Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Random audio clips playing


  • Please log in to reply
11 replies to this topic

#1 MikeOnDrake

MikeOnDrake

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:12:19 PM

Posted 30 August 2013 - 04:09 PM

Hi,
 
My computer recently started occasionally playing random audio clips. This happens a few times an hour, and it occurs even if no application or window is open. Sometimes the clips seem to be the audio portion of a DIY video or a health/lifestyle news item, and sometimes it's in Spanish.
 
My computer is a Dell Precision laptop with an Intel Quad-Core i7-2620M CPU, and 8 GB of RAM. I'm running Windows 7 Professional 64-bit, Service Pack 1.
 
After the problem started, I installed all available Windows updates and then ran a full Defender scan. Defender found and removed the Alureon virus, but this didn't fix the problem.
 
I saw that this problem has appeared in the BC forums before, but I see that the fix depends to some extent on diagnostic info from the infected machine, so I did not attempt to recreate any of the fixes.
 
Any help you can give me would be much appreciated.
 
Thanks,
 
Mike

Edit: Moved topic from Windows 7 to the more appropriate forum. ~ Animal

BC AdBot (Login to Remove)

 


#2 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:03:19 AM

Posted 30 August 2013 - 05:00 PM

Hello Mike, and Welcome -

As you stated, there can be several reasons for this type of problem. This can range from a minor infection, to a major problem.

So lets start with a bit of information from your computer. 2 basic programs first that only take a few minutes.

 

This can show us your Security programs, and if other programs are up to date.

Download Security Check by Screen317
* Save it to your Desktop.
* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.
Note: If any security program requests permission to access the Internet, allow it to do so.

 

 

This can show us if there is / has been problems with your computer, and if it relates to any programs you use.

Download MiniToolBox, Save it to your desktop and run it.
Checkmark the following boxes:
•Flush DNS
•Report IE Proxy Settings
•Reset IE Proxy Settings
•Report FF Proxy Settings
•Reset FF Proxy Settings
•List content of Hosts
•List IP configuration
•List last 10 Event Viewer log
•List Installed Programs
•List Users, Partitions and Memory size.
•List Minidump Files
 Click Go and copy / paste the result (Result.txt).

 

Thank You -



#3 MikeOnDrake

MikeOnDrake
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:12:19 PM

Posted 30 August 2013 - 05:21 PM

Wow! Thanks for your quick response, noknojon, and thanks for being so kind as to help me out.

 

I've attached the log files you requested.

 

Thanks,

 

Mike

Attached Files



#4 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:03:19 AM

Posted 30 August 2013 - 08:04 PM

Hi -

First a few minor points -
Java™ 6 Update 35 < Java version out of Date! Version7 Update25 is current
Untick any Add-ons or Extras offered with the update as they do not relate to Java.
Also - Remove all old versions from Programs and Features

 

Adobe Reader 10.1.1 Adobe Reader out of Date! Version 11 has been out for a while
Untick any Add-ons or Extras offered with the update as they do not relate to Adobe.
Also - Remove all old versions from Programs and Features

 

Mozilla Firefox 16.0.2 Firefox out of Date! Version22 or 23 Minimum is current
Mozilla Thunderbird 14.0. Thunderbird out of Date! Version22 Minimum is also current

 

 

Make sure your Antivirus (listed as TrendMicro) scans every day and you add these 2 programs.

They should work with your Antivirus, as they are Antimalware only (not virus) -
You will download and scan with them now, and at least once every week, you Update them and run a scan.

 

Please download Malwarebytes Anti-Malware Free (aka MBAM)
* Double-click MBAM -setup.exe and follow the prompts to install the program.
* At the end, be sure to Check for Updates to be so it is current
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Scan, then click Quick Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.
If you are not sure of any items, post the log and ask if it should be removed.
- Be sure to reboot the computer after you post the log today.

 

 

Download SUPERAntiSpyware Free (aka SAS)
* Double-click SAS -setup.exe and follow the prompts to install the program.
* At the end, be sure to Check for Updates to be so it is current
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.
- Be sure to reboot the computer after you post the log today.

 

Tell me when you have Updated the programs, and Added the scan results, so we can continue with some listed Errors -

 

Thanks -

EDIT to correct bits -


Edited by noknojon, 30 August 2013 - 08:10 PM.


#5 MikeOnDrake

MikeOnDrake
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:12:19 PM

Posted 31 August 2013 - 01:22 PM

Sorry for the delay.

 

OK, I've updated all of the listed apps, installed the antimalware stuff, and scanned. Logs attached.

 

Thanks again, noknojon.

 

M

Attached Files



#6 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:03:19 AM

Posted 31 August 2013 - 06:15 PM

OK -
I was going to just add how to run sfc /scannow and a diskcheck, due to related errors in the scans then I found this > >
RE : The Matrix Screensaver - This has been known to cause Audio related problems.
If you are still using it, my idea would be to remove the full program at this time.
Below is from their site - Download Date added:18 Jul 2012 - Last Update:2 Aug 2010

Some people have reported problems with version 1.14 on Windows 7.  I am currently investigating, but please use version 1.11b for the time being.
Then I recalled another similar problem that was caused by faulty Screen-Savers.

 

You still should run these checks on the system.

 

Click the Start Orb > In the Search Box type CMD > Press Enter > Right click on CMD and a black box will open > Just type sfc /scannow and press Enter. Note the space between c and / as it must be there.

This will take about 10 to 15 minutes to run (on average) so please let it complete the scan.

 

 

For Diskcheck, I prefer the old "secure" method >

Run a Disk Check on your C: drive in Windows Vista or Windws 7:
 • Click the Start button and select Computer

• Right-click on C:(or your main hard drive) and select Properties

• Click on the Tools tab

• Under Error-checking click the Check Now... button and click Continue at the User Account Control prompt

• Mark the 2 boxes next to Automatically fix file system errors and Scan for and attempt recovery of bad sectors

• Click on the Start button

• When the message box pops up, click the Schedule disk check button and Restart your computer

• Once your computer restarts it will check the drive, don't press any keys so that it is allowed to do so

The check will take between 1 and 2 hours (on average) so please let all 5 stages run, and do not force a reboot.

If this is a laptop, be sure it is plugged into power and do not rely on batteries.

 

Thank you.



#7 MikeOnDrake

MikeOnDrake
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:12:19 PM

Posted 01 September 2013 - 10:04 AM

Hi noknojon,

 

I uninstalled the Matrix screen saver and ran sfc and chkdisk as you instructed. Neither tool found any problems.

 

Unfortunately, I'm still hearing the audio clips.

 

Thanks again,

 

Mike



#8 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:03:19 AM

Posted 01 September 2013 - 05:41 PM

Hi Mike -

We still have one option that often finds and solves the problem -

 

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!

• Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
Vista/Windows 7 users right-click and select Run As Administrator.

 

• If TDSSKiller does not run, try renaming it.
• To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.

 

• Click the Start Scan button.
Do not use the computer during the scan
• If the scan completes with nothing found, click Close to exit.
• If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
• Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
• A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
• Copy and paste the contents of that file in your next reply.

 

Thanks -



#9 MikeOnDrake

MikeOnDrake
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:12:19 PM

Posted 01 September 2013 - 07:36 PM

Hi noknojon,

 

I preemptively renamed the app to 'bleepingkiller.com' and ran it.

 

TDSSKiller did find a malware object and I disposed of it using the 'Cure' option, as you instructed and then rebooted.

 

After the reboot, the app was automatically restarted, but I closed it without rescanning.

 

There were two log files generated, and I've copied their contents below. The log with the older timestamp is first, followed by the newer one. You can search for strings of hyphens to quickly find the beginnings and ends of the logs.

 

Thanks again,

 

Mike

 

-------------- 1st log begin --------------------------

 

19:20:57.0936 0x13cc  TDSS rootkit removing tool 2.9.2.0 Aug 15 2013 16:44:29
19:20:58.0376 0x13cc  ============================================================
19:20:58.0376 0x13cc  Current date / time: 2013/09/01 19:20:58.0376
19:20:58.0376 0x13cc  SystemInfo:
19:20:58.0376 0x13cc  
19:20:58.0376 0x13cc  OS Version: 6.1.7601 ServicePack: 1.0
19:20:58.0376 0x13cc  Product type: Workstation
19:20:58.0376 0x13cc  ComputerName: MININT-2FCLSJE
19:20:58.0376 0x13cc  UserName: Mike
19:20:58.0376 0x13cc  Windows directory: C:\Windows
19:20:58.0376 0x13cc  System windows directory: C:\Windows
19:20:58.0376 0x13cc  Running under WOW64
19:20:58.0376 0x13cc  Processor architecture: Intel x64
19:20:58.0376 0x13cc  Number of processors: 4
19:20:58.0376 0x13cc  Page size: 0x1000
19:20:58.0376 0x13cc  Boot type: Normal boot
19:20:58.0376 0x13cc  ============================================================
19:20:59.0946 0x13cc  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:20:59.0946 0x13cc  ============================================================
19:20:59.0946 0x13cc  \Device\Harddisk0\DR0:
19:20:59.0946 0x13cc  MBR partitions:
19:20:59.0946 0x13cc  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3882C800
19:20:59.0946 0x13cc  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x3882D000, BlocksNum 0x1B58800
19:20:59.0946 0x13cc  ============================================================
19:20:59.0986 0x13cc  C: <-> \Device\Harddisk0\DR0\Partition1
19:21:00.0066 0x13cc  D: <-> \Device\Harddisk0\DR0\Partition2
19:21:00.0066 0x13cc  ============================================================
19:21:00.0066 0x13cc  Initialize success
19:21:00.0066 0x13cc  ============================================================
19:21:14.0366 0x0d04  ============================================================
19:21:14.0366 0x0d04  Scan started
19:21:14.0366 0x0d04  Mode: Manual;
19:21:14.0366 0x0d04  ============================================================
19:21:16.0446 0x0d04  ================ Scan system memory ========================
19:21:16.0446 0x0d04  System memory - ok
19:21:16.0446 0x0d04  ================ Scan services =============================
19:21:16.0626 0x0d04  [ ABDCD326E1DD1C62509ED94C278A7453 ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
19:21:16.0626 0x0d04  !SASCORE - ok
19:21:16.0766 0x0d04  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
19:21:16.0766 0x0d04  1394ohci - ok
19:21:16.0816 0x0d04  [ E0065CBF1A25C015C218457D2CD522B9 ] Acceler         C:\Windows\system32\DRIVERS\Accelern.sys
19:21:16.0816 0x0d04  Acceler - ok
19:21:16.0836 0x0d04  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
19:21:16.0846 0x0d04  ACPI - ok
19:21:16.0866 0x0d04  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
19:21:16.0866 0x0d04  AcpiPmi - ok
19:21:16.0936 0x0d04  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:21:16.0936 0x0d04  AdobeARMservice - ok
19:21:16.0976 0x0d04  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
19:21:16.0976 0x0d04  adp94xx - ok
19:21:16.0996 0x0d04  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
19:21:16.0996 0x0d04  adpahci - ok
19:21:17.0006 0x0d04  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
19:21:17.0006 0x0d04  adpu320 - ok
19:21:17.0026 0x0d04  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
19:21:17.0026 0x0d04  AeLookupSvc - ok
19:21:17.0076 0x0d04  [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters     C:\Program Files\IDT\WDM\AESTSr64.exe
19:21:17.0076 0x0d04  AESTFilters - ok
19:21:17.0116 0x0d04  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
19:21:17.0116 0x0d04  AFD - ok
19:21:17.0146 0x0d04  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
19:21:17.0146 0x0d04  agp440 - ok
19:21:17.0156 0x0d04  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
19:21:17.0156 0x0d04  ALG - ok
19:21:17.0196 0x0d04  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
19:21:17.0196 0x0d04  aliide - ok
19:21:17.0216 0x0d04  [ 0C5FDBED35FF0FFB8839A5138610DCD0 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
19:21:17.0216 0x0d04  AMD External Events Utility - ok
19:21:17.0236 0x0d04  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
19:21:17.0236 0x0d04  amdide - ok
19:21:17.0246 0x0d04  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
19:21:17.0246 0x0d04  AmdK8 - ok
19:21:17.0386 0x0d04  [ EAB52278C96C3FAD25536FD853AFBC98 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
19:21:17.0446 0x0d04  amdkmdag - ok
19:21:17.0456 0x0d04  [ ADDC34779043D80C4B25B5D9AF4A0F75 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
19:21:17.0466 0x0d04  amdkmdap - ok
19:21:17.0496 0x0d04  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
19:21:17.0496 0x0d04  AmdPPM - ok
19:21:17.0526 0x0d04  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
19:21:17.0526 0x0d04  amdsata - ok
19:21:17.0546 0x0d04  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
19:21:17.0546 0x0d04  amdsbs - ok
19:21:17.0556 0x0d04  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
19:21:17.0556 0x0d04  amdxata - ok
19:21:17.0606 0x0d04  [ CA5F1BD1261BC771D30096BBCFD625A0 ] ApfiltrService  C:\Windows\system32\DRIVERS\Apfiltr.sys
19:21:17.0606 0x0d04  ApfiltrService - ok
19:21:17.0616 0x0d04  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
19:21:17.0616 0x0d04  AppID - ok
19:21:17.0636 0x0d04  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
19:21:17.0636 0x0d04  AppIDSvc - ok
19:21:17.0666 0x0d04  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
19:21:17.0666 0x0d04  Appinfo - ok
19:21:17.0716 0x0d04  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll
19:21:17.0716 0x0d04  AppMgmt - ok
19:21:17.0726 0x0d04  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
19:21:17.0726 0x0d04  arc - ok
19:21:17.0756 0x0d04  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
19:21:17.0756 0x0d04  arcsas - ok
19:21:17.0766 0x0d04  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
19:21:17.0766 0x0d04  AsyncMac - ok
19:21:17.0796 0x0d04  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
19:21:17.0796 0x0d04  atapi - ok
19:21:17.0826 0x0d04  [ 4BF5BCA6E2608CD8A00BC4A6673A9F47 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
19:21:17.0826 0x0d04  AtiHDAudioService - ok
19:21:17.0856 0x0d04  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:21:17.0866 0x0d04  AudioEndpointBuilder - ok
19:21:17.0876 0x0d04  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
19:21:17.0876 0x0d04  AudioSrv - ok
19:21:17.0886 0x0d04  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
19:21:17.0886 0x0d04  AxInstSV - ok
19:21:17.0916 0x0d04  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
19:21:17.0916 0x0d04  b06bdrv - ok
19:21:17.0936 0x0d04  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
19:21:17.0936 0x0d04  b57nd60a - ok
19:21:17.0936 0x0d04  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
19:21:17.0936 0x0d04  BDESVC - ok
19:21:17.0956 0x0d04  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
19:21:17.0956 0x0d04  Beep - ok
19:21:17.0986 0x0d04  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
19:21:17.0996 0x0d04  BFE - ok
19:21:18.0036 0x0d04  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
19:21:18.0036 0x0d04  BITS - ok
19:21:18.0076 0x0d04  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
19:21:18.0076 0x0d04  blbdrive - ok
19:21:18.0136 0x0d04  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:21:18.0136 0x0d04  Bonjour Service - ok
19:21:18.0156 0x0d04  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
19:21:18.0156 0x0d04  bowser - ok
19:21:18.0196 0x0d04  [ 597FFFAC47605337B1C719B4975238F0 ] bpenum          C:\Windows\system32\DRIVERS\bpenum.sys
19:21:18.0196 0x0d04  bpenum - ok
19:21:18.0206 0x0d04  [ F66C6AD105EF5A899207F4907366E2E2 ] bpmp            C:\Windows\system32\DRIVERS\bpmp.sys
19:21:18.0206 0x0d04  bpmp - ok
19:21:18.0256 0x0d04  [ AE6751F004DFEBE0A7548265CCF432CE ] bpusb           C:\Windows\system32\Drivers\bpusb.sys
19:21:18.0256 0x0d04  bpusb - ok
19:21:18.0276 0x0d04  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
19:21:18.0276 0x0d04  BrFiltLo - ok
19:21:18.0276 0x0d04  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
19:21:18.0276 0x0d04  BrFiltUp - ok
19:21:18.0316 0x0d04  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
19:21:18.0326 0x0d04  Browser - ok
19:21:18.0346 0x0d04  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
19:21:18.0356 0x0d04  Brserid - ok
19:21:18.0356 0x0d04  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
19:21:18.0356 0x0d04  BrSerWdm - ok
19:21:18.0356 0x0d04  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
19:21:18.0356 0x0d04  BrUsbMdm - ok
19:21:18.0366 0x0d04  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
19:21:18.0366 0x0d04  BrUsbSer - ok
19:21:18.0366 0x0d04  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
19:21:18.0366 0x0d04  BTHMODEM - ok
19:21:18.0406 0x0d04  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
19:21:18.0406 0x0d04  bthserv - ok
19:21:18.0416 0x0d04  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
19:21:18.0426 0x0d04  cdfs - ok
19:21:18.0446 0x0d04  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
19:21:18.0446 0x0d04  cdrom - ok
19:21:18.0476 0x0d04  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
19:21:18.0476 0x0d04  CertPropSvc - ok
19:21:18.0496 0x0d04  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
19:21:18.0496 0x0d04  circlass - ok
19:21:18.0516 0x0d04  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
19:21:18.0516 0x0d04  CLFS - ok
19:21:18.0566 0x0d04  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:21:18.0566 0x0d04  clr_optimization_v2.0.50727_32 - ok
19:21:18.0626 0x0d04  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:21:18.0626 0x0d04  clr_optimization_v2.0.50727_64 - ok
19:21:18.0686 0x0d04  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:21:18.0696 0x0d04  clr_optimization_v4.0.30319_32 - ok
19:21:18.0716 0x0d04  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:21:18.0716 0x0d04  clr_optimization_v4.0.30319_64 - ok
19:21:18.0746 0x0d04  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
19:21:18.0746 0x0d04  CmBatt - ok
19:21:18.0756 0x0d04  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
19:21:18.0756 0x0d04  cmdide - ok
19:21:18.0786 0x0d04  [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG             C:\Windows\system32\Drivers\cng.sys
19:21:18.0786 0x0d04  CNG - ok
19:21:18.0816 0x0d04  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
19:21:18.0816 0x0d04  Compbatt - ok
19:21:18.0836 0x0d04  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
19:21:18.0836 0x0d04  CompositeBus - ok
19:21:18.0846 0x0d04  COMSysApp - ok
19:21:18.0866 0x0d04  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
19:21:18.0866 0x0d04  crcdisk - ok
19:21:18.0926 0x0d04  [ 6E163FAAF624A03A88DFD92E607DE6E5 ] Credential Vault Host Control Service C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
19:21:18.0936 0x0d04  Credential Vault Host Control Service - ok
19:21:18.0946 0x0d04  [ 8884B4D345DDB029F43AD2E7ADD54A30 ] Credential Vault Host Storage C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
19:21:18.0946 0x0d04  Credential Vault Host Storage - ok
19:21:18.0986 0x0d04  [ 6B400F211BEE880A37A1ED0368776BF4 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
19:21:18.0996 0x0d04  CryptSvc - ok
19:21:19.0026 0x0d04  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC             C:\Windows\system32\drivers\csc.sys
19:21:19.0026 0x0d04  CSC - ok
19:21:19.0056 0x0d04  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll
19:21:19.0056 0x0d04  CscService - ok
19:21:19.0116 0x0d04  [ ED5CF92396A62F4C15110DCDB5E854D9 ] CtClsFlt        C:\Windows\system32\DRIVERS\CtClsFlt.sys
19:21:19.0116 0x0d04  CtClsFlt - ok
19:21:19.0206 0x0d04  [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
19:21:19.0206 0x0d04  cvhsvc - ok
19:21:19.0236 0x0d04  [ A84CAAE89B487931200B969D94018AFA ] cvusbdrv        C:\Windows\system32\Drivers\cvusbdrv.sys
19:21:19.0236 0x0d04  cvusbdrv - ok
19:21:19.0266 0x0d04  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
19:21:19.0276 0x0d04  DcomLaunch - ok
19:21:19.0296 0x0d04  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
19:21:19.0306 0x0d04  defragsvc - ok
19:21:19.0326 0x0d04  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
19:21:19.0326 0x0d04  DfsC - ok
19:21:19.0346 0x0d04  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
19:21:19.0356 0x0d04  Dhcp - ok
19:21:19.0376 0x0d04  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
19:21:19.0376 0x0d04  discache - ok
19:21:19.0416 0x0d04  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
19:21:19.0416 0x0d04  Disk - ok
19:21:19.0436 0x0d04  [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
19:21:19.0436 0x0d04  dmvsc - ok
19:21:19.0466 0x0d04  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
19:21:19.0466 0x0d04  Dnscache - ok
19:21:19.0486 0x0d04  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
19:21:19.0486 0x0d04  dot3svc - ok
19:21:19.0506 0x0d04  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
19:21:19.0506 0x0d04  DPS - ok
19:21:19.0546 0x0d04  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
19:21:19.0546 0x0d04  drmkaud - ok
19:21:19.0586 0x0d04  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
19:21:19.0586 0x0d04  DXGKrnl - ok
19:21:19.0636 0x0d04  [ 1BEF2C2E229452EC49FFE5A27283341D ] e1cexpress      C:\Windows\system32\DRIVERS\e1c62x64.sys
19:21:19.0636 0x0d04  e1cexpress - ok
19:21:19.0646 0x0d04  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
19:21:19.0646 0x0d04  EapHost - ok
19:21:19.0716 0x0d04  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
19:21:19.0736 0x0d04  ebdrv - ok
19:21:19.0776 0x0d04  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
19:21:19.0776 0x0d04  EFS - ok
19:21:19.0846 0x0d04  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
19:21:19.0856 0x0d04  ehRecvr - ok
19:21:19.0876 0x0d04  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
19:21:19.0876 0x0d04  ehSched - ok
19:21:19.0916 0x0d04  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
19:21:19.0926 0x0d04  elxstor - ok
19:21:19.0926 0x0d04  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
19:21:19.0926 0x0d04  ErrDev - ok
19:21:19.0986 0x0d04  [ F1F28F681D29B830E3A33B4CCB541CC9 ] EterlogicVirtualSerialDriver C:\Windows\system32\drivers\VSPE.sys
19:21:19.0986 0x0d04  EterlogicVirtualSerialDriver - ok
19:21:20.0016 0x0d04  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
19:21:20.0016 0x0d04  EventSystem - ok
19:21:20.0036 0x0d04  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
19:21:20.0036 0x0d04  exfat - ok
19:21:20.0046 0x0d04  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
19:21:20.0056 0x0d04  fastfat - ok
19:21:20.0076 0x0d04  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
19:21:20.0076 0x0d04  Fax - ok
19:21:20.0086 0x0d04  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
19:21:20.0086 0x0d04  fdc - ok
19:21:20.0106 0x0d04  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
19:21:20.0106 0x0d04  fdPHost - ok
19:21:20.0116 0x0d04  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
19:21:20.0116 0x0d04  FDResPub - ok
19:21:20.0146 0x0d04  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
19:21:20.0146 0x0d04  FileInfo - ok
19:21:20.0166 0x0d04  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
19:21:20.0166 0x0d04  Filetrace - ok
19:21:20.0176 0x0d04  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
19:21:20.0176 0x0d04  flpydisk - ok
19:21:20.0196 0x0d04  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
19:21:20.0196 0x0d04  FltMgr - ok
19:21:20.0286 0x0d04  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
19:21:20.0296 0x0d04  FontCache - ok
19:21:20.0336 0x0d04  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:21:20.0336 0x0d04  FontCache3.0.0.0 - ok
19:21:20.0346 0x0d04  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
19:21:20.0356 0x0d04  FsDepends - ok
19:21:20.0386 0x0d04  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
19:21:20.0386 0x0d04  Fs_Rec - ok
19:21:20.0416 0x0d04  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
19:21:20.0416 0x0d04  fvevol - ok
19:21:20.0446 0x0d04  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
19:21:20.0446 0x0d04  gagp30kx - ok
19:21:20.0476 0x0d04  GIVEIO - ok
19:21:20.0506 0x0d04  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
19:21:20.0506 0x0d04  gpsvc - ok
19:21:20.0556 0x0d04  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:21:20.0556 0x0d04  gupdate - ok
19:21:20.0556 0x0d04  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:21:20.0556 0x0d04  gupdatem - ok
19:21:20.0596 0x0d04  [ E0A718DC82757C994BD668BD3A3938A0 ] hcdriver        C:\Windows\system32\DRIVERS\hcdriver.sys
19:21:20.0596 0x0d04  hcdriver - ok
19:21:20.0646 0x0d04  [ 3CC07DAD48FA53193AE2F85DD8200B5E ] hcmon           C:\Windows\system32\drivers\hcmon.sys
19:21:20.0646 0x0d04  hcmon - ok
19:21:20.0676 0x0d04  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
19:21:20.0676 0x0d04  hcw85cir - ok
19:21:20.0706 0x0d04  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
19:21:20.0706 0x0d04  HDAudBus - ok
19:21:20.0706 0x0d04  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
19:21:20.0706 0x0d04  HidBatt - ok
19:21:20.0716 0x0d04  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
19:21:20.0716 0x0d04  HidBth - ok
19:21:20.0726 0x0d04  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
19:21:20.0726 0x0d04  HidIr - ok
19:21:20.0746 0x0d04  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
19:21:20.0746 0x0d04  hidserv - ok
19:21:20.0776 0x0d04  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
19:21:20.0776 0x0d04  HidUsb - ok
19:21:20.0796 0x0d04  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
19:21:20.0796 0x0d04  hkmsvc - ok
19:21:20.0816 0x0d04  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:21:20.0816 0x0d04  HomeGroupListener - ok
19:21:20.0846 0x0d04  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:21:20.0846 0x0d04  HomeGroupProvider - ok
19:21:20.0866 0x0d04  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
19:21:20.0866 0x0d04  HpSAMD - ok
19:21:20.0896 0x0d04  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
19:21:20.0906 0x0d04  HTTP - ok
19:21:20.0926 0x0d04  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
19:21:20.0926 0x0d04  hwpolicy - ok
19:21:20.0956 0x0d04  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
19:21:20.0956 0x0d04  i8042prt - ok
19:21:20.0996 0x0d04  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
19:21:20.0996 0x0d04  iaStorV - ok
19:21:21.0036 0x0d04  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:21:21.0046 0x0d04  idsvc - ok
19:21:21.0086 0x0d04  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
19:21:21.0086 0x0d04  iirsp - ok
19:21:21.0116 0x0d04  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
19:21:21.0126 0x0d04  IKEEXT - ok
19:21:21.0156 0x0d04  [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd           C:\Windows\system32\drivers\Impcd.sys
19:21:21.0166 0x0d04  Impcd - ok
19:21:21.0186 0x0d04  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
19:21:21.0186 0x0d04  intelide - ok
19:21:21.0206 0x0d04  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
19:21:21.0206 0x0d04  intelppm - ok
19:21:21.0226 0x0d04  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
19:21:21.0236 0x0d04  IPBusEnum - ok
19:21:21.0246 0x0d04  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:21:21.0246 0x0d04  IpFilterDriver - ok
19:21:21.0286 0x0d04  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
19:21:21.0296 0x0d04  iphlpsvc - ok
19:21:21.0306 0x0d04  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
19:21:21.0306 0x0d04  IPMIDRV - ok
19:21:21.0306 0x0d04  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
19:21:21.0306 0x0d04  IPNAT - ok
19:21:21.0326 0x0d04  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
19:21:21.0326 0x0d04  IRENUM - ok
19:21:21.0336 0x0d04  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
19:21:21.0346 0x0d04  isapnp - ok
19:21:21.0356 0x0d04  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
19:21:21.0356 0x0d04  iScsiPrt - ok
19:21:21.0376 0x0d04  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
19:21:21.0376 0x0d04  kbdclass - ok
19:21:21.0396 0x0d04  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
19:21:21.0396 0x0d04  kbdhid - ok
19:21:21.0406 0x0d04  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
19:21:21.0416 0x0d04  KeyIso - ok
19:21:21.0446 0x0d04  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
19:21:21.0446 0x0d04  KSecDD - ok
19:21:21.0466 0x0d04  [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
19:21:21.0466 0x0d04  KSecPkg - ok
19:21:21.0486 0x0d04  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
19:21:21.0486 0x0d04  ksthunk - ok
19:21:21.0506 0x0d04  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
19:21:21.0516 0x0d04  KtmRm - ok
19:21:21.0556 0x0d04  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
19:21:21.0576 0x0d04  LanmanServer - ok
19:21:21.0626 0x0d04  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:21:21.0656 0x0d04  LanmanWorkstation - ok
19:21:21.0716 0x0d04  [ 458ED3DAE4A8FF4AD350EAE1464CF65F ] libusb0         C:\Windows\system32\DRIVERS\libusb0.sys
19:21:21.0726 0x0d04  libusb0 - ok
19:21:21.0756 0x0d04  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
19:21:21.0756 0x0d04  lltdio - ok
19:21:21.0776 0x0d04  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
19:21:21.0776 0x0d04  lltdsvc - ok
19:21:21.0796 0x0d04  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
19:21:21.0806 0x0d04  lmhosts - ok
19:21:21.0846 0x0d04  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
19:21:21.0846 0x0d04  LSI_FC - ok
19:21:21.0856 0x0d04  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
19:21:21.0856 0x0d04  LSI_SAS - ok
19:21:21.0866 0x0d04  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
19:21:21.0866 0x0d04  LSI_SAS2 - ok
19:21:21.0866 0x0d04  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
19:21:21.0866 0x0d04  LSI_SCSI - ok
19:21:21.0886 0x0d04  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
19:21:21.0886 0x0d04  luafv - ok
19:21:21.0936 0x0d04  [ BA3963A603F0504EB2A1475B335EAB53 ] MCHPUSB         C:\Windows\system32\DRIVERS\mchpusb64.sys
19:21:21.0936 0x0d04  MCHPUSB - ok
19:21:21.0966 0x0d04  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
19:21:21.0966 0x0d04  Mcx2Svc - ok
19:21:21.0986 0x0d04  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
19:21:21.0986 0x0d04  megasas - ok
19:21:21.0986 0x0d04  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
19:21:21.0996 0x0d04  MegaSR - ok
19:21:22.0016 0x0d04  [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64          C:\Windows\system32\drivers\HECIx64.sys
19:21:22.0016 0x0d04  MEIx64 - ok
19:21:22.0046 0x0d04  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
19:21:22.0046 0x0d04  MMCSS - ok
19:21:22.0056 0x0d04  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
19:21:22.0066 0x0d04  Modem - ok
19:21:22.0096 0x0d04  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
19:21:22.0096 0x0d04  monitor - ok
19:21:22.0116 0x0d04  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
19:21:22.0116 0x0d04  mouclass - ok
19:21:22.0126 0x0d04  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
19:21:22.0136 0x0d04  mouhid - ok
19:21:22.0156 0x0d04  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
19:21:22.0156 0x0d04  mountmgr - ok
19:21:22.0226 0x0d04  [ A35576A433F4AEB0D48976A004657CB6 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:21:22.0226 0x0d04  MozillaMaintenance - ok
19:21:22.0246 0x0d04  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
19:21:22.0246 0x0d04  mpio - ok
19:21:22.0256 0x0d04  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
19:21:22.0256 0x0d04  mpsdrv - ok
19:21:22.0296 0x0d04  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
19:21:22.0306 0x0d04  MpsSvc - ok
19:21:22.0306 0x0d04  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
19:21:22.0306 0x0d04  MRxDAV - ok
19:21:22.0366 0x0d04  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
19:21:22.0366 0x0d04  mrxsmb - ok
19:21:22.0386 0x0d04  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:21:22.0396 0x0d04  mrxsmb10 - ok
19:21:22.0406 0x0d04  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:21:22.0406 0x0d04  mrxsmb20 - ok
19:21:22.0436 0x0d04  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
19:21:22.0436 0x0d04  msahci - ok
19:21:22.0456 0x0d04  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
19:21:22.0456 0x0d04  msdsm - ok
19:21:22.0476 0x0d04  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
19:21:22.0476 0x0d04  MSDTC - ok
19:21:22.0506 0x0d04  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
19:21:22.0506 0x0d04  Msfs - ok
19:21:22.0516 0x0d04  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
19:21:22.0516 0x0d04  mshidkmdf - ok
19:21:22.0536 0x0d04  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
19:21:22.0536 0x0d04  msisadrv - ok
19:21:22.0556 0x0d04  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
19:21:22.0566 0x0d04  MSiSCSI - ok
19:21:22.0566 0x0d04  msiserver - ok
19:21:22.0596 0x0d04  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
19:21:22.0596 0x0d04  MSKSSRV - ok
19:21:22.0616 0x0d04  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
19:21:22.0616 0x0d04  MSPCLOCK - ok
19:21:22.0616 0x0d04  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
19:21:22.0616 0x0d04  MSPQM - ok
19:21:22.0636 0x0d04  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
19:21:22.0636 0x0d04  MsRPC - ok
19:21:22.0646 0x0d04  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
19:21:22.0646 0x0d04  mssmbios - ok
19:21:22.0666 0x0d04  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
19:21:22.0666 0x0d04  MSTEE - ok
19:21:22.0676 0x0d04  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
19:21:22.0676 0x0d04  MTConfig - ok
19:21:22.0686 0x0d04  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
19:21:22.0686 0x0d04  Mup - ok
19:21:22.0716 0x0d04  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
19:21:22.0716 0x0d04  napagent - ok
19:21:22.0726 0x0d04  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
19:21:22.0736 0x0d04  NativeWifiP - ok
19:21:22.0776 0x0d04  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
19:21:22.0786 0x0d04  NDIS - ok
19:21:22.0806 0x0d04  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
19:21:22.0806 0x0d04  NdisCap - ok
19:21:22.0816 0x0d04  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
19:21:22.0816 0x0d04  NdisTapi - ok
19:21:22.0846 0x0d04  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
19:21:22.0846 0x0d04  Ndisuio - ok
19:21:22.0876 0x0d04  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
19:21:22.0876 0x0d04  NdisWan - ok
19:21:22.0896 0x0d04  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
19:21:22.0896 0x0d04  NDProxy - ok
19:21:22.0906 0x0d04  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
19:21:22.0906 0x0d04  NetBIOS - ok
19:21:22.0916 0x0d04  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
19:21:22.0916 0x0d04  NetBT - ok
19:21:22.0926 0x0d04  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
19:21:22.0926 0x0d04  Netlogon - ok
19:21:22.0956 0x0d04  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
19:21:22.0966 0x0d04  Netman - ok
19:21:22.0976 0x0d04  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
19:21:22.0986 0x0d04  netprofm - ok
19:21:23.0006 0x0d04  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:21:23.0006 0x0d04  NetTcpPortSharing - ok
19:21:23.0146 0x0d04  [ 5D262402B0634C998F8CBCEAD7DD8676 ] NETwNs64        C:\Windows\system32\DRIVERS\NETwNs64.sys
19:21:23.0206 0x0d04  NETwNs64 - ok
19:21:23.0236 0x0d04  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
19:21:23.0236 0x0d04  nfrd960 - ok
19:21:23.0266 0x0d04  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
19:21:23.0266 0x0d04  NlaSvc - ok
19:21:23.0296 0x0d04  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
19:21:23.0296 0x0d04  Npfs - ok
19:21:23.0326 0x0d04  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
19:21:23.0326 0x0d04  nsi - ok
19:21:23.0326 0x0d04  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
19:21:23.0336 0x0d04  nsiproxy - ok
19:21:23.0386 0x0d04  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
19:21:23.0406 0x0d04  Ntfs - ok
19:21:23.0536 0x0d04  [ 4E6E6BE52EF05E666CC7D6D99C2C426A ] ntrtscan        C:\Program Files (x86)\Trend Micro\Client Server Security Agent\ntrtscan.exe
19:21:23.0546 0x0d04  ntrtscan - ok
19:21:23.0576 0x0d04  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
19:21:23.0576 0x0d04  Null - ok
19:21:23.0606 0x0d04  [ A7127E86F9FFE2A53E271B56B2C4CEDF ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
19:21:23.0606 0x0d04  nusb3hub - ok
19:21:23.0636 0x0d04  [ 49BBEC6F48D5F9284B03ABF3A959B19B ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
19:21:23.0636 0x0d04  nusb3xhc - ok
19:21:23.0676 0x0d04  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
19:21:23.0676 0x0d04  nvraid - ok
19:21:23.0696 0x0d04  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
19:21:23.0696 0x0d04  nvstor - ok
19:21:23.0726 0x0d04  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
19:21:23.0726 0x0d04  nv_agp - ok
19:21:23.0756 0x0d04  [ 4E37455DB16AEC75862B1D0BC35B589E ] O2FLASH         C:\Windows\system32\DRIVERS\o2flash.exe
19:21:23.0756 0x0d04  O2FLASH - ok
19:21:23.0766 0x0d04  [ 6172DB160FC566CF24307941C0E94D8E ] O2MDFRDR        C:\Windows\system32\drivers\O2MDFw7x64.sys
19:21:23.0776 0x0d04  O2MDFRDR - ok
19:21:23.0796 0x0d04  [ 4185C21486978194DF268460F8DDC85D ] O2MDRRDR        C:\Windows\system32\DRIVERS\O2MDRxpx64.sys
19:21:23.0796 0x0d04  O2MDRRDR - ok
19:21:23.0806 0x0d04  [ 9ECF5774CBA5B503C040E035F58462CC ] O2SDJRDR        C:\Windows\system32\DRIVERS\o2sdjxpx64.sys
19:21:23.0806 0x0d04  O2SDJRDR - ok
19:21:23.0826 0x0d04  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
19:21:23.0826 0x0d04  ohci1394 - ok
19:21:23.0866 0x0d04  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:21:23.0866 0x0d04  ose - ok
19:21:23.0966 0x0d04  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:21:24.0006 0x0d04  osppsvc - ok
19:21:24.0066 0x0d04  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
19:21:24.0066 0x0d04  p2pimsvc - ok
19:21:24.0086 0x0d04  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
19:21:24.0086 0x0d04  p2psvc - ok
19:21:24.0116 0x0d04  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
19:21:24.0116 0x0d04  Parport - ok
19:21:24.0146 0x0d04  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
19:21:24.0146 0x0d04  partmgr - ok
19:21:24.0166 0x0d04  [ 363B3F857ABEE85767E01E3044C539CD ] PBADRV          C:\Windows\system32\DRIVERS\PBADRV.sys
19:21:24.0166 0x0d04  PBADRV - ok
19:21:24.0186 0x0d04  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
19:21:24.0186 0x0d04  PcaSvc - ok
19:21:24.0206 0x0d04  PCDSRVC{67F2314B-25F2B3C0-06020101}_0 - ok
19:21:24.0226 0x0d04  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
19:21:24.0226 0x0d04  pci - ok
19:21:24.0286 0x0d04  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
19:21:24.0286 0x0d04  pciide - ok
19:21:24.0316 0x0d04  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
19:21:24.0316 0x0d04  pcmcia - ok
19:21:24.0346 0x0d04  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
19:21:24.0346 0x0d04  pcw - ok
19:21:24.0376 0x0d04  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
19:21:24.0386 0x0d04  PEAUTH - ok
19:21:24.0486 0x0d04  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
19:21:24.0496 0x0d04  PeerDistSvc - ok
19:21:24.0596 0x0d04  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
19:21:24.0596 0x0d04  PerfHost - ok
19:21:24.0636 0x0d04  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
19:21:24.0646 0x0d04  pla - ok
19:21:24.0696 0x0d04  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
19:21:24.0696 0x0d04  PlugPlay - ok
19:21:24.0756 0x0d04  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
19:21:24.0756 0x0d04  PNRPAutoReg - ok
19:21:24.0796 0x0d04  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
19:21:24.0796 0x0d04  PNRPsvc - ok
19:21:24.0896 0x0d04  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
19:21:24.0906 0x0d04  PolicyAgent - ok
19:21:24.0926 0x0d04  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
19:21:24.0936 0x0d04  Power - ok
19:21:24.0956 0x0d04  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
19:21:24.0956 0x0d04  PptpMiniport - ok
19:21:24.0966 0x0d04  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
19:21:24.0966 0x0d04  Processor - ok
19:21:25.0006 0x0d04  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
19:21:25.0006 0x0d04  ProfSvc - ok
19:21:25.0016 0x0d04  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:21:25.0016 0x0d04  ProtectedStorage - ok
19:21:25.0046 0x0d04  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
19:21:25.0046 0x0d04  Psched - ok
19:21:25.0106 0x0d04  [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
19:21:25.0106 0x0d04  PxHlpa64 - ok
19:21:25.0146 0x0d04  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
19:21:25.0156 0x0d04  ql2300 - ok
19:21:25.0156 0x0d04  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
19:21:25.0156 0x0d04  ql40xx - ok
19:21:25.0186 0x0d04  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
19:21:25.0186 0x0d04  QWAVE - ok
19:21:25.0216 0x0d04  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
19:21:25.0216 0x0d04  QWAVEdrv - ok
19:21:25.0216 0x0d04  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
19:21:25.0216 0x0d04  RasAcd - ok
19:21:25.0246 0x0d04  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
19:21:25.0246 0x0d04  RasAgileVpn - ok
19:21:25.0256 0x0d04  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
19:21:25.0256 0x0d04  RasAuto - ok
19:21:25.0296 0x0d04  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
19:21:25.0296 0x0d04  Rasl2tp - ok
19:21:25.0316 0x0d04  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
19:21:25.0326 0x0d04  RasMan - ok
19:21:25.0336 0x0d04  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
19:21:25.0336 0x0d04  RasPppoe - ok
19:21:25.0346 0x0d04  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
19:21:25.0346 0x0d04  RasSstp - ok
19:21:25.0356 0x0d04  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
19:21:25.0366 0x0d04  rdbss - ok
19:21:25.0376 0x0d04  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
19:21:25.0376 0x0d04  rdpbus - ok
19:21:25.0416 0x0d04  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
19:21:25.0416 0x0d04  RDPCDD - ok
19:21:25.0446 0x0d04  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
19:21:25.0446 0x0d04  RDPDR - ok
19:21:25.0466 0x0d04  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
19:21:25.0476 0x0d04  RDPENCDD - ok
19:21:25.0516 0x0d04  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
19:21:25.0516 0x0d04  RDPREFMP - ok
19:21:25.0576 0x0d04  [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
19:21:25.0576 0x0d04  RdpVideoMiniport - ok
19:21:25.0596 0x0d04  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
19:21:25.0606 0x0d04  RDPWD - ok
19:21:25.0636 0x0d04  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
19:21:25.0636 0x0d04  rdyboost - ok
19:21:25.0656 0x0d04  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
19:21:25.0656 0x0d04  RemoteAccess - ok
19:21:25.0686 0x0d04  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
19:21:25.0686 0x0d04  RemoteRegistry - ok
19:21:25.0796 0x0d04  [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
19:21:25.0806 0x0d04  RoxMediaDB12OEM - ok
19:21:25.0836 0x0d04  [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12      C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
19:21:25.0836 0x0d04  RoxWatch12 - ok
19:21:25.0846 0x0d04  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
19:21:25.0846 0x0d04  RpcEptMapper - ok
19:21:25.0876 0x0d04  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
19:21:25.0876 0x0d04  RpcLocator - ok
19:21:25.0896 0x0d04  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
19:21:25.0896 0x0d04  RpcSs - ok
19:21:25.0926 0x0d04  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
19:21:25.0926 0x0d04  rspndr - ok
19:21:25.0936 0x0d04  [ E60C0A09F997826C7627B244195AB581 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
19:21:25.0946 0x0d04  s3cap - ok
19:21:25.0956 0x0d04  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
19:21:25.0956 0x0d04  SamSs - ok
19:21:25.0996 0x0d04  [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
19:21:25.0996 0x0d04  SASDIFSV - ok
19:21:26.0006 0x0d04  [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
19:21:26.0006 0x0d04  SASKUTIL - ok
19:21:26.0026 0x0d04  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
19:21:26.0026 0x0d04  sbp2port - ok
19:21:26.0046 0x0d04  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
19:21:26.0046 0x0d04  SCardSvr - ok
19:21:26.0056 0x0d04  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
19:21:26.0056 0x0d04  scfilter - ok
19:21:26.0086 0x0d04  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
19:21:26.0096 0x0d04  Schedule - ok
19:21:26.0116 0x0d04  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
19:21:26.0116 0x0d04  SCPolicySvc - ok
19:21:26.0136 0x0d04  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
19:21:26.0136 0x0d04  SDRSVC - ok
19:21:26.0166 0x0d04  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
19:21:26.0166 0x0d04  secdrv - ok
19:21:26.0236 0x0d04  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
19:21:26.0246 0x0d04  seclogon - ok
19:21:26.0356 0x0d04  [ F3D951071C624137430FE65A67541EF9 ] SecureStorageService C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Secure Storage Manager\SecureStorageService.exe
19:21:26.0376 0x0d04  SecureStorageService - ok
19:21:26.0426 0x0d04  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
19:21:26.0426 0x0d04  SENS - ok
19:21:26.0436 0x0d04  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
19:21:26.0436 0x0d04  SensrSvc - ok
19:21:26.0466 0x0d04  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
19:21:26.0466 0x0d04  Serenum - ok
19:21:26.0496 0x0d04  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
19:21:26.0496 0x0d04  Serial - ok
19:21:26.0516 0x0d04  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
19:21:26.0516 0x0d04  sermouse - ok
19:21:26.0536 0x0d04  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
19:21:26.0536 0x0d04  SessionEnv - ok
19:21:26.0536 0x0d04  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
19:21:26.0536 0x0d04  sffdisk - ok
19:21:26.0536 0x0d04  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
19:21:26.0536 0x0d04  sffp_mmc - ok
19:21:26.0546 0x0d04  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
19:21:26.0546 0x0d04  sffp_sd - ok
19:21:26.0546 0x0d04  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
19:21:26.0546 0x0d04  sfloppy - ok
19:21:26.0596 0x0d04  [ C6CC9297BD53E5229653303E556AA539 ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys
19:21:26.0596 0x0d04  Sftfs - ok
19:21:26.0666 0x0d04  [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
19:21:26.0666 0x0d04  sftlist - ok
19:21:26.0756 0x0d04  [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys
19:21:26.0756 0x0d04  Sftplay - ok
19:21:26.0766 0x0d04  [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
19:21:26.0766 0x0d04  Sftredir - ok
19:21:26.0776 0x0d04  [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
19:21:26.0776 0x0d04  Sftvol - ok
19:21:26.0806 0x0d04  [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
19:21:26.0806 0x0d04  sftvsa - ok
19:21:26.0836 0x0d04  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
19:21:26.0836 0x0d04  SharedAccess - ok
19:21:26.0876 0x0d04  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:21:26.0876 0x0d04  ShellHWDetection - ok
19:21:26.0906 0x0d04  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
19:21:26.0906 0x0d04  SiSRaid2 - ok
19:21:26.0916 0x0d04  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
19:21:26.0916 0x0d04  SiSRaid4 - ok
19:21:26.0916 0x0d04  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
19:21:26.0916 0x0d04  Smb - ok
19:21:26.0946 0x0d04  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
19:21:26.0946 0x0d04  SNMPTRAP - ok
19:21:26.0956 0x0d04  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
19:21:26.0956 0x0d04  spldr - ok
19:21:26.0996 0x0d04  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
19:21:26.0996 0x0d04  Spooler - ok
19:21:27.0056 0x0d04  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
19:21:27.0086 0x0d04  sppsvc - ok
19:21:27.0106 0x0d04  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
19:21:27.0106 0x0d04  sppuinotify - ok
19:21:27.0136 0x0d04  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
19:21:27.0136 0x0d04  srv - ok
19:21:27.0156 0x0d04  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
19:21:27.0156 0x0d04  srv2 - ok
19:21:27.0166 0x0d04  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
19:21:27.0166 0x0d04  srvnet - ok
19:21:27.0226 0x0d04  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
19:21:27.0226 0x0d04  SSDPSRV - ok
19:21:27.0236 0x0d04  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
19:21:27.0236 0x0d04  SstpSvc - ok
19:21:27.0276 0x0d04  [ B2D8B364A831427A5741F6C408FA8AE3 ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe
19:21:27.0276 0x0d04  STacSV - ok
19:21:27.0296 0x0d04  [ 92E7F6666633D2DD91D527503DAA7BE0 ] stdcfltn        C:\Windows\system32\DRIVERS\stdcfltn.sys
19:21:27.0296 0x0d04  stdcfltn - ok
19:21:27.0336 0x0d04  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
19:21:27.0336 0x0d04  stexstor - ok
19:21:27.0366 0x0d04  [ EF5ACDE92BA3F691BBFEF781CB063501 ] STHDA           C:\Windows\system32\DRIVERS\stwrt64.sys
19:21:27.0366 0x0d04  STHDA - ok
19:21:27.0406 0x0d04  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
19:21:27.0406 0x0d04  stisvc - ok
19:21:27.0436 0x0d04  [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr        C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
19:21:27.0436 0x0d04  stllssvr - ok
19:21:27.0456 0x0d04  [ 7785DC213270D2FC066538DAF94087E7 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
19:21:27.0456 0x0d04  storflt - ok
19:21:27.0476 0x0d04  [ C40841817EF57D491F22EB103DA587CC ] StorSvc         C:\Windows\system32\storsvc.dll
19:21:27.0486 0x0d04  StorSvc - ok
19:21:27.0486 0x0d04  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
19:21:27.0496 0x0d04  storvsc - ok
19:21:27.0586 0x0d04  [ DA8DA61CB3289AE3840D35C3C73317A3 ] svcGenericHost  C:\Program Files (x86)\Trend Micro\Client Server Security Agent\HostedAgent\svcGenericHost.exe
19:21:27.0586 0x0d04  svcGenericHost - ok
19:21:27.0606 0x0d04  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
19:21:27.0606 0x0d04  swenum - ok
19:21:27.0636 0x0d04  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
19:21:27.0646 0x0d04  swprv - ok
19:21:27.0686 0x0d04  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
19:21:27.0696 0x0d04  SysMain - ok
19:21:27.0716 0x0d04  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:21:27.0716 0x0d04  TabletInputService - ok
19:21:27.0736 0x0d04  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
19:21:27.0736 0x0d04  TapiSrv - ok
19:21:27.0746 0x0d04  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
19:21:27.0756 0x0d04  TBS - ok
19:21:27.0796 0x0d04  [ DB74544B75566C974815E79A62433F29 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
19:21:27.0816 0x0d04  Tcpip - ok
19:21:27.0846 0x0d04  [ DB74544B75566C974815E79A62433F29 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
19:21:27.0856 0x0d04  TCPIP6 - ok
19:21:27.0886 0x0d04  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
19:21:27.0886 0x0d04  tcpipreg - ok
19:21:27.0966 0x0d04  [ E42D560E2163480E7B586B14ABEB3386 ] tcsd_win32.exe  C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
19:21:27.0976 0x0d04  tcsd_win32.exe - ok
19:21:28.0056 0x0d04  [ 347D6407C90C0B6AC82F8249EBA9A482 ] TdmService      C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe
19:21:28.0076 0x0d04  TdmService - ok
19:21:28.0096 0x0d04  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
19:21:28.0096 0x0d04  TDPIPE - ok
19:21:28.0126 0x0d04  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
19:21:28.0126 0x0d04  TDTCP - ok
19:21:28.0136 0x0d04  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
19:21:28.0136 0x0d04  tdx - ok
19:21:28.0166 0x0d04  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
19:21:28.0166 0x0d04  TermDD - ok
19:21:28.0196 0x0d04  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
19:21:28.0206 0x0d04  TermService - ok
19:21:28.0266 0x0d04  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
19:21:28.0266 0x0d04  Themes - ok
19:21:28.0296 0x0d04  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
19:21:28.0296 0x0d04  THREADORDER - ok
19:21:28.0326 0x0d04  [ 5602F33CCC295C7C80E9DB2B2C5CEB06 ] TmFilter        C:\Program Files (x86)\Trend Micro\Client Server Security Agent\TmXPFlt.sys
19:21:28.0326 0x0d04  TmFilter - ok
19:21:28.0366 0x0d04  [ BAC43306908F70E878BFE01F3A9079CA ] tmlisten        C:\Program Files (x86)\Trend Micro\Client Server Security Agent\tmlisten.exe
19:21:28.0386 0x0d04  tmlisten - ok
19:21:28.0416 0x0d04  [ B5C00FC8786A237937C33AABEE68CA26 ] tmlwf           C:\Windows\system32\DRIVERS\tmlwf.sys
19:21:28.0416 0x0d04  tmlwf - ok
19:21:28.0426 0x0d04  [ 48D09383511757645C0A828622EF5AB3 ] TmPfw           C:\Program Files (x86)\Trend Micro\Client Server Security Agent\TmPfw.exe
19:21:28.0436 0x0d04  TmPfw - ok
19:21:28.0446 0x0d04  [ AA78D4E62E335EAD1C200875D7DAC9FA ] TmPreFilter     C:\Program Files (x86)\Trend Micro\Client Server Security Agent\TmPreFlt.sys
19:21:28.0446 0x0d04  TmPreFilter - ok
19:21:28.0486 0x0d04  [ A4B0E0D9CB7AAED795BF880C3EDAA08F ] TmProxy         C:\Program Files (x86)\Trend Micro\Client Server Security Agent\TmProxy.exe
19:21:28.0486 0x0d04  TmProxy - ok
19:21:28.0516 0x0d04  [ A42E6780C52B248AF54C6010A9A93384 ] tmtdi           C:\Windows\system32\DRIVERS\tmtdi.sys
19:21:28.0516 0x0d04  tmtdi - ok
19:21:28.0556 0x0d04  [ 5D38C32A4B093BC8190CF3FB9078C9CD ] tmwfp           C:\Windows\system32\DRIVERS\tmwfp.sys
19:21:28.0556 0x0d04  tmwfp - ok
19:21:28.0586 0x0d04  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
19:21:28.0586 0x0d04  TrkWks - ok
19:21:28.0636 0x0d04  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:21:28.0636 0x0d04  TrustedInstaller - ok
19:21:28.0676 0x0d04  [ 4CE278FC9671BA81A138D70823FCAA09 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
19:21:28.0676 0x0d04  tssecsrv - ok
19:21:28.0696 0x0d04  [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
19:21:28.0696 0x0d04  TsUsbFlt - ok
19:21:28.0726 0x0d04  [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
19:21:28.0726 0x0d04  TsUsbGD - ok
19:21:28.0766 0x0d04  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
19:21:28.0766 0x0d04  tunnel - ok
19:21:28.0786 0x0d04  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
19:21:28.0786 0x0d04  uagp35 - ok
19:21:28.0796 0x0d04  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
19:21:28.0806 0x0d04  udfs - ok
19:21:28.0826 0x0d04  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
19:21:28.0826 0x0d04  UI0Detect - ok
19:21:28.0856 0x0d04  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
19:21:28.0856 0x0d04  uliagpkx - ok
19:21:28.0886 0x0d04  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
19:21:28.0886 0x0d04  umbus - ok
19:21:28.0896 0x0d04  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
19:21:28.0896 0x0d04  UmPass - ok
19:21:28.0926 0x0d04  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll
19:21:28.0936 0x0d04  UmRdpService - ok
19:21:28.0966 0x0d04  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
19:21:28.0966 0x0d04  upnphost - ok
19:21:29.0006 0x0d04  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
19:21:29.0006 0x0d04  usbaudio - ok
19:21:29.0026 0x0d04  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
19:21:29.0036 0x0d04  usbccgp - ok
19:21:29.0066 0x0d04  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
19:21:29.0066 0x0d04  usbcir - ok
19:21:29.0086 0x0d04  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
19:21:29.0086 0x0d04  usbehci - ok
19:21:29.0106 0x0d04  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
19:21:29.0116 0x0d04  usbhub - ok
19:21:29.0126 0x0d04  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
19:21:29.0126 0x0d04  usbohci - ok
19:21:29.0136 0x0d04  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\drivers\usbprint.sys
19:21:29.0136 0x0d04  usbprint - ok
19:21:29.0166 0x0d04  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:21:29.0166 0x0d04  USBSTOR - ok
19:21:29.0166 0x0d04  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
19:21:29.0166 0x0d04  usbuhci - ok
19:21:29.0196 0x0d04  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
19:21:29.0196 0x0d04  UxSms - ok
19:21:29.0206 0x0d04  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
19:21:29.0206 0x0d04  VaultSvc - ok
19:21:29.0256 0x0d04  [ C30F3D43CEB6F79ADE9B805387E5F63C ] VBoxDrv         C:\Windows\system32\DRIVERS\VBoxDrv.sys
19:21:29.0256 0x0d04  VBoxDrv - ok
19:21:29.0296 0x0d04  [ 8ACF22B86CE4E85C23E3E9513BF45C37 ] VBoxNetAdp      C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
19:21:29.0296 0x0d04  VBoxNetAdp - ok
19:21:29.0326 0x0d04  [ 7B657669C53A0E6583F07EBAA303D9EA ] VBoxNetFlt      C:\Windows\system32\DRIVERS\VBoxNetFlt.sys
19:21:29.0326 0x0d04  VBoxNetFlt - ok
19:21:29.0366 0x0d04  [ CF3EE68CD9723E9F21E3198A0F690400 ] VBoxUSBMon      C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
19:21:29.0366 0x0d04  VBoxUSBMon - ok
19:21:29.0396 0x0d04  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
19:21:29.0396 0x0d04  vdrvroot - ok
19:21:29.0426 0x0d04  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
19:21:29.0436 0x0d04  vds - ok
19:21:29.0456 0x0d04  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
19:21:29.0456 0x0d04  vga - ok
19:21:29.0466 0x0d04  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
19:21:29.0466 0x0d04  VgaSave - ok
19:21:29.0466 0x0d04  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
19:21:29.0466 0x0d04  vhdmp - ok
19:21:29.0496 0x0d04  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
19:21:29.0496 0x0d04  viaide - ok
19:21:29.0516 0x0d04  VICHW11 - ok
19:21:29.0596 0x0d04  [ C740CC9D52EB278A86F42075DA96CB19 ] VMAuthdService  C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
19:21:29.0596 0x0d04  VMAuthdService - ok
19:21:29.0626 0x0d04  [ 86EA3E79AE350FEA5331A1303054005F ] vmbus           C:\Windows\system32\drivers\vmbus.sys
19:21:29.0626 0x0d04  vmbus - ok
19:21:29.0636 0x0d04  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
19:21:29.0636 0x0d04  VMBusHID - ok
19:21:29.0676 0x0d04  [ 6203C901DEFF10631AAD919B3BD1489B ] vmci            C:\Windows\system32\DRIVERS\vmci.sys
19:21:29.0676 0x0d04  vmci - ok
19:21:29.0696 0x0d04  [ AEF53B47E960F227BF7638A6A1A9D5C6 ] VMnetAdapter    C:\Windows\system32\DRIVERS\vmnetadapter.sys
19:21:29.0696 0x0d04  VMnetAdapter - ok
19:21:29.0726 0x0d04  [ C234A1DC2F06A15B9210787F54253810 ] VMnetBridge     C:\Windows\system32\DRIVERS\vmnetbridge.sys
19:21:29.0726 0x0d04  VMnetBridge - ok
19:21:29.0726 0x0d04  VMnetDHCP - ok
19:21:29.0736 0x0d04  [ 25FBBC8C168AEE1753C330352EA6D009 ] VMnetuserif     C:\Windows\system32\drivers\vmnetuserif.sys
19:21:29.0736 0x0d04  VMnetuserif - ok
19:21:29.0746 0x0d04  [ 35EF11B49B407FF34498019691147528 ] VMparport       C:\Windows\system32\drivers\VMparport.sys
19:21:29.0746 0x0d04  VMparport - ok
19:21:29.0786 0x0d04  [ 415B167695C4B5960A13098622EF3D80 ] vmusb           C:\Windows\system32\Drivers\vmusb.sys
19:21:29.0786 0x0d04  vmusb - ok
19:21:29.0856 0x0d04  [ B55A8DADA1D825B73C811101B06E012F ] VMUSBArbService C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
19:21:29.0866 0x0d04  VMUSBArbService - ok
19:21:29.0876 0x0d04  VMware NAT Service - ok
19:21:30.0066 0x0d04  [ 4B3FB4EDCD0DC0629871D7EB496252E3 ] VMwareHostd     C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
19:21:30.0196 0x0d04  VMwareHostd - ok
19:21:30.0246 0x0d04  [ D37CB37BF3FB6612BCA19D81EFA16122 ] vmx86           C:\Windows\system32\drivers\vmx86.sys
19:21:30.0246 0x0d04  vmx86 - ok
19:21:30.0276 0x0d04  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
19:21:30.0276 0x0d04  volmgr - ok
19:21:30.0296 0x0d04  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
19:21:30.0296 0x0d04  volmgrx - ok
19:21:30.0316 0x0d04  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
19:21:30.0316 0x0d04  volsnap - ok
19:21:30.0366 0x0d04  [ AD4BA28B99BCFBFF40A550872A652A33 ] VSApiNt         C:\Program Files (x86)\Trend Micro\Client Server Security Agent\VSApiNt.sys
19:21:30.0376 0x0d04  VSApiNt - ok
19:21:30.0396 0x0d04  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
19:21:30.0396 0x0d04  vsmraid - ok
19:21:30.0416 0x0d04  [ EF1E48D431223F670CFFD6169B1A136F ] vsock           C:\Windows\system32\drivers\vsock.sys
19:21:30.0416 0x0d04  vsock - ok
19:21:30.0456 0x0d04  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
19:21:30.0476 0x0d04  VSS - ok
19:21:30.0566 0x0d04  [ 65EFAEC68FA234F36880533A79D7B1C1 ] vstor2-mntapi10-shared C:\Windows\syswow64\drivers\vstor2-mntapi10-shared.sys
19:21:30.0566 0x0d04  vstor2-mntapi10-shared - ok
19:21:30.0586 0x0d04  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
19:21:30.0586 0x0d04  vwifibus - ok
19:21:30.0596 0x0d04  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
19:21:30.0596 0x0d04  vwififlt - ok
19:21:30.0606 0x0d04  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
19:21:30.0606 0x0d04  W32Time - ok
19:21:30.0626 0x0d04  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
19:21:30.0626 0x0d04  WacomPen - ok
19:21:30.0656 0x0d04  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
19:21:30.0656 0x0d04  WANARP - ok
19:21:30.0656 0x0d04  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
19:21:30.0656 0x0d04  Wanarpv6 - ok
19:21:30.0696 0x0d04  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
19:21:30.0706 0x0d04  WatAdminSvc - ok
19:21:30.0746 0x0d04  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
19:21:30.0766 0x0d04  wbengine - ok
19:21:30.0776 0x0d04  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
19:21:30.0786 0x0d04  WbioSrvc - ok
19:21:30.0806 0x0d04  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
19:21:30.0806 0x0d04  wcncsvc - ok
19:21:30.0816 0x0d04  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:21:30.0826 0x0d04  WcsPlugInService - ok
19:21:30.0836 0x0d04  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
19:21:30.0836 0x0d04  Wd - ok
19:21:30.0876 0x0d04  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
19:21:30.0886 0x0d04  Wdf01000 - ok
19:21:30.0896 0x0d04  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
19:21:30.0896 0x0d04  WdiServiceHost - ok
19:21:30.0896 0x0d04  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
19:21:30.0896 0x0d04  WdiSystemHost - ok
19:21:30.0926 0x0d04  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
19:21:30.0936 0x0d04  WebClient - ok
19:21:30.0946 0x0d04  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
19:21:30.0946 0x0d04  Wecsvc - ok
19:21:30.0966 0x0d04  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
19:21:30.0966 0x0d04  wercplsupport - ok
19:21:30.0986 0x0d04  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
19:21:30.0986 0x0d04  WerSvc - ok
19:21:31.0016 0x0d04  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
19:21:31.0016 0x0d04  WfpLwf - ok
19:21:31.0026 0x0d04  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
19:21:31.0026 0x0d04  WIMMount - ok
19:21:31.0056 0x0d04  WinDefend - ok
19:21:31.0086 0x0d04  [ 18A47DBD1191D40FC8AE347A535AF238 ] WinDriver6      C:\Windows\system32\drivers\windrvr6.sys
19:21:31.0086 0x0d04  WinDriver6 - ok
19:21:31.0106 0x0d04  WinHttpAutoProxySvc - ok
19:21:31.0146 0x0d04  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
19:21:31.0156 0x0d04  Winmgmt - ok
19:21:31.0206 0x0d04  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
19:21:31.0226 0x0d04  WinRM - ok
19:21:31.0256 0x0d04  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUSB.sys
19:21:31.0256 0x0d04  WinUsb - ok
19:21:31.0296 0x0d04  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
19:21:31.0306 0x0d04  Wlansvc - ok
19:21:31.0346 0x0d04  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
19:21:31.0346 0x0d04  WmiAcpi - ok
19:21:31.0366 0x0d04  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
19:21:31.0376 0x0d04  wmiApSrv - ok
19:21:31.0386 0x0d04  WMPNetworkSvc - ok
19:21:31.0406 0x0d04  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
19:21:31.0406 0x0d04  WPCSvc - ok
19:21:31.0416 0x0d04  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
19:21:31.0426 0x0d04  WPDBusEnum - ok
19:21:31.0436 0x0d04  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
19:21:31.0436 0x0d04  ws2ifsl - ok
19:21:31.0456 0x0d04  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
19:21:31.0456 0x0d04  wscsvc - ok
19:21:31.0456 0x0d04  WSearch - ok
19:21:31.0516 0x0d04  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
19:21:31.0536 0x0d04  wuauserv - ok
19:21:31.0566 0x0d04  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
19:21:31.0566 0x0d04  WudfPf - ok
19:21:31.0576 0x0d04  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
19:21:31.0576 0x0d04  WUDFRd - ok
19:21:31.0616 0x0d04  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
19:21:31.0616 0x0d04  wudfsvc - ok
19:21:31.0646 0x0d04  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
19:21:31.0646 0x0d04  WwanSvc - ok
19:21:31.0666 0x0d04  ================ Scan global ===============================
19:21:31.0686 0x0d04  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
19:21:31.0716 0x0d04  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
19:21:31.0716 0x0d04  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
19:21:31.0746 0x0d04  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
19:21:31.0776 0x0d04  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
19:21:31.0776 0x0d04  [Global] - ok
19:21:31.0776 0x0d04  ================ Scan MBR ==================================
19:21:31.0786 0x0d04  [ C3C93F1CA51BBACBABEA804D2CC62CA1 ] \Device\Harddisk0\DR0
19:21:31.0786 0x0d04  Suspicious mbr (Forged): \Device\Harddisk0\DR0
19:21:31.0836 0x0d04  \Device\Harddisk0\DR0 ( Rootkit.Boot.Harbinger.a ) - infected
19:21:31.0836 0x0d04  \Device\Harddisk0\DR0 - detected Rootkit.Boot.Harbinger.a (0)
19:21:31.0836 0x0d04  ================ Scan VBR ==================================
19:21:31.0846 0x0d04  [ 038F59B223E636E2ED4086895EBDCC0E ] \Device\Harddisk0\DR0\Partition1
19:21:31.0846 0x0d04  \Device\Harddisk0\DR0\Partition1 - ok
19:21:31.0876 0x0d04  [ 43839F27C810EFF04E2EF1738CDF25F1 ] \Device\Harddisk0\DR0\Partition2
19:21:31.0876 0x0d04  \Device\Harddisk0\DR0\Partition2 - ok
19:21:31.0876 0x0d04  ============================================================
19:21:31.0876 0x0d04  Scan finished
19:21:31.0876 0x0d04  ============================================================
19:21:31.0876 0x0fb0  Detected object count: 1
19:21:31.0876 0x0fb0  Actual detected object count: 1
19:23:54.0386 0x0fb0  \Device\Harddisk0\DR0\# - copied to quarantine
19:23:54.0386 0x0fb0  \Device\Harddisk0\DR0 - copied to quarantine
19:23:54.0466 0x0fb0  \Device\Harddisk0\DR0 ( Rootkit.Boot.Harbinger.a ) - will be cured on reboot
19:23:54.0466 0x0fb0  \Device\Harddisk0\DR0 - ok
19:23:54.0466 0x0fb0  \Device\Harddisk0\DR0 ( Rootkit.Boot.Harbinger.a ) - User select action: Cure
19:23:59.0646 0x0658  Deinitialize success
 

-------------- 1st log end --------------------------

 

-------------- 2nd log begin --------------------------

 

19:25:52.0329 0x0da0  TDSS rootkit removing tool 2.9.2.0 Aug 15 2013 16:44:29
19:25:52.0657 0x0da0  ============================================================
19:25:52.0657 0x0da0  Current date / time: 2013/09/01 19:25:52.0657
19:25:52.0657 0x0da0  SystemInfo:
19:25:52.0657 0x0da0  
19:25:52.0657 0x0da0  OS Version: 6.1.7601 ServicePack: 1.0
19:25:52.0657 0x0da0  Product type: Workstation
19:25:52.0657 0x0da0  ComputerName: MININT-2FCLSJE
19:25:52.0657 0x0da0  UserName: Mike
19:25:52.0657 0x0da0  Windows directory: C:\Windows
19:25:52.0657 0x0da0  System windows directory: C:\Windows
19:25:52.0657 0x0da0  Running under WOW64
19:25:52.0657 0x0da0  Processor architecture: Intel x64
19:25:52.0657 0x0da0  Number of processors: 4
19:25:52.0657 0x0da0  Page size: 0x1000
19:25:52.0657 0x0da0  Boot type: Normal boot
19:25:52.0657 0x0da0  ============================================================
19:25:52.0657 0x0da0  BG loaded
19:25:52.0969 0x0da0  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:25:52.0984 0x0da0  ============================================================
19:25:52.0984 0x0da0  \Device\Harddisk0\DR0:
19:25:52.0984 0x0da0  MBR partitions:
19:25:52.0984 0x0da0  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3882C800
19:25:52.0984 0x0da0  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x3882D000, BlocksNum 0x1B58800
19:25:52.0984 0x0da0  ============================================================
19:25:53.0031 0x0da0  C: <-> \Device\Harddisk0\DR0\Partition1
19:25:53.0203 0x0da0  D: <-> \Device\Harddisk0\DR0\Partition2
19:25:53.0203 0x0da0  ============================================================
19:25:53.0203 0x0da0  Initialize success
19:25:53.0203 0x0da0  ============================================================
19:27:23.0012 0x0d78  Deinitialize success
 

-------------- 2nd log end --------------------------



#10 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:03:19 AM

Posted 01 September 2013 - 08:07 PM

Well done Mike 

( Rootkit.Boot.Harbinger.a ) - will be cured on reboot - I see you have Rebooted and can now give me a report -
This is it ........ as noted below -

There’s a different form of malware floating around, in the form of a rootkit, known as Rootkit.Boot.Harbinger.a. Users are reporting audio ads streaming in the background, which causes the system to run extremely slow and slowing down their internet. It can open hundreds of different audio streams. It appears to disguise itself as a svchost.exe that uses a lot of your CPU in task manager

If you still have some problem, or just to ensure you are clean, you may wish to run ESETOnline Scanner.

Post back and ignore this if you feel your system is OK, but this is usually done to be sure -

 

Scan your machine with ESET OnlineScan

How To Temporarily Disable Your Anti-virus only while this runs.
1. Hold down Control and click HERE to open ESET OnlineScan in a new window.
2. Click the ESET Online Scanner button.
3. NOTE :.For alternate browsers only: Microsoft Internet Explorer users can skip these steps

 

- 1.Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
- 2.Double click on the ESET Online Scanner icon on your desktop.

 

 4. Check "YES, I accept the Terms of Use."
 5. Click the Start button.
 6. Accept any security warnings from your browser.
 7. Under scan settings, check "Scan Archives" and "Remove found threats"
8. Click Advanced settings and select the following:

Scan potentially unwanted applications
Scan for potentially unsafe applications
Enable Anti-Stealth technology

 9. ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this will take some time to download the program for a first time, and then download updated data base (1 to 2  hours is not unusual)
10. When the scan completes, click List Threats
11. Click Export, and save the file to your desktop using a unique name, such as ESETScan.
- Include the contents of this report in your next reply.
12. Click the Back button.
13. Click the Finish button
Or you can find a report at  C:\Program Files\esetonlinescanner\log.txt.

 

 

Thanks -

 

Please note that the scan can finish in 1 hour, or there have been reports of it running for 8 hours.

As usual, if this is a laptop make sure it is plugged into a power source and not just batteries.



#11 MikeOnDrake

MikeOnDrake
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:12:19 PM

Posted 02 September 2013 - 01:10 AM

Hi noknojon,

 

Apparently ESET found a couple of items (log pasted below), but both of them appear to be copies of the Matrix SS installation package, so I'm not too concerned. I haven't heard any stray audio in a few hours now, so I'm hopeful that the problem's fixed.

 

Before I let you get away, I have a couple of questions:

 

1. What's your personal recommendation for good anti-virus software? (SAS is just anti-malware, right?) I don't like Trend Micro - sometimes it's a real drag on performance, and it's not very configurable.

2. Is there any reason not to run TDSSKiller periodically as a prophylactic measure?

 

Also, I can't possibly overstate how much I appreciate your patience and your help. The last few days have been a real bummer, but now I can finally get back to work. This is a real load off of my mind.

 

If you're ever in the States I'd be happy to treat you to a beer or three (or four). :-)

 

Thanks again,

 

Mike

 

-------------------------------

ESET scan log -->

 

C:\downloads\cnet2_TheMatrix_exe.exe    a variant of Win32/InstallCore.D application    cleaned by deleting - quarantined
C:\Users\Mike\AppData\Local\Temp\ICReinstall\cnet2_TheMatrix_exe.exe    a variant of Win32/InstallCore.D application    cleaned by deleting - quarantined

-------------------------------



#12 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:03:19 AM

Posted 02 September 2013 - 02:26 AM

Hi -

I thought those Matrix items may have been a drama earlier, but now the remains are gone.

cnet2_TheMatrix_exe.exe    a variant of Win32/InstallCore.D application Read the start of the line and you may understand why we earely link to Cnet for downloads - Add-ons -

 

1. What's your personal recommendation for good anti-virus software? < This is about the hardest question that we ever get asked, and no matter which way you answer it is not for all cases and people - I do agree on Trend Micro these days, it is better for business enterprise compared to private use - Now was yours a Paid or Free version, since this expands the range.

For Paid Versions (and depending on what you want), anything from Kaspersky (2 main versions) and ESET NOD32 as used by several of the Security people here, to updated versions of Norton (better than 2 or 4 years ago) or even paid versions of avast! -

 

For Free Versions (why pay) I only use Microsoft Security Essentials (MSE) and Windows Firewall on both current computers, but the range is so wide that I could list 5 or 6 -

 

Personal - Advice would be to stay well away from anything related to IObit or Rising Antivirus or most Chinese based programs. I also find that AVG has lowered a bit (from someone that uses MSE) .......

 

Malwarebytes Anti-Malware Free or Paid version (aka MBAM) or as you mentioned SUPERAntiSpyware Free or Paid version (aka SAS) are the better weekly scanners, as long as you Update prior to each scan

 

Rather than post TFC Cleaner, I use ATF cleaner by Atribune for general daily Temp Files on XPs

Please download ATF Cleaner by Atribune to your desktop.
This program was for XP and but now includes up to Windows7
For Internet Explorer
Double-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.
If you use Firefox browser
Click Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
If you use Opera browser
Click Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.

Click Exit on the Main menu to close the program.

This will remove all files from the items that are checked so if you have some cookies you'd like to save, move them to a different directory first.
Note: For Windows Vista or Window7 users:
To empty "Windows Temp" ATF-Cleaner must be "Run as an Administrator"

 

2. Is there any reason not to run TDSSKiller periodically < No - You have the instructions here, so they can be printed or this post can be linked to your Favorites folder for later.

There is no need to run this on a "very regular basis" as it only targets a small range of issues.

 

Thank You -






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users