe,-101"</p><p>.</p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]</p><p>"Enabled"=dword:00000001</p><p>.</p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]</p><p>@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_167_ActiveX.exe"</p><p>.</p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]</p><p>@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"</p><p>.</p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]</p><p>@Denied: (A 2) (Everyone)</p><p>@="Shockwave Flash Object"</p><p>.</p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]</p><p>@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx"</p><p>"ThreadingModel"="Apartment"</p><p>.</p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]</p><p>@="0"</p><p>.</p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]</p><p>@="ShockwaveFlash.ShockwaveFlash.15"</p><p>.</p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]</p><p>@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx, 1"</p><p>.</p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]</p><p>@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"</p><p>.</p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]</p><p>@="1.0"</p><p>.</p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]</p><p>@="ShockwaveFlash.ShockwaveFlash"</p><p>.</p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]</p><p>@Denied: (A 2) (Everyone)</p><p>@="Macromedia Flash Factory Object"</p><p>.</p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]</p><p>@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx"</p><p>"ThreadingModel"="Apartment"</p><p>.</p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]</p><p>@="FlashFactory.FlashFactory.1"</p><p>.</p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]</p><p>@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx, 1"</p><p>.</p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]</p><p>@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"</p><p>.</p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]</p><p>@="1.0"</p><p>.</p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]</p><p>@="FlashFactory.FlashFactory"</p><p>.</p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]</p><p>@Denied: (A 2) (Everyone)</p><p>@="IFlashBroker6"</p><p>.</p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]</p><p>@="{00020424-0000-0000-C000-000000000046}"</p><p>.</p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]</p><p>@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"</p><p>"Version"="1.0"</p><p>.</p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]</p><p>@Denied: (A) (Everyone)</p><p>"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"</p><p>.</p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]</p><p>@Denied: (A) (Everyone)</p><p>.</p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]</p><p>"Key"="ActionsPane3"</p><p>"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"</p><p>.</p><p>[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]</p><p>@Denied: (A) (Users)</p><p>@Denied: (A) (Everyone)</p><p>@Allowed: (B 1 2 3 4 5) (S-1-5-20)</p><p>"BlindDial"=dword:00000000</p><p>.</p><p>[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]</p><p>@Denied: (Full) (Everyone)</p><p>.</p><p>Completion time: 2014-10-28 05:22:47</p><p>ComboFix-quarantined-files.txt 2014-10-28 10:22</p><p>.</p><p>Pre-Run: 294,040,899,584 bytes free</p><p>Post-Run: 303,712,378,880 bytes free</p><p>.</p><p>- - End Of File - - 555E55E093E4507734C52DA2C0D9388D</p><p>A36C5E4F47E84449FF07ED3517B43A31</p><p></p><p></p><p></p><p></p><p><strong>TDSSKiller LogFile</strong></p><p></p><p></p><p></p><p>04:37:19.0389 0x170c TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58</p><p>04:37:23.0321 0x170c ============================================================</p><p>04:37:23.0321 0x170c Current date / time: 2014/10/28 04:37:23.0321</p><p>04:37:23.0321 0x170c SystemInfo:</p><p>04:37:23.0321 0x170c </p><p>04:37:23.0321 0x170c OS Version: 6.1.7601 ServicePack: 1.0</p><p>04:37:23.0321 0x170c Product type: Workstation</p><p>04:37:23.0321 0x170c ComputerName: USER-PC</p><p>04:37:23.0322 0x170c UserName: user</p><p>04:37:23.0322 0x170c Windows directory: C:\Windows</p><p>04:37:23.0322 0x170c System windows directory: C:\Windows</p><p>04:37:23.0322 0x170c Running under WOW64</p><p>04:37:23.0322 0x170c Processor architecture: Intel x64</p><p>04:37:23.0322 0x170c Number of processors: 8</p><p>04:37:23.0322 0x170c Page size: 0x1000</p><p>04:37:23.0322 0x170c Boot type: Normal boot</p><p>04:37:23.0322 0x170c ============================================================</p><p>04:37:24.0761 0x170c KLMD registered as C:\Windows\system32\drivers\66868958.sys</p><p>04:37:25.0037 0x170c System UUID: {E5C01544-E387-8024-A6CA-FB1B70DF46BF}</p><p>04:37:25.0309 0x170c Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3F161, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040</p><p>04:37:25.0312 0x170c Drive \Device\Harddisk1\DR1 - Size: 0x39C990000 ( 14.45 Gb ), SectorSize: 0x200, Cylinders: 0x75D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'</p><p>04:37:25.0322 0x170c ============================================================</p><p>04:37:25.0322 0x170c \Device\Harddisk0\DR0:</p><p>04:37:25.0323 0x170c MBR partitions:</p><p>04:37:25.0323 0x170c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000</p><p>04:37:25.0323 0x170c \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xE8DD5800</p><p>04:37:25.0323 0x170c \Device\Harddisk1\DR1:</p><p>04:37:25.0323 0x170c MBR partitions:</p><p>04:37:25.0323 0x170c \Device\Harddisk1\DR1\Partition1: MBR, Type 0xB, StartLBA 0x3F, BlocksNum 0x1CE4941</p><p>04:37:25.0323 0x170c ============================================================</p><p>04:37:25.0348 0x170c C: <-> \Device\Harddisk0\DR0\Partition2</p><p>04:37:25.0348 0x170c ============================================================</p><p>04:37:25.0348 0x170c Initialize success</p><p>04:37:25.0348 0x170c ============================================================</p><p>04:37:28.0973 0x13a8 ============================================================</p><p>04:37:28.0973 0x13a8 Scan started</p><p>04:37:28.0973 0x13a8 Mode: Manual;</p><p>04:37:28.0974 0x13a8 ============================================================</p><p>04:37:28.0974 0x13a8 KSN ping started</p><p>04:37:31.0631 0x13a8 KSN ping finished: true</p><p>04:37:34.0720 0x13a8 ================ Scan system memory ========================</p><p>04:37:34.0720 0x13a8 System memory - ok</p><p>04:37:34.0722 0x13a8 ================ Scan services =============================</p><p>04:37:35.0202 0x13a8 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys</p><p>04:37:35.0208 0x13a8 1394ohci - ok</p><p>04:37:35.0252 0x13a8 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys</p><p>04:37:35.0259 0x13a8 ACPI - ok</p><p>04:37:35.0272 0x13a8 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys</p><p>04:37:35.0274 0x13a8 AcpiPmi - ok</p><p>04:37:35.0398 0x13a8 [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe</p><p>04:37:35.0400 0x13a8 AdobeARMservice - ok</p><p>04:37:35.0501 0x13a8 [ 2637233632CCD1837A1A57A43CAF00A4, 848026C6C9B38FD9F70BC7B2306BF4F5DD395726D4FDD6A18B29354921191DC5 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe</p><p>04:37:35.0505 0x13a8 AdobeFlashPlayerUpdateSvc - ok</p><p>04:37:35.0547 0x13a8 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys</p><p>04:37:35.0562 0x13a8 adp94xx - ok</p><p>04:37:35.0601 0x13a8 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys</p><p>04:37:35.0609 0x13a8 adpahci - ok</p><p>04:37:35.0626 0x13a8 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys</p><p>04:37:35.0631 0x13a8 adpu320 - ok</p><p>04:37:35.0648 0x13a8 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll</p><p>04:37:35.0651 0x13a8 AeLookupSvc - ok</p><p>04:37:35.0711 0x13a8 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys</p><p>04:37:35.0724 0x13a8 AFD - ok</p><p>04:37:35.0737 0x13a8 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys</p><p>04:37:35.0740 0x13a8 agp440 - ok</p><p>04:37:35.0756 0x13a8 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe</p><p>04:37:35.0758 0x13a8 ALG - ok</p><p>04:37:35.0795 0x13a8 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys</p><p>04:37:35.0797 0x13a8 aliide - ok</p><p>04:37:35.0808 0x13a8 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys</p><p>04:37:35.0810 0x13a8 amdide - ok</p><p>04:37:35.0825 0x13a8 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys</p><p>04:37:35.0828 0x13a8 AmdK8 - ok</p><p>04:37:35.0840 0x13a8 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys</p><p>04:37:35.0842 0x13a8 AmdPPM - ok</p><p>04:37:35.0869 0x13a8 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys</p><p>04:37:35.0873 0x13a8 amdsata - ok</p><p>04:37:35.0883 0x13a8 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys</p><p>04:37:35.0890 0x13a8 amdsbs - ok</p><p>04:37:35.0908 0x13a8 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys</p><p>04:37:35.0908 0x13a8 amdxata - ok</p><p>04:37:35.0948 0x13a8 [ 59D01FA91962C9C1E9B4022B2D3B46DB, 3A111588538B77F010B5C900FB8425DDE55A08DBAC308CA7FB7BD9FCCCDEC69F ] AppHostSvc C:\Windows\system32\inetsrv\apphostsvc.dll</p><p>04:37:35.0954 0x13a8 AppHostSvc - ok</p><p>04:37:35.0992 0x13a8 [ 80B9412C4DE09147581FC935FB4C97AB, 0C9661F7B5EF7F9D61981790B7AB64E3375BD117962166619D0CC546A2D014D3 ] AppID C:\Windows\system32\drivers\appid.sys</p><p>04:37:35.0996 0x13a8 AppID - ok</p><p>04:37:36.0011 0x13a8 [ F71CA01C24FC3798A717B5A6F682F9AD, 8CF1C209E7BBBAD02D6D087293C0B681CDA3170AF119CA2916C2708D8801E749 ] AppIDSvc C:\Windows\System32\appidsvc.dll</p><p>04:37:36.0013 0x13a8 AppIDSvc - ok</p><p>04:37:36.0046 0x13a8 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll</p><p>04:37:36.0065 0x13a8 Appinfo - ok</p><p>04:37:36.0083 0x13a8 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys</p><p>04:37:36.0087 0x13a8 arc - ok</p><p>04:37:36.0097 0x13a8 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys</p><p>04:37:36.0100 0x13a8 arcsas - ok</p><p>04:37:36.0197 0x13a8 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe</p><p>04:37:36.0199 0x13a8 aspnet_state - ok</p><p>04:37:36.0222 0x13a8 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys</p><p>04:37:36.0223 0x13a8 AsyncMac - ok</p><p>04:37:36.0231 0x13a8 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys</p><p>04:37:36.0232 0x13a8 atapi - ok</p><p>04:37:36.0357 0x13a8 [ 3EFD964D52221360AF0673CD61C2F4F5, 76D636CAF2E4FEDAAC6B0D958865A901340CF836EE4FCE59F1D5291E3BEC9F1E ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys</p><p>04:37:36.0497 0x13a8 atikmdag - ok</p><p>04:37:36.0572 0x13a8 [ 2C1B6A64294F2182DC4999F923873974, 6D611636D849631BB1F852DC03A98BBFEC4D797A2707CA63427E187F0725A796 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll</p><p>04:37:36.0589 0x13a8 AudioEndpointBuilder - ok</p><p>04:37:36.0603 0x13a8 [ 2C1B6A64294F2182DC4999F923873974, 6D611636D849631BB1F852DC03A98BBFEC4D797A2707CA63427E187F0725A796 ] AudioSrv C:\Windows\System32\Audiosrv.dll</p><p>04:37:36.0614 0x13a8 AudioSrv - ok</p><p>04:37:36.0674 0x13a8 [ 54FE1CAFA3B3029B282E6A05EA672031, E972B8A22322FF06903A1E3AB20585E02A21C3A6EA9A75C172231494A08D14D1 ] Avgdiska C:\Windows\system32\DRIVERS\avgdiska.sys</p><p>04:37:36.0697 0x13a8 Avgdiska - ok</p><p>04:37:37.0011 0x13a8 [ 4187E691A71B65955CA3DB9FBA31031C, CD765BBE166C457E08981A910D468886981508543E348FB8BA25941B7FB392FA ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe</p><p>04:37:37.0054 0x13a8 AVGIDSAgent - ok</p><p>04:37:37.0118 0x13a8 [ 22FED6781A6DFC61E99D2BF6260B7F18, 3A37F2FB8264B25491B15B76E1A2DC9570121328F05C2750D0A052FFD125398A ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys</p><p>04:37:37.0125 0x13a8 AVGIDSDriver - ok</p><p>04:37:37.0162 0x13a8 [ 17C34C4B42C8B2EFCF2C065178BF4806, CB28BEE44B7A821EE728EFFD1B1882B57E417292A3A5377F3A98F16B0AF14DC7 ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys</p><p>04:37:37.0167 0x13a8 AVGIDSHA - ok</p><p>04:37:37.0209 0x13a8 [ 48A1BF0F360743C821C04C68FCC3CAC7, E2C760AEB88F3921885761652C5092F630F86C56AADB9A96254E6032A3FEDC8A ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys</p><p>04:37:37.0216 0x13a8 Avgldx64 - ok</p><p>04:37:37.0273 0x13a8 [ 734DCC05A7F327FDCE43A18BA011FD4E, E5245314E60D86911A6A9FC1FE4A0C0D0284D972CE642C28B9B1A43D1553AFA5 ] Avgloga C:\Windows\system32\DRIVERS\avgloga.sys</p><p>04:37:37.0283 0x13a8 Avgloga - ok</p><p>04:37:37.0326 0x13a8 [ E498AFD92C3DA81209463866BDA7C932, C40767F6BC6F9D10396B969CF38CFC3FC9C9E411CFA9EBA8E8AB3E95AD5E9D27 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys</p><p>04:37:37.0330 0x13a8 Avgmfx64 - ok</p><p>04:37:37.0398 0x13a8 [ 3CE824D46BA1871713ABF147E6BAD556, B4D8AFC388BE06D6E3C5CDC865F80FF101E731E1D2B221FFC6C1E28487E1B3CD ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys</p><p>04:37:37.0399 0x13a8 Avgrkx64 - ok</p><p>04:37:37.0441 0x13a8 [ 74D2F0CCDB47D99AF624DD6355AD698C, DDB89041351DBCD26DE1402CE3AF34EEE464CE17F69A7E472B8C6ECCE9970873 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys</p><p>04:37:37.0447 0x13a8 Avgtdia - ok</p><p>04:37:37.0526 0x13a8 [ 7688C67BDF55500C1FDC8291230C397D, 68A4C3D7F7043C73113B1EE7A3DD8E98BC1D6F54CA7E4E1BFB2333A75CDE2DE0 ] avgtp C:\Windows\system32\drivers\avgtpx64.sys</p><p>04:37:37.0528 0x13a8 avgtp - ok</p><p>04:37:37.0554 0x13a8 [ 3218AA21B739C1C338DC8A555A66B755, 389E09C2CB51524B985B53D81289BCFB1E9DB89C70650C6D5D276391E2B56BCB ] avgwd C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe</p><p>04:37:37.0561 0x13a8 avgwd - ok</p><p>04:37:37.0637 0x13a8 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll</p><p>04:37:37.0642 0x13a8 AxInstSV - ok</p><p>04:37:37.0670 0x13a8 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys</p><p>04:37:37.0682 0x13a8 b06bdrv - ok</p><p>04:37:37.0731 0x13a8 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys</p><p>04:37:37.0741 0x13a8 b57nd60a - ok</p><p>04:37:37.0816 0x13a8 [ 01A24B415926BB5F772DBE12459D97DE, 1FA2EEF283025D788051E6145DAEF26CB481F87F641156FC4D89B8DEE4B244A5 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE</p><p>04:37:37.0822 0x13a8 BBSvc - ok</p><p>04:37:37.0874 0x13a8 [ 785DE7ABDA13309D6065305542829E76, 78F49A5349B66042836615EF99B4EB70FA708369D315D105513C04F33070D297 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE</p><p>04:37:37.0880 0x13a8 BBUpdate - ok</p><p>04:37:37.0890 0x13a8 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll</p><p>04:37:37.0893 0x13a8 BDESVC - ok</p><p>04:37:37.0905 0x13a8 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys</p><p>04:37:37.0906 0x13a8 Beep - ok</p><p>04:37:37.0965 0x13a8 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll</p><p>04:37:37.0979 0x13a8 BFE - ok</p><p>04:37:38.0065 0x13a8 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll</p><p>04:37:38.0085 0x13a8 BITS - ok</p><p>04:37:38.0104 0x13a8 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys</p><p>04:37:38.0105 0x13a8 blbdrive - ok</p><p>04:37:38.0130 0x13a8 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys</p><p>04:37:38.0132 0x13a8 bowser - ok</p><p>04:37:38.0147 0x13a8 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys</p><p>04:37:38.0149 0x13a8 BrFiltLo - ok</p><p>04:37:38.0160 0x13a8 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys</p><p>04:37:38.0162 0x13a8 BrFiltUp - ok</p><p>04:37:38.0191 0x13a8 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll</p><p>04:37:38.0195 0x13a8 Browser - ok</p><p>04:37:38.0204 0x13a8 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys</p><p>04:37:38.0211 0x13a8 Brserid - ok</p><p>04:37:38.0224 0x13a8 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys</p><p>04:37:38.0226 0x13a8 BrSerWdm - ok</p><p>04:37:38.0243 0x13a8 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys</p><p>04:37:38.0244 0x13a8 BrUsbMdm - ok</p><p>04:37:38.0257 0x13a8 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys</p><p>04:37:38.0259 0x13a8 BrUsbSer - ok</p><p>04:37:38.0302 0x13a8 [ 832B121E4532919CC49F2438F1DCAA21, 70FFDD505A64D3CF03220D6422EDD47CA2E0DF711BBF2ED057F32A688CB2E2E8 ] BthAvrcp C:\Windows\system32\DRIVERS\BthAvrcp.sys</p><p>04:37:38.0304 0x13a8 BthAvrcp - ok</p><p>04:37:38.0365 0x13a8 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys</p><p>04:37:38.0368 0x13a8 BthEnum - ok</p><p>04:37:38.0382 0x13a8 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys</p><p>04:37:38.0385 0x13a8 BTHMODEM - ok</p><p>04:37:38.0425 0x13a8 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys</p><p>04:37:38.0428 0x13a8 BthPan - ok</p><p>04:37:38.0502 0x13a8 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys</p><p>04:37:38.0516 0x13a8 BTHPORT - ok</p><p>04:37:38.0565 0x13a8 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll</p><p>04:37:38.0569 0x13a8 bthserv - ok</p><p>04:37:38.0612 0x13a8 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys</p><p>04:37:38.0615 0x13a8 BTHUSB - ok</p><p>04:37:38.0623 0x13a8 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys</p><p>04:37:38.0626 0x13a8 cdfs - ok</p><p>04:37:38.0659 0x13a8 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys</p><p>04:37:38.0663 0x13a8 cdrom - ok</p><p>04:37:38.0708 0x13a8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll</p><p>04:37:38.0710 0x13a8 CertPropSvc - ok</p><p>04:37:38.0722 0x13a8 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys</p><p>04:37:38.0725 0x13a8 circlass - ok</p><p>04:37:38.0749 0x13a8 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys</p><p>04:37:38.0755 0x13a8 CLFS - ok</p><p>04:37:38.0816 0x13a8 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe</p><p>04:37:38.0818 0x13a8 clr_optimization_v2.0.50727_32 - ok</p><p>04:37:38.0955 0x13a8 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe</p><p>04:37:38.0960 0x13a8 clr_optimization_v2.0.50727_64 - ok</p><p>04:37:39.0023 0x13a8 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe</p><p>04:37:39.0027 0x13a8 clr_optimization_v4.0.30319_32 - ok</p><p>04:37:39.0052 0x13a8 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe</p><p>04:37:39.0055 0x13a8 clr_optimization_v4.0.30319_64 - ok</p><p>04:37:39.0069 0x13a8 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys</p><p>04:37:39.0071 0x13a8 CmBatt - ok</p><p>04:37:39.0100 0x13a8 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys</p><p>04:37:39.0102 0x13a8 cmdide - ok</p><p>04:37:39.0163 0x13a8 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys</p><p>04:37:39.0174 0x13a8 CNG - ok</p><p>04:37:39.0189 0x13a8 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys</p><p>04:37:39.0191 0x13a8 Compbatt - ok</p><p>04:37:39.0211 0x13a8 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys</p><p>04:37:39.0213 0x13a8 CompositeBus - ok</p><p>04:37:39.0218 0x13a8 COMSysApp - ok</p><p>04:37:39.0297 0x13a8 [ 08F934092E0429BADF88E9F91DB0F61E, 6E9091C006FFFF261DC61C8E9A45219E47C351296E5355FC4B7242F30E1DDFE3 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe</p><p>04:37:39.0307 0x13a8 cphs - ok</p><p>04:37:39.0325 0x13a8 cpuz135 - ok</p><p>04:37:39.0334 0x13a8 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys</p><p>04:37:39.0335 0x13a8 crcdisk - ok</p><p>04:37:39.0370 0x13a8 [ 19D511CC455C19DE1ADF60E6C39C85B6, 2A05DD5EF3D0BEC2C9F4EA186E0E2D0F7BE0BF6A473D51194B09D33773AC7FAA ] CryptSvc C:\Windows\system32\cryptsvc.dll</p><p>04:37:39.0377 0x13a8 CryptSvc - ok</p><p>04:37:39.0525 0x13a8 [ FD557A50A65E44041CD2FCEF4BEB04DB, 746D5958F7198895D35A23566D3736D993D57726BF59D91421D8091C48926A26 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE</p><p>04:37:39.0539 0x13a8 cvhsvc - ok</p><p>04:37:39.0585 0x13a8 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll</p><p>04:37:39.0594 0x13a8 DcomLaunch - ok</p><p>04:37:39.0614 0x13a8 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll</p><p>04:37:39.0619 0x13a8 defragsvc - ok</p><p>04:37:39.0627 0x13a8 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys</p><p>04:37:39.0630 0x13a8 DfsC - ok</p><p>04:37:39.0646 0x13a8 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll</p><p>04:37:39.0652 0x13a8 Dhcp - ok</p><p>04:37:39.0661 0x13a8 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys</p><p>04:37:39.0663 0x13a8 discache - ok</p><p>04:37:39.0669 0x13a8 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys</p><p>04:37:39.0670 0x13a8 Disk - ok</p><p>04:37:39.0691 0x13a8 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll</p><p>04:37:39.0694 0x13a8 Dnscache - ok</p><p>04:37:39.0716 0x13a8 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll</p><p>04:37:39.0721 0x13a8 dot3svc - ok</p><p>04:37:39.0759 0x13a8 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll</p><p>04:37:39.0762 0x13a8 DPS - ok</p><p>04:37:39.0802 0x13a8 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys</p><p>04:37:39.0804 0x13a8 drmkaud - ok</p><p>04:37:39.0859 0x13a8 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys</p><p>04:37:39.0877 0x13a8 DXGKrnl - ok</p><p>04:37:39.0896 0x13a8 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll</p><p>04:37:39.0899 0x13a8 EapHost - ok</p><p>04:37:39.0972 0x13a8 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys</p><p>04:37:40.0039 0x13a8 ebdrv - ok</p><p>04:37:40.0069 0x13a8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe</p><p>04:37:40.0071 0x13a8 EFS - ok</p><p>04:37:40.0110 0x13a8 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe</p><p>04:37:40.0121 0x13a8 ehRecvr - ok</p><p>04:37:40.0131 0x13a8 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe</p><p>04:37:40.0134 0x13a8 ehSched - ok</p><p>04:37:40.0165 0x13a8 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys</p><p>04:37:40.0174 0x13a8 elxstor - ok</p><p>04:37:40.0186 0x13a8 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys</p><p>04:37:40.0187 0x13a8 ErrDev - ok</p><p>04:37:40.0211 0x13a8 [ 72ECCB2F5C9CFC32A9B2A60933832501, BDEA5B00DB05B9A594E2B9798B96EB7FC3A8B894869F19A8DE105AD12F3A623E ] EtronHub3 C:\Windows\system32\Drivers\EtronHub3.sys</p><p>04:37:40.0213 0x13a8 EtronHub3 - ok</p><p>04:37:40.0227 0x13a8 [ 7BB310F6FB9E1B9D21DD2CE7EB0D5464, 23E6E1388757A8ACCE83A01475EEE47B5C4304B2BDB543956E95349890150F88 ] EtronXHCI C:\Windows\system32\Drivers\EtronXHCI.sys</p><p>04:37:40.0229 0x13a8 EtronXHCI - ok</p><p>04:37:40.0250 0x13a8 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll</p><p>04:37:40.0258 0x13a8 EventSystem - ok</p><p>04:37:40.0274 0x13a8 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys</p><p>04:37:40.0278 0x13a8 exfat - ok</p><p>04:37:40.0298 0x13a8 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys</p><p>04:37:40.0302 0x13a8 fastfat - ok</p><p>04:37:40.0327 0x13a8 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe</p><p>04:37:40.0338 0x13a8 Fax - ok</p><p>04:37:40.0351 0x13a8 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys</p><p>04:37:40.0353 0x13a8 fdc - ok</p><p>04:37:40.0370 0x13a8 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll</p><p>04:37:40.0371 0x13a8 fdPHost - ok</p><p>04:37:40.0378 0x13a8 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll</p><p>04:37:40.0380 0x13a8 FDResPub - ok</p><p>04:37:40.0392 0x13a8 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys</p><p>04:37:40.0395 0x13a8 FileInfo - ok</p><p>04:37:40.0399 0x13a8 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys</p><p>04:37:40.0400 0x13a8 Filetrace - ok</p><p>04:37:40.0414 0x13a8 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys</p><p>04:37:40.0415 0x13a8 flpydisk - ok</p><p>04:37:40.0436 0x13a8 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys</p><p>04:37:40.0441 0x13a8 FltMgr - ok</p><p>04:37:40.0520 0x13a8 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll</p><p>04:37:40.0553 0x13a8 FontCache - ok</p><p>04:37:40.0592 0x13a8 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe</p><p>04:37:40.0594 0x13a8 FontCache3.0.0.0 - ok</p><p>04:37:40.0610 0x13a8 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys</p><p>04:37:40.0613 0x13a8 FsDepends - ok</p><p>04:37:40.0640 0x13a8 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys</p><p>04:37:40.0641 0x13a8 Fs_Rec - ok</p><p>04:37:40.0681 0x13a8 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys</p><p>04:37:40.0688 0x13a8 fvevol - ok</p><p>04:37:40.0702 0x13a8 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys</p><p>04:37:40.0705 0x13a8 gagp30kx - ok</p><p>04:37:40.0716 0x13a8 gdrv - ok</p><p>04:37:40.0746 0x13a8 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll</p><p>04:37:40.0763 0x13a8 gpsvc - ok</p><p>04:37:40.0777 0x13a8 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys</p><p>04:37:40.0779 0x13a8 hcw85cir - ok</p><p>04:37:40.0798 0x13a8 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys</p><p>04:37:40.0805 0x13a8 HdAudAddService - ok</p><p>04:37:40.0825 0x13a8 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys</p><p>04:37:40.0829 0x13a8 HDAudBus - ok</p><p>04:37:40.0836 0x13a8 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys</p><p>04:37:40.0838 0x13a8 HidBatt - ok</p><p>04:37:40.0864 0x13a8 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys</p><p>04:37:40.0867 0x13a8 HidBth - ok</p><p>04:37:40.0881 0x13a8 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys</p><p>04:37:40.0883 0x13a8 HidIr - ok</p><p>04:37:40.0889 0x13a8 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll</p><p>04:37:40.0891 0x13a8 hidserv - ok</p><p>04:37:40.0937 0x13a8 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\drivers\hidusb.sys</p><p>04:37:40.0939 0x13a8 HidUsb - ok</p><p>04:37:40.0964 0x13a8 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll</p><p>04:37:40.0969 0x13a8 hkmsvc - ok</p><p>04:37:40.0979 0x13a8 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll</p><p>04:37:40.0986 0x13a8 HomeGroupListener - ok</p><p>04:37:41.0000 0x13a8 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll</p><p>04:37:41.0004 0x13a8 HomeGroupProvider - ok</p><p>04:37:41.0020 0x13a8 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys</p><p>04:37:41.0023 0x13a8 HpSAMD - ok</p><p>04:37:41.0054 0x13a8 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys</p><p>04:37:41.0066 0x13a8 HTTP - ok</p><p>04:37:41.0072 0x13a8 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys</p><p>04:37:41.0073 0x13a8 hwpolicy - ok</p><p>04:37:41.0092 0x13a8 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys</p><p>04:37:41.0094 0x13a8 i8042prt - ok</p><p>04:37:41.0148 0x13a8 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys</p><p>04:37:41.0156 0x13a8 iaStorV - ok</p><p>04:37:41.0230 0x13a8 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe</p><p>04:37:41.0251 0x13a8 idsvc - ok</p><p>04:37:41.0304 0x13a8 IEEtwCollectorService - ok</p><p>04:37:41.0465 0x13a8 [ 8C44E6B688790E2AD3846C97661C54F1, CB487D167EDA3C1E30BD5FB8F98C15EB9E75A6FB793009C2F1BBCAAB4285F772 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys</p><p>04:37:41.0625 0x13a8 igfx - ok</p><p>04:37:41.0647 0x13a8 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys</p><p>04:37:41.0649 0x13a8 iirsp - ok</p><p>04:37:41.0713 0x13a8 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll</p><p>04:37:41.0727 0x13a8 IKEEXT - ok</p><p>04:37:41.0797 0x13a8 [ 392D5C87F282E8E36DF5154418A7BB20, 9E5BFF3F339401E88F26AC558451EA51A457B82BE0E51AE266FC4448F5AA6565 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys</p><p>04:37:41.0835 0x13a8 IntcAzAudAddService - ok</p><p>04:37:41.0862 0x13a8 [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys</p><p>04:37:41.0868 0x13a8 IntcDAud - ok</p><p>04:37:41.0876 0x13a8 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys</p><p>04:37:41.0877 0x13a8 intelide - ok</p><p>04:37:41.0896 0x13a8 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys</p><p>04:37:41.0897 0x13a8 intelppm - ok</p><p>04:37:41.0918 0x13a8 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll</p><p>04:37:41.0921 0x13a8 IPBusEnum - ok</p><p>04:37:41.0939 0x13a8 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys</p><p>04:37:41.0942 0x13a8 IpFilterDriver - ok</p><p>04:37:41.0985 0x13a8 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll</p><p>04:37:41.0995 0x13a8 iphlpsvc - ok</p><p>04:37:42.0007 0x13a8 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys</p><p>04:37:42.0009 0x13a8 IPMIDRV - ok</p><p>04:37:42.0024 0x13a8 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys</p><p>04:37:42.0028 0x13a8 IPNAT - ok</p><p>04:37:42.0045 0x13a8 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys</p><p>04:37:42.0047 0x13a8 IRENUM - ok</p><p>04:37:42.0064 0x13a8 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys</p><p>04:37:42.0066 0x13a8 isapnp - ok</p><p>04:37:42.0100 0x13a8 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys</p><p>04:37:42.0107 0x13a8 iScsiPrt - ok</p><p>04:37:42.0127 0x13a8 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys</p><p>04:37:42.0129 0x13a8 kbdclass - ok</p><p>04:37:42.0141 0x13a8 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys</p><p>04:37:42.0150 0x13a8 kbdhid - ok</p><p>04:37:42.0169 0x13a8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe</p><p>04:37:42.0171 0x13a8 KeyIso - ok</p><p>04:37:42.0203 0x13a8 [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys</p><p>04:37:42.0206 0x13a8 KSecDD - ok</p><p>04:37:42.0221 0x13a8 [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys</p><p>04:37:42.0225 0x13a8 KSecPkg - ok</p><p>04:37:42.0230 0x13a8 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys</p><p>04:37:42.0232 0x13a8 ksthunk - ok</p><p>04:37:42.0254 0x13a8 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll</p><p>04:37:42.0263 0x13a8 KtmRm - ok</p><p>04:37:42.0291 0x13a8 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll</p><p>04:37:42.0297 0x13a8 LanmanServer - ok</p><p>04:37:42.0313 0x13a8 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll</p><p>04:37:42.0317 0x13a8 LanmanWorkstation - ok</p><p>04:37:42.0346 0x13a8 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys</p><p>04:37:42.0348 0x13a8 lltdio - ok</p><p>04:37:42.0367 0x13a8 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll</p><p>04:37:42.0374 0x13a8 lltdsvc - ok</p><p>04:37:42.0383 0x13a8 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll</p><p>04:37:42.0385 0x13a8 lmhosts - ok</p><p>04:37:42.0405 0x13a8 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys</p><p>04:37:42.0409 0x13a8 LSI_FC - ok</p><p>04:37:42.0422 0x13a8 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys</p><p>04:37:42.0426 0x13a8 LSI_SAS - ok</p><p>04:37:42.0439 0x13a8 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys</p><p>04:37:42.0441 0x13a8 LSI_SAS2 - ok</p><p>04:37:42.0451 0x13a8 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys</p><p>04:37:42.0454 0x13a8 LSI_SCSI - ok</p><p>04:37:42.0472 0x13a8 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys</p><p>04:37:42.0475 0x13a8 luafv - ok</p><p>04:37:42.0583 0x13a8 [ 0C85B2B6FB74B36A251792D45E0EF860, 2E04204560C1159ABC25F273B0B7F81FDF9BA5E88C17929FD924C4E945DE5020 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys</p><p>04:37:42.0590 0x13a8 LVRS64 - ok</p><p>04:37:42.0736 0x13a8 [ FF3A488924B0032B1A9CA6948C1FA9E8, 6F05852B75498210926F5CDF49D2A6DD97C39CD93D32E3200D7240AADA3E7BEE ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys</p><p>04:37:42.0869 0x13a8 LVUVC64 - ok</p><p>04:37:43.0043 0x13a8 [ 1704A8189EE5580AB147CFD25C5C8770, DFA076FD36B5CC844D4BE3B865E9A1F809E14CCB1D78D82A2D8D8EE38210E6EB ] McComponentHostService C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe</p><p>04:37:43.0053 0x13a8 McComponentHostService - ok</p><p>04:37:43.0074 0x13a8 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll</p><p>04:37:43.0078 0x13a8 Mcx2Svc - ok</p><p>04:37:43.0094 0x13a8 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys</p><p>04:37:43.0098 0x13a8 megasas - ok</p><p>04:37:43.0138 0x13a8 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys</p><p>04:37:43.0145 0x13a8 MegaSR - ok</p><p>04:37:43.0190 0x13a8 [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys</p><p>04:37:43.0193 0x13a8 MEIx64 - ok</p><p>04:37:43.0246 0x13a8 Microsoft SharePoint Workspace Audit Service - ok</p><p>04:37:43.0268 0x13a8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll</p><p>04:37:43.0272 0x13a8 MMCSS - ok</p><p>04:37:43.0283 0x13a8 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys</p><p>04:37:43.0285 0x13a8 Modem - ok</p><p>04:37:43.0304 0x13a8 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys</p><p>04:37:43.0305 0x13a8 monitor - ok</p><p>04:37:43.0322 0x13a8 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys</p><p>04:37:43.0324 0x13a8 mouclass - ok</p><p>04:37:43.0333 0x13a8 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys</p><p>04:37:43.0335 0x13a8 mouhid - ok</p><p>04:37:43.0354 0x13a8 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys</p><p>04:37:43.0356 0x13a8 mountmgr - ok</p><p>04:37:43.0446 0x13a8 [ 707E98CC15C2224C078C9E71FF1889BC, 958416FE081436FDBF7F2BEBBB2795C54CC4F3F349D6DF463296A7BBA3404F13 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe</p><p>04:37:43.0451 0x13a8 MozillaMaintenance - ok</p><p>04:37:43.0463 0x13a8 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys</p><p>04:37:43.0468 0x13a8 mpio - ok</p><p>04:37:43.0486 0x13a8 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys</p><p>04:37:43.0489 0x13a8 mpsdrv - ok</p><p>04:37:43.0516 0x13a8 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll</p><p>04:37:43.0534 0x13a8 MpsSvc - ok</p><p>04:37:43.0568 0x13a8 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys</p><p>04:37:43.0571 0x13a8 MRxDAV - ok</p><p>04:37:43.0589 0x13a8 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys</p><p>04:37:43.0592 0x13a8 mrxsmb - ok</p><p>04:37:43.0602 0x13a8 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys</p><p>04:37:43.0607 0x13a8 mrxsmb10 - ok</p><p>04:37:43.0625 0x13a8 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys</p><p>04:37:43.0628 0x13a8 mrxsmb20 - ok</p><p>04:37:43.0655 0x13a8 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys</p><p>04:37:43.0656 0x13a8 msahci - ok</p><p>04:37:43.0676 0x13a8 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys</p><p>04:37:43.0682 0x13a8 msdsm - ok</p><p>04:37:43.0698 0x13a8 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe</p><p>04:37:43.0703 0x13a8 MSDTC - ok</p><p>04:37:43.0730 0x13a8 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys</p><p>04:37:43.0731 0x13a8 Msfs - ok</p><p>04:37:43.0739 0x13a8 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys</p><p>04:37:43.0740 0x13a8 mshidkmdf - ok</p><p>04:37:43.0745 0x13a8 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys</p><p>04:37:43.0746 0x13a8 msisadrv - ok</p><p>04:37:43.0767 0x13a8 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll</p><p>04:37:43.0772 0x13a8 MSiSCSI - ok</p><p>04:37:43.0774 0x13a8 msiserver - ok</p><p>04:37:43.0785 0x13a8 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys</p><p>04:37:43.0786 0x13a8 MSKSSRV - ok</p><p>04:37:43.0807 0x13a8 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys</p><p>04:37:43.0808 0x13a8 MSPCLOCK - ok</p><p>04:37:43.0834 0x13a8 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys</p><p>04:37:43.0835 0x13a8 MSPQM - ok</p><p>04:37:43.0860 0x13a8 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys</p><p>04:37:43.0871 0x13a8 MsRPC - ok</p><p>04:37:43.0913 0x13a8 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys</p><p>04:37:43.0914 0x13a8 mssmbios - ok</p><p>04:37:43.0937 0x13a8 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys</p><p>04:37:43.0938 0x13a8 MSTEE - ok</p><p>04:37:43.0947 0x13a8 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys</p><p>04:37:43.0949 0x13a8 MTConfig - ok</p><p>04:37:43.0965 0x13a8 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys</p><p>04:37:43.0967 0x13a8 Mup - ok</p><p>04:37:43.0994 0x13a8 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll</p><p>04:37:44.0006 0x13a8 napagent - ok</p><p>04:37:44.0024 0x13a8 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys</p><p>04:37:44.0029 0x13a8 NativeWifiP - ok</p><p>04:37:44.0103 0x13a8 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys</p><p>04:37:44.0120 0x13a8 NDIS - ok</p><p>04:37:44.0133 0x13a8 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys</p><p>04:37:44.0134 0x13a8 NdisCap - ok</p><p>04:37:44.0158 0x13a8 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys</p><p>04:37:44.0159 0x13a8 NdisTapi - ok</p><p>04:37:44.0173 0x13a8 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys</p><p>04:37:44.0181 0x13a8 Ndisuio - ok</p><p>04:37:44.0193 0x13a8 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys</p><p>04:37:44.0196 0x13a8 NdisWan - ok</p><p>04:37:44.0208 0x13a8 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys</p><p>04:37:44.0210 0x13a8 NDProxy - ok</p><p>04:37:44.0221 0x13a8 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys</p><p>04:37:44.0223 0x13a8 NetBIOS - ok</p><p>04:37:44.0240 0x13a8 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys</p><p>04:37:44.0249 0x13a8 NetBT - ok</p><p>04:37:44.0261 0x13a8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe</p><p>04:37:44.0262 0x13a8 Netlogon - ok</p><p>04:37:44.0285 0x13a8 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll</p><p>04:37:44.0292 0x13a8 Netman - ok</p><p>04:37:44.0349 0x13a8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe</p><p>04:37:44.0353 0x13a8 NetMsmqActivator - ok</p><p>04:37:44.0379 0x13a8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe</p><p>04:37:44.0382 0x13a8 NetPipeActivator - ok</p><p>04:37:44.0405 0x13a8 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll</p><p>04:37:44.0415 0x13a8 netprofm - ok</p><p>04:37:44.0426 0x13a8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe</p><p>04:37:44.0429 0x13a8 NetTcpActivator - ok</p><p>04:37:44.0434 0x13a8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe</p><p>04:37:44.0436 0x13a8 NetTcpPortSharing - ok</p><p>04:37:44.0447 0x13a8 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys</p><p>04:37:44.0449 0x13a8 nfrd960 - ok</p><p>04:37:44.0465 0x13a8 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll</p><p>04:37:44.0471 0x13a8 NlaSvc - ok</p><p>04:37:44.0474 0x13a8 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys</p><p>04:37:44.0476 0x13a8 Npfs - ok</p><p>04:37:44.0493 0x13a8 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll</p><p>04:37:44.0495 0x13a8 nsi - ok</p><p>04:37:44.0506 0x13a8 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys</p><p>04:37:44.0508 0x13a8 nsiproxy - ok</p><p>04:37:44.0582 0x13a8 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys</p><p>04:37:44.0622 0x13a8 Ntfs - ok</p><p>04:37:44.0627 0x13a8 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys</p><p>04:37:44.0627 0x13a8 Null - ok</p><p>04:37:44.0679 0x13a8 [ 8D4AAC74B571FC356560E5B308955E93, C7F74F40D708D590EDB5D2ED064CF9C279FB1EBE33EDED073391E4D5E1CEE046 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys</p><p>04:37:44.0684 0x13a8 NVHDA - ok</p><p>04:37:44.0962 0x13a8 [ 757ACE4D4C9FF0571F86AA5D586B45E8, E7F23CC1DE26E2DAA690B78B05FC001EE0051F0ED9B9BCE9E7FA4E9684D4F3D4 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys</p><p>04:37:45.0125 0x13a8 nvlddmkm - ok</p><p>04:37:45.0171 0x13a8 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys</p><p>04:37:45.0174 0x13a8 nvraid - ok</p><p>04:37:45.0186 0x13a8 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys</p><p>04:37:45.0189 0x13a8 nvstor - ok</p><p>04:37:45.0243 0x13a8 [ 1C7CC708AC4A02A3BE8915539780534A, 0EBDE100880963BF1EC05002BA244CA7700693E958D1974CDD2AC3927D93224F ] nvsvc C:\Windows\system32\nvvsvc.exe</p><p>04:37:45.0264 0x13a8 nvsvc - ok</p><p>04:37:45.0386 0x13a8 [ CD0BFAA6872CFE38C908D313AE17C350, BE5B8AD5F245430C7FA15A5F928FD82CD781509394A7D7471CC70C1C28D6AE4B ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe</p><p>04:37:45.0437 0x13a8 nvUpdatusService - ok</p><p>04:37:45.0458 0x13a8 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys</p><p>04:37:45.0461 0x13a8 nv_agp - ok</p><p>04:37:45.0471 0x13a8 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys</p><p>04:37:45.0473 0x13a8 ohci1394 - ok</p><p>04:37:45.0535 0x13a8 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE</p><p>04:37:45.0541 0x13a8 ose - ok</p><p>04:37:45.0687 0x13a8 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE</p><p>04:37:45.0784 0x13a8 osppsvc - ok</p><p>04:37:45.0810 0x13a8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll</p><p>04:37:45.0816 0x13a8 p2pimsvc - ok</p><p>04:37:45.0825 0x13a8 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll</p><p>04:37:45.0833 0x13a8 p2psvc - ok</p><p>04:37:45.0867 0x13a8 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys</p><p>04:37:45.0886 0x13a8 Parport - ok</p><p>04:37:45.0932 0x13a8 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys</p><p>04:37:45.0953 0x13a8 partmgr - ok</p><p>04:37:46.0005 0x13a8 [ 256390425414F90FCBC12F525A84EB11, A4992020BF6A239AD8A77125426E2C39980C9ABC971C4DBCB24B358F946AD7F9 ] PcaSvc C:\Windows\System32\pcasvc.dll</p><p>04:37:46.0013 0x13a8 PcaSvc - ok</p><p>04:37:46.0023 0x13a8 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys</p><p>04:37:46.0030 0x13a8 pci - ok</p><p>04:37:46.0058 0x13a8 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys</p><p>04:37:46.0059 0x13a8 pciide - ok</p><p>04:37:46.0074 0x13a8 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys</p><p>04:37:46.0082 0x13a8 pcmcia - ok</p><p>04:37:46.0092 0x13a8 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys</p><p>04:37:46.0093 0x13a8 pcw - ok</p><p>04:37:46.0135 0x13a8 [ 946010CDFA91469351B22E2620CEBCD8, F099C92706D42ADC289B72724F7932E5D4F62A427AEC967DDB0A1D728AE59A63 ] PEAUTH C:\Windows\system32\drivers\peauth.sys</p><p>04:37:46.0151 0x13a8 PEAUTH - ok</p><p>04:37:46.0196 0x13a8 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe</p><p>04:37:46.0198 0x13a8 PerfHost - ok</p><p>04:37:46.0249 0x13a8 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll</p><p>04:37:46.0284 0x13a8 pla - ok</p><p>04:37:46.0358 0x13a8 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll</p><p>04:37:46.0370 0x13a8 PlugPlay - ok</p><p>04:37:46.0376 0x13a8 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll</p><p>04:37:46.0378 0x13a8 PNRPAutoReg - ok</p><p>04:37:46.0389 0x13a8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll</p><p>04:37:46.0395 0x13a8 PNRPsvc - ok</p><p>04:37:46.0419 0x13a8 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll</p><p>04:37:46.0427 0x13a8 PolicyAgent - ok</p><p>04:37:46.0446 0x13a8 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll</p><p>04:37:46.0449 0x13a8 Power - ok</p><p>04:37:46.0470 0x13a8 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys</p><p>04:37:46.0472 0x13a8 PptpMiniport - ok</p><p>04:37:46.0485 0x13a8 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys</p><p>04:37:46.0487 0x13a8 Processor - ok</p><p>04:37:46.0524 0x13a8 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll</p><p>04:37:46.0529 0x13a8 ProfSvc - ok</p><p>04:37:46.0536 0x13a8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe</p><p>04:37:46.0537 0x13a8 ProtectedStorage - ok</p><p>04:37:46.0551 0x13a8 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys</p><p>04:37:46.0554 0x13a8 Psched - ok</p><p>04:37:46.0593 0x13a8 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys</p><p>04:37:46.0627 0x13a8 ql2300 - ok</p><p>04:37:46.0642 0x13a8 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys</p><p>04:37:46.0645 0x13a8 ql40xx - ok</p><p>04:37:46.0669 0x13a8 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll</p><p>04:37:46.0679 0x13a8 QWAVE - ok</p><p>04:37:46.0689 0x13a8 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys</p><p>04:37:46.0692 0x13a8 QWAVEdrv - ok</p><p>04:37:46.0698 0x13a8 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys</p><p>04:37:46.0699 0x13a8 RasAcd - ok</p><p>04:37:46.0725 0x13a8 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys</p><p>04:37:46.0727 0x13a8 RasAgileVpn - ok</p><p>04:37:46.0733 0x13a8 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll</p><p>04:37:46.0737 0x13a8 RasAuto - ok</p><p>04:37:46.0755 0x13a8 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys</p><p>04:37:46.0758 0x13a8 Rasl2tp - ok</p><p>04:37:46.0772 0x13a8 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll</p><p>04:37:46.0780 0x13a8 RasMan - ok</p><p>04:37:46.0800 0x13a8 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys</p><p>04:37:46.0803 0x13a8 RasPppoe - ok</p><p>04:37:46.0814 0x13a8 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys</p><p>04:37:46.0816 0x13a8 RasSstp - ok</p><p>04:37:46.0832 0x13a8 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys</p><p>04:37:46.0838 0x13a8 rdbss - ok</p><p>04:37:46.0849 0x13a8 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys</p><p>04:37:46.0851 0x13a8 rdpbus - ok</p><p>04:37:46.0868 0x13a8 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys</p><p>04:37:46.0869 0x13a8 RDPCDD - ok</p><p>04:37:46.0877 0x13a8 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys</p><p>04:37:46.0878 0x13a8 RDPENCDD - ok</p><p>04:37:46.0881 0x13a8 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys</p><p>04:37:46.0881 0x13a8 RDPREFMP - ok</p><p>04:37:46.0942 0x13a8 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys</p><p>04:37:46.0944 0x13a8 RdpVideoMiniport - ok</p><p>04:37:46.0982 0x13a8 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys</p><p>04:37:46.0990 0x13a8 RDPWD - ok</p><p>04:37:47.0017 0x13a8 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys</p><p>04:37:47.0022 0x13a8 rdyboost - ok</p><p>04:37:47.0041 0x13a8 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll</p><p>04:37:47.0045 0x13a8 RemoteAccess - ok</p><p>04:37:47.0054 0x13a8 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll</p><p>04:37:47.0058 0x13a8 RemoteRegistry - ok</p><p>04:37:47.0098 0x13a8 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys</p><p>04:37:47.0102 0x13a8 RFCOMM - ok</p><p>04:37:47.0145 0x13a8 [ AD42432D22940B4215177BE113E4919C, BF04E1F942846B928E523727EB03BBFA83FCE535CF7C0A4E787A5CBA46D5BF8D ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys</p><p>04:37:47.0150 0x13a8 RimUsb - ok</p><p>04:37:47.0162 0x13a8 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll</p><p>04:37:47.0166 0x13a8 RpcEptMapper - ok</p><p>04:37:47.0184 0x13a8 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe</p><p>04:37:47.0186 0x13a8 RpcLocator - ok</p><p>04:37:47.0217 0x13a8 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll</p><p>04:37:47.0232 0x13a8 RpcSs - ok</p><p>04:37:47.0243 0x13a8 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys</p><p>04:37:47.0244 0x13a8 rspndr - ok</p><p>04:37:47.0296 0x13a8 [ E50CFB92986DCAB49DE93788FD695813, EAE103008B967B0F064EDDA551AA553EE7C22D39D14FA0BBFEF41C4D1B6C99E5 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys</p><p>04:37:47.0312 0x13a8 RTL8167 - ok</p><p>04:37:47.0318 0x13a8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe</p><p>04:37:47.0320 0x13a8 SamSs - ok</p><p>04:37:47.0339 0x13a8 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys</p><p>04:37:47.0341 0x13a8 sbp2port - ok</p><p>04:37:47.0357 0x13a8 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll</p><p>04:37:47.0360 0x13a8 SCardSvr - ok</p><p>04:37:47.0370 0x13a8 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys</p><p>04:37:47.0372 0x13a8 scfilter - ok</p><p>04:37:47.0401 0x13a8 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll</p><p>04:37:47.0427 0x13a8 Schedule - ok</p><p>04:37:47.0440 0x13a8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll</p><p>04:37:47.0442 0x13a8 SCPolicySvc - ok</p><p>04:37:47.0452 0x13a8 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll</p><p>04:37:47.0456 0x13a8 SDRSVC - ok</p><p>04:37:47.0469 0x13a8 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys</p><p>04:37:47.0469 0x13a8 secdrv - ok</p><p>04:37:47.0480 0x13a8 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll</p><p>04:37:47.0483 0x13a8 seclogon - ok</p><p>04:37:47.0489 0x13a8 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll</p><p>04:37:47.0492 0x13a8 SENS - ok</p><p>04:37:47.0509 0x13a8 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll</p><p>04:37:47.0511 0x13a8 SensrSvc - ok</p><p>04:37:47.0524 0x13a8 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys</p><p>04:37:47.0525 0x13a8 Serenum - ok</p><p>04:37:47.0538 0x13a8 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys</p><p>04:37:47.0543 0x13a8 Serial - ok</p><p>04:37:47.0560 0x13a8 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys</p><p>04:37:47.0562 0x13a8 sermouse - ok</p><p>04:37:47.0581 0x13a8 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll</p><p>04:37:47.0586 0x13a8 SessionEnv - ok</p><p>04:37:47.0599 0x13a8 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys</p><p>04:37:47.0600 0x13a8 sffdisk - ok</p><p>04:37:47.0612 0x13a8 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys</p><p>04:37:47.0614 0x13a8 sffp_mmc - ok</p><p>04:37:47.0622 0x13a8 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys</p><p>04:37:47.0624 0x13a8 sffp_sd - ok</p><p>04:37:47.0626 0x13a8 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys</p><p>04:37:47.0627 0x13a8 sfloppy - ok</p><p>04:37:47.0683 0x13a8 [ 2046AA7491DE7EFA4D70E615D9BC9D09, A8763D059AD68D5842C407FA9644E0B129BEF0F63CD87E62B80B05441EDC3489 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys</p><p>04:37:47.0696 0x13a8 Sftfs - ok</p><p>04:37:47.0765 0x13a8 [ 77C5A741A7452812F278EF2C18478862, 0B763679EB7EFB8ED9DCE7B429706E939BB65BA6BCF1BAE0E0426D4E87074B8C ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe</p><p>04:37:47.0772 0x13a8 sftlist - ok</p><p>04:37:47.0815 0x13a8 [ 0E0446BC4D51BE4263ACB7E33491191C, 2AD039FB440560658C4E06F67CC192EF71577EF3FF789A43C08430CE5EAE5A70 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys</p><p>04:37:47.0823 0x13a8 Sftplay - ok</p><p>04:37:47.0855 0x13a8 [ C5FB982CD266E604ED3142102C26D62C, A6BC0D72E98F924274ECAD49C85F0775D1CD45B97CD43F53DF3992B560835FC5 ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys</p><p>04:37:47.0856 0x13a8 Sftredir - ok</p><p>04:37:47.0883 0x13a8 [ 2575511AF67AA1FA068CCC4918E2C2A3, 3152FF5AC2CF6FE966DA59B1B33E22F9BD9B6BB4310441870528364BA9501A4D ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys</p><p>04:37:47.0884 0x13a8 Sftvol - ok</p><p>04:37:47.0918 0x13a8 [ 39B1D0A636A400304565D4521FAD6D77, 1F01DB35B5A477AA7A77585C9304E6B5F3E67807531305BCA93A7F494CED8F59 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe</p><p>04:37:47.0921 0x13a8 sftvsa - ok</p><p>04:37:47.0946 0x13a8 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll</p><p>04:37:47.0952 0x13a8 SharedAccess - ok</p><p>04:37:47.0973 0x13a8 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll</p><p>04:37:47.0980 0x13a8 ShellHWDetection - ok</p><p>04:37:47.0993 0x13a8 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys</p><p>04:37:47.0995 0x13a8 SiSRaid2 - ok</p><p>04:37:48.0009 0x13a8 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys</p><p>04:37:48.0013 0x13a8 SiSRaid4 - ok</p><p>04:37:48.0040 0x13a8 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys</p><p>04:37:48.0043 0x13a8 Smb - ok</p><p>04:37:48.0072 0x13a8 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe</p><p>04:37:48.0075 0x13a8 SNMPTRAP - ok</p><p>04:37:48.0077 0x13a8 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys</p><p>04:37:48.0078 0x13a8 spldr - ok</p><p>04:37:48.0127 0x13a8 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe</p><p>04:37:48.0140 0x13a8 Spooler - ok</p><p>04:37:48.0226 0x13a8 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe</p><p>04:37:48.0272 0x13a8 sppsvc - ok</p><p>04:37:48.0296 0x13a8 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll</p><p>04:37:48.0299 0x13a8 sppuinotify - ok</p><p>04:37:48.0333 0x13a8 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys</p><p>04:37:48.0345 0x13a8 srv - ok</p><p>04:37:48.0367 0x13a8 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys</p><p>04:37:48.0375 0x13a8 srv2 - ok</p><p>04:37:48.0388 0x13a8 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys</p><p>04:37:48.0391 0x13a8 srvnet - ok</p><p>04:37:48.0413 0x13a8 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll</p><p>04:37:48.0418 0x13a8 SSDPSRV - ok</p><p>04:37:48.0435 0x13a8 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll</p><p>04:37:48.0438 0x13a8 SstpSvc - ok</p><p>04:37:48.0514 0x13a8 [ CDA9313E34887A111B8309B55BCDCD82, AC070AA093B7013E4D1B29F4FAF9B469C3C261E4D3D1512B4F77CC609CBD1484 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe</p><p>04:37:48.0523 0x13a8 Stereo Service - ok</p><p>04:37:48.0539 0x13a8 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys</p><p>04:37:48.0541 0x13a8 stexstor - ok</p><p>04:37:48.0578 0x13a8 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll</p><p>04:37:48.0588 0x13a8 stisvc - ok</p><p>04:37:48.0599 0x13a8 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys</p><p>04:37:48.0600 0x13a8 swenum - ok</p><p>04:37:48.0622 0x13a8 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll</p><p>04:37:48.0631 0x13a8 swprv - ok</p><p>04:37:48.0679 0x13a8 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll</p><p>04:37:48.0721 0x13a8 SysMain - ok</p><p>04:37:48.0731 0x13a8 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll</p><p>04:37:48.0734 0x13a8 TabletInputService - ok</p><p>04:37:48.0748 0x13a8 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll</p><p>04:37:48.0754 0x13a8 TapiSrv - ok</p><p>04:37:48.0764 0x13a8 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll</p><p>04:37:48.0766 0x13a8 TBS - ok</p><p>04:37:48.0853 0x13a8 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys</p><p>04:37:48.0897 0x13a8 Tcpip - ok</p><p>04:37:48.0956 0x13a8 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys</p><p>04:37:48.0980 0x13a8 TCPIP6 - ok</p><p>04:37:49.0015 0x13a8 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys</p><p>04:37:49.0016 0x13a8 tcpipreg - ok</p><p>04:37:49.0028 0x13a8 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys</p><p>04:37:49.0030 0x13a8 TDPIPE - ok</p><p>04:37:49.0057 0x13a8 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys</p><p>04:37:49.0059 0x13a8 TDTCP - ok</p><p>04:37:49.0078 0x13a8 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys</p><p>04:37:49.0083 0x13a8 tdx - ok</p><p>04:37:49.0094 0x13a8 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys</p><p>04:37:49.0096 0x13a8 TermDD - ok</p><p>04:37:49.0145 0x13a8 [ 4FC4C50985E5B840F4D72E57286887B8, 0BCBB4A938803AE3A3532B6D8FFC85594AA9AEF5D8F9792684841BEA8780AE9E ] TermService C:\Windows\System32\termsrv.dll</p><p>04:37:49.0162 0x13a8 TermService - ok</p><p>04:37:49.0172 0x13a8 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll</p><p>04:37:49.0175 0x13a8 Themes - ok</p><p>04:37:49.0192 0x13a8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll</p><p>04:37:49.0194 0x13a8 THREADORDER - ok</p><p>04:37:49.0208 0x13a8 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll</p><p>04:37:49.0212 0x13a8 TrkWks - ok</p><p>04:37:49.0238 0x13a8 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe</p><p>04:37:49.0240 0x13a8 TrustedInstaller - ok</p><p>04:37:49.0251 0x13a8 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys</p><p>04:37:49.0253 0x13a8 tssecsrv - ok</p><p>04:37:49.0289 0x13a8 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys</p><p>04:37:49.0291 0x13a8 TsUsbFlt - ok</p><p>04:37:49.0313 0x13a8 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys</p><p>04:37:49.0315 0x13a8 TsUsbGD - ok</p><p>04:37:49.0345 0x13a8 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys</p><p>04:37:49.0348 0x13a8 tunnel - ok</p><p>04:37:49.0361 0x13a8 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys</p><p>04:37:49.0363 0x13a8 uagp35 - ok</p><p>04:37:49.0383 0x13a8 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys</p><p>04:37:49.0388 0x13a8 udfs - ok</p><p>04:37:49.0393 0x13a8 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe</p><p>04:37:49.0395 0x13a8 UI0Detect - ok</p><p>04:37:49.0416 0x13a8 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys</p><p>04:37:49.0418 0x13a8 uliagpkx - ok</p><p>04:37:49.0453 0x13a8 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys</p><p>04:37:49.0455 0x13a8 umbus - ok</p><p>04:37:49.0472 0x13a8 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys</p><p>04:37:49.0474 0x13a8 UmPass - ok</p><p>04:37:49.0542 0x13a8 [ 67A95B9D129ED5399E7965CD09CF30E7, F1F2F684146F1CCB293BB9871117B8CFC1D04588A830F67CE5D3F0D034D93B2A ] UMVPFSrv C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe</p><p>04:37:49.0551 0x13a8 UMVPFSrv - ok</p><p>04:37:49.0580 0x13a8 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll</p><p>04:37:49.0589 0x13a8 upnphost - ok</p><p>04:37:49.0622 0x13a8 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys</p><p>04:37:49.0625 0x13a8 usbaudio - ok</p><p>04:37:49.0653 0x13a8 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys</p><p>04:37:49.0656 0x13a8 usbccgp - ok</p><p>04:37:49.0691 0x13a8 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys</p><p>04:37:49.0696 0x13a8 usbcir - ok</p><p>04:37:49.0724 0x13a8 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys</p><p>04:37:49.0726 0x13a8 usbehci - ok</p><p>04:37:49.0741 0x13a8 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys</p><p>04:37:49.0750 0x13a8 usbhub - ok</p><p>04:37:49.0782 0x13a8 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys</p><p>04:37:49.0784 0x13a8 usbohci - ok</p><p>04:37:49.0794 0x13a8 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys</p><p>04:37:49.0796 0x13a8 usbprint - ok</p><p>04:37:49.0821 0x13a8 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS</p><p>04:37:49.0824 0x13a8 USBSTOR - ok</p><p>04:37:49.0841 0x13a8 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys</p><p>04:37:49.0844 0x13a8 usbuhci - ok</p><p>04:37:49.0856 0x13a8 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll</p><p>04:37:49.0859 0x13a8 UxSms - ok</p><p>04:37:49.0869 0x13a8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe</p><p>04:37:49.0871 0x13a8 VaultSvc - ok</p><p>04:37:49.0893 0x13a8 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys</p><p>04:37:49.0894 0x13a8 vdrvroot - ok</p><p>04:37:49.0912 0x13a8 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe</p><p>04:37:49.0922 0x13a8 vds - ok</p><p>04:37:49.0944 0x13a8 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys</p><p>04:37:49.0946 0x13a8 vga - ok</p><p>04:37:49.0956 0x13a8 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys</p><p>04:37:49.0958 0x13a8 VgaSave - ok</p><p>04:37:49.0971 0x13a8 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys</p><p>04:37:49.0975 0x13a8 vhdmp - ok</p><p>04:37:49.0996 0x13a8 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys</p><p>04:37:49.0997 0x13a8 viaide - ok</p><p>04:37:50.0027 0x13a8 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys</p><p>04:37:50.0031 0x13a8 volmgr - ok</p><p>04:37:50.0049 0x13a8 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys</p><p>04:37:50.0061 0x13a8 volmgrx - ok</p><p>04:37:50.0080 0x13a8 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys</p><p>04:37:50.0086 0x13a8 volsnap - ok</p><p>04:37:50.0107 0x13a8 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys</p><p>04:37:50.0111 0x13a8 vsmraid - ok</p><p>04:37:50.0181 0x13a8 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe</p><p>04:37:50.0223 0x13a8 VSS - ok</p><p>04:37:50.0353 0x13a8 [ 8B1502C0071491E992EB58F5EED50F90, DCF1EE2C81326657641F801059DB137A16647EDFFAB86D51A8E04016F344CD95 ] vToolbarUpdater3.1.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.1.0\ToolbarUpdater.exe</p><p>04:37:50.0377 0x13a8 vToolbarUpdater3.1.0 - ok</p><p>04:37:50.0418 0x13a8 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys</p><p>04:37:50.0420 0x13a8 vwifibus - ok</p><p>04:37:50.0446 0x13a8 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll</p><p>04:37:50.0454 0x13a8 W32Time - ok</p><p>04:37:50.0518 0x13a8 [ B32009DB1972E7F2C227499289C4384A, D491CD90ACE895EC60A5A2F995EAE39F8ED662B71BC548C3FF5BBDBC60054788 ] W3SVC C:\Windows\system32\inetsrv\iisw3adm.dll</p><p>04:37:50.0532 0x13a8 W3SVC - ok</p><p>04:37:50.0548 0x13a8 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys</p><p>04:37:50.0550 0x13a8 WacomPen - ok</p><p>04:37:50.0571 0x13a8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys</p><p>04:37:50.0574 0x13a8 WANARP - ok</p><p>04:37:50.0584 0x13a8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys</p><p>04:37:50.0585 0x13a8 Wanarpv6 - ok</p><p>04:37:50.0594 0x13a8 [ B32009DB1972E7F2C227499289C4384A, D491CD90ACE895EC60A5A2F995EAE39F8ED662B71BC548C3FF5BBDBC60054788 ] WAS C:\Windows\system32\inetsrv\iisw3adm.dll</p><p>04:37:50.0600 0x13a8 WAS - ok</p><p>04:37:50.0686 0x13a8 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe</p><p>04:37:50.0728 0x13a8 WatAdminSvc - ok</p><p>04:37:50.0774 0x13a8 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe</p><p>04:37:50.0807 0x13a8 wbengine - ok</p><p>04:37:50.0821 0x13a8 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll</p><p>04:37:50.0826 0x13a8 WbioSrvc - ok</p><p>04:37:50.0840 0x13a8 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll</p><p>04:37:50.0847 0x13a8 wcncsvc - ok</p><p>04:37:50.0853 0x13a8 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll</p><p>04:37:50.0855 0x13a8 WcsPlugInService - ok</p><p>04:37:50.0857 0x13a8 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys</p><p>04:37:50.0858 0x13a8 Wd - ok</p><p>04:37:50.0904 0x13a8 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys</p><p>04:37:50.0917 0x13a8 Wdf01000 - ok</p><p>04:37:50.0921 0x13a8 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll</p><p>04:37:50.0923 0x13a8 WdiServiceHost - ok</p><p>04:37:50.0926 0x13a8 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll</p><p>04:37:50.0929 0x13a8 WdiSystemHost - ok</p><p>04:37:50.0959 0x13a8 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll</p><p>04:37:50.0964 0x13a8 WebClient - ok</p><p>04:37:50.0972 0x13a8 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll</p><p>04:37:50.0977 0x13a8 Wecsvc - ok</p><p>04:37:50.0983 0x13a8 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll</p><p>04:37:51.0004 0x13a8 wercplsupport - ok</p><p>04:37:51.0018 0x13a8 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll</p><p>04:37:51.0023 0x13a8 WerSvc - ok</p><p>04:37:51.0051 0x13a8 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys</p><p>04:37:51.0052 0x13a8 WfpLwf - ok</p><p>04:37:51.0055 0x13a8 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys</p><p>04:37:51.0056 0x13a8 WIMMount - ok</p><p>04:37:51.0068 0x13a8 WinDefend - ok</p><p>04:37:51.0072 0x13a8 WinHttpAutoProxySvc - ok</p><p>04:37:51.0100 0x13a8 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll</p><p>04:37:51.0104 0x13a8 Winmgmt - ok</p><p>04:37:51.0161 0x13a8 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll</p><p>04:37:51.0203 0x13a8 WinRM - ok</p><p>04:37:51.0241 0x13a8 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys</p><p>04:37:51.0243 0x13a8 WinUsb - ok</p><p>04:37:51.0264 0x13a8 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll</p><p>04:37:51.0290 0x13a8 Wlansvc - ok</p><p>04:37:51.0305 0x13a8 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys</p><p>04:37:51.0307 0x13a8 WmiAcpi - ok</p><p>04:37:51.0333 0x13a8 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe</p><p>04:37:51.0336 0x13a8 wmiApSrv - ok</p><p>04:37:51.0358 0x13a8 WMPNetworkSvc - ok</p><p>04:37:51.0381 0x13a8 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll</p><p>04:37:51.0383 0x13a8 WPCSvc - ok</p><p>04:37:51.0396 0x13a8 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll</p><p>04:37:51.0400 0x13a8 WPDBusEnum - ok</p><p>04:37:51.0407 0x13a8 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys</p><p>04:37:51.0408 0x13a8 ws2ifsl - ok</p><p>04:37:51.0453 0x13a8 [ AD12F5C7251BB8D575D560894E73CBBA, FAAA1440CBBDC889C0B8917065B932A9CC86E5C0FD5845D8830482915AF83F40 ] WsAudioDevice_383S(1) C:\Windows\system32\drivers\WsAudioDevice_383S(1).sys</p><p>04:37:51.0454 0x13a8 WsAudioDevice_383S(1) - ok</p><p>04:37:51.0468 0x13a8 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll</p><p>04:37:51.0471 0x13a8 wscsvc - ok</p><p>04:37:51.0473 0x13a8 WSearch - ok</p><p>04:37:51.0559 0x13a8 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll</p><p>04:37:51.0618 0x13a8 wuauserv - ok</p><p>04:37:51.0650 0x13a8 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys</p><p>04:37:51.0652 0x13a8 WudfPf - ok</p><p>04:37:51.0669 0x13a8 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys</p><p>04:37:51.0672 0x13a8 WUDFRd - ok</p><p>04:37:51.0701 0x13a8 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll</p><p>04:37:51.0704 0x13a8 wudfsvc - ok</p><p>04:37:51.0735 0x13a8 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll</p><p>04:37:51.0740 0x13a8 WwanSvc - ok</p><p>04:37:51.0816 0x13a8 [ DD0042F0C3B606A6A8B92D49AFB18AD6, 8D3BE4C93D02AF5F42EC46AF598D6DA40C61D467CB2FEE5E222F9C1E7A84B852 ] YahooAUService C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe</p><p>04:37:51.0824 0x13a8 YahooAUService - ok</p><p>04:37:51.0850 0x13a8 [ B3EEACF62445E24FBB2CD4B0FB4DB026, 2E5B6220094C47754233EDA59E6514CE47AC6C6879F367C72B2C02330EABE8E0 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys</p><p>04:37:51.0857 0x13a8 yukonw7 - ok</p><p>04:37:51.0892 0x13a8 ================ Scan global ===============================</p><p>04:37:51.0912 0x13a8 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll</p><p>04:37:51.0954 0x13a8 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll</p><p>04:37:51.0971 0x13a8 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll</p><p>04:37:51.0984 0x13a8 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll</p><p>04:37:52.0009 0x13a8 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe</p><p>04:37:52.0015 0x13a8 [ Global ] - ok</p><p>04:37:52.0016 0x13a8 ================ Scan MBR ==================================</p><p>04:37:52.0026 0x13a8 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0</p><p>04:37:52.0152 0x13a8 \Device\Harddisk0\DR0 - ok</p><p>04:37:52.0155 0x13a8 [ DDAE9D649DB12F6AFF24483F2C298989 ] \Device\Harddisk1\DR1</p><p>04:37:52.0160 0x13a8 \Device\Harddisk1\DR1 - ok</p><p>04:37:52.0160 0x13a8 ================ Scan VBR ==================================</p><p>04:37:52.0162 0x13a8 [ 7B11F8C0B2381CB6D1B0A3F459332006 ] \Device\Harddisk0\DR0\Partition1</p><p>04:37:52.0210 0x13a8 \Device\Harddisk0\DR0\Partition1 - ok</p><p>04:37:52.0212 0x13a8 [ 4550892331A6421CFDA20285896ABFE3 ] \Device\Harddisk0\DR0\Partition2</p><p>04:37:52.0261 0x13a8 \Device\Harddisk0\DR0\Partition2 - ok</p><p>04:37:52.0265 0x13a8 [ 4330919246A25D362CE4ADC5ED9DB82C ] \Device\Harddisk1\DR1\Partition1</p><p>04:37:52.0267 0x13a8 \Device\Harddisk1\DR1\Partition1 - ok</p><p>04:37:52.0267 0x13a8 ================ Scan generic autorun ======================</p><p>04:37:52.0397 0x176c Object required for P2P: [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC</p><p>04:37:52.0550 0x13a8 [ 2AED6E49CE99DFFF3FC4B9108246B7CB, 4D6A1C32DD10556F84A0B62C796C4C54A7E3E4772478B16A38E1668870D7019C ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe</p><p>04:37:52.0702 0x13a8 RtHDVCpl - ok</p><p>04:37:52.0808 0x13a8 [ 4F46EA70C7579052F764D0F9B81D23C2, EABE443ABC39AFDA49762A78711FAB4C7367680BE4F0B79F3144362D4A272238 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe</p><p>04:37:52.0832 0x13a8 NvBackend - ok</p><p>04:37:52.0861 0x13a8 [ 28062B17191C9450BF6C6C3EF8C7EB27, 4859C5708DFD119021F7B7FFB38F0B316675E1E4D5D51A10D4265F712CF8CDB6 ] C:\Windows\system32\igfxtray.exe</p><p>04:37:52.0864 0x13a8 IgfxTray - ok</p><p>04:37:52.0897 0x13a8 [ 28FC280487F0BAAE5E8119257C4EEF8C, F574BC70B79B77912FC683B3EB0BE6929E7758284ED5B47008E18B0E4A4A09FD ] C:\Windows\system32\hkcmd.exe</p><p>04:37:52.0903 0x13a8 HotKeysCmds - ok</p><p>04:37:52.0952 0x13a8 [ F29BEA821C753E4F00177690F70CDC13, 0EDB40F4A4C23553C0288E6E3AD65E7B523F6764C87C6C36C3ECB0C1940C5176 ] C:\Windows\system32\igfxpers.exe</p><p>04:37:52.0963 0x13a8 Persistence - ok</p><p>04:37:53.0040 0x13a8 [ 47EA5F76FAB723C61AB4A0D79BAD512C, A7A38EB0A7068B160E6949945EF639F999A06AE35746F6E79C7350745798E5C9 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe</p><p>04:37:53.0055 0x13a8 Adobe ARM - ok</p><p>04:37:53.0088 0x13a8 [ CDB517386A26AE420CB24BDB3CD88779, BAF1EEA0B69A969E0641AAF371BAF51A130D2BAB91C6388F7F60C8904C463EE6 ] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe</p><p>04:37:53.0090 0x13a8 RIMBBLaunchAgent.exe - ok</p><p>04:37:53.0413 0x13a8 [ B36DFFCD2B20AF39223847D691B49357, 3639DAE0C9A31A7D1997EFB21679514BEF267F4F1735EB39230058B8B2198D32 ] C:\Program Files (x86)\AVG\AVG2015\avgui.exe</p><p>04:37:53.0460 0x13a8 AVG_UI - ok</p><p>04:37:53.0597 0x13a8 [ A216211AD7B0A3DF5F2C41E331375237, 757FE543E7A50F4CF863B11FD2E75D88127CB409B80597A5493A8F0412E452C6 ] C:\Program Files (x86)\AVG Web TuneUp\vprot.exe</p><p>04:37:53.0630 0x13a8 vProt - ok</p><p>04:37:53.0716 0x13a8 [ 9C2078437D6FC541BD268BA903F6AEB4, CB622E82C65E0E4E9E52381BEAAB784AB6A3893BE34476D69B89F012CC1AC3C9 ] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe</p><p>04:37:53.0757 0x13a8 Wondershare Helper Compact.exe - ok</p><p>04:37:53.0884 0x13a8 [ 5E5EF857D545E8B9268B4DE377F32177, B8FFDA7D82F2B911B6E40D5B2C2B5B23AE3EEE813DB615B2A955F1E05F1E492B ] C:\ProgramData\Wondershare\Player\DelayPluginI.exe</p><p>04:37:53.0911 0x13a8 DelaypluginInstall - ok</p><p>04:37:53.0983 0x13a8 [ 67BD916F01424DEB8AB8CD9E0096F277, D1E4A7BA332DA229138E89E5C4550A58ADD896B85728DF6BA33F1DE57D586E77 ] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe</p><p>04:37:53.0986 0x13a8 BCSSync - ok</p><p>04:37:54.0053 0x13a8 [ 887CAA31048EB8ED09A0CBD0E6F46F09, BBCED0BD4EB00C3FECFC9448223D4C441A868787877291F5489B07B43FAB65A4 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe</p><p>04:37:54.0089 0x13a8 SunJavaUpdateSched - ok</p><p>04:37:54.0167 0x13a8 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe</p><p>04:37:54.0213 0x13a8 Sidebar - ok</p><p>04:37:54.0233 0x13a8 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe</p><p>04:37:54.0237 0x13a8 mctadmin - ok</p><p>04:37:54.0275 0x13a8 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe</p><p>04:37:54.0292 0x13a8 Sidebar - ok</p><p>04:37:54.0296 0x13a8 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe</p><p>04:37:54.0298 0x13a8 mctadmin - ok</p><p>04:37:54.0337 0x13a8 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe</p><p>04:37:54.0351 0x13a8 Sidebar - ok</p><p>04:37:54.0817 0x13a8 [ D464A2B05D1B3A4160E2B2447FAF1C90, 436DFC8654F509831FF7C9EC656CBE5B79D345DAC748600A8EF7D8D81516C146 ] C:\Program Files\BitComet\BitComet.exe</p><p>04:37:55.0310 0x13a8 [ 6CB991E0323CE1901C0DD5857418E0F2, 70A52109C9A5DB932F0AEA60CBF7F5AF7747F5433446CBE133B236F9F0AB7A4D ] C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe</p><p>04:37:55.0364 0x176c Object send P2P result: true</p><p>04:37:55.0395 0x13a8 Messenger (Yahoo!) - ok</p><p>04:37:55.0402 0x13a8 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe</p><p>04:37:55.0403 0x13a8 mctadmin - ok</p><p>04:37:55.0852 0x13a8 [ D464A2B05D1B3A4160E2B2447FAF1C90, 436DFC8654F509831FF7C9EC656CBE5B79D345DAC748600A8EF7D8D81516C146 ] C:\Program Files\BitComet\BitComet.exe</p><p>04:37:56.0113 0x13a8 BitComet - ok</p><p>04:37:56.0309 0x13a8 [ 6CB991E0323CE1901C0DD5857418E0F2, 70A52109C9A5DB932F0AEA60CBF7F5AF7747F5433446CBE133B236F9F0AB7A4D ] C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe</p><p>04:37:56.0393 0x13a8 Messenger (Yahoo!) - ok</p><p>04:37:56.0435 0x13a8 ROC_ROC_APR2013_AV - ok</p><p>04:37:56.0435 0x13a8 AVG-Secure-Search-Update_0913a - ok</p><p>04:37:56.0480 0x13a8 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe</p><p>04:37:56.0496 0x13a8 Sidebar - ok</p><p>04:37:56.0500 0x13a8 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe</p><p>04:37:56.0502 0x13a8 mctadmin - ok</p><p>04:37:56.0503 0x13a8 Waiting for KSN requests completion. In queue: 87</p><p>04:37:57.0503 0x13a8 Waiting for KSN requests completion. In queue: 87</p><p>04:37:58.0503 0x13a8 Waiting for KSN requests completion. In queue: 87</p><p>04:37:59.0522 0x13a8 AV detected via SS2: AVG AntiVirus Free Edition 2015, C:\Program Files (x86)\AVG\AVG2015\avgwsc.exe ( 15.0.0.5315 ), 0x41000 ( enabled : updated )</p><p>04:37:59.0525 0x13a8 Win FW state via NFP2: enabled</p><p>04:38:02.0306 0x13a8 ============================================================</p><p>04:38:02.0306 0x13a8 Scan finished</p><p>04:38:02.0306 0x13a8 ============================================================</p><p>04:38:02.0313 0x1280 Detected object count: 0</p><p>04:38:02.0313 0x1280 Actual detected object count: 0</p><p>04:38:43.0716 0x10f8 KLMD registered as C:\Windows\system32\drivers\94978594.sys</p><p>04:38:44.0896 0x10f8 Deinitialize success</p></blockquote><p></p>
[QUOTE="scottynola, post: 286260, member: 29718"] First off thanks for offering to help me with this issue. Also, to apologize for not uploading simple text files of the requested logfiles, when I tried to upload them as .txt files I couldn't get the upload to run so I am cutting and pasting them as plain text. One other note, I started having the issue yesterday, I also did a Java update yesterday, I have since deleted Java and uploaded the most recent version (version 8 update 25). I have not had a new occurrence of the issue since I did that (right before I ran the 2 programs you recommended which involved restarts so not sure if this is coincidental or not). [B]ComboFix LogFile[/B] ComboFix 14-10-27.01 - user 10/28/2014 4:51.1.8 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.16301.13294 [GMT -5:00] Running from: c:\users\user\Downloads\ComboFix.exe AV: AVG AntiVirus Free Edition 2015 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9} SP: AVG AntiVirus Free Edition 2015 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\pmt_0piot.pad c:\programdata\ras_0oed.pad c:\windows\SysWow64\~GLH00c4.TMP c:\windows\SysWow64\Cache c:\windows\SysWow64\Cache\075884af680ff6dc.fb c:\windows\SysWow64\Cache\0c8c64a3cdcdeed2.fb c:\windows\SysWow64\Cache\1249cb9530315a49.fb c:\windows\SysWow64\Cache\227113dfa1ca894d.fb c:\windows\SysWow64\Cache\26c630d098e22dd5.fb c:\windows\SysWow64\Cache\272512937d9e61a4.fb c:\windows\SysWow64\Cache\27ca4ee8ba7a1d1c.fb c:\windows\SysWow64\Cache\287204568329e189.fb c:\windows\SysWow64\Cache\28bc8f716fd76a47.fb c:\windows\SysWow64\Cache\2cc6a8fb60e97331.fb c:\windows\SysWow64\Cache\31a0997e9a5b5eb3.fb c:\windows\SysWow64\Cache\32c84fe32bb74d60.fb c:\windows\SysWow64\Cache\3917078cb68ec657.fb c:\windows\SysWow64\Cache\49fbbc5a8678d502.fb c:\windows\SysWow64\Cache\501d3325cef2edec.fb c:\windows\SysWow64\Cache\51445ca5df18def4.fb c:\windows\SysWow64\Cache\56c0cd2ba685a591.fb c:\windows\SysWow64\Cache\590ba23ce359fd0c.fb c:\windows\SysWow64\Cache\5c54eb1a1655b076.fb c:\windows\SysWow64\Cache\610289e025a3ee9a.fb c:\windows\SysWow64\Cache\613e8ce7ab7106af.fb c:\windows\SysWow64\Cache\633a76311867bd11.fb c:\windows\SysWow64\Cache\651c5d3cdbfb8bd1.fb c:\windows\SysWow64\Cache\691f14230153a9e1.fb c:\windows\SysWow64\Cache\696eb444553d1ff0.fb c:\windows\SysWow64\Cache\6c59ac5e7e7a3ad0.fb c:\windows\SysWow64\Cache\6cb409d7ac73d9f1.fb c:\windows\SysWow64\Cache\6d03dad1035885d3.fb c:\windows\SysWow64\Cache\7614bd6cfa99e546.fb c:\windows\SysWow64\Cache\77664b6ccc36be9f.fb c:\windows\SysWow64\Cache\881b3593316772f0.fb c:\windows\SysWow64\Cache\95f567698be8a182.fb c:\windows\SysWow64\Cache\98657d0579ae1930.fb c:\windows\SysWow64\Cache\a8556537add6dfc5.fb c:\windows\SysWow64\Cache\ad10a52aff5e038d.fb c:\windows\SysWow64\Cache\aea1ededcf0893cd.fb c:\windows\SysWow64\Cache\b5f8457e8c5e0ab8.fb c:\windows\SysWow64\Cache\bebb5f430e011300.fb c:\windows\SysWow64\Cache\c1fa887b03019701.fb c:\windows\SysWow64\Cache\c4d28dca2e7648be.fb c:\windows\SysWow64\Cache\c65a30e694aa648a.fb c:\windows\SysWow64\Cache\d201ef9910cd39de.fb c:\windows\SysWow64\Cache\d2e94710a5708128.fb c:\windows\SysWow64\Cache\d5c0f4e7bbe35bf3.fb c:\windows\SysWow64\Cache\d79b9dfe81484ec4.fb c:\windows\SysWow64\Cache\d9ca663388d21ec0.fb c:\windows\SysWow64\Cache\da2504bea2368c47.fb c:\windows\SysWow64\Cache\f2cda51fd108941f.fb c:\windows\SysWow64\Cache\f310145ea8fdd46f.fb c:\windows\SysWow64\Cache\f34d8db84131d925.fb c:\windows\SysWow64\Cache\f5f168a258f8f421.fb c:\windows\SysWow64\Cache\f998975c9cc711ee.fb c:\windows\SysWow64\Cache\fe4c684a03929bd1.fb . . CLSID={AB8902B4-09CA-4bb6-B78D-A8F59079A8D5} - infected with Poweliks and removed. You should verify if current CLSID data is correct: . HKEY_CLASSES_ROOT\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5} (Default) REG_SZ Thumbnail Cache Class Factory for Out of Proc Server AppID REG_SZ {AB8902B4-09CA-4bb6-B78D-A8F59079A8D5} . HKEY_CLASSES_ROOT\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\InprocServer32 (Default) REG_SZ c:\windows\system32\thumbcache.dll ThreadingModel REG_SZ Apartment . . ((((((((((((((((((((((((( Files Created from 2014-09-28 to 2014-10-28 ))))))))))))))))))))))))))))))) . . 2014-10-28 10:16 . 2014-10-28 10:16 -------- d-----w- c:\users\hedev\AppData\Local\temp 2014-10-28 10:16 . 2014-10-28 10:16 -------- d-----w- c:\users\DefaultAppPool\AppData\Local\temp 2014-10-28 10:16 . 2014-10-28 10:16 -------- d-----w- c:\users\Default\AppData\Local\temp 2014-10-28 10:16 . 2014-10-28 10:16 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2014-10-28 09:28 . 2014-10-28 09:28 -------- d-----w- c:\program files (x86)\Common Files\Java 2014-10-28 09:25 . 2014-10-28 09:25 -------- d-----w- c:\users\user\AppData\Roaming\Oracle 2014-10-28 09:22 . 2014-10-28 09:28 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll 2014-10-28 04:01 . 2014-10-28 04:08 -------- d-----w- C:\FRST 2014-10-28 02:53 . 2014-10-28 02:53 -------- d-----w- c:\users\user\AppData\Roaming\ParetoLogic 2014-10-28 02:53 . 2014-10-28 02:53 -------- d-----w- c:\users\user\AppData\Roaming\DriverCure 2014-10-28 02:53 . 2014-10-28 03:01 -------- d-----w- c:\programdata\ParetoLogic 2014-10-28 00:31 . 2014-10-28 01:55 -------- d-----w- C:\AdwCleaner 2014-10-28 00:31 . 2014-10-28 00:31 -------- d-----w- c:\users\user\AppData\Roaming\AVG2015 2014-10-28 00:25 . 2014-10-28 01:58 -------- d-----w- c:\programdata\AVG2015 2014-10-28 00:25 . 2014-10-28 00:33 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\Avg2015 2014-10-28 00:21 . 2014-10-28 03:12 -------- d-----w- c:\users\user\AppData\Local\Avg2015 2014-10-15 06:05 . 2014-08-19 03:08 503808 ----a-w- c:\windows\system32\srcore.dll 2014-10-15 06:04 . 2014-09-05 01:52 5703168 ----a-w- c:\windows\SysWow64\mstscax.dll 2014-10-15 06:04 . 2014-09-13 01:58 77312 ----a-w- c:\windows\system32\packager.dll 2014-10-15 06:04 . 2014-09-13 01:40 67072 ----a-w- c:\windows\SysWow64\packager.dll 2014-10-01 01:31 . 2014-09-25 02:08 371712 ----a-w- c:\windows\system32\qdvd.dll 2014-10-01 01:31 . 2014-09-25 01:40 519680 ----a-w- c:\windows\SysWow64\qdvd.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2014-10-28 00:04 . 2012-04-10 17:25 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2014-10-28 00:04 . 2012-03-11 08:29 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2014-10-27 23:30 . 2014-07-01 16:41 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys 2014-10-27 03:43 . 2012-08-05 18:00 43520 ----a-w- c:\windows\SysWow64\CmdLineExt03.dll 2014-10-15 08:01 . 2012-09-14 04:35 103265616 ----a-w- c:\windows\system32\MRT.exe 2014-10-01 16:11 . 2014-07-01 16:41 63704 ----a-w- c:\windows\system32\drivers\mwac.sys 2014-10-01 16:11 . 2014-07-01 16:41 93400 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys 2014-10-01 16:11 . 2013-04-13 19:38 25816 ----a-w- c:\windows\system32\drivers\mbam.sys 2014-09-09 22:11 . 2014-09-24 03:15 2048 ----a-w- c:\windows\system32\tzres.dll 2014-09-09 21:47 . 2014-09-24 03:15 2048 ----a-w- c:\windows\SysWow64\tzres.dll 2014-08-23 02:07 . 2014-08-28 10:59 404480 ----a-w- c:\windows\system32\gdi32.dll 2014-08-23 01:45 . 2014-08-28 10:59 311808 ----a-w- c:\windows\SysWow64\gdi32.dll 2014-08-21 02:45 . 2014-08-21 02:45 243480 ----a-w- c:\windows\system32\drivers\avgldx64.sys 2014-08-07 02:39 . 2014-08-07 02:39 123672 ----a-w- c:\windows\system32\drivers\avgmfx64.sys 2014-08-01 11:53 . 2014-09-12 02:52 1031168 ----a-w- c:\windows\system32\TSWorkspace.dll 2014-08-01 11:35 . 2014-09-12 02:52 793600 ----a-w- c:\windows\SysWow64\TSWorkspace.dll 2014-07-31 20:55 . 2014-08-25 14:58 29288 ----a-w- c:\windows\system32\drivers\WsAudioDevice_383S(1).sys . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Messenger (Yahoo!)"="c:\progra~2\Yahoo!\Messenger\YahooMessenger.exe" [2012-02-23 6591800] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176] "RIMBBLaunchAgent.exe"="c:\program files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2011-11-02 90448] "AVG_UI"="c:\program files (x86)\AVG\AVG2015\avgui.exe" [2014-09-05 3593744] "vProt"="c:\program files (x86)\AVG Web TuneUp\vprot.exe" [2014-09-04 2575896] "Wondershare Helper Compact.exe"="c:\program files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe" [2012-02-28 1679360] "DelaypluginInstall"="c:\programdata\Wondershare\Player\DelayPluginI.exe" [2013-09-28 1960008] "BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-01-21 91520] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-10-07 507776] . c:\users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dropbox.lnk - c:\users\user\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-9-20 36414624] Intel Diagnostics.lnk - c:\windows\system32\rundll32.exe "c:\programdata\Intel\diagagnt.dll",#1 [2009-7-13 45568] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.150\SSScheduler.exe [2014-4-9 332016] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) "AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll . 2;2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x] R2 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [x] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R3 cpuz135;cpuz135;c:\windows\TEMP\cpuz135\cpuz135_x64.sys;c:\windows\TEMP\cpuz135\cpuz135_x64.sys [x] R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x] R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x] R3 LVUVC64;Logitech Webcam C160(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x] R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.150\McCHSvc.exe;c:\program files\McAfee Security Scan\3.8.150\McCHSvc.exe [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x] R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x] S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x] S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x] S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x] S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x] S1 Avgdiska;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiska.sys;c:\windows\SYSNATIVE\DRIVERS\avgdiska.sys [x] S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x] S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x] S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x] S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x] S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2015\avgidsagent.exe;c:\program files (x86)\AVG\AVG2015\avgidsagent.exe [x] S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2015\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2015\avgwdsvc.exe [x] S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [x] S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x] S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [x] S2 vToolbarUpdater3.1.0;vToolbarUpdater3.1.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.1.0\ToolbarUpdater.exe;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.1.0\ToolbarUpdater.exe [x] S3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service;c:\program files\BitComet\tools\BitCometService.exe;c:\program files\BitComet\tools\BitCometService.exe [x] S3 BthAvrcp;Bluetooth AVRCP Profile;c:\windows\system32\DRIVERS\BthAvrcp.sys;c:\windows\SYSNATIVE\DRIVERS\BthAvrcp.sys [x] S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys;c:\windows\SYSNATIVE\Drivers\EtronHub3.sys [x] S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys;c:\windows\SYSNATIVE\Drivers\EtronXHCI.sys [x] S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x] S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x] S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x] S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x] S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x] S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x] S3 WsAudioDevice_383S(1);WsAudioDevice_383S(1);c:\windows\system32\drivers\WsAudioDevice_383S(1).sys;c:\windows\SYSNATIVE\drivers\WsAudioDevice_383S(1).sys [x] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - 29713838 *Deregistered* - 29713838 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] iissvcs REG_MULTI_SZ w3svc was apphost REG_MULTI_SZ apphostsvc . Contents of the 'Scheduled Tasks' folder . 2014-10-28 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-10 00:04] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2014-08-17 04:10 164760 ----a-w- c:\users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2014-08-17 04:10 164760 ----a-w- c:\users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"] @="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}] 2014-08-17 04:10 164760 ----a-w- c:\users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"] @="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}] 2014-08-17 04:10 164760 ----a-w- c:\users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2014-08-17 04:10 164760 ----a-w- c:\users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"] @="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}] 2014-08-17 04:10 164760 ----a-w- c:\users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2014-08-17 04:10 164760 ----a-w- c:\users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"] @="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}] 2014-08-17 04:10 164760 ----a-w- c:\users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-06-07 11858536] "NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-03-21 1797064] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2014-01-30 171992] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2014-01-30 399832] "Persistence"="c:\windows\system32\igfxpers.exe" [2014-01-30 442328] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=c:\windows\System32\nvinitx.dll . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = [url]https://www.google.com/[/url] mLocal Page = c:\windows\SysWOW64\blank.htm IE: E&xport to Microsoft Excel - c:\progra~2\MIF5BA~1\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~2\MIF5BA~1\Office14\ONBttnIE.dll/105 Trusted Zone: com\*.Wondershare TCP: DhcpNameServer = 68.105.28.12 68.105.29.12 68.105.28.11 Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\3.1.0\ViProtocol.dll FF - ProfilePath - c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\pl9232es.default-1396708666426\ FF - prefs.js: browser.startup.homepage - hxxps://[url="http://www.google.com/"]www.google.com/[/url] FF - prefs.js: keyword.URL - . - - - - ORPHANS REMOVED - - - - . BHO-{95B7759C-8C7F-4BF1-B163-73684A933233} - (no file) Toolbar-Locked - (no file) Wow6432Node-HKCU-Run-ROC_ROC_APR2013_AV - c:\users\user\AppData\Roaming\AVG April 2013 Campaign\AVG-Secure-Search-Update.exe Wow6432Node-HKCU-Run-AVG-Secure-Search-Update_0913a - c:\users\user\AppData\Roaming\AVG 0913a Campaign\AVG-Secure-Search-Update-0913a.exe c:\users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Axis & Allies Registration.lnk - c:\users\user\AppData\Local\Temp\{2EA6149D-1277-4E67-88DA-BA7BDC9BAC7B}\{47836B39-2465-4F39-9D7E-52F70A1C3D72}\ATR1.EXE /remind /language=ENU /PRNM="Axis & Allies"/PRMP="AXIS"/SKUN="PCXX"/GTYP="STRY" SafeBoot-29713838.sys HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start Toolbar-Locked - (no file) AddRemove-00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1 - c:\program files (x86)\Advanced System Protector\unins000.exe . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_167_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_167_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}] @Denied: (A 2) (Everyone) @="IFlashBroker6" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_167_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_167_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.15" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}] @Denied: (A 2) (Everyone) @="IFlashBroker6" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2014-10-28 05:22:47 ComboFix-quarantined-files.txt 2014-10-28 10:22 . Pre-Run: 294,040,899,584 bytes free Post-Run: 303,712,378,880 bytes free . - - End Of File - - 555E55E093E4507734C52DA2C0D9388D A36C5E4F47E84449FF07ED3517B43A31 [B]TDSSKiller LogFile[/B] 04:37:19.0389 0x170c TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58 04:37:23.0321 0x170c ============================================================ 04:37:23.0321 0x170c Current date / time: 2014/10/28 04:37:23.0321 04:37:23.0321 0x170c SystemInfo: 04:37:23.0321 0x170c 04:37:23.0321 0x170c OS Version: 6.1.7601 ServicePack: 1.0 04:37:23.0321 0x170c Product type: Workstation 04:37:23.0321 0x170c ComputerName: USER-PC 04:37:23.0322 0x170c UserName: user 04:37:23.0322 0x170c Windows directory: C:\Windows 04:37:23.0322 0x170c System windows directory: C:\Windows 04:37:23.0322 0x170c Running under WOW64 04:37:23.0322 0x170c Processor architecture: Intel x64 04:37:23.0322 0x170c Number of processors: 8 04:37:23.0322 0x170c Page size: 0x1000 04:37:23.0322 0x170c Boot type: Normal boot 04:37:23.0322 0x170c ============================================================ 04:37:24.0761 0x170c KLMD registered as C:\Windows\system32\drivers\66868958.sys 04:37:25.0037 0x170c System UUID: {E5C01544-E387-8024-A6CA-FB1B70DF46BF} 04:37:25.0309 0x170c Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3F161, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040 04:37:25.0312 0x170c Drive \Device\Harddisk1\DR1 - Size: 0x39C990000 ( 14.45 Gb ), SectorSize: 0x200, Cylinders: 0x75D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W' 04:37:25.0322 0x170c ============================================================ 04:37:25.0322 0x170c \Device\Harddisk0\DR0: 04:37:25.0323 0x170c MBR partitions: 04:37:25.0323 0x170c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 04:37:25.0323 0x170c \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xE8DD5800 04:37:25.0323 0x170c \Device\Harddisk1\DR1: 04:37:25.0323 0x170c MBR partitions: 04:37:25.0323 0x170c \Device\Harddisk1\DR1\Partition1: MBR, Type 0xB, StartLBA 0x3F, BlocksNum 0x1CE4941 04:37:25.0323 0x170c ============================================================ 04:37:25.0348 0x170c C: <-> \Device\Harddisk0\DR0\Partition2 04:37:25.0348 0x170c ============================================================ 04:37:25.0348 0x170c Initialize success 04:37:25.0348 0x170c ============================================================ 04:37:28.0973 0x13a8 ============================================================ 04:37:28.0973 0x13a8 Scan started 04:37:28.0973 0x13a8 Mode: Manual; 04:37:28.0974 0x13a8 ============================================================ 04:37:28.0974 0x13a8 KSN ping started 04:37:31.0631 0x13a8 KSN ping finished: true 04:37:34.0720 0x13a8 ================ Scan system memory ======================== 04:37:34.0720 0x13a8 System memory - ok 04:37:34.0722 0x13a8 ================ Scan services ============================= 04:37:35.0202 0x13a8 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 04:37:35.0208 0x13a8 1394ohci - ok 04:37:35.0252 0x13a8 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys 04:37:35.0259 0x13a8 ACPI - ok 04:37:35.0272 0x13a8 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 04:37:35.0274 0x13a8 AcpiPmi - ok 04:37:35.0398 0x13a8 [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 04:37:35.0400 0x13a8 AdobeARMservice - ok 04:37:35.0501 0x13a8 [ 2637233632CCD1837A1A57A43CAF00A4, 848026C6C9B38FD9F70BC7B2306BF4F5DD395726D4FDD6A18B29354921191DC5 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 04:37:35.0505 0x13a8 AdobeFlashPlayerUpdateSvc - ok 04:37:35.0547 0x13a8 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 04:37:35.0562 0x13a8 adp94xx - ok 04:37:35.0601 0x13a8 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys 04:37:35.0609 0x13a8 adpahci - ok 04:37:35.0626 0x13a8 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 04:37:35.0631 0x13a8 adpu320 - ok 04:37:35.0648 0x13a8 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 04:37:35.0651 0x13a8 AeLookupSvc - ok 04:37:35.0711 0x13a8 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys 04:37:35.0724 0x13a8 AFD - ok 04:37:35.0737 0x13a8 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys 04:37:35.0740 0x13a8 agp440 - ok 04:37:35.0756 0x13a8 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe 04:37:35.0758 0x13a8 ALG - ok 04:37:35.0795 0x13a8 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys 04:37:35.0797 0x13a8 aliide - ok 04:37:35.0808 0x13a8 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys 04:37:35.0810 0x13a8 amdide - ok 04:37:35.0825 0x13a8 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 04:37:35.0828 0x13a8 AmdK8 - ok 04:37:35.0840 0x13a8 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys 04:37:35.0842 0x13a8 AmdPPM - ok 04:37:35.0869 0x13a8 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys 04:37:35.0873 0x13a8 amdsata - ok 04:37:35.0883 0x13a8 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys 04:37:35.0890 0x13a8 amdsbs - ok 04:37:35.0908 0x13a8 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys 04:37:35.0908 0x13a8 amdxata - ok 04:37:35.0948 0x13a8 [ 59D01FA91962C9C1E9B4022B2D3B46DB, 3A111588538B77F010B5C900FB8425DDE55A08DBAC308CA7FB7BD9FCCCDEC69F ] AppHostSvc C:\Windows\system32\inetsrv\apphostsvc.dll 04:37:35.0954 0x13a8 AppHostSvc - ok 04:37:35.0992 0x13a8 [ 80B9412C4DE09147581FC935FB4C97AB, 0C9661F7B5EF7F9D61981790B7AB64E3375BD117962166619D0CC546A2D014D3 ] AppID C:\Windows\system32\drivers\appid.sys 04:37:35.0996 0x13a8 AppID - ok 04:37:36.0011 0x13a8 [ F71CA01C24FC3798A717B5A6F682F9AD, 8CF1C209E7BBBAD02D6D087293C0B681CDA3170AF119CA2916C2708D8801E749 ] AppIDSvc C:\Windows\System32\appidsvc.dll 04:37:36.0013 0x13a8 AppIDSvc - ok 04:37:36.0046 0x13a8 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll 04:37:36.0065 0x13a8 Appinfo - ok 04:37:36.0083 0x13a8 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys 04:37:36.0087 0x13a8 arc - ok 04:37:36.0097 0x13a8 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys 04:37:36.0100 0x13a8 arcsas - ok 04:37:36.0197 0x13a8 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 04:37:36.0199 0x13a8 aspnet_state - ok 04:37:36.0222 0x13a8 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 04:37:36.0223 0x13a8 AsyncMac - ok 04:37:36.0231 0x13a8 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys 04:37:36.0232 0x13a8 atapi - ok 04:37:36.0357 0x13a8 [ 3EFD964D52221360AF0673CD61C2F4F5, 76D636CAF2E4FEDAAC6B0D958865A901340CF836EE4FCE59F1D5291E3BEC9F1E ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys 04:37:36.0497 0x13a8 atikmdag - ok 04:37:36.0572 0x13a8 [ 2C1B6A64294F2182DC4999F923873974, 6D611636D849631BB1F852DC03A98BBFEC4D797A2707CA63427E187F0725A796 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 04:37:36.0589 0x13a8 AudioEndpointBuilder - ok 04:37:36.0603 0x13a8 [ 2C1B6A64294F2182DC4999F923873974, 6D611636D849631BB1F852DC03A98BBFEC4D797A2707CA63427E187F0725A796 ] AudioSrv C:\Windows\System32\Audiosrv.dll 04:37:36.0614 0x13a8 AudioSrv - ok 04:37:36.0674 0x13a8 [ 54FE1CAFA3B3029B282E6A05EA672031, E972B8A22322FF06903A1E3AB20585E02A21C3A6EA9A75C172231494A08D14D1 ] Avgdiska C:\Windows\system32\DRIVERS\avgdiska.sys 04:37:36.0697 0x13a8 Avgdiska - ok 04:37:37.0011 0x13a8 [ 4187E691A71B65955CA3DB9FBA31031C, CD765BBE166C457E08981A910D468886981508543E348FB8BA25941B7FB392FA ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe 04:37:37.0054 0x13a8 AVGIDSAgent - ok 04:37:37.0118 0x13a8 [ 22FED6781A6DFC61E99D2BF6260B7F18, 3A37F2FB8264B25491B15B76E1A2DC9570121328F05C2750D0A052FFD125398A ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys 04:37:37.0125 0x13a8 AVGIDSDriver - ok 04:37:37.0162 0x13a8 [ 17C34C4B42C8B2EFCF2C065178BF4806, CB28BEE44B7A821EE728EFFD1B1882B57E417292A3A5377F3A98F16B0AF14DC7 ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys 04:37:37.0167 0x13a8 AVGIDSHA - ok 04:37:37.0209 0x13a8 [ 48A1BF0F360743C821C04C68FCC3CAC7, E2C760AEB88F3921885761652C5092F630F86C56AADB9A96254E6032A3FEDC8A ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys 04:37:37.0216 0x13a8 Avgldx64 - ok 04:37:37.0273 0x13a8 [ 734DCC05A7F327FDCE43A18BA011FD4E, E5245314E60D86911A6A9FC1FE4A0C0D0284D972CE642C28B9B1A43D1553AFA5 ] Avgloga C:\Windows\system32\DRIVERS\avgloga.sys 04:37:37.0283 0x13a8 Avgloga - ok 04:37:37.0326 0x13a8 [ E498AFD92C3DA81209463866BDA7C932, C40767F6BC6F9D10396B969CF38CFC3FC9C9E411CFA9EBA8E8AB3E95AD5E9D27 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys 04:37:37.0330 0x13a8 Avgmfx64 - ok 04:37:37.0398 0x13a8 [ 3CE824D46BA1871713ABF147E6BAD556, B4D8AFC388BE06D6E3C5CDC865F80FF101E731E1D2B221FFC6C1E28487E1B3CD ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys 04:37:37.0399 0x13a8 Avgrkx64 - ok 04:37:37.0441 0x13a8 [ 74D2F0CCDB47D99AF624DD6355AD698C, DDB89041351DBCD26DE1402CE3AF34EEE464CE17F69A7E472B8C6ECCE9970873 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys 04:37:37.0447 0x13a8 Avgtdia - ok 04:37:37.0526 0x13a8 [ 7688C67BDF55500C1FDC8291230C397D, 68A4C3D7F7043C73113B1EE7A3DD8E98BC1D6F54CA7E4E1BFB2333A75CDE2DE0 ] avgtp C:\Windows\system32\drivers\avgtpx64.sys 04:37:37.0528 0x13a8 avgtp - ok 04:37:37.0554 0x13a8 [ 3218AA21B739C1C338DC8A555A66B755, 389E09C2CB51524B985B53D81289BCFB1E9DB89C70650C6D5D276391E2B56BCB ] avgwd C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe 04:37:37.0561 0x13a8 avgwd - ok 04:37:37.0637 0x13a8 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll 04:37:37.0642 0x13a8 AxInstSV - ok 04:37:37.0670 0x13a8 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys 04:37:37.0682 0x13a8 b06bdrv - ok 04:37:37.0731 0x13a8 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 04:37:37.0741 0x13a8 b57nd60a - ok 04:37:37.0816 0x13a8 [ 01A24B415926BB5F772DBE12459D97DE, 1FA2EEF283025D788051E6145DAEF26CB481F87F641156FC4D89B8DEE4B244A5 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE 04:37:37.0822 0x13a8 BBSvc - ok 04:37:37.0874 0x13a8 [ 785DE7ABDA13309D6065305542829E76, 78F49A5349B66042836615EF99B4EB70FA708369D315D105513C04F33070D297 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE 04:37:37.0880 0x13a8 BBUpdate - ok 04:37:37.0890 0x13a8 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll 04:37:37.0893 0x13a8 BDESVC - ok 04:37:37.0905 0x13a8 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys 04:37:37.0906 0x13a8 Beep - ok 04:37:37.0965 0x13a8 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll 04:37:37.0979 0x13a8 BFE - ok 04:37:38.0065 0x13a8 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll 04:37:38.0085 0x13a8 BITS - ok 04:37:38.0104 0x13a8 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 04:37:38.0105 0x13a8 blbdrive - ok 04:37:38.0130 0x13a8 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 04:37:38.0132 0x13a8 bowser - ok 04:37:38.0147 0x13a8 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys 04:37:38.0149 0x13a8 BrFiltLo - ok 04:37:38.0160 0x13a8 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys 04:37:38.0162 0x13a8 BrFiltUp - ok 04:37:38.0191 0x13a8 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll 04:37:38.0195 0x13a8 Browser - ok 04:37:38.0204 0x13a8 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys 04:37:38.0211 0x13a8 Brserid - ok 04:37:38.0224 0x13a8 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 04:37:38.0226 0x13a8 BrSerWdm - ok 04:37:38.0243 0x13a8 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 04:37:38.0244 0x13a8 BrUsbMdm - ok 04:37:38.0257 0x13a8 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 04:37:38.0259 0x13a8 BrUsbSer - ok 04:37:38.0302 0x13a8 [ 832B121E4532919CC49F2438F1DCAA21, 70FFDD505A64D3CF03220D6422EDD47CA2E0DF711BBF2ED057F32A688CB2E2E8 ] BthAvrcp C:\Windows\system32\DRIVERS\BthAvrcp.sys 04:37:38.0304 0x13a8 BthAvrcp - ok 04:37:38.0365 0x13a8 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys 04:37:38.0368 0x13a8 BthEnum - ok 04:37:38.0382 0x13a8 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys 04:37:38.0385 0x13a8 BTHMODEM - ok 04:37:38.0425 0x13a8 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys 04:37:38.0428 0x13a8 BthPan - ok 04:37:38.0502 0x13a8 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys 04:37:38.0516 0x13a8 BTHPORT - ok 04:37:38.0565 0x13a8 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll 04:37:38.0569 0x13a8 bthserv - ok 04:37:38.0612 0x13a8 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys 04:37:38.0615 0x13a8 BTHUSB - ok 04:37:38.0623 0x13a8 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 04:37:38.0626 0x13a8 cdfs - ok 04:37:38.0659 0x13a8 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 04:37:38.0663 0x13a8 cdrom - ok 04:37:38.0708 0x13a8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll 04:37:38.0710 0x13a8 CertPropSvc - ok 04:37:38.0722 0x13a8 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys 04:37:38.0725 0x13a8 circlass - ok 04:37:38.0749 0x13a8 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys 04:37:38.0755 0x13a8 CLFS - ok 04:37:38.0816 0x13a8 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 04:37:38.0818 0x13a8 clr_optimization_v2.0.50727_32 - ok 04:37:38.0955 0x13a8 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 04:37:38.0960 0x13a8 clr_optimization_v2.0.50727_64 - ok 04:37:39.0023 0x13a8 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 04:37:39.0027 0x13a8 clr_optimization_v4.0.30319_32 - ok 04:37:39.0052 0x13a8 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 04:37:39.0055 0x13a8 clr_optimization_v4.0.30319_64 - ok 04:37:39.0069 0x13a8 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys 04:37:39.0071 0x13a8 CmBatt - ok 04:37:39.0100 0x13a8 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys 04:37:39.0102 0x13a8 cmdide - ok 04:37:39.0163 0x13a8 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys 04:37:39.0174 0x13a8 CNG - ok 04:37:39.0189 0x13a8 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys 04:37:39.0191 0x13a8 Compbatt - ok 04:37:39.0211 0x13a8 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys 04:37:39.0213 0x13a8 CompositeBus - ok 04:37:39.0218 0x13a8 COMSysApp - ok 04:37:39.0297 0x13a8 [ 08F934092E0429BADF88E9F91DB0F61E, 6E9091C006FFFF261DC61C8E9A45219E47C351296E5355FC4B7242F30E1DDFE3 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe 04:37:39.0307 0x13a8 cphs - ok 04:37:39.0325 0x13a8 cpuz135 - ok 04:37:39.0334 0x13a8 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 04:37:39.0335 0x13a8 crcdisk - ok 04:37:39.0370 0x13a8 [ 19D511CC455C19DE1ADF60E6C39C85B6, 2A05DD5EF3D0BEC2C9F4EA186E0E2D0F7BE0BF6A473D51194B09D33773AC7FAA ] CryptSvc C:\Windows\system32\cryptsvc.dll 04:37:39.0377 0x13a8 CryptSvc - ok 04:37:39.0525 0x13a8 [ FD557A50A65E44041CD2FCEF4BEB04DB, 746D5958F7198895D35A23566D3736D993D57726BF59D91421D8091C48926A26 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE 04:37:39.0539 0x13a8 cvhsvc - ok 04:37:39.0585 0x13a8 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll 04:37:39.0594 0x13a8 DcomLaunch - ok 04:37:39.0614 0x13a8 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll 04:37:39.0619 0x13a8 defragsvc - ok 04:37:39.0627 0x13a8 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys 04:37:39.0630 0x13a8 DfsC - ok 04:37:39.0646 0x13a8 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll 04:37:39.0652 0x13a8 Dhcp - ok 04:37:39.0661 0x13a8 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys 04:37:39.0663 0x13a8 discache - ok 04:37:39.0669 0x13a8 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys 04:37:39.0670 0x13a8 Disk - ok 04:37:39.0691 0x13a8 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll 04:37:39.0694 0x13a8 Dnscache - ok 04:37:39.0716 0x13a8 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll 04:37:39.0721 0x13a8 dot3svc - ok 04:37:39.0759 0x13a8 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll 04:37:39.0762 0x13a8 DPS - ok 04:37:39.0802 0x13a8 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 04:37:39.0804 0x13a8 drmkaud - ok 04:37:39.0859 0x13a8 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 04:37:39.0877 0x13a8 DXGKrnl - ok 04:37:39.0896 0x13a8 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll 04:37:39.0899 0x13a8 EapHost - ok 04:37:39.0972 0x13a8 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys 04:37:40.0039 0x13a8 ebdrv - ok 04:37:40.0069 0x13a8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe 04:37:40.0071 0x13a8 EFS - ok 04:37:40.0110 0x13a8 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 04:37:40.0121 0x13a8 ehRecvr - ok 04:37:40.0131 0x13a8 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe 04:37:40.0134 0x13a8 ehSched - ok 04:37:40.0165 0x13a8 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys 04:37:40.0174 0x13a8 elxstor - ok 04:37:40.0186 0x13a8 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys 04:37:40.0187 0x13a8 ErrDev - ok 04:37:40.0211 0x13a8 [ 72ECCB2F5C9CFC32A9B2A60933832501, BDEA5B00DB05B9A594E2B9798B96EB7FC3A8B894869F19A8DE105AD12F3A623E ] EtronHub3 C:\Windows\system32\Drivers\EtronHub3.sys 04:37:40.0213 0x13a8 EtronHub3 - ok 04:37:40.0227 0x13a8 [ 7BB310F6FB9E1B9D21DD2CE7EB0D5464, 23E6E1388757A8ACCE83A01475EEE47B5C4304B2BDB543956E95349890150F88 ] EtronXHCI C:\Windows\system32\Drivers\EtronXHCI.sys 04:37:40.0229 0x13a8 EtronXHCI - ok 04:37:40.0250 0x13a8 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll 04:37:40.0258 0x13a8 EventSystem - ok 04:37:40.0274 0x13a8 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys 04:37:40.0278 0x13a8 exfat - ok 04:37:40.0298 0x13a8 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys 04:37:40.0302 0x13a8 fastfat - ok 04:37:40.0327 0x13a8 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe 04:37:40.0338 0x13a8 Fax - ok 04:37:40.0351 0x13a8 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys 04:37:40.0353 0x13a8 fdc - ok 04:37:40.0370 0x13a8 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll 04:37:40.0371 0x13a8 fdPHost - ok 04:37:40.0378 0x13a8 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll 04:37:40.0380 0x13a8 FDResPub - ok 04:37:40.0392 0x13a8 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 04:37:40.0395 0x13a8 FileInfo - ok 04:37:40.0399 0x13a8 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 04:37:40.0400 0x13a8 Filetrace - ok 04:37:40.0414 0x13a8 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys 04:37:40.0415 0x13a8 flpydisk - ok 04:37:40.0436 0x13a8 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 04:37:40.0441 0x13a8 FltMgr - ok 04:37:40.0520 0x13a8 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll 04:37:40.0553 0x13a8 FontCache - ok 04:37:40.0592 0x13a8 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 04:37:40.0594 0x13a8 FontCache3.0.0.0 - ok 04:37:40.0610 0x13a8 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 04:37:40.0613 0x13a8 FsDepends - ok 04:37:40.0640 0x13a8 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 04:37:40.0641 0x13a8 Fs_Rec - ok 04:37:40.0681 0x13a8 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 04:37:40.0688 0x13a8 fvevol - ok 04:37:40.0702 0x13a8 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 04:37:40.0705 0x13a8 gagp30kx - ok 04:37:40.0716 0x13a8 gdrv - ok 04:37:40.0746 0x13a8 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll 04:37:40.0763 0x13a8 gpsvc - ok 04:37:40.0777 0x13a8 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 04:37:40.0779 0x13a8 hcw85cir - ok 04:37:40.0798 0x13a8 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 04:37:40.0805 0x13a8 HdAudAddService - ok 04:37:40.0825 0x13a8 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 04:37:40.0829 0x13a8 HDAudBus - ok 04:37:40.0836 0x13a8 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys 04:37:40.0838 0x13a8 HidBatt - ok 04:37:40.0864 0x13a8 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys 04:37:40.0867 0x13a8 HidBth - ok 04:37:40.0881 0x13a8 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys 04:37:40.0883 0x13a8 HidIr - ok 04:37:40.0889 0x13a8 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll 04:37:40.0891 0x13a8 hidserv - ok 04:37:40.0937 0x13a8 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\drivers\hidusb.sys 04:37:40.0939 0x13a8 HidUsb - ok 04:37:40.0964 0x13a8 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll 04:37:40.0969 0x13a8 hkmsvc - ok 04:37:40.0979 0x13a8 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll 04:37:40.0986 0x13a8 HomeGroupListener - ok 04:37:41.0000 0x13a8 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 04:37:41.0004 0x13a8 HomeGroupProvider - ok 04:37:41.0020 0x13a8 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 04:37:41.0023 0x13a8 HpSAMD - ok 04:37:41.0054 0x13a8 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys 04:37:41.0066 0x13a8 HTTP - ok 04:37:41.0072 0x13a8 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 04:37:41.0073 0x13a8 hwpolicy - ok 04:37:41.0092 0x13a8 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys 04:37:41.0094 0x13a8 i8042prt - ok 04:37:41.0148 0x13a8 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 04:37:41.0156 0x13a8 iaStorV - ok 04:37:41.0230 0x13a8 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 04:37:41.0251 0x13a8 idsvc - ok 04:37:41.0304 0x13a8 IEEtwCollectorService - ok 04:37:41.0465 0x13a8 [ 8C44E6B688790E2AD3846C97661C54F1, CB487D167EDA3C1E30BD5FB8F98C15EB9E75A6FB793009C2F1BBCAAB4285F772 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys 04:37:41.0625 0x13a8 igfx - ok 04:37:41.0647 0x13a8 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys 04:37:41.0649 0x13a8 iirsp - ok 04:37:41.0713 0x13a8 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll 04:37:41.0727 0x13a8 IKEEXT - ok 04:37:41.0797 0x13a8 [ 392D5C87F282E8E36DF5154418A7BB20, 9E5BFF3F339401E88F26AC558451EA51A457B82BE0E51AE266FC4448F5AA6565 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys 04:37:41.0835 0x13a8 IntcAzAudAddService - ok 04:37:41.0862 0x13a8 [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys 04:37:41.0868 0x13a8 IntcDAud - ok 04:37:41.0876 0x13a8 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys 04:37:41.0877 0x13a8 intelide - ok 04:37:41.0896 0x13a8 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 04:37:41.0897 0x13a8 intelppm - ok 04:37:41.0918 0x13a8 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll 04:37:41.0921 0x13a8 IPBusEnum - ok 04:37:41.0939 0x13a8 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 04:37:41.0942 0x13a8 IpFilterDriver - ok 04:37:41.0985 0x13a8 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 04:37:41.0995 0x13a8 iphlpsvc - ok 04:37:42.0007 0x13a8 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 04:37:42.0009 0x13a8 IPMIDRV - ok 04:37:42.0024 0x13a8 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys 04:37:42.0028 0x13a8 IPNAT - ok 04:37:42.0045 0x13a8 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys 04:37:42.0047 0x13a8 IRENUM - ok 04:37:42.0064 0x13a8 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys 04:37:42.0066 0x13a8 isapnp - ok 04:37:42.0100 0x13a8 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 04:37:42.0107 0x13a8 iScsiPrt - ok 04:37:42.0127 0x13a8 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 04:37:42.0129 0x13a8 kbdclass - ok 04:37:42.0141 0x13a8 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 04:37:42.0150 0x13a8 kbdhid - ok 04:37:42.0169 0x13a8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe 04:37:42.0171 0x13a8 KeyIso - ok 04:37:42.0203 0x13a8 [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 04:37:42.0206 0x13a8 KSecDD - ok 04:37:42.0221 0x13a8 [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 04:37:42.0225 0x13a8 KSecPkg - ok 04:37:42.0230 0x13a8 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 04:37:42.0232 0x13a8 ksthunk - ok 04:37:42.0254 0x13a8 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll 04:37:42.0263 0x13a8 KtmRm - ok 04:37:42.0291 0x13a8 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll 04:37:42.0297 0x13a8 LanmanServer - ok 04:37:42.0313 0x13a8 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 04:37:42.0317 0x13a8 LanmanWorkstation - ok 04:37:42.0346 0x13a8 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 04:37:42.0348 0x13a8 lltdio - ok 04:37:42.0367 0x13a8 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll 04:37:42.0374 0x13a8 lltdsvc - ok 04:37:42.0383 0x13a8 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll 04:37:42.0385 0x13a8 lmhosts - ok 04:37:42.0405 0x13a8 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 04:37:42.0409 0x13a8 LSI_FC - ok 04:37:42.0422 0x13a8 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 04:37:42.0426 0x13a8 LSI_SAS - ok 04:37:42.0439 0x13a8 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys 04:37:42.0441 0x13a8 LSI_SAS2 - ok 04:37:42.0451 0x13a8 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 04:37:42.0454 0x13a8 LSI_SCSI - ok 04:37:42.0472 0x13a8 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys 04:37:42.0475 0x13a8 luafv - ok 04:37:42.0583 0x13a8 [ 0C85B2B6FB74B36A251792D45E0EF860, 2E04204560C1159ABC25F273B0B7F81FDF9BA5E88C17929FD924C4E945DE5020 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys 04:37:42.0590 0x13a8 LVRS64 - ok 04:37:42.0736 0x13a8 [ FF3A488924B0032B1A9CA6948C1FA9E8, 6F05852B75498210926F5CDF49D2A6DD97C39CD93D32E3200D7240AADA3E7BEE ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys 04:37:42.0869 0x13a8 LVUVC64 - ok 04:37:43.0043 0x13a8 [ 1704A8189EE5580AB147CFD25C5C8770, DFA076FD36B5CC844D4BE3B865E9A1F809E14CCB1D78D82A2D8D8EE38210E6EB ] McComponentHostService C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe 04:37:43.0053 0x13a8 McComponentHostService - ok 04:37:43.0074 0x13a8 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 04:37:43.0078 0x13a8 Mcx2Svc - ok 04:37:43.0094 0x13a8 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys 04:37:43.0098 0x13a8 megasas - ok 04:37:43.0138 0x13a8 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys 04:37:43.0145 0x13a8 MegaSR - ok 04:37:43.0190 0x13a8 [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys 04:37:43.0193 0x13a8 MEIx64 - ok 04:37:43.0246 0x13a8 Microsoft SharePoint Workspace Audit Service - ok 04:37:43.0268 0x13a8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll 04:37:43.0272 0x13a8 MMCSS - ok 04:37:43.0283 0x13a8 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys 04:37:43.0285 0x13a8 Modem - ok 04:37:43.0304 0x13a8 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys 04:37:43.0305 0x13a8 monitor - ok 04:37:43.0322 0x13a8 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 04:37:43.0324 0x13a8 mouclass - ok 04:37:43.0333 0x13a8 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 04:37:43.0335 0x13a8 mouhid - ok 04:37:43.0354 0x13a8 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 04:37:43.0356 0x13a8 mountmgr - ok 04:37:43.0446 0x13a8 [ 707E98CC15C2224C078C9E71FF1889BC, 958416FE081436FDBF7F2BEBBB2795C54CC4F3F349D6DF463296A7BBA3404F13 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 04:37:43.0451 0x13a8 MozillaMaintenance - ok 04:37:43.0463 0x13a8 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys 04:37:43.0468 0x13a8 mpio - ok 04:37:43.0486 0x13a8 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 04:37:43.0489 0x13a8 mpsdrv - ok 04:37:43.0516 0x13a8 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll 04:37:43.0534 0x13a8 MpsSvc - ok 04:37:43.0568 0x13a8 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 04:37:43.0571 0x13a8 MRxDAV - ok 04:37:43.0589 0x13a8 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 04:37:43.0592 0x13a8 mrxsmb - ok 04:37:43.0602 0x13a8 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 04:37:43.0607 0x13a8 mrxsmb10 - ok 04:37:43.0625 0x13a8 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 04:37:43.0628 0x13a8 mrxsmb20 - ok 04:37:43.0655 0x13a8 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys 04:37:43.0656 0x13a8 msahci - ok 04:37:43.0676 0x13a8 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys 04:37:43.0682 0x13a8 msdsm - ok 04:37:43.0698 0x13a8 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe 04:37:43.0703 0x13a8 MSDTC - ok 04:37:43.0730 0x13a8 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys 04:37:43.0731 0x13a8 Msfs - ok 04:37:43.0739 0x13a8 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 04:37:43.0740 0x13a8 mshidkmdf - ok 04:37:43.0745 0x13a8 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 04:37:43.0746 0x13a8 msisadrv - ok 04:37:43.0767 0x13a8 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 04:37:43.0772 0x13a8 MSiSCSI - ok 04:37:43.0774 0x13a8 msiserver - ok 04:37:43.0785 0x13a8 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 04:37:43.0786 0x13a8 MSKSSRV - ok 04:37:43.0807 0x13a8 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 04:37:43.0808 0x13a8 MSPCLOCK - ok 04:37:43.0834 0x13a8 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 04:37:43.0835 0x13a8 MSPQM - ok 04:37:43.0860 0x13a8 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 04:37:43.0871 0x13a8 MsRPC - ok 04:37:43.0913 0x13a8 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys 04:37:43.0914 0x13a8 mssmbios - ok 04:37:43.0937 0x13a8 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 04:37:43.0938 0x13a8 MSTEE - ok 04:37:43.0947 0x13a8 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys 04:37:43.0949 0x13a8 MTConfig - ok 04:37:43.0965 0x13a8 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys 04:37:43.0967 0x13a8 Mup - ok 04:37:43.0994 0x13a8 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll 04:37:44.0006 0x13a8 napagent - ok 04:37:44.0024 0x13a8 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 04:37:44.0029 0x13a8 NativeWifiP - ok 04:37:44.0103 0x13a8 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys 04:37:44.0120 0x13a8 NDIS - ok 04:37:44.0133 0x13a8 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 04:37:44.0134 0x13a8 NdisCap - ok 04:37:44.0158 0x13a8 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 04:37:44.0159 0x13a8 NdisTapi - ok 04:37:44.0173 0x13a8 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 04:37:44.0181 0x13a8 Ndisuio - ok 04:37:44.0193 0x13a8 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 04:37:44.0196 0x13a8 NdisWan - ok 04:37:44.0208 0x13a8 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 04:37:44.0210 0x13a8 NDProxy - ok 04:37:44.0221 0x13a8 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 04:37:44.0223 0x13a8 NetBIOS - ok 04:37:44.0240 0x13a8 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 04:37:44.0249 0x13a8 NetBT - ok 04:37:44.0261 0x13a8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe 04:37:44.0262 0x13a8 Netlogon - ok 04:37:44.0285 0x13a8 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll 04:37:44.0292 0x13a8 Netman - ok 04:37:44.0349 0x13a8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 04:37:44.0353 0x13a8 NetMsmqActivator - ok 04:37:44.0379 0x13a8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 04:37:44.0382 0x13a8 NetPipeActivator - ok 04:37:44.0405 0x13a8 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll 04:37:44.0415 0x13a8 netprofm - ok 04:37:44.0426 0x13a8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 04:37:44.0429 0x13a8 NetTcpActivator - ok 04:37:44.0434 0x13a8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 04:37:44.0436 0x13a8 NetTcpPortSharing - ok 04:37:44.0447 0x13a8 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 04:37:44.0449 0x13a8 nfrd960 - ok 04:37:44.0465 0x13a8 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll 04:37:44.0471 0x13a8 NlaSvc - ok 04:37:44.0474 0x13a8 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys 04:37:44.0476 0x13a8 Npfs - ok 04:37:44.0493 0x13a8 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll 04:37:44.0495 0x13a8 nsi - ok 04:37:44.0506 0x13a8 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 04:37:44.0508 0x13a8 nsiproxy - ok 04:37:44.0582 0x13a8 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 04:37:44.0622 0x13a8 Ntfs - ok 04:37:44.0627 0x13a8 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys 04:37:44.0627 0x13a8 Null - ok 04:37:44.0679 0x13a8 [ 8D4AAC74B571FC356560E5B308955E93, C7F74F40D708D590EDB5D2ED064CF9C279FB1EBE33EDED073391E4D5E1CEE046 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys 04:37:44.0684 0x13a8 NVHDA - ok 04:37:44.0962 0x13a8 [ 757ACE4D4C9FF0571F86AA5D586B45E8, E7F23CC1DE26E2DAA690B78B05FC001EE0051F0ED9B9BCE9E7FA4E9684D4F3D4 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys 04:37:45.0125 0x13a8 nvlddmkm - ok 04:37:45.0171 0x13a8 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys 04:37:45.0174 0x13a8 nvraid - ok 04:37:45.0186 0x13a8 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys 04:37:45.0189 0x13a8 nvstor - ok 04:37:45.0243 0x13a8 [ 1C7CC708AC4A02A3BE8915539780534A, 0EBDE100880963BF1EC05002BA244CA7700693E958D1974CDD2AC3927D93224F ] nvsvc C:\Windows\system32\nvvsvc.exe 04:37:45.0264 0x13a8 nvsvc - ok 04:37:45.0386 0x13a8 [ CD0BFAA6872CFE38C908D313AE17C350, BE5B8AD5F245430C7FA15A5F928FD82CD781509394A7D7471CC70C1C28D6AE4B ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe 04:37:45.0437 0x13a8 nvUpdatusService - ok 04:37:45.0458 0x13a8 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 04:37:45.0461 0x13a8 nv_agp - ok 04:37:45.0471 0x13a8 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 04:37:45.0473 0x13a8 ohci1394 - ok 04:37:45.0535 0x13a8 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 04:37:45.0541 0x13a8 ose - ok 04:37:45.0687 0x13a8 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 04:37:45.0784 0x13a8 osppsvc - ok 04:37:45.0810 0x13a8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 04:37:45.0816 0x13a8 p2pimsvc - ok 04:37:45.0825 0x13a8 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll 04:37:45.0833 0x13a8 p2psvc - ok 04:37:45.0867 0x13a8 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys 04:37:45.0886 0x13a8 Parport - ok 04:37:45.0932 0x13a8 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys 04:37:45.0953 0x13a8 partmgr - ok 04:37:46.0005 0x13a8 [ 256390425414F90FCBC12F525A84EB11, A4992020BF6A239AD8A77125426E2C39980C9ABC971C4DBCB24B358F946AD7F9 ] PcaSvc C:\Windows\System32\pcasvc.dll 04:37:46.0013 0x13a8 PcaSvc - ok 04:37:46.0023 0x13a8 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys 04:37:46.0030 0x13a8 pci - ok 04:37:46.0058 0x13a8 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys 04:37:46.0059 0x13a8 pciide - ok 04:37:46.0074 0x13a8 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 04:37:46.0082 0x13a8 pcmcia - ok 04:37:46.0092 0x13a8 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys 04:37:46.0093 0x13a8 pcw - ok 04:37:46.0135 0x13a8 [ 946010CDFA91469351B22E2620CEBCD8, F099C92706D42ADC289B72724F7932E5D4F62A427AEC967DDB0A1D728AE59A63 ] PEAUTH C:\Windows\system32\drivers\peauth.sys 04:37:46.0151 0x13a8 PEAUTH - ok 04:37:46.0196 0x13a8 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe 04:37:46.0198 0x13a8 PerfHost - ok 04:37:46.0249 0x13a8 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll 04:37:46.0284 0x13a8 pla - ok 04:37:46.0358 0x13a8 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 04:37:46.0370 0x13a8 PlugPlay - ok 04:37:46.0376 0x13a8 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 04:37:46.0378 0x13a8 PNRPAutoReg - ok 04:37:46.0389 0x13a8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 04:37:46.0395 0x13a8 PNRPsvc - ok 04:37:46.0419 0x13a8 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 04:37:46.0427 0x13a8 PolicyAgent - ok 04:37:46.0446 0x13a8 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll 04:37:46.0449 0x13a8 Power - ok 04:37:46.0470 0x13a8 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 04:37:46.0472 0x13a8 PptpMiniport - ok 04:37:46.0485 0x13a8 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys 04:37:46.0487 0x13a8 Processor - ok 04:37:46.0524 0x13a8 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll 04:37:46.0529 0x13a8 ProfSvc - ok 04:37:46.0536 0x13a8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe 04:37:46.0537 0x13a8 ProtectedStorage - ok 04:37:46.0551 0x13a8 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys 04:37:46.0554 0x13a8 Psched - ok 04:37:46.0593 0x13a8 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 04:37:46.0627 0x13a8 ql2300 - ok 04:37:46.0642 0x13a8 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 04:37:46.0645 0x13a8 ql40xx - ok 04:37:46.0669 0x13a8 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll 04:37:46.0679 0x13a8 QWAVE - ok 04:37:46.0689 0x13a8 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 04:37:46.0692 0x13a8 QWAVEdrv - ok 04:37:46.0698 0x13a8 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 04:37:46.0699 0x13a8 RasAcd - ok 04:37:46.0725 0x13a8 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 04:37:46.0727 0x13a8 RasAgileVpn - ok 04:37:46.0733 0x13a8 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll 04:37:46.0737 0x13a8 RasAuto - ok 04:37:46.0755 0x13a8 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 04:37:46.0758 0x13a8 Rasl2tp - ok 04:37:46.0772 0x13a8 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll 04:37:46.0780 0x13a8 RasMan - ok 04:37:46.0800 0x13a8 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 04:37:46.0803 0x13a8 RasPppoe - ok 04:37:46.0814 0x13a8 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 04:37:46.0816 0x13a8 RasSstp - ok 04:37:46.0832 0x13a8 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 04:37:46.0838 0x13a8 rdbss - ok 04:37:46.0849 0x13a8 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys 04:37:46.0851 0x13a8 rdpbus - ok 04:37:46.0868 0x13a8 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 04:37:46.0869 0x13a8 RDPCDD - ok 04:37:46.0877 0x13a8 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 04:37:46.0878 0x13a8 RDPENCDD - ok 04:37:46.0881 0x13a8 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 04:37:46.0881 0x13a8 RDPREFMP - ok 04:37:46.0942 0x13a8 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys 04:37:46.0944 0x13a8 RdpVideoMiniport - ok 04:37:46.0982 0x13a8 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 04:37:46.0990 0x13a8 RDPWD - ok 04:37:47.0017 0x13a8 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 04:37:47.0022 0x13a8 rdyboost - ok 04:37:47.0041 0x13a8 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll 04:37:47.0045 0x13a8 RemoteAccess - ok 04:37:47.0054 0x13a8 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll 04:37:47.0058 0x13a8 RemoteRegistry - ok 04:37:47.0098 0x13a8 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys 04:37:47.0102 0x13a8 RFCOMM - ok 04:37:47.0145 0x13a8 [ AD42432D22940B4215177BE113E4919C, BF04E1F942846B928E523727EB03BBFA83FCE535CF7C0A4E787A5CBA46D5BF8D ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys 04:37:47.0150 0x13a8 RimUsb - ok 04:37:47.0162 0x13a8 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 04:37:47.0166 0x13a8 RpcEptMapper - ok 04:37:47.0184 0x13a8 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe 04:37:47.0186 0x13a8 RpcLocator - ok 04:37:47.0217 0x13a8 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll 04:37:47.0232 0x13a8 RpcSs - ok 04:37:47.0243 0x13a8 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 04:37:47.0244 0x13a8 rspndr - ok 04:37:47.0296 0x13a8 [ E50CFB92986DCAB49DE93788FD695813, EAE103008B967B0F064EDDA551AA553EE7C22D39D14FA0BBFEF41C4D1B6C99E5 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys 04:37:47.0312 0x13a8 RTL8167 - ok 04:37:47.0318 0x13a8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe 04:37:47.0320 0x13a8 SamSs - ok 04:37:47.0339 0x13a8 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 04:37:47.0341 0x13a8 sbp2port - ok 04:37:47.0357 0x13a8 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll 04:37:47.0360 0x13a8 SCardSvr - ok 04:37:47.0370 0x13a8 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 04:37:47.0372 0x13a8 scfilter - ok 04:37:47.0401 0x13a8 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll 04:37:47.0427 0x13a8 Schedule - ok 04:37:47.0440 0x13a8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll 04:37:47.0442 0x13a8 SCPolicySvc - ok 04:37:47.0452 0x13a8 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll 04:37:47.0456 0x13a8 SDRSVC - ok 04:37:47.0469 0x13a8 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys 04:37:47.0469 0x13a8 secdrv - ok 04:37:47.0480 0x13a8 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll 04:37:47.0483 0x13a8 seclogon - ok 04:37:47.0489 0x13a8 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll 04:37:47.0492 0x13a8 SENS - ok 04:37:47.0509 0x13a8 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll 04:37:47.0511 0x13a8 SensrSvc - ok 04:37:47.0524 0x13a8 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 04:37:47.0525 0x13a8 Serenum - ok 04:37:47.0538 0x13a8 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys 04:37:47.0543 0x13a8 Serial - ok 04:37:47.0560 0x13a8 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys 04:37:47.0562 0x13a8 sermouse - ok 04:37:47.0581 0x13a8 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll 04:37:47.0586 0x13a8 SessionEnv - ok 04:37:47.0599 0x13a8 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 04:37:47.0600 0x13a8 sffdisk - ok 04:37:47.0612 0x13a8 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 04:37:47.0614 0x13a8 sffp_mmc - ok 04:37:47.0622 0x13a8 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 04:37:47.0624 0x13a8 sffp_sd - ok 04:37:47.0626 0x13a8 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 04:37:47.0627 0x13a8 sfloppy - ok 04:37:47.0683 0x13a8 [ 2046AA7491DE7EFA4D70E615D9BC9D09, A8763D059AD68D5842C407FA9644E0B129BEF0F63CD87E62B80B05441EDC3489 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys 04:37:47.0696 0x13a8 Sftfs - ok 04:37:47.0765 0x13a8 [ 77C5A741A7452812F278EF2C18478862, 0B763679EB7EFB8ED9DCE7B429706E939BB65BA6BCF1BAE0E0426D4E87074B8C ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe 04:37:47.0772 0x13a8 sftlist - ok 04:37:47.0815 0x13a8 [ 0E0446BC4D51BE4263ACB7E33491191C, 2AD039FB440560658C4E06F67CC192EF71577EF3FF789A43C08430CE5EAE5A70 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys 04:37:47.0823 0x13a8 Sftplay - ok 04:37:47.0855 0x13a8 [ C5FB982CD266E604ED3142102C26D62C, A6BC0D72E98F924274ECAD49C85F0775D1CD45B97CD43F53DF3992B560835FC5 ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys 04:37:47.0856 0x13a8 Sftredir - ok 04:37:47.0883 0x13a8 [ 2575511AF67AA1FA068CCC4918E2C2A3, 3152FF5AC2CF6FE966DA59B1B33E22F9BD9B6BB4310441870528364BA9501A4D ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys 04:37:47.0884 0x13a8 Sftvol - ok 04:37:47.0918 0x13a8 [ 39B1D0A636A400304565D4521FAD6D77, 1F01DB35B5A477AA7A77585C9304E6B5F3E67807531305BCA93A7F494CED8F59 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe 04:37:47.0921 0x13a8 sftvsa - ok 04:37:47.0946 0x13a8 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll 04:37:47.0952 0x13a8 SharedAccess - ok 04:37:47.0973 0x13a8 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 04:37:47.0980 0x13a8 ShellHWDetection - ok 04:37:47.0993 0x13a8 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys 04:37:47.0995 0x13a8 SiSRaid2 - ok 04:37:48.0009 0x13a8 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 04:37:48.0013 0x13a8 SiSRaid4 - ok 04:37:48.0040 0x13a8 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys 04:37:48.0043 0x13a8 Smb - ok 04:37:48.0072 0x13a8 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 04:37:48.0075 0x13a8 SNMPTRAP - ok 04:37:48.0077 0x13a8 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys 04:37:48.0078 0x13a8 spldr - ok 04:37:48.0127 0x13a8 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe 04:37:48.0140 0x13a8 Spooler - ok 04:37:48.0226 0x13a8 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe 04:37:48.0272 0x13a8 sppsvc - ok 04:37:48.0296 0x13a8 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll 04:37:48.0299 0x13a8 sppuinotify - ok 04:37:48.0333 0x13a8 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys 04:37:48.0345 0x13a8 srv - ok 04:37:48.0367 0x13a8 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 04:37:48.0375 0x13a8 srv2 - ok 04:37:48.0388 0x13a8 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 04:37:48.0391 0x13a8 srvnet - ok 04:37:48.0413 0x13a8 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 04:37:48.0418 0x13a8 SSDPSRV - ok 04:37:48.0435 0x13a8 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll 04:37:48.0438 0x13a8 SstpSvc - ok 04:37:48.0514 0x13a8 [ CDA9313E34887A111B8309B55BCDCD82, AC070AA093B7013E4D1B29F4FAF9B469C3C261E4D3D1512B4F77CC609CBD1484 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 04:37:48.0523 0x13a8 Stereo Service - ok 04:37:48.0539 0x13a8 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys 04:37:48.0541 0x13a8 stexstor - ok 04:37:48.0578 0x13a8 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll 04:37:48.0588 0x13a8 stisvc - ok 04:37:48.0599 0x13a8 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys 04:37:48.0600 0x13a8 swenum - ok 04:37:48.0622 0x13a8 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll 04:37:48.0631 0x13a8 swprv - ok 04:37:48.0679 0x13a8 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll 04:37:48.0721 0x13a8 SysMain - ok 04:37:48.0731 0x13a8 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll 04:37:48.0734 0x13a8 TabletInputService - ok 04:37:48.0748 0x13a8 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll 04:37:48.0754 0x13a8 TapiSrv - ok 04:37:48.0764 0x13a8 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll 04:37:48.0766 0x13a8 TBS - ok 04:37:48.0853 0x13a8 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 04:37:48.0897 0x13a8 Tcpip - ok 04:37:48.0956 0x13a8 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 04:37:48.0980 0x13a8 TCPIP6 - ok 04:37:49.0015 0x13a8 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 04:37:49.0016 0x13a8 tcpipreg - ok 04:37:49.0028 0x13a8 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 04:37:49.0030 0x13a8 TDPIPE - ok 04:37:49.0057 0x13a8 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 04:37:49.0059 0x13a8 TDTCP - ok 04:37:49.0078 0x13a8 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 04:37:49.0083 0x13a8 tdx - ok 04:37:49.0094 0x13a8 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys 04:37:49.0096 0x13a8 TermDD - ok 04:37:49.0145 0x13a8 [ 4FC4C50985E5B840F4D72E57286887B8, 0BCBB4A938803AE3A3532B6D8FFC85594AA9AEF5D8F9792684841BEA8780AE9E ] TermService C:\Windows\System32\termsrv.dll 04:37:49.0162 0x13a8 TermService - ok 04:37:49.0172 0x13a8 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll 04:37:49.0175 0x13a8 Themes - ok 04:37:49.0192 0x13a8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll 04:37:49.0194 0x13a8 THREADORDER - ok 04:37:49.0208 0x13a8 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll 04:37:49.0212 0x13a8 TrkWks - ok 04:37:49.0238 0x13a8 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 04:37:49.0240 0x13a8 TrustedInstaller - ok 04:37:49.0251 0x13a8 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 04:37:49.0253 0x13a8 tssecsrv - ok 04:37:49.0289 0x13a8 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 04:37:49.0291 0x13a8 TsUsbFlt - ok 04:37:49.0313 0x13a8 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys 04:37:49.0315 0x13a8 TsUsbGD - ok 04:37:49.0345 0x13a8 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 04:37:49.0348 0x13a8 tunnel - ok 04:37:49.0361 0x13a8 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 04:37:49.0363 0x13a8 uagp35 - ok 04:37:49.0383 0x13a8 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 04:37:49.0388 0x13a8 udfs - ok 04:37:49.0393 0x13a8 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe 04:37:49.0395 0x13a8 UI0Detect - ok 04:37:49.0416 0x13a8 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 04:37:49.0418 0x13a8 uliagpkx - ok 04:37:49.0453 0x13a8 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys 04:37:49.0455 0x13a8 umbus - ok 04:37:49.0472 0x13a8 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys 04:37:49.0474 0x13a8 UmPass - ok 04:37:49.0542 0x13a8 [ 67A95B9D129ED5399E7965CD09CF30E7, F1F2F684146F1CCB293BB9871117B8CFC1D04588A830F67CE5D3F0D034D93B2A ] UMVPFSrv C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe 04:37:49.0551 0x13a8 UMVPFSrv - ok 04:37:49.0580 0x13a8 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll 04:37:49.0589 0x13a8 upnphost - ok 04:37:49.0622 0x13a8 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 04:37:49.0625 0x13a8 usbaudio - ok 04:37:49.0653 0x13a8 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 04:37:49.0656 0x13a8 usbccgp - ok 04:37:49.0691 0x13a8 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys 04:37:49.0696 0x13a8 usbcir - ok 04:37:49.0724 0x13a8 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys 04:37:49.0726 0x13a8 usbehci - ok 04:37:49.0741 0x13a8 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 04:37:49.0750 0x13a8 usbhub - ok 04:37:49.0782 0x13a8 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys 04:37:49.0784 0x13a8 usbohci - ok 04:37:49.0794 0x13a8 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys 04:37:49.0796 0x13a8 usbprint - ok 04:37:49.0821 0x13a8 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 04:37:49.0824 0x13a8 USBSTOR - ok 04:37:49.0841 0x13a8 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 04:37:49.0844 0x13a8 usbuhci - ok 04:37:49.0856 0x13a8 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll 04:37:49.0859 0x13a8 UxSms - ok 04:37:49.0869 0x13a8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe 04:37:49.0871 0x13a8 VaultSvc - ok 04:37:49.0893 0x13a8 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 04:37:49.0894 0x13a8 vdrvroot - ok 04:37:49.0912 0x13a8 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe 04:37:49.0922 0x13a8 vds - ok 04:37:49.0944 0x13a8 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 04:37:49.0946 0x13a8 vga - ok 04:37:49.0956 0x13a8 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys 04:37:49.0958 0x13a8 VgaSave - ok 04:37:49.0971 0x13a8 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 04:37:49.0975 0x13a8 vhdmp - ok 04:37:49.0996 0x13a8 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys 04:37:49.0997 0x13a8 viaide - ok 04:37:50.0027 0x13a8 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys 04:37:50.0031 0x13a8 volmgr - ok 04:37:50.0049 0x13a8 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 04:37:50.0061 0x13a8 volmgrx - ok 04:37:50.0080 0x13a8 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys 04:37:50.0086 0x13a8 volsnap - ok 04:37:50.0107 0x13a8 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 04:37:50.0111 0x13a8 vsmraid - ok 04:37:50.0181 0x13a8 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe 04:37:50.0223 0x13a8 VSS - ok 04:37:50.0353 0x13a8 [ 8B1502C0071491E992EB58F5EED50F90, DCF1EE2C81326657641F801059DB137A16647EDFFAB86D51A8E04016F344CD95 ] vToolbarUpdater3.1.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.1.0\ToolbarUpdater.exe 04:37:50.0377 0x13a8 vToolbarUpdater3.1.0 - ok 04:37:50.0418 0x13a8 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys 04:37:50.0420 0x13a8 vwifibus - ok 04:37:50.0446 0x13a8 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll 04:37:50.0454 0x13a8 W32Time - ok 04:37:50.0518 0x13a8 [ B32009DB1972E7F2C227499289C4384A, D491CD90ACE895EC60A5A2F995EAE39F8ED662B71BC548C3FF5BBDBC60054788 ] W3SVC C:\Windows\system32\inetsrv\iisw3adm.dll 04:37:50.0532 0x13a8 W3SVC - ok 04:37:50.0548 0x13a8 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys 04:37:50.0550 0x13a8 WacomPen - ok 04:37:50.0571 0x13a8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 04:37:50.0574 0x13a8 WANARP - ok 04:37:50.0584 0x13a8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 04:37:50.0585 0x13a8 Wanarpv6 - ok 04:37:50.0594 0x13a8 [ B32009DB1972E7F2C227499289C4384A, D491CD90ACE895EC60A5A2F995EAE39F8ED662B71BC548C3FF5BBDBC60054788 ] WAS C:\Windows\system32\inetsrv\iisw3adm.dll 04:37:50.0600 0x13a8 WAS - ok 04:37:50.0686 0x13a8 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe 04:37:50.0728 0x13a8 WatAdminSvc - ok 04:37:50.0774 0x13a8 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe 04:37:50.0807 0x13a8 wbengine - ok 04:37:50.0821 0x13a8 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 04:37:50.0826 0x13a8 WbioSrvc - ok 04:37:50.0840 0x13a8 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll 04:37:50.0847 0x13a8 wcncsvc - ok 04:37:50.0853 0x13a8 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 04:37:50.0855 0x13a8 WcsPlugInService - ok 04:37:50.0857 0x13a8 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys 04:37:50.0858 0x13a8 Wd - ok 04:37:50.0904 0x13a8 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 04:37:50.0917 0x13a8 Wdf01000 - ok 04:37:50.0921 0x13a8 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll 04:37:50.0923 0x13a8 WdiServiceHost - ok 04:37:50.0926 0x13a8 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll 04:37:50.0929 0x13a8 WdiSystemHost - ok 04:37:50.0959 0x13a8 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll 04:37:50.0964 0x13a8 WebClient - ok 04:37:50.0972 0x13a8 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll 04:37:50.0977 0x13a8 Wecsvc - ok 04:37:50.0983 0x13a8 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll 04:37:51.0004 0x13a8 wercplsupport - ok 04:37:51.0018 0x13a8 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll 04:37:51.0023 0x13a8 WerSvc - ok 04:37:51.0051 0x13a8 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 04:37:51.0052 0x13a8 WfpLwf - ok 04:37:51.0055 0x13a8 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys 04:37:51.0056 0x13a8 WIMMount - ok 04:37:51.0068 0x13a8 WinDefend - ok 04:37:51.0072 0x13a8 WinHttpAutoProxySvc - ok 04:37:51.0100 0x13a8 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 04:37:51.0104 0x13a8 Winmgmt - ok 04:37:51.0161 0x13a8 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll 04:37:51.0203 0x13a8 WinRM - ok 04:37:51.0241 0x13a8 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 04:37:51.0243 0x13a8 WinUsb - ok 04:37:51.0264 0x13a8 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll 04:37:51.0290 0x13a8 Wlansvc - ok 04:37:51.0305 0x13a8 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 04:37:51.0307 0x13a8 WmiAcpi - ok 04:37:51.0333 0x13a8 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 04:37:51.0336 0x13a8 wmiApSrv - ok 04:37:51.0358 0x13a8 WMPNetworkSvc - ok 04:37:51.0381 0x13a8 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll 04:37:51.0383 0x13a8 WPCSvc - ok 04:37:51.0396 0x13a8 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 04:37:51.0400 0x13a8 WPDBusEnum - ok 04:37:51.0407 0x13a8 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 04:37:51.0408 0x13a8 ws2ifsl - ok 04:37:51.0453 0x13a8 [ AD12F5C7251BB8D575D560894E73CBBA, FAAA1440CBBDC889C0B8917065B932A9CC86E5C0FD5845D8830482915AF83F40 ] WsAudioDevice_383S(1) C:\Windows\system32\drivers\WsAudioDevice_383S(1).sys 04:37:51.0454 0x13a8 WsAudioDevice_383S(1) - ok 04:37:51.0468 0x13a8 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll 04:37:51.0471 0x13a8 wscsvc - ok 04:37:51.0473 0x13a8 WSearch - ok 04:37:51.0559 0x13a8 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll 04:37:51.0618 0x13a8 wuauserv - ok 04:37:51.0650 0x13a8 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 04:37:51.0652 0x13a8 WudfPf - ok 04:37:51.0669 0x13a8 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 04:37:51.0672 0x13a8 WUDFRd - ok 04:37:51.0701 0x13a8 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 04:37:51.0704 0x13a8 wudfsvc - ok 04:37:51.0735 0x13a8 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll 04:37:51.0740 0x13a8 WwanSvc - ok 04:37:51.0816 0x13a8 [ DD0042F0C3B606A6A8B92D49AFB18AD6, 8D3BE4C93D02AF5F42EC46AF598D6DA40C61D467CB2FEE5E222F9C1E7A84B852 ] YahooAUService C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe 04:37:51.0824 0x13a8 YahooAUService - ok 04:37:51.0850 0x13a8 [ B3EEACF62445E24FBB2CD4B0FB4DB026, 2E5B6220094C47754233EDA59E6514CE47AC6C6879F367C72B2C02330EABE8E0 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys 04:37:51.0857 0x13a8 yukonw7 - ok 04:37:51.0892 0x13a8 ================ Scan global =============================== 04:37:51.0912 0x13a8 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll 04:37:51.0954 0x13a8 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll 04:37:51.0971 0x13a8 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll 04:37:51.0984 0x13a8 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll 04:37:52.0009 0x13a8 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe 04:37:52.0015 0x13a8 [ Global ] - ok 04:37:52.0016 0x13a8 ================ Scan MBR ================================== 04:37:52.0026 0x13a8 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 04:37:52.0152 0x13a8 \Device\Harddisk0\DR0 - ok 04:37:52.0155 0x13a8 [ DDAE9D649DB12F6AFF24483F2C298989 ] \Device\Harddisk1\DR1 04:37:52.0160 0x13a8 \Device\Harddisk1\DR1 - ok 04:37:52.0160 0x13a8 ================ Scan VBR ================================== 04:37:52.0162 0x13a8 [ 7B11F8C0B2381CB6D1B0A3F459332006 ] \Device\Harddisk0\DR0\Partition1 04:37:52.0210 0x13a8 \Device\Harddisk0\DR0\Partition1 - ok 04:37:52.0212 0x13a8 [ 4550892331A6421CFDA20285896ABFE3 ] \Device\Harddisk0\DR0\Partition2 04:37:52.0261 0x13a8 \Device\Harddisk0\DR0\Partition2 - ok 04:37:52.0265 0x13a8 [ 4330919246A25D362CE4ADC5ED9DB82C ] \Device\Harddisk1\DR1\Partition1 04:37:52.0267 0x13a8 \Device\Harddisk1\DR1\Partition1 - ok 04:37:52.0267 0x13a8 ================ Scan generic autorun ====================== 04:37:52.0397 0x176c Object required for P2P: [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC 04:37:52.0550 0x13a8 [ 2AED6E49CE99DFFF3FC4B9108246B7CB, 4D6A1C32DD10556F84A0B62C796C4C54A7E3E4772478B16A38E1668870D7019C ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe 04:37:52.0702 0x13a8 RtHDVCpl - ok 04:37:52.0808 0x13a8 [ 4F46EA70C7579052F764D0F9B81D23C2, EABE443ABC39AFDA49762A78711FAB4C7367680BE4F0B79F3144362D4A272238 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe 04:37:52.0832 0x13a8 NvBackend - ok 04:37:52.0861 0x13a8 [ 28062B17191C9450BF6C6C3EF8C7EB27, 4859C5708DFD119021F7B7FFB38F0B316675E1E4D5D51A10D4265F712CF8CDB6 ] C:\Windows\system32\igfxtray.exe 04:37:52.0864 0x13a8 IgfxTray - ok 04:37:52.0897 0x13a8 [ 28FC280487F0BAAE5E8119257C4EEF8C, F574BC70B79B77912FC683B3EB0BE6929E7758284ED5B47008E18B0E4A4A09FD ] C:\Windows\system32\hkcmd.exe 04:37:52.0903 0x13a8 HotKeysCmds - ok 04:37:52.0952 0x13a8 [ F29BEA821C753E4F00177690F70CDC13, 0EDB40F4A4C23553C0288E6E3AD65E7B523F6764C87C6C36C3ECB0C1940C5176 ] C:\Windows\system32\igfxpers.exe 04:37:52.0963 0x13a8 Persistence - ok 04:37:53.0040 0x13a8 [ 47EA5F76FAB723C61AB4A0D79BAD512C, A7A38EB0A7068B160E6949945EF639F999A06AE35746F6E79C7350745798E5C9 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe 04:37:53.0055 0x13a8 Adobe ARM - ok 04:37:53.0088 0x13a8 [ CDB517386A26AE420CB24BDB3CD88779, BAF1EEA0B69A969E0641AAF371BAF51A130D2BAB91C6388F7F60C8904C463EE6 ] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe 04:37:53.0090 0x13a8 RIMBBLaunchAgent.exe - ok 04:37:53.0413 0x13a8 [ B36DFFCD2B20AF39223847D691B49357, 3639DAE0C9A31A7D1997EFB21679514BEF267F4F1735EB39230058B8B2198D32 ] C:\Program Files (x86)\AVG\AVG2015\avgui.exe 04:37:53.0460 0x13a8 AVG_UI - ok 04:37:53.0597 0x13a8 [ A216211AD7B0A3DF5F2C41E331375237, 757FE543E7A50F4CF863B11FD2E75D88127CB409B80597A5493A8F0412E452C6 ] C:\Program Files (x86)\AVG Web TuneUp\vprot.exe 04:37:53.0630 0x13a8 vProt - ok 04:37:53.0716 0x13a8 [ 9C2078437D6FC541BD268BA903F6AEB4, CB622E82C65E0E4E9E52381BEAAB784AB6A3893BE34476D69B89F012CC1AC3C9 ] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe 04:37:53.0757 0x13a8 Wondershare Helper Compact.exe - ok 04:37:53.0884 0x13a8 [ 5E5EF857D545E8B9268B4DE377F32177, B8FFDA7D82F2B911B6E40D5B2C2B5B23AE3EEE813DB615B2A955F1E05F1E492B ] C:\ProgramData\Wondershare\Player\DelayPluginI.exe 04:37:53.0911 0x13a8 DelaypluginInstall - ok 04:37:53.0983 0x13a8 [ 67BD916F01424DEB8AB8CD9E0096F277, D1E4A7BA332DA229138E89E5C4550A58ADD896B85728DF6BA33F1DE57D586E77 ] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe 04:37:53.0986 0x13a8 BCSSync - ok 04:37:54.0053 0x13a8 [ 887CAA31048EB8ED09A0CBD0E6F46F09, BBCED0BD4EB00C3FECFC9448223D4C441A868787877291F5489B07B43FAB65A4 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe 04:37:54.0089 0x13a8 SunJavaUpdateSched - ok 04:37:54.0167 0x13a8 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe 04:37:54.0213 0x13a8 Sidebar - ok 04:37:54.0233 0x13a8 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe 04:37:54.0237 0x13a8 mctadmin - ok 04:37:54.0275 0x13a8 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe 04:37:54.0292 0x13a8 Sidebar - ok 04:37:54.0296 0x13a8 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe 04:37:54.0298 0x13a8 mctadmin - ok 04:37:54.0337 0x13a8 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe 04:37:54.0351 0x13a8 Sidebar - ok 04:37:54.0817 0x13a8 [ D464A2B05D1B3A4160E2B2447FAF1C90, 436DFC8654F509831FF7C9EC656CBE5B79D345DAC748600A8EF7D8D81516C146 ] C:\Program Files\BitComet\BitComet.exe 04:37:55.0310 0x13a8 [ 6CB991E0323CE1901C0DD5857418E0F2, 70A52109C9A5DB932F0AEA60CBF7F5AF7747F5433446CBE133B236F9F0AB7A4D ] C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe 04:37:55.0364 0x176c Object send P2P result: true 04:37:55.0395 0x13a8 Messenger (Yahoo!) - ok 04:37:55.0402 0x13a8 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe 04:37:55.0403 0x13a8 mctadmin - ok 04:37:55.0852 0x13a8 [ D464A2B05D1B3A4160E2B2447FAF1C90, 436DFC8654F509831FF7C9EC656CBE5B79D345DAC748600A8EF7D8D81516C146 ] C:\Program Files\BitComet\BitComet.exe 04:37:56.0113 0x13a8 BitComet - ok 04:37:56.0309 0x13a8 [ 6CB991E0323CE1901C0DD5857418E0F2, 70A52109C9A5DB932F0AEA60CBF7F5AF7747F5433446CBE133B236F9F0AB7A4D ] C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe 04:37:56.0393 0x13a8 Messenger (Yahoo!) - ok 04:37:56.0435 0x13a8 ROC_ROC_APR2013_AV - ok 04:37:56.0435 0x13a8 AVG-Secure-Search-Update_0913a - ok 04:37:56.0480 0x13a8 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe 04:37:56.0496 0x13a8 Sidebar - ok 04:37:56.0500 0x13a8 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe 04:37:56.0502 0x13a8 mctadmin - ok 04:37:56.0503 0x13a8 Waiting for KSN requests completion. In queue: 87 04:37:57.0503 0x13a8 Waiting for KSN requests completion. In queue: 87 04:37:58.0503 0x13a8 Waiting for KSN requests completion. In queue: 87 04:37:59.0522 0x13a8 AV detected via SS2: AVG AntiVirus Free Edition 2015, C:\Program Files (x86)\AVG\AVG2015\avgwsc.exe ( 15.0.0.5315 ), 0x41000 ( enabled : updated ) 04:37:59.0525 0x13a8 Win FW state via NFP2: enabled 04:38:02.0306 0x13a8 ============================================================ 04:38:02.0306 0x13a8 Scan finished 04:38:02.0306 0x13a8 ============================================================ 04:38:02.0313 0x1280 Detected object count: 0 04:38:02.0313 0x1280 Actual detected object count: 0 04:38:43.0716 0x10f8 KLMD registered as C:\Windows\system32\drivers\94978594.sys 04:38:44.0896 0x10f8 Deinitialize success [/QUOTE]
Insert quotes…
Verification
Post reply
Top