Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Virus has restricted Windows apps' internet access


  • This topic is locked This topic is locked
5 replies to this topic

#1 komododragon

komododragon

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:07:04 AM

Posted 23 September 2013 - 08:18 PM

Hey,

 

Recently a pdf that I had to download for class infected my computer and every few minutes an AVG resident shield alert would pop up. The three that would always pop up were luhe.sirefef.a and two variations of a trojan. Every time I would just click to automatically remove them and AVG would appear as if it had and then the same message would come again. I seemed to have successfully removed the malware with malewarebytes and hitman pro used in tandem, as the message has not come up again and my computer is running smoothly. However, now all of my apps seem to have no internet access. My internet browsers still have access, but all of the apps like Netflix, Windows Store, Weather, etc. do not. I wasn't sure what was corrupted so I reset some network settings via http://www.selectrealsecurity.com/fix-internet-connection and restart my computer but the problem still remains.

 

Thanks for any help.


Edited by Orange Blossom, 24 September 2013 - 01:20 AM.
Moved from Windows 8 to AII. ~ OB


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,026 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:04 AM

Posted 24 September 2013 - 09:22 PM

Hello kd.. Lets run these and see how it is after.

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



    Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .

    Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool. Vista/Windows 7/8 users right-click and select Run As Administrator
  • .
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
  • >>>
  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 komododragon

komododragon
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:07:04 AM

Posted 25 September 2013 - 06:03 AM

Okay thanks for the help, here are all the logs in order.

 

MiniToolBox log:

 

MiniToolBox by Farbar  Version: 13-07-2013
Ran by Thomas (administrator) on 25-09-2013 at 03:11:58
Running from "C:\Users\Thomas\Downloads"
Microsoft Windows 8  (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
 
 
 
 
127.0.0.1       localhost
 
========================= IP Configuration: ================================
 
Qualcomm Atheros AR9485WB-EG Wireless Network Adapter = Wi-Fi (Connected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
Realtek PCIe GBE Family Controller = Ethernet 2 (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : BATcomputer
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Broadcast
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Ethernet adapter Ethernet 2:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller #2
   Physical Address. . . . . . . . . : B8-88-E3-FA-FB-04
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter Bluetooth Network Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
   Physical Address. . . . . . . . . : 50-B7-C3-5C-C0-8D
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Local Area Connection* 12:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Physical Address. . . . . . . . . : 12-B7-C3-5C-C0-8C
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wi-Fi:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Qualcomm Atheros AR9485WB-EG Wireless Network Adapter
   Physical Address. . . . . . . . . : 50-B7-C3-5C-C0-8C
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2602:304:898e:8b89:7d29:4b55:9643:743(Preferred) 
   Temporary IPv6 Address. . . . . . : 2602:304:898e:8b89:85ab:634b:84a1:49ec(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::7d29:4b55:9643:743%13(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.70(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Tuesday, September 24, 2013 6:06:36 AM
   Lease Expires . . . . . . . . . . : Thursday, September 26, 2013 1:21:35 AM
   Default Gateway . . . . . . . . . : fe80::7644:1ff:fe0c:7563%13
                                       192.168.1.254
   DHCP Server . . . . . . . . . . . : 192.168.1.254
   DHCPv6 IAID . . . . . . . . . . . : 223393731
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-0E-48-90-B8-88-E3-64-57-8B
   DNS Servers . . . . . . . . . . . : 192.168.1.254
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter isatap.{0F547962-155A-4D0D-9618-CE4D747A9BF5}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 13:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:1844:8ab:3f57:feb9(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::1844:8ab:3f57:feb9%19(Preferred) 
   Default Gateway . . . . . . . . . : 
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  dslrouter
Address:  192.168.1.254
 
Name:    google.com
Addresses:  2607:f8b0:4002:c01::64
 74.125.21.102
 74.125.21.100
 74.125.21.138
 74.125.21.139
 74.125.21.101
 74.125.21.113
 
 
Pinging google.com [2607:f8b0:4002:c01::64] with 32 bytes of data:
Reply from 2607:f8b0:4002:c01::64: time=26ms 
Reply from 2607:f8b0:4002:c01::64: time=29ms 
 
Ping statistics for 2607:f8b0:4002:c01::64:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 26ms, Maximum = 29ms, Average = 27ms
Server:  dslrouter
Address:  192.168.1.254
 
Name:    yahoo.com
Addresses:  206.190.36.45
 98.139.183.24
 98.138.253.109
 
 
Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=110ms TTL=46
Reply from 98.138.253.109: bytes=32 time=88ms TTL=46
 
Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 88ms, Maximum = 110ms, Average = 99ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 17...b8 88 e3 fa fb 04 ......Realtek PCIe GBE Family Controller #2
 16...50 b7 c3 5c c0 8d ......Bluetooth Device (Personal Area Network)
 14...12 b7 c3 5c c0 8c ......Microsoft Wi-Fi Direct Virtual Adapter
 13...50 b7 c3 5c c0 8c ......Qualcomm Atheros AR9485WB-EG Wireless Network Adapter
  1...........................Software Loopback Interface 1
 23...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 18...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
 19...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    192.168.1.254     192.168.1.70     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link      192.168.1.70    281
     192.168.1.70  255.255.255.255         On-link      192.168.1.70    281
    192.168.1.255  255.255.255.255         On-link      192.168.1.70    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.1.70    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.1.70    281
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 13    281 ::/0                     fe80::7644:1ff:fe0c:7563
  1    306 ::1/128                  On-link
 19    306 2001::/32                On-link
 19    306 2001:0:4137:9e76:1844:8ab:3f57:feb9/128
                                    On-link
 13    281 2602:304:898e:8b89::/64  On-link
 13    281 2602:304:898e:8b89:7d29:4b55:9643:743/128
                                    On-link
 13    281 2602:304:898e:8b89:85ab:634b:84a1:49ec/128
                                    On-link
 13    281 fe80::/64                On-link
 19    306 fe80::/64                On-link
 19    306 fe80::1844:8ab:3f57:feb9/128
                                    On-link
 13    281 fe80::7d29:4b55:9643:743/128
                                    On-link
  1    306 ff00::/8                 On-link
 19    306 ff00::/8                 On-link
 13    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\windows\SysWOW64\pnrpnsp.dll [67584] (Microsoft Corporation)
Catalog5 03 C:\windows\SysWOW64\pnrpnsp.dll [67584] (Microsoft Corporation)
Catalog5 04 mswsock.dll [File Not found] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
 
Catalog5 05 mswsock.dll [File Not found] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
 
Catalog5 06 C:\windows\SysWOW64\winrnr.dll [21504] (Microsoft Corporation)
Catalog5 07 C:\windows\SysWOW64\wshbth.dll [50688] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 02 C:\windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 03 C:\windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 04 C:\windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 05 C:\windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 06 C:\windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 07 C:\windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 08 C:\windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 09 C:\windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 10 C:\windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 11 C:\windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [66560] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
x64-Catalog5 04 mswsock.dll [File Not found] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
 
x64-Catalog5 05 mswsock.dll [File Not found] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
 
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [53760] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [64000] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (09/24/2013 09:49:27 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10391
 
Error: (09/24/2013 09:49:27 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10391
 
Error: (09/24/2013 09:49:27 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (09/24/2013 09:49:26 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9219
 
Error: (09/24/2013 09:49:26 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9219
 
Error: (09/24/2013 09:49:26 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (09/24/2013 09:49:25 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8016
 
Error: (09/24/2013 09:49:25 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8016
 
Error: (09/24/2013 09:49:25 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (09/24/2013 09:49:23 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6813
 
 
System errors:
=============
Error: (09/24/2013 06:11:06 AM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT AUTHORITY)
Description: CBS Client initialization failed. Last error: 0x80080005
 
Error: (09/24/2013 06:11:06 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: {752073A1-23F2-4396-85F0-8FDB879ED0ED}
 
Error: (09/24/2013 06:09:35 AM) (Source: DCOM) (User: BATCOMPUTER)
Description: App
 
Error: (09/24/2013 06:09:07 AM) (Source: DCOM) (User: BATCOMPUTER)
Description: Microsoft.ZuneVideo.wwa
 
Error: (09/24/2013 06:07:27 AM) (Source: Service Control Manager) (User: )
Description: The vToolbarUpdater17.0.1 service failed to start due to the following error: 
%%2
 
Error: (09/24/2013 06:07:19 AM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error: 
%%5
 
Error: (09/24/2013 06:07:11 AM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error: 
%%5
 
Error: (09/24/2013 06:06:11 AM) (Source: Microsoft-Windows-Kernel-General) (User: NT AUTHORITY)
Description: 0xc000014d0
 
Error: (09/24/2013 06:05:24 AM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error: 
%%5
 
Error: (09/24/2013 04:17:13 AM) (Source: DCOM) (User: BATCOMPUTER)
Description: App
 
 
Microsoft Office Sessions:
=========================
Error: (09/24/2013 09:49:27 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10391
 
Error: (09/24/2013 09:49:27 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10391
 
Error: (09/24/2013 09:49:27 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (09/24/2013 09:49:26 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9219
 
Error: (09/24/2013 09:49:26 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9219
 
Error: (09/24/2013 09:49:26 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (09/24/2013 09:49:25 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8016
 
Error: (09/24/2013 09:49:25 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8016
 
Error: (09/24/2013 09:49:25 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (09/24/2013 09:49:23 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6813
 
 
=========================== Installed Programs ============================
 
64 Bit HP CIO Components Installer (Version: 7.2.8)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Adobe After Effects CC (Version: 12)
Adobe Audition CC (Version: 6.0)
Adobe Creative Cloud (Version: 2.1.2.232)
Adobe Flash Player 11 Plugin (Version: 11.8.800.94)
Adobe Photoshop CC (Version: 14.0)
Adobe Reader X (10.1.3) MUI (Version: 10.1.3)
Anime Studio 5.6
Any Video Converter 5.0.8
Apple Application Support (Version: 2.3.2)
Apple Mobile Device Support (Version: 6.0.1.3)
Apple Software Update (Version: 2.1.3.127)
Ask Toolbar (Version: 12.3.0.798)
Audacity 2.0.3 (Version: 2.0.3)
avast! Free Antivirus (Version: 8.0.1497.0)
AVG 2013 (Version: 13.0.3222)
AVG 2013 (Version: 13.0.3408)
AVG 2013 (Version: 2013.0.3408)
Bandisoft MPEG-1 Decoder
bl (Version: 1.0.0)
Bonjour (Version: 3.0.0.10)
BufferChm (Version: 140.0.298.000)
C4600 (Version: 140.0.841.000)
CCleaner (Version: 4.05)
Comodo IceDragon (Version: 22.0.0.1)
CyberLink Power2Go 8 (Version: 8.0.0.1912)
CyberLink PowerDVD 10 (Version: 10.0.4421.02)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Destinations (Version: 140.0.253.000)
DeviceDiscovery (Version: 140.0.298.000)
Don't Starve
Easy File Share (Version: 1.3.4)
E-POP (Version: 1.0.1)
Facebook Video Calling 1.2.0.287 (Version: 1.2.287)
FileZilla Client 3.5.3 (Version: 3.5.3)
FormatFactory 3.1.1 (Version: 3.1.1)
GIMP 2.8.2 (Version: 2.8.2)
Google Chrome (Version: 29.0.1547.76)
GTA2 (Version: 1.00.001)
Help Desk (Version: 1.0.5)
HP Imaging Device Functions 14.0 (Version: 14.0)
HP Photosmart C4600 All-In-One Driver Software 14.0 Rel. 6 (Version: 14.0)
HP Update (Version: 5.002.006.003)
HPPhotoGadget (Version: 140.0.524.000)
HPSSupply (Version: 140.0.297.000)
Intel AppUp(SM) center (Version: 3.6.1.33070.11)
Intel® Control Center (Version: 1.2.1.1008)
Intel® Manageability Engine Firmware Recovery Agent (Version: 1.0.0.36354)
Intel® Management Engine Components (Version: 8.1.0.1252)
Intel® Processor Graphics (Version: 9.17.10.2857)
Intel® Rapid Storage Technology (Version: 11.5.0.1207)
Intel® SDK for OpenCL - CPU Only Runtime Package (Version: 2.0.0.37149)
Intel® Trusted Connect Service Client (Version: 1.24.388.1)
iTunes (Version: 11.0.1.12)
Java 7 Update 25 (64-bit) (Version: 7.0.250)
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office (Version: 14.0.6120.5004)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mozilla Firefox 23.0.1 (x86 en-US) (Version: 23.0.1)
Mozilla Maintenance Service (Version: 23.0.1)
Mozilla Thunderbird 17.0.4 (x86 en-US) (Version: 17.0.4)
MSVCRT (Version: 15.4.2862.0708)
PDF Settings CC (Version: 12.0)
ph (Version: 1.0.0)
PreReq (Version: 6.2.4.0)
PS_AIO_05_C4600_Software_Min (Version: 140.0.855.000)
PyScripter 2.5.3 (Version: 2.5.3)
Python 2.7.3 (64-bit) (Version: 2.7.3150)
Qualcomm Atheros Bluetooth Suite (64) (Version: 8.0.0.210)
Qualcomm Atheros Client Installation Program (Version: 10.0)
Realtek Ethernet Controller Driver (Version: 8.3.730.2012)
Realtek High Definition Audio Driver (Version: 6.0.1.6702)
Realtek USB 2.0 Card Reader (Version: 6.1.8400.39030)
Recovery (Version: 6.0.6.5)
RegCure Pro (Version: 3.1.7.0)
S Agent (Version: 1.0.8)
Scan (Version: 140.0.253.000)
Settings (Version: 2.0.0)
Shop for HP Supplies (Version: 14.0)
Skype™ 6.0 (Version: 6.0.126)
Status (Version: 140.0.342.000)
Steam (Version: 1.0.0.0)
Support Center (Version: 2.0.12)
Support Center FAQ (Version: 1.0.5)
SW Update (Version: 2.0.23)
Synaptics Pointing Device Driver (Version: 16.2.11.3)
System Requirements Lab Detection (Version: 1.0.5.0)
Team Fortress 2
Toolbox (Version: 140.0.596.000)
TrayApp (Version: 140.0.297.000)
Tweaking.com - Windows Repair (All in One) (Version: 1.9.18)
Unified Remote (Version: 2.9.0.0)
Unity Web Player (Version: )
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553157) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589370) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760758) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
User Guide (Version: 1.3.00)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)
VoiceOver Kit (Version: 1.42.128.0)
VSDC Free Video Editor version 1.2.5.1 (Version: 1.2.5.1)
WebReg (Version: 140.0.297.017)
Windows Driver Package - Samsung Electronics Co. Ltd. (RadioHIDMini) HIDClass  (07/27/2012 20.57.1.735) (Version: 07/27/2012 20.57.1.735)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Movie Maker 2.6 (Version: 2.6.4037.0)
wxPython 2.8.12.1 (unicode) for Python 2.7 (Version: 2.8.12.1-unicode)
wxPython Docs and Demos 2.8.12.1 (Version: 2.8.12.1)
Xerox PhotoCafe (Version: 1.0.0.6162)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 35%
Total physical RAM: 8083.54 MB
Available physical RAM: 5208.84 MB
Total Pagefile: 9875.54 MB
Available Pagefile: 4577.64 MB
Total Virtual: 4095.88 MB
Available Virtual: 3960.58 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:673.65 GB) (Free:560.68 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\BATCOMPUTER
 
Administrator            Guest                    Thomas                   
 
 
**** End of log ****
 

TDSSKiller log:

 

03:16:24.0504 0x1114  TDSS rootkit removing tool 2.9.2.0 Aug 15 2013 16:44:29
03:16:24.0504 0x1114  UEFI system
03:16:25.0058 0x1114  ============================================================
03:16:25.0058 0x1114  Current date / time: 2013/09/25 03:16:25.0058
03:16:25.0058 0x1114  SystemInfo:
03:16:25.0058 0x1114  
03:16:25.0058 0x1114  OS Version: 6.2.9200 ServicePack: 0.0
03:16:25.0058 0x1114  Product type: Workstation
03:16:25.0058 0x1114  ComputerName: BATCOMPUTER
03:16:25.0059 0x1114  UserName: Thomas
03:16:25.0059 0x1114  Windows directory: C:\windows
03:16:25.0059 0x1114  System windows directory: C:\windows
03:16:25.0059 0x1114  Running under WOW64
03:16:25.0059 0x1114  Processor architecture: Intel x64
03:16:25.0059 0x1114  Number of processors: 4
03:16:25.0059 0x1114  Page size: 0x1000
03:16:25.0059 0x1114  Boot type: Normal boot
03:16:25.0059 0x1114  ============================================================
03:16:26.0692 0x1114  Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
03:16:26.0697 0x1114  ============================================================
03:16:26.0697 0x1114  \Device\Harddisk0\DR0:
03:16:26.0697 0x1114  GPT partitions:
03:16:26.0698 0x1114  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {28F0481B-3FA2-4245-B9CE-DEA601E8DB34}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xFA000
03:16:26.0698 0x1114  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {81C4AE90-C796-449C-B278-82FF027C90C6}, Name: EFI system partition, StartLBA 0xFA800, BlocksNum 0x96000
03:16:26.0698 0x1114  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {2A40DD09-9006-4CA8-8CD7-F993044BD62D}, Name: Microsoft reserved partition, StartLBA 0x190800, BlocksNum 0x40000
03:16:26.0698 0x1114  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {33FEA52D-D80F-444F-BE82-2DFA63625170}, Name: Basic data partition, StartLBA 0x1D0800, BlocksNum 0x5434C000
03:16:26.0698 0x1114  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {5981200E-6165-4A34-BA43-CEDC6488D0AE}, Name: Basic data partition, StartLBA 0x5451C800, BlocksNum 0x2E29800
03:16:26.0698 0x1114  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {5FC5CE3C-6699-47CE-4173-636C65706975}, Name: Basic data partition, StartLBA 0x57346000, BlocksNum 0x200000
03:16:26.0699 0x1114  MBR partitions:
03:16:26.0699 0x1114  ============================================================
03:16:26.0725 0x1114  C: <-> \Device\Harddisk0\DR0\Partition4
03:16:26.0725 0x1114  ============================================================
03:16:26.0725 0x1114  Initialize success
03:16:26.0725 0x1114  ============================================================
03:16:33.0844 0x1c54  ============================================================
03:16:33.0844 0x1c54  Scan started
03:16:33.0844 0x1c54  Mode: Manual; 
03:16:33.0844 0x1c54  ============================================================
03:16:37.0677 0x1c54  ================ Scan system memory ========================
03:16:37.0677 0x1c54  System memory - ok
03:16:37.0678 0x1c54  ================ Scan services =============================
03:16:37.0932 0x1c54  [ E890C46E4754F0DF51BAFCC8D2E07498 ] 1394ohci        C:\windows\System32\drivers\1394ohci.sys
03:16:37.0938 0x1c54  1394ohci - ok
03:16:37.0946 0x1c54  [ 4F18D4C7EA14F11A7211F60D553C03DB ] 3ware           C:\windows\system32\drivers\3ware.sys
03:16:37.0963 0x1c54  3ware - ok
03:16:38.0014 0x1c54  [ 975AABEB243B800C23626D6B652C5A9C ] ACPI            C:\windows\system32\drivers\ACPI.sys
03:16:38.0022 0x1c54  ACPI - ok
03:16:38.0038 0x1c54  [ DC968C37822117E576B933F34A2D130C ] acpiex          C:\windows\system32\Drivers\acpiex.sys
03:16:38.0041 0x1c54  acpiex - ok
03:16:38.0054 0x1c54  [ 0CA9F7C3A78227C21A0A7854E245CFB2 ] acpipagr        C:\windows\System32\drivers\acpipagr.sys
03:16:38.0056 0x1c54  acpipagr - ok
03:16:38.0062 0x1c54  [ 8EB8DA03B142D3DD1EB9ED8107A76C43 ] AcpiPmi         C:\windows\System32\drivers\acpipmi.sys
03:16:38.0077 0x1c54  AcpiPmi - ok
03:16:38.0082 0x1c54  [ CBCE725C5D86ABA7D2604E22951AA9B8 ] acpitime        C:\windows\System32\drivers\acpitime.sys
03:16:38.0085 0x1c54  acpitime - ok
03:16:38.0240 0x1c54  [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
03:16:38.0261 0x1c54  AdobeARMservice - ok
03:16:38.0290 0x1c54  [ 93C6388592B99925C1D1576E465BC80F ] adp94xx         C:\windows\system32\drivers\adp94xx.sys
03:16:38.0299 0x1c54  adp94xx - ok
03:16:38.0364 0x1c54  [ D27763E0247292654E7F7D16444C7C72 ] adpahci         C:\windows\system32\drivers\adpahci.sys
03:16:38.0370 0x1c54  adpahci - ok
03:16:38.0386 0x1c54  [ 67B90070FF48F794AF19F9FCF0080D75 ] adpu320         C:\windows\system32\drivers\adpu320.sys
03:16:38.0390 0x1c54  adpu320 - ok
03:16:38.0420 0x1c54  [ 974AE60BF5B90E31412D93596C968E5B ] AeLookupSvc     C:\windows\System32\aelupsvc.dll
03:16:38.0424 0x1c54  AeLookupSvc - ok
03:16:38.0464 0x1c54  [ 36D6A3201721558A8AFBCC09C2DA4C2C ] AFD             C:\windows\system32\drivers\afd.sys
03:16:38.0473 0x1c54  AFD - ok
03:16:38.0490 0x1c54  [ 01590377A5AB19E792528C628A2A68F9 ] agp440          C:\windows\system32\drivers\agp440.sys
03:16:38.0518 0x1c54  agp440 - ok
03:16:38.0565 0x1c54  [ D1BE8E6E5B3AF23A4393AF1BF867977A ] ALG             C:\windows\System32\alg.exe
03:16:38.0655 0x1c54  ALG - ok
03:16:38.0698 0x1c54  [ 025E8C755BE293E50854D26D1BBE5133 ] AllUserInstallAgent C:\windows\system32\AUInstallAgent.dll
03:16:38.0702 0x1c54  AllUserInstallAgent - ok
03:16:38.0733 0x1c54  [ 5A81054B824004B1ECC04F0034A1CDF9 ] AmdK8           C:\windows\System32\drivers\amdk8.sys
03:16:38.0737 0x1c54  AmdK8 - ok
03:16:38.0752 0x1c54  [ B849D453E644FAB9BC8EF6DC8CA9C4C6 ] AmdPPM          C:\windows\System32\drivers\amdppm.sys
03:16:38.0756 0x1c54  AmdPPM - ok
03:16:38.0771 0x1c54  [ 35A0EB5AECB0FA3C41A2FB514A562304 ] amdsata         C:\windows\system32\drivers\amdsata.sys
03:16:38.0775 0x1c54  amdsata - ok
03:16:38.0790 0x1c54  [ 00452671904F5EE94B50BF0219C97164 ] amdsbs          C:\windows\system32\drivers\amdsbs.sys
03:16:38.0796 0x1c54  amdsbs - ok
03:16:38.0802 0x1c54  [ EA3FFE53E92E59C87E3ECA9BEB20D9B7 ] amdxata         C:\windows\system32\drivers\amdxata.sys
03:16:38.0805 0x1c54  amdxata - ok
03:16:38.0811 0x1c54  [ 83B3682CE922FB0F415734B26D9D6233 ] AppID           C:\windows\system32\drivers\appid.sys
03:16:38.0814 0x1c54  AppID - ok
03:16:38.0838 0x1c54  [ CE2BEAD7F31816FF0AC490D048C969F9 ] AppIDSvc        C:\windows\System32\appidsvc.dll
03:16:38.0840 0x1c54  AppIDSvc - ok
03:16:38.0869 0x1c54  [ 4F750B7EFCB6520AE01E01D082D7D476 ] Appinfo         C:\windows\System32\appinfo.dll
03:16:38.0872 0x1c54  Appinfo - ok
03:16:38.0957 0x1c54  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
03:16:38.0960 0x1c54  Apple Mobile Device - ok
03:16:38.0982 0x1c54  [ E933401B392387F4BE34DE8BAF1722A7 ] arc             C:\windows\system32\drivers\arc.sys
03:16:38.0986 0x1c54  arc - ok
03:16:38.0993 0x1c54  [ 07CA323EF2E8247A568AB0F3662AD644 ] arcsas          C:\windows\system32\drivers\arcsas.sys
03:16:38.0996 0x1c54  arcsas - ok
03:16:39.0094 0x1c54  [ A83C9C15680BB9E270ACF7172068E287 ] aswFsBlk        C:\windows\system32\drivers\aswFsBlk.sys
03:16:39.0097 0x1c54  aswFsBlk - ok
03:16:39.0161 0x1c54  [ 5C40B8D77EBEE1DE0E7A8CDD0CD75773 ] aswMonFlt       C:\windows\system32\drivers\aswMonFlt.sys
03:16:39.0164 0x1c54  aswMonFlt - ok
03:16:39.0222 0x1c54  [ 997F6977294B9ACB7F400431DF8E3A4A ] aswRdr          C:\windows\System32\Drivers\aswrdr2.sys
03:16:39.0224 0x1c54  aswRdr - ok
03:16:39.0305 0x1c54  [ 286193DC28CFB4CEB8D378E20A0850A9 ] aswRvrt         C:\windows\system32\drivers\aswRvrt.sys
03:16:39.0307 0x1c54  aswRvrt - ok
03:16:39.0356 0x1c54  [ 58B93BA20D4693D0800D2B0A62B8059D ] aswSnx          C:\windows\system32\drivers\aswSnx.sys
03:16:39.0371 0x1c54  aswSnx - ok
03:16:39.0409 0x1c54  [ EC7148DB4D126C81426A67602822E62C ] aswSP           C:\windows\system32\drivers\aswSP.sys
03:16:39.0416 0x1c54  aswSP - ok
03:16:39.0439 0x1c54  [ 0E422E9CB7CD9C0AA6D4DFEAFA086EAA ] aswTdi          C:\windows\system32\drivers\aswTdi.sys
03:16:39.0442 0x1c54  aswTdi - ok
03:16:39.0474 0x1c54  [ 9FE455C916C656144B004E3EB48507CE ] aswVmm          C:\windows\system32\drivers\aswVmm.sys
03:16:39.0478 0x1c54  aswVmm - ok
03:16:39.0504 0x1c54  [ 74DBAEC35366C4EE7670428808715A6A ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys
03:16:39.0507 0x1c54  AsyncMac - ok
03:16:39.0580 0x1c54  [ A721FF570C2387E383BDDEA9632863C9 ] atapi           C:\windows\system32\drivers\atapi.sys
03:16:39.0582 0x1c54  atapi - ok
03:16:39.0617 0x1c54  [ 51C6777AD7649F6C3ED389151CFD9DE6 ] AthBTPort       C:\windows\system32\DRIVERS\btath_flt.sys
03:16:39.0621 0x1c54  AthBTPort - ok
03:16:39.0653 0x1c54  [ 67EC05E67E1416A51C478A5DAA59302E ] AtherosSvc      C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
03:16:39.0675 0x1c54  AtherosSvc - ok
03:16:39.0784 0x1c54  [ F17ABC4AA1FE4989E812858261414FE5 ] athr            C:\windows\system32\DRIVERS\athw8x.sys
03:16:39.0877 0x1c54  athr - ok
03:16:39.0963 0x1c54  [ ED41CE1066464CDE2B4A176B8FA68B13 ] athur           C:\windows\system32\DRIVERS\athurx.sys
03:16:40.0196 0x1c54  athur - ok
03:16:40.0309 0x1c54  [ BCD7A47EF587DC00DD61D12D9C2D1E44 ] AudioEndpointBuilder C:\windows\System32\AudioEndpointBuilder.dll
03:16:40.0314 0x1c54  AudioEndpointBuilder - ok
03:16:40.0363 0x1c54  [ 599B3F685A263A114FFAF3BE29C49C75 ] Audiosrv        C:\windows\System32\Audiosrv.dll
03:16:40.0376 0x1c54  Audiosrv - ok
03:16:40.0553 0x1c54  [ 9330941C8F6DF417F6DBBE998DB6687E ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
03:16:40.0555 0x1c54  avast! Antivirus - ok
03:16:40.0595 0x1c54  [ 58D7FAF5C81ECEFFD2EDEDA9C2619D82 ] Avgboota        C:\windows\system32\DRIVERS\avgboota.sys
03:16:40.0616 0x1c54  Avgboota - ok
03:16:40.0843 0x1c54  [ 4DB93F4DB7077801D2D82013506AC1D0 ] AVGIDSAgent     C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
03:16:40.0944 0x1c54  AVGIDSAgent - ok
03:16:40.0989 0x1c54  [ 241C32E942869FD1351CC5864976C3AC ] AVGIDSDriver    C:\windows\system32\DRIVERS\avgidsdrivera.sys
03:16:40.0994 0x1c54  AVGIDSDriver - ok
03:16:41.0020 0x1c54  [ C8D9EEACF266512C1FA52E2ECF5AD944 ] AVGIDSHA        C:\windows\system32\DRIVERS\avgidsha.sys
03:16:41.0023 0x1c54  AVGIDSHA - ok
03:16:41.0108 0x1c54  [ FACD18A89FDEBC35C85CAF762B294BE2 ] Avgldx64        C:\windows\system32\DRIVERS\avgldx64.sys
03:16:41.0112 0x1c54  Avgldx64 - ok
03:16:41.0134 0x1c54  [ 29FCDEAC6086FB7E55344B51E35D99CE ] Avgloga         C:\windows\system32\DRIVERS\avgloga.sys
03:16:41.0140 0x1c54  Avgloga - ok
03:16:41.0167 0x1c54  [ 85053293DCDE19829E8691A9E9E8A6FF ] Avgmfx64        C:\windows\system32\DRIVERS\avgmfx64.sys
03:16:41.0170 0x1c54  Avgmfx64 - ok
03:16:41.0207 0x1c54  [ 4494718783294ECFFBA7E89D82BAE6E1 ] Avgrkx64        C:\windows\system32\DRIVERS\avgrkx64.sys
03:16:41.0210 0x1c54  Avgrkx64 - ok
03:16:41.0293 0x1c54  [ 48939D9F350AEF9370F03A1E49A49BE2 ] avgwd           C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
03:16:41.0298 0x1c54  avgwd - ok
03:16:41.0329 0x1c54  [ 89491EF71D5EA011127832C588002853 ] AxInstSV        C:\windows\System32\AxInstSV.dll
03:16:41.0333 0x1c54  AxInstSV - ok
03:16:41.0378 0x1c54  [ 87AB5BB072A3F128541D5B815F82FFDD ] b06bdrv         C:\windows\system32\drivers\bxvbda.sys
03:16:41.0386 0x1c54  b06bdrv - ok
03:16:41.0416 0x1c54  [ 81703BC5D68DEDBB086C2368FBE7B334 ] BasicDisplay    C:\windows\System32\drivers\BasicDisplay.sys
03:16:41.0432 0x1c54  BasicDisplay - ok
03:16:41.0446 0x1c54  [ 5EC68164E14D25675C98BBB5F09E8606 ] BasicRender     C:\windows\System32\drivers\BasicRender.sys
03:16:41.0448 0x1c54  BasicRender - ok
03:16:41.0473 0x1c54  [ 89143A7BA7850F5C7E61B43BB44B6418 ] BDESVC          C:\windows\System32\bdesvc.dll
03:16:41.0479 0x1c54  BDESVC - ok
03:16:41.0498 0x1c54  [ 9E7AEA59776D904607985AFFE7E5E183 ] Beep            C:\windows\system32\drivers\Beep.sys
03:16:41.0500 0x1c54  Beep - ok
03:16:41.0651 0x1c54  [ 73133A0C0CA63817BFF2CB9DE65B64E7 ] BFE             C:\windows\System32\bfe.dll
03:16:41.0662 0x1c54  BFE - ok
03:16:41.0716 0x1c54  [ D598C44A7072D3108D8D8102EC5E07F7 ] BITS            C:\windows\System32\qmgr.dll
03:16:41.0734 0x1c54  BITS - ok
03:16:41.0802 0x1c54  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
03:16:41.0810 0x1c54  Bonjour Service - ok
03:16:41.0835 0x1c54  [ B17AC10B47C7FCB44D22A1F06415840E ] bowser          C:\windows\system32\DRIVERS\bowser.sys
03:16:41.0838 0x1c54  bowser - ok
03:16:41.0885 0x1c54  [ 038FA1B55531E7020DB705B42FCCE373 ] BrokerInfrastructure C:\windows\System32\bisrv.dll
03:16:41.0895 0x1c54  BrokerInfrastructure - ok
03:16:41.0968 0x1c54  [ 310068BDA80B1D55C36580FD8A873FAF ] Browser         C:\windows\System32\browser.dll
03:16:41.0972 0x1c54  Browser - ok
03:16:42.0019 0x1c54  [ B600D86961C6DF87EEB637D4C4ABB663 ] BTATH_A2DP      C:\windows\system32\drivers\btath_a2dp.sys
03:16:42.0025 0x1c54  BTATH_A2DP - ok
03:16:42.0043 0x1c54  [ 43C965027229D9FF6E52E4C71C03B09E ] btath_avdt      C:\windows\system32\drivers\btath_avdt.sys
03:16:42.0047 0x1c54  btath_avdt - ok
03:16:42.0056 0x1c54  [ 23CEDCD7527A26B222732A158F76EB24 ] BTATH_BUS       C:\windows\System32\drivers\btath_bus.sys
03:16:42.0058 0x1c54  BTATH_BUS - ok
03:16:42.0071 0x1c54  [ 3DD64966A764BCAFF07C9DC064BD410E ] BTATH_HCRP      C:\windows\System32\drivers\btath_hcrp.sys
03:16:42.0076 0x1c54  BTATH_HCRP - ok
03:16:42.0092 0x1c54  [ B68EE0721EAC305AB1C9C989CDF1AEFF ] BTATH_LWFLT     C:\windows\system32\DRIVERS\btath_lwflt.sys
03:16:42.0095 0x1c54  BTATH_LWFLT - ok
03:16:42.0107 0x1c54  [ 057DA8351AD21AE485A11A8237DC9263 ] BTATH_RCP       C:\windows\System32\drivers\btath_rcp.sys
03:16:42.0112 0x1c54  BTATH_RCP - ok
03:16:42.0140 0x1c54  [ 185C8FCF6FD4D263AB1AC5A32ADD86AD ] BtFilter        C:\windows\system32\DRIVERS\btfilter.sys
03:16:42.0150 0x1c54  BtFilter - ok
03:16:42.0172 0x1c54  [ 6695200F455E251F0BCC9CE4D0978D59 ] BthAvrcpTg      C:\windows\System32\drivers\BthAvrcpTg.sys
03:16:42.0175 0x1c54  BthAvrcpTg - ok
03:16:42.0205 0x1c54  [ A8B20D852B07AE19A13B5D47EC4E4C3B ] BthEnum         C:\windows\System32\drivers\BthEnum.sys
03:16:42.0207 0x1c54  BthEnum - ok
03:16:42.0235 0x1c54  [ 616EB8748C988AEE98D93DA141C3D3B4 ] BthHFEnum       C:\windows\System32\drivers\bthhfenum.sys
03:16:42.0238 0x1c54  BthHFEnum - ok
03:16:42.0288 0x1c54  [ DCB4EBD928A6FB368BE6CAE522412DE1 ] bthhfhid        C:\windows\System32\drivers\BthHFHid.sys
03:16:42.0356 0x1c54  bthhfhid - ok
03:16:42.0382 0x1c54  [ 42201C346F0B8C458E1E9CDE04D68A2C ] BthLEEnum       C:\windows\system32\DRIVERS\BthLEEnum.sys
03:16:42.0388 0x1c54  BthLEEnum - ok
03:16:42.0404 0x1c54  [ 033916CE8784A848B9A3D686B7F66D97 ] BTHMODEM        C:\windows\System32\drivers\bthmodem.sys
03:16:42.0407 0x1c54  BTHMODEM - ok
03:16:42.0429 0x1c54  [ 091BB978E9504D0AD14586929431A957 ] BthPan          C:\windows\system32\DRIVERS\bthpan.sys
03:16:42.0432 0x1c54  BthPan - ok
03:16:42.0496 0x1c54  [ 13795CAA34239D97A7211E7F9D96E012 ] BTHPORT         C:\windows\System32\Drivers\BTHport.sys
03:16:42.0513 0x1c54  BTHPORT - ok
03:16:42.0587 0x1c54  [ A4387C3D271959313E2577DB7BE8BA7A ] bthserv         C:\windows\system32\bthserv.dll
03:16:42.0591 0x1c54  bthserv - ok
03:16:42.0622 0x1c54  [ 1F715957F5236D30B6020A19A4271F6A ] BTHUSB          C:\windows\System32\Drivers\BTHUSB.sys
03:16:42.0625 0x1c54  BTHUSB - ok
03:16:42.0659 0x1c54  [ 990B1BABE6E81FB18E65A87EBEFB1772 ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys
03:16:42.0662 0x1c54  cdfs - ok
03:16:42.0680 0x1c54  [ 339BFF85D788268752DA8C9644B188EE ] cdrom           C:\windows\System32\drivers\cdrom.sys
03:16:42.0698 0x1c54  cdrom - ok
03:16:42.0768 0x1c54  [ BAF8F0F55BC300E5F882E521F054E345 ] CertPropSvc     C:\windows\System32\certprop.dll
03:16:42.0773 0x1c54  CertPropSvc - ok
03:16:42.0787 0x1c54  [ F64B7D1A37CC1D5F421D5359EEC81E2E ] circlass        C:\windows\System32\drivers\circlass.sys
03:16:42.0790 0x1c54  circlass - ok
03:16:42.0830 0x1c54  [ 9905168708DB68849B879B5548F68AB3 ] CLFS            C:\windows\system32\drivers\CLFS.sys
03:16:42.0836 0x1c54  CLFS - ok
03:16:42.0879 0x1c54  [ 075CCE75090786F124573A788C8656E6 ] CLVirtualDrive  C:\windows\system32\DRIVERS\CLVirtualDrive.sys
03:16:42.0883 0x1c54  CLVirtualDrive - ok
03:16:42.0894 0x1c54  [ 2DC8538A2260647484A6C921CA837313 ] CmBatt          C:\windows\System32\drivers\CmBatt.sys
03:16:42.0897 0x1c54  CmBatt - ok
03:16:42.0992 0x1c54  [ E708BFF0473EC6B271EA46B65B16CA56 ] CNG             C:\windows\system32\Drivers\cng.sys
03:16:43.0002 0x1c54  CNG - ok
03:16:43.0021 0x1c54  [ 0E5B1E9E7122EDAAF1F6CE047965CA92 ] CompositeBus    C:\windows\System32\drivers\CompositeBus.sys
03:16:43.0024 0x1c54  CompositeBus - ok
03:16:43.0029 0x1c54  COMSysApp - ok
03:16:43.0057 0x1c54  [ D9CB0782AF819548072AA45B70F8B22D ] condrv          C:\windows\system32\drivers\condrv.sys
03:16:43.0059 0x1c54  condrv - ok
03:16:43.0146 0x1c54  [ 8BA6F065F3BE5846C666F7F59132B065 ] cphs            C:\windows\SysWow64\IntelCpHeciSvc.exe
03:16:43.0155 0x1c54  cphs - ok
03:16:43.0234 0x1c54  [ 5CE2742F063731EC10C1B2EE386A2C08 ] CryptSvc        C:\windows\system32\cryptsvc.dll
03:16:43.0277 0x1c54  CryptSvc - ok
03:16:43.0299 0x1c54  [ FAEF4C245BE832DB41B15DAAC336AFB7 ] dam             C:\windows\system32\drivers\dam.sys
03:16:43.0302 0x1c54  dam - ok
03:16:43.0343 0x1c54  [ 1EC6E533C954BDDF2A37E7851A7E58FD ] DcomLaunch      C:\windows\system32\rpcss.dll
03:16:43.0362 0x1c54  DcomLaunch - ok
03:16:43.0400 0x1c54  [ C8650D1F61149AA546BDBC99172EBBC1 ] defragsvc       C:\windows\System32\defragsvc.dll
03:16:43.0408 0x1c54  defragsvc - ok
03:16:43.0424 0x1c54  [ 5EAEF67AE2AF4D2DC664B649DB7B2E16 ] DeviceAssociationService C:\windows\system32\das.dll
03:16:43.0432 0x1c54  DeviceAssociationService - ok
03:16:43.0473 0x1c54  [ 799BE46D45D486704CE0F37CA5385262 ] DeviceInstall   C:\windows\system32\umpnpmgr.dll
03:16:43.0482 0x1c54  DeviceInstall - ok
03:16:43.0510 0x1c54  [ 09D9EB9E7898F8E6561473A20CC808B9 ] Dfsc            C:\windows\system32\Drivers\dfsc.sys
03:16:43.0514 0x1c54  Dfsc - ok
03:16:43.0555 0x1c54  [ 9E0E72222264745ADEB0E5AC680B0ED6 ] Dhcp            C:\windows\system32\dhcpcore.dll
03:16:43.0563 0x1c54  Dhcp - ok
03:16:43.0574 0x1c54  [ 3C736FAE17BA6F91BA37594AAB139CD0 ] discache        C:\windows\system32\drivers\discache.sys
03:16:43.0576 0x1c54  discache - ok
03:16:43.0595 0x1c54  [ 560495FF4CA22E1D9B1972FA18F43B6F ] disk            C:\windows\system32\drivers\disk.sys
03:16:43.0599 0x1c54  disk - ok
03:16:43.0619 0x1c54  [ 82A7C72593793FE1EADA7A305BD1567A ] dmvsc           C:\windows\System32\drivers\dmvsc.sys
03:16:43.0621 0x1c54  dmvsc - ok
03:16:43.0656 0x1c54  [ 066B9710B36AB550E01EEFCA52155968 ] Dnscache        C:\windows\System32\dnsrslvr.dll
03:16:43.0663 0x1c54  Dnscache - ok
03:16:43.0698 0x1c54  [ 9949AD2ABA168A618D46C799D6CC898C ] dot3svc         C:\windows\System32\dot3svc.dll
03:16:43.0704 0x1c54  dot3svc - ok
03:16:43.0736 0x1c54  [ 27069CFFF29B7F04F4B1BB10154BE52B ] dot4            C:\windows\system32\DRIVERS\Dot4.sys
03:16:43.0740 0x1c54  dot4 - ok
03:16:43.0762 0x1c54  [ 0BD906A79F9CE3013F7D9D0AC45F9F9D ] Dot4Print       C:\windows\System32\drivers\Dot4Prt.sys
03:16:43.0765 0x1c54  Dot4Print - ok
03:16:43.0784 0x1c54  [ B7D595F2F464F7B628AD53F06547792C ] dot4usb         C:\windows\system32\DRIVERS\dot4usb.sys
03:16:43.0787 0x1c54  dot4usb - ok
03:16:43.0814 0x1c54  [ 109FC3F80BF4F4DC5A071058074F13C1 ] DPS             C:\windows\system32\dps.dll
03:16:43.0820 0x1c54  DPS - ok
03:16:43.0845 0x1c54  [ 9C7C183F937951AE17C5B8B3259CF3FF ] drmkaud         C:\windows\system32\drivers\drmkaud.sys
03:16:43.0848 0x1c54  drmkaud - ok
03:16:43.0881 0x1c54  [ F87F4AAAF6664906248D11D5E579A53B ] DsmSvc          C:\windows\System32\DeviceSetupManager.dll
03:16:43.0888 0x1c54  DsmSvc - ok
03:16:43.0935 0x1c54  [ 6D1B8A9A2C0BD4851D8AF1AB43E67AD9 ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys
03:16:43.0957 0x1c54  DXGKrnl - ok
03:16:43.0989 0x1c54  [ 58BA473DD88F5FC1932282BA683AA03E ] Eaphost         C:\windows\System32\eapsvc.dll
03:16:43.0994 0x1c54  Eaphost - ok
03:16:44.0128 0x1c54  [ 843E8B2127D7283845E29E6176C15887 ] Easy Launcher   C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
03:16:44.0168 0x1c54  Easy Launcher - ok
03:16:44.0267 0x1c54  [ 5AB97B3282D7D6114949D1EB5C8598E4 ] ebdrv           C:\windows\system32\drivers\evbda.sys
03:16:44.0311 0x1c54  ebdrv - ok
03:16:44.0345 0x1c54  [ F702AB6181513303AB0FC8D59E52708B ] EFS             C:\windows\System32\lsass.exe
03:16:44.0350 0x1c54  EFS - ok
03:16:44.0379 0x1c54  [ 66D60BD9A4C05616ABECA2A901475098 ] EhStorClass     C:\windows\system32\drivers\EhStorClass.sys
03:16:44.0381 0x1c54  EhStorClass - ok
03:16:44.0397 0x1c54  [ A61D0F543024E458C0FE32352E1978E2 ] EhStorTcgDrv    C:\windows\system32\drivers\EhStorTcgDrv.sys
03:16:44.0400 0x1c54  EhStorTcgDrv - ok
03:16:44.0405 0x1c54  [ D790D058D67582DB9C84C2D33695FE6B ] ErrDev          C:\windows\System32\drivers\errdev.sys
03:16:44.0408 0x1c54  ErrDev - ok
03:16:44.0456 0x1c54  [ F9E01C2D9F8BC049E04CF5DC24A5F638 ] EventSystem     C:\windows\system32\es.dll
03:16:44.0467 0x1c54  EventSystem - ok
03:16:44.0487 0x1c54  [ 7A4D6FEB8C52B3FE855E4DCDF9107E03 ] exfat           C:\windows\system32\drivers\exfat.sys
03:16:44.0491 0x1c54  exfat - ok
03:16:44.0516 0x1c54  [ 60996602A7111FD2D086E803F33E4282 ] fastfat         C:\windows\system32\drivers\fastfat.sys
03:16:44.0522 0x1c54  fastfat - ok
03:16:44.0555 0x1c54  [ F0E7F8382ED5E138B0DFA4CB5058BCFE ] Fax             C:\windows\system32\fxssvc.exe
03:16:44.0568 0x1c54  Fax - ok
03:16:44.0574 0x1c54  [ 73B2D11DF0B6E03A0CB0323218ACB3E4 ] fdc             C:\windows\System32\drivers\fdc.sys
03:16:44.0576 0x1c54  fdc - ok
03:16:44.0594 0x1c54  [ 0828E3E7BD77C89149EAD3232BFD38DB ] fdPHost         C:\windows\system32\fdPHost.dll
03:16:44.0598 0x1c54  fdPHost - ok
03:16:44.0615 0x1c54  [ 872506AAB591E8908DF4461475AF92DF ] FDResPub        C:\windows\system32\fdrespub.dll
03:16:44.0619 0x1c54  FDResPub - ok
03:16:44.0649 0x1c54  [ 0588950D93A426F97C7AAADB1A9B0458 ] fhsvc           C:\windows\system32\fhsvc.dll
03:16:44.0655 0x1c54  fhsvc - ok
03:16:44.0671 0x1c54  [ 88A9EBACD1058ABB237A6B4E96E7F397 ] FileInfo        C:\windows\system32\drivers\fileinfo.sys
03:16:44.0674 0x1c54  FileInfo - ok
03:16:44.0693 0x1c54  [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02 ] Filetrace       C:\windows\system32\drivers\filetrace.sys
03:16:44.0696 0x1c54  Filetrace - ok
03:16:44.0701 0x1c54  [ B1D4C168FF7B8579E3745888658FFB1D ] flpydisk        C:\windows\System32\drivers\flpydisk.sys
03:16:44.0705 0x1c54  flpydisk - ok
03:16:44.0725 0x1c54  [ B33EC133AE4E6C1881D2302D93D2467D ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
03:16:44.0732 0x1c54  FltMgr - ok
03:16:44.0792 0x1c54  [ 0BCDC0FF11B984162B0CF0FF6E9E0146 ] FontCache       C:\windows\system32\FntCache.dll
03:16:44.0813 0x1c54  FontCache - ok
03:16:44.0918 0x1c54  [ 0B56259F5611787222A04A8F254E51D4 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
03:16:44.0921 0x1c54  FontCache3.0.0.0 - ok
03:16:44.0946 0x1c54  [ A5F7873A39E4E9FAAAE59B7E9E36B705 ] FsDepends       C:\windows\system32\drivers\FsDepends.sys
03:16:44.0948 0x1c54  FsDepends - ok
03:16:44.0962 0x1c54  [ A6DD7D491F587F4BC13FB972977DC8E8 ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
03:16:44.0964 0x1c54  Fs_Rec - ok
03:16:44.0991 0x1c54  [ FA228F4BB10DC7ED7E7D131C034E2331 ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys
03:16:44.0999 0x1c54  fvevol - ok
03:16:45.0044 0x1c54  [ A969D92973DFA895E7776B4BFE36DBB2 ] FxPPM           C:\windows\System32\drivers\fxppm.sys
03:16:45.0046 0x1c54  FxPPM - ok
03:16:45.0069 0x1c54  [ 52BC441E07A827EBAB70CDC7EAEDB28D ] gagp30kx        C:\windows\system32\drivers\gagp30kx.sys
03:16:45.0072 0x1c54  gagp30kx - ok
03:16:45.0109 0x1c54  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\windows\system32\DRIVERS\GEARAspiWDM.sys
03:16:45.0112 0x1c54  GEARAspiWDM - ok
03:16:45.0146 0x1c54  [ 721F8EEF5E9747F32670DEFF7FB92541 ] gencounter      C:\windows\System32\drivers\vmgencounter.sys
03:16:45.0149 0x1c54  gencounter - ok
03:16:45.0189 0x1c54  [ FC2B8B06BDBD3B6457F5A3DA9AD2410E ] GPIOClx0101     C:\windows\system32\Drivers\msgpioclx.sys
03:16:45.0193 0x1c54  GPIOClx0101 - ok
03:16:45.0245 0x1c54  [ 5358678C6370F2ADC5291849F6503262 ] gpsvc           C:\windows\System32\gpsvc.dll
03:16:45.0267 0x1c54  gpsvc - ok
03:16:45.0317 0x1c54  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
03:16:45.0320 0x1c54  gupdate - ok
03:16:45.0325 0x1c54  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
03:16:45.0327 0x1c54  gupdatem - ok
03:16:45.0356 0x1c54  [ 630555943E5A3FE21010CE91EC7FC84F ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
03:16:45.0471 0x1c54  HdAudAddService - ok
03:16:45.0503 0x1c54  [ 7D87B5B6C7188D553E11B59DC7F0B111 ] HDAudBus        C:\windows\System32\drivers\HDAudBus.sys
03:16:45.0506 0x1c54  HDAudBus - ok
03:16:45.0524 0x1c54  [ 3F76BBA53D65E85A7F53E7A71082082C ] HidBatt         C:\windows\System32\drivers\HidBatt.sys
03:16:45.0527 0x1c54  HidBatt - ok
03:16:45.0564 0x1c54  [ 085F150D002B7F0153D3C06DDF33A143 ] HidBth          C:\windows\System32\drivers\hidbth.sys
03:16:45.0579 0x1c54  HidBth - ok
03:16:45.0638 0x1c54  [ CC4A07E51D89575CAB6F4EB590D87CD4 ] hidi2c          C:\windows\System32\drivers\hidi2c.sys
03:16:45.0641 0x1c54  hidi2c - ok
03:16:45.0663 0x1c54  [ DC96F7DACB777CDEAEF9958A50BFDA06 ] HidIr           C:\windows\System32\drivers\hidir.sys
03:16:45.0666 0x1c54  HidIr - ok
03:16:45.0690 0x1c54  [ FAC37D7B3D6354A5A5E19A45B50B4008 ] hidserv         C:\windows\system32\hidserv.dll
03:16:45.0695 0x1c54  hidserv - ok
03:16:45.0724 0x1c54  [ 9E11EE0F2E117B2D5A835B2B91752827 ] HidUsb          C:\windows\System32\drivers\hidusb.sys
03:16:45.0727 0x1c54  HidUsb - ok
03:16:45.0764 0x1c54  [ 43F884B61A24377567CD0FEB35236334 ] hkmsvc          C:\windows\system32\kmsvc.dll
03:16:45.0771 0x1c54  hkmsvc - ok
03:16:45.0805 0x1c54  [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF ] HomeGroupListener C:\windows\system32\ListSvc.dll
03:16:45.0816 0x1c54  HomeGroupListener - ok
03:16:45.0848 0x1c54  [ E0D9F6FE18FA7F53ADD29AF719CE2B7E ] HomeGroupProvider C:\windows\system32\provsvc.dll
03:16:45.0860 0x1c54  HomeGroupProvider - ok
03:16:45.0977 0x1c54  [ 930370725FA0FE272346583A7A7D6BDB ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
03:16:45.0995 0x1c54  hpqcxs08 - ok
03:16:46.0019 0x1c54  [ EE281DD6843F3F697C1AD7933EEB1E9B ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
03:16:46.0023 0x1c54  hpqddsvc - ok
03:16:46.0055 0x1c54  [ 64DB7A8D97CA53DCCF93D0A1E08342CF ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys
03:16:46.0058 0x1c54  HpSAMD - ok
03:16:46.0161 0x1c54  [ F37882F128EFACEFE353E0BAE2766909 ] HPSLPSVC        C:\Users\Thomas\AppData\Local\Temp\7zS3B4C\hpslpsvc64.dll
03:16:46.0177 0x1c54  HPSLPSVC - ok
03:16:46.0234 0x1c54  [ F4A91D985EB9D1D2717D538F3424603C ] HTTP            C:\windows\system32\drivers\HTTP.sys
03:16:46.0247 0x1c54  HTTP - ok
03:16:46.0281 0x1c54  [ 2A98301068801700906C06649860FE94 ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys
03:16:46.0283 0x1c54  hwpolicy - ok
03:16:46.0297 0x1c54  [ DC76901D82097C9E297F20C287CB9A27 ] hyperkbd        C:\windows\System32\drivers\hyperkbd.sys
03:16:46.0299 0x1c54  hyperkbd - ok
03:16:46.0305 0x1c54  [ 716413AB3CA12DE0A7222D28C1C9352C ] HyperVideo      C:\windows\system32\DRIVERS\HyperVideo.sys
03:16:46.0307 0x1c54  HyperVideo - ok
03:16:46.0334 0x1c54  [ C9E9CBF73AFFBFE3E801EFB516787BA3 ] i8042prt        C:\windows\System32\drivers\i8042prt.sys
03:16:46.0338 0x1c54  i8042prt - ok
03:16:46.0388 0x1c54  [ 0FE66A51D81A25AACEAAE4C26308121D ] iaStorA         C:\windows\system32\drivers\iaStorA.sys
03:16:46.0395 0x1c54  iaStorA - ok
03:16:46.0472 0x1c54  [ 584068E03829BC5C63F54B05E6244E97 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
03:16:46.0473 0x1c54  IAStorDataMgrSvc - ok
03:16:46.0498 0x1c54  [ 5E394EBD26FD68AA9300332C46BEDD62 ] iaStorV         C:\windows\system32\drivers\iaStorV.sys
03:16:46.0505 0x1c54  iaStorV - ok
03:16:46.0742 0x1c54  [ 77BA4CFC0B2BFF6606567B3148EE42CA ] IceDragonUpdater C:\Program Files (x86)\Comodo\IceDragon\icedragon_updater.exe
03:16:46.0759 0x1c54  IceDragonUpdater - ok
03:16:46.0895 0x1c54  [ 24B5EE5A17AD83427D9BDFCBF7C2C1B4 ] igfx            C:\windows\system32\DRIVERS\igdkmd64.sys
03:16:47.0153 0x1c54  igfx - ok
03:16:47.0184 0x1c54  [ 24847A06B84339FEEDE5CABF3D27D320 ] iirsp           C:\windows\system32\drivers\iirsp.sys
03:16:47.0187 0x1c54  iirsp - ok
03:16:47.0239 0x1c54  [ 3884117CE4FEC35E4A1A7A62918B1F34 ] IKEEXT          C:\windows\System32\ikeext.dll
03:16:47.0259 0x1c54  IKEEXT - ok
03:16:47.0371 0x1c54  [ 5C20DBF6A00AF50C7CB74DB233E03AF0 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
03:16:47.0496 0x1c54  IntcAzAudAddService - ok
03:16:47.0520 0x1c54  [ F5495B38BFB9149925F54F65AB40EFBF ] IntcDAud        C:\windows\system32\DRIVERS\IntcDAud.sys
03:16:47.0614 0x1c54  IntcDAud - ok
03:16:47.0695 0x1c54  [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
03:16:47.0705 0x1c54  Intel® Capability Licensing Service Interface - ok
03:16:47.0750 0x1c54  [ 30E9FAC23E2537D82F2836CB81AEE186 ] Intel® ME Service C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
03:16:47.0753 0x1c54  Intel® ME Service - ok
03:16:47.0769 0x1c54  [ 4F37726CF764CA18A8A84F85EF3A7F24 ] intelide        C:\windows\system32\drivers\intelide.sys
03:16:47.0771 0x1c54  intelide - ok
03:16:47.0796 0x1c54  [ E15CDF68DD73423F15D4AC404793AF0D ] intelppm        C:\windows\System32\drivers\intelppm.sys
03:16:47.0799 0x1c54  intelppm - ok
03:16:47.0821 0x1c54  [ 8FCA66234A0933D796BB780B7953BAB9 ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
03:16:47.0824 0x1c54  IpFilterDriver - ok
03:16:47.0920 0x1c54  [ C217B8D2E58C57A319B16125C3D4B69C ] iphlpsvc        C:\windows\System32\iphlpsvc.dll
03:16:47.0937 0x1c54  iphlpsvc - ok
03:16:47.0944 0x1c54  [ 6E98A046A12AA113F8898AA5D612BD6E ] IPMIDRV         C:\windows\System32\drivers\IPMIDrv.sys
03:16:47.0948 0x1c54  IPMIDRV - ok
03:16:47.0956 0x1c54  [ 3969B9C218DD3FAA9F4ED2FFC3651C02 ] IPNAT           C:\windows\system32\drivers\ipnat.sys
03:16:47.0959 0x1c54  IPNAT - ok
03:16:47.0998 0x1c54  [ 0F261EC4F514926177C70C1832374231 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
03:16:48.0007 0x1c54  iPod Service - ok
03:16:48.0019 0x1c54  [ 25CD7C4BB2863FFC2B0B311F0AEBF77C ] IRENUM          C:\windows\system32\drivers\irenum.sys
03:16:48.0021 0x1c54  IRENUM - ok
03:16:48.0036 0x1c54  [ D940C5BB9DC92E588533C19ABCC3D2C2 ] isapnp          C:\windows\system32\drivers\isapnp.sys
03:16:48.0038 0x1c54  isapnp - ok
03:16:48.0072 0x1c54  [ 69C8BF0BC2B0EA10F130F4D3104DC2EF ] iScsiPrt        C:\windows\System32\drivers\msiscsi.sys
03:16:48.0077 0x1c54  iScsiPrt - ok
03:16:48.0110 0x1c54  [ 3C4002D339491AF73D663FFC7F6E5ECB ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
03:16:48.0114 0x1c54  jhi_service - ok
03:16:48.0131 0x1c54  [ 8FBD94B69D6423E20ABCD59D86368B21 ] kbdclass        C:\windows\System32\drivers\kbdclass.sys
03:16:48.0134 0x1c54  kbdclass - ok
03:16:48.0156 0x1c54  [ E88C932ABDF8185A62C8F2FC7B051FB6 ] kbdhid          C:\windows\System32\drivers\kbdhid.sys
03:16:48.0158 0x1c54  kbdhid - ok
03:16:48.0173 0x1c54  [ FB6C185092E18011EF49989425C2AA87 ] kdnic           C:\windows\system32\DRIVERS\kdnic.sys
03:16:48.0187 0x1c54  kdnic - ok
03:16:48.0205 0x1c54  [ F702AB6181513303AB0FC8D59E52708B ] KeyIso          C:\windows\system32\lsass.exe
03:16:48.0210 0x1c54  KeyIso - ok
03:16:48.0233 0x1c54  [ DFA480F6DED551464F3A5B959F437800 ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys
03:16:48.0237 0x1c54  KSecDD - ok
03:16:48.0262 0x1c54  [ 127FB0AAD232BAAD2C9BBACD374F4FC5 ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys
03:16:48.0266 0x1c54  KSecPkg - ok
03:16:48.0285 0x1c54  [ 81492FEEBF2F26455B00EE8DBAE8A1B0 ] ksthunk         C:\windows\system32\drivers\ksthunk.sys
03:16:48.0314 0x1c54  ksthunk - ok
03:16:48.0351 0x1c54  [ 5825DBACEDC3812B5CF8D40B997BF210 ] KtmRm           C:\windows\system32\msdtckrm.dll
03:16:48.0362 0x1c54  KtmRm - ok
03:16:48.0392 0x1c54  [ 256EE31588257E8A555DBFAA13F1908E ] LanmanServer    C:\windows\system32\srvsvc.dll
03:16:48.0404 0x1c54  LanmanServer - ok
03:16:48.0441 0x1c54  [ 16650912BE5A94B40E0B3B4C39652B56 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
03:16:48.0452 0x1c54  LanmanWorkstation - ok
03:16:48.0465 0x1c54  [ CEEFD29FC551F289810B0B9381B321DC ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys
03:16:48.0467 0x1c54  lltdio - ok
03:16:48.0510 0x1c54  [ BCF53485E0A94722CDE3C4A93CD8EB8C ] lltdsvc         C:\windows\System32\lltdsvc.dll
03:16:48.0519 0x1c54  lltdsvc - ok
03:16:48.0536 0x1c54  [ 5A2F7F1CBC2E631A497DAD16164E06D2 ] lmhosts         C:\windows\System32\lmhsvc.dll
03:16:48.0541 0x1c54  lmhosts - ok
03:16:48.0578 0x1c54  [ 4269D44BB47A6DA5D80B11F4C8536458 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
03:16:48.0583 0x1c54  LMS - ok
03:16:48.0618 0x1c54  [ 022CDD12161B063D7852B1075BF3FFF2 ] LSI_SAS         C:\windows\system32\drivers\lsi_sas.sys
03:16:48.0622 0x1c54  LSI_SAS - ok
03:16:48.0629 0x1c54  [ 07AD59D669B996F29F91817F0ECFA34F ] LSI_SAS2        C:\windows\system32\drivers\lsi_sas2.sys
03:16:48.0632 0x1c54  LSI_SAS2 - ok
03:16:48.0640 0x1c54  [ 216FB796AA4E252ACCE93B1BCB80B5EC ] LSI_SCSI        C:\windows\system32\drivers\lsi_scsi.sys
03:16:48.0644 0x1c54  LSI_SCSI - ok
03:16:48.0658 0x1c54  [ 5E80530AF37102488EE980B4A92AF99F ] LSI_SSS         C:\windows\system32\drivers\lsi_sss.sys
03:16:48.0661 0x1c54  LSI_SSS - ok
03:16:48.0706 0x1c54  [ A57BA284F5996FFD32DCDBC41A4657DB ] LSM             C:\windows\System32\lsm.dll
03:16:48.0717 0x1c54  LSM - ok
03:16:48.0729 0x1c54  [ 2BDC5D711FA61307CE6190D47C956368 ] luafv           C:\windows\system32\drivers\luafv.sys
03:16:48.0734 0x1c54  luafv - ok
03:16:48.0740 0x1c54  [ 9B0D829C3BE4E7472DB9DD2B79908E3C ] megasas         C:\windows\system32\drivers\megasas.sys
03:16:48.0742 0x1c54  megasas - ok
03:16:48.0771 0x1c54  [ ECC3F54C7AFC318271C4F0B4606D8DB0 ] MegaSR          C:\windows\system32\drivers\MegaSR.sys
03:16:48.0778 0x1c54  MegaSR - ok
03:16:48.0801 0x1c54  [ 772A1DEEDFDBC244183B5C805D1B7D85 ] MEIx64          C:\windows\System32\drivers\HECIx64.sys
03:16:48.0803 0x1c54  MEIx64 - ok
03:16:48.0826 0x1c54  [ EEE908BE7143FCA48CF0CB87214E2AB8 ] MMCSS           C:\windows\system32\mmcss.dll
03:16:48.0833 0x1c54  MMCSS - ok
03:16:48.0838 0x1c54  [ 780098AD5DA8A4822E2563984C85EF7B ] Modem           C:\windows\system32\drivers\modem.sys
03:16:48.0841 0x1c54  Modem - ok
03:16:48.0871 0x1c54  [ EA8EAD3F5B762F889CC7F3966625B48B ] monitor         C:\windows\System32\drivers\monitor.sys
03:16:48.0873 0x1c54  monitor - ok
03:16:48.0890 0x1c54  [ 618446B98C79776654340CE27C73485E ] mouclass        C:\windows\System32\drivers\mouclass.sys
03:16:48.0893 0x1c54  mouclass - ok
03:16:48.0933 0x1c54  [ C0ADEBED913295803B579ED288936CBB ] mouhid          C:\windows\System32\drivers\mouhid.sys
03:16:48.0953 0x1c54  mouhid - ok
03:16:48.0972 0x1c54  [ 89D263DBF08119CE16273991C120D6DD ] mountmgr        C:\windows\system32\drivers\mountmgr.sys
03:16:48.0975 0x1c54  mountmgr - ok
03:16:49.0020 0x1c54  [ A35576A433F4AEB0D48976A004657CB6 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
03:16:49.0024 0x1c54  MozillaMaintenance - ok
03:16:49.0051 0x1c54  [ 0D1609DD82C7440F5D5BF21A9D4D5C0C ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys
03:16:49.0054 0x1c54  mpsdrv - ok
03:16:49.0121 0x1c54  [ 3031573A739DBEE8923851929D0AF423 ] MpsSvc          C:\windows\system32\mpssvc.dll
03:16:49.0139 0x1c54  MpsSvc - ok
03:16:49.0165 0x1c54  [ 3D70147F55F1EC84EB9139ED7FFE48BC ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys
03:16:49.0169 0x1c54  MRxDAV - ok
03:16:49.0199 0x1c54  [ 93179D48066918323628CB016D8C94DC ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys
03:16:49.0205 0x1c54  mrxsmb - ok
03:16:49.0222 0x1c54  [ 06D5F2FA3C61E8EA91648EA8E9F99FD3 ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys
03:16:49.0227 0x1c54  mrxsmb10 - ok
03:16:49.0241 0x1c54  [ 5C7DD2E5759FFCCD2C7341C1B90F2B26 ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys
03:16:49.0246 0x1c54  mrxsmb20 - ok
03:16:49.0279 0x1c54  [ 98487487D6B3797CA927E9D7B030AE13 ] MsBridge        C:\windows\system32\DRIVERS\bridge.sys
03:16:49.0282 0x1c54  MsBridge - ok
03:16:49.0300 0x1c54  [ 4A07458EB4F17573BD39F22029A991C1 ] MSDTC           C:\windows\System32\msdtc.exe
03:16:49.0307 0x1c54  MSDTC - ok
03:16:49.0330 0x1c54  [ 3886F1F2A4D2900ABAA7E4486BEEE6A2 ] Msfs            C:\windows\system32\drivers\Msfs.sys
03:16:49.0332 0x1c54  Msfs - ok
03:16:49.0361 0x1c54  [ C32A7A39B960A42BA9D4FBE47213CA03 ] msgpiowin32     C:\windows\System32\drivers\msgpiowin32.sys
03:16:49.0363 0x1c54  msgpiowin32 - ok
03:16:49.0384 0x1c54  [ D3857A767B91A061B408CCAB02DA4F40 ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys
03:16:49.0386 0x1c54  mshidkmdf - ok
03:16:49.0391 0x1c54  [ 839B48910FB1E887635C48F3EC11A05E ] mshidumdf       C:\windows\System32\drivers\mshidumdf.sys
03:16:49.0393 0x1c54  mshidumdf - ok
03:16:49.0427 0x1c54  [ 55C0DB741E3AB7463242B185B1C2997C ] msisadrv        C:\windows\system32\drivers\msisadrv.sys
03:16:49.0429 0x1c54  msisadrv - ok
03:16:49.0457 0x1c54  [ 216C6B035A4BA5560E1255BD8E5BB89F ] MSiSCSI         C:\windows\system32\iscsiexe.dll
03:16:49.0463 0x1c54  MSiSCSI - ok
03:16:49.0469 0x1c54  msiserver - ok
03:16:49.0485 0x1c54  [ 509809566E49F4411055864EA8D437CD ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys
03:16:49.0487 0x1c54  MSKSSRV - ok
03:16:49.0501 0x1c54  [ 63145201D6458E4958E572E7D6FC2604 ] MsLldp          C:\windows\system32\DRIVERS\mslldp.sys
03:16:49.0504 0x1c54  MsLldp - ok
03:16:49.0510 0x1c54  [ 99D526E803DB6D7FF290FD98B6204641 ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
03:16:49.0512 0x1c54  MSPCLOCK - ok
03:16:49.0517 0x1c54  [ 06FA77C3E2A491ADCD704C5E73006269 ] MSPQM           C:\windows\system32\drivers\MSPQM.sys
03:16:49.0519 0x1c54  MSPQM - ok
03:16:49.0544 0x1c54  [ E134EC4DE11CF78CB01432D180710D84 ] MsRPC           C:\windows\system32\drivers\MsRPC.sys
03:16:49.0552 0x1c54  MsRPC - ok
03:16:49.0574 0x1c54  [ B5AECF12F09DEE97C9FCAA5BA016CE1E ] mssmbios        C:\windows\System32\drivers\mssmbios.sys
03:16:49.0576 0x1c54  mssmbios - ok
03:16:49.0595 0x1c54  [ 72D66A05E0F99F2528F6C6204FD22AA1 ] MSTEE           C:\windows\system32\drivers\MSTEE.sys
03:16:49.0597 0x1c54  MSTEE - ok
03:16:49.0603 0x1c54  [ 8AAAE399FC255FA105D4158CBA289001 ] MTConfig        C:\windows\System32\drivers\MTConfig.sys
03:16:49.0605 0x1c54  MTConfig - ok
03:16:49.0620 0x1c54  [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A ] Mup             C:\windows\system32\Drivers\mup.sys
03:16:49.0624 0x1c54  Mup - ok
03:16:49.0631 0x1c54  [ 3A1E095277BBD406CEA8EA6B76950664 ] mvumis          C:\windows\system32\drivers\mvumis.sys
03:16:49.0634 0x1c54  mvumis - ok
03:16:49.0665 0x1c54  [ 4B18840511D720BA118D3017E8165875 ] napagent        C:\windows\system32\qagentRT.dll
03:16:49.0678 0x1c54  napagent - ok
03:16:49.0709 0x1c54  [ 43D7388A90A4C6EA346A4D6FF0377479 ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys
03:16:49.0717 0x1c54  NativeWifiP - ok
03:16:49.0753 0x1c54  [ 6A0C3996DA7DAE6D6939676D786EEEC4 ] NcaSvc          C:\windows\System32\ncasvc.dll
03:16:49.0761 0x1c54  NcaSvc - ok
03:16:49.0779 0x1c54  [ C982FE4CC91DECE2259F494FCEB4030F ] NcdAutoSetup    C:\windows\System32\NcdAutoSetup.dll
03:16:49.0787 0x1c54  NcdAutoSetup - ok
03:16:49.0827 0x1c54  [ A10E176F3B2BF83EDE7B5C4658C93B66 ] NDIS            C:\windows\system32\drivers\ndis.sys
03:16:49.0842 0x1c54  NDIS - ok
03:16:49.0869 0x1c54  [ 39C8A1D9D46F5E83A016BCAB72455284 ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys
03:16:49.0871 0x1c54  NdisCap - ok
03:16:49.0885 0x1c54  [ 762941932B7E4C588E48A577BA9D6440 ] NdisImPlatform  C:\windows\system32\DRIVERS\NdisImPlatform.sys
03:16:49.0889 0x1c54  NdisImPlatform - ok
03:16:49.0912 0x1c54  [ 7A6F8A6D0E01432EBA294EF29CDD0FA7 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
03:16:49.0914 0x1c54  NdisTapi - ok
03:16:49.0931 0x1c54  [ 79AB68BB3FFF974AD4F41FA559F4EC67 ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys
03:16:49.0933 0x1c54  Ndisuio - ok
03:16:49.0950 0x1c54  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys
03:16:49.0954 0x1c54  NdisWan - ok
03:16:49.0961 0x1c54  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NDISWANLEGACY   C:\windows\system32\DRIVERS\ndiswan.sys
03:16:49.0965 0x1c54  NDISWANLEGACY - ok
03:16:49.0986 0x1c54  [ 3730942D7DB2F8BB5F84542B7FF6F650 ] NDProxy         C:\windows\system32\drivers\NDProxy.sys
03:16:49.0989 0x1c54  NDProxy - ok
03:16:50.0012 0x1c54  [ D3F60A4345FCA9C1BE68AD7D0D6DE770 ] Ndu             C:\windows\system32\drivers\Ndu.sys
03:16:50.0016 0x1c54  Ndu - ok
03:16:50.0049 0x1c54  [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\System32\HPZinw12.dll
03:16:50.0186 0x1c54  Net Driver HPZ12 - ok
03:16:50.0225 0x1c54  [ 7C203A76394F9AE68F69EEE5F9612C4A ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys
03:16:50.0227 0x1c54  NetBIOS - ok
03:16:50.0253 0x1c54  [ 7CEC25C682D319D484630B3952C31A11 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys
03:16:50.0259 0x1c54  NetBT - ok
03:16:50.0280 0x1c54  [ F702AB6181513303AB0FC8D59E52708B ] Netlogon        C:\windows\system32\lsass.exe
03:16:50.0286 0x1c54  Netlogon - ok
03:16:50.0316 0x1c54  [ 89519D29CBEC2121CA65CC29C4D345E0 ] Netman          C:\windows\System32\netman.dll
03:16:50.0326 0x1c54  Netman - ok
03:16:50.0356 0x1c54  [ 79FA9393C67EBBF92A56923592CF7A7C ] netprofm        C:\windows\System32\netprofmsvc.dll
03:16:50.0369 0x1c54  netprofm - ok
03:16:50.0429 0x1c54  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
03:16:50.0433 0x1c54  NetTcpPortSharing - ok
03:16:50.0468 0x1c54  [ 12DD2800E4EEA37DC9AE256AD62423B4 ] nfrd960         C:\windows\system32\drivers\nfrd960.sys
03:16:50.0470 0x1c54  nfrd960 - ok
03:16:50.0515 0x1c54  [ 80ABCD4C2DE9FD832477303AE0CA3BE5 ] NlaSvc          C:\windows\System32\nlasvc.dll
03:16:50.0526 0x1c54  NlaSvc - ok
03:16:50.0546 0x1c54  [ 17E19A742FB30C002F8B43575451DBE1 ] Npfs            C:\windows\system32\drivers\Npfs.sys
03:16:50.0549 0x1c54  Npfs - ok
03:16:50.0569 0x1c54  [ 8ED299C30792544264E558BEA79F0947 ] npsvctrig       C:\windows\System32\drivers\npsvctrig.sys
03:16:50.0571 0x1c54  npsvctrig - ok
03:16:50.0598 0x1c54  [ 832B5FDF0B5577713FD7F2465FCD0ACE ] nsi             C:\windows\system32\nsisvc.dll
03:16:50.0605 0x1c54  nsi - ok
03:16:50.0621 0x1c54  [ 689B3B1E95C70ABF7AFF29F9406EF1E0 ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys
03:16:50.0623 0x1c54  nsiproxy - ok
03:16:50.0698 0x1c54  [ 76929F4A69E425911A63B407E26C2589 ] Ntfs            C:\windows\system32\drivers\Ntfs.sys
03:16:50.0725 0x1c54  Ntfs - ok
03:16:50.0740 0x1c54  [ 4163ADE07DB51843AE31F65B94F5398D ] Null            C:\windows\system32\drivers\Null.sys
03:16:50.0742 0x1c54  Null - ok
03:16:51.0026 0x1c54  [ F648FE6BCE0AAD9E5EA63C8BE9AD90E3 ] nvlddmkm        C:\windows\system32\DRIVERS\nvlddmkm.sys
03:16:51.0294 0x1c54  nvlddmkm - ok
03:16:51.0323 0x1c54  [ D6D34118263412D3AAA8348A9572B7F2 ] nvraid          C:\windows\system32\drivers\nvraid.sys
03:16:51.0327 0x1c54  nvraid - ok
03:16:51.0335 0x1c54  [ 27AFC428D1D32ABD04A86763A4EDDEA9 ] nvstor          C:\windows\system32\drivers\nvstor.sys
03:16:51.0340 0x1c54  nvstor - ok
03:16:51.0347 0x1c54  [ 051CFB5107BAAE510419BDC41F8C4036 ] nv_agp          C:\windows\system32\drivers\nv_agp.sys
03:16:51.0351 0x1c54  nv_agp - ok
03:16:51.0393 0x1c54  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
03:16:51.0396 0x1c54  ose - ok
03:16:51.0556 0x1c54  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
03:16:51.0669 0x1c54  osppsvc - ok
03:16:51.0711 0x1c54  [ AB76700D764A342D7475FB8F47CAB18C ] p2pimsvc        C:\windows\system32\pnrpsvc.dll
03:16:51.0723 0x1c54  p2pimsvc - ok
03:16:51.0746 0x1c54  [ 4319FD931DCD796435ECB5DB4A04FBA5 ] p2psvc          C:\windows\system32\p2psvc.dll
03:16:51.0758 0x1c54  p2psvc - ok
03:16:51.0784 0x1c54  [ 4563DAF8C6A740AD7F501E219BD10766 ] Parport         C:\windows\System32\drivers\parport.sys
03:16:51.0789 0x1c54  Parport - ok
03:16:51.0815 0x1c54  [ D6ACCF9F2EEEEA711C14EFD976E573F3 ] partmgr         C:\windows\system32\drivers\partmgr.sys
03:16:51.0818 0x1c54  partmgr - ok
03:16:51.0837 0x1c54  [ 4A003E8F718C1E6A2050CA98CD53E3E2 ] pci             C:\windows\system32\drivers\pci.sys
03:16:51.0843 0x1c54  pci - ok
03:16:51.0855 0x1c54  [ F9908D274D458220F91E89B54D78D837 ] pciide          C:\windows\system32\drivers\pciide.sys
03:16:51.0857 0x1c54  pciide - ok
03:16:51.0876 0x1c54  [ 84D19CB6102627932DCB5DFDF89FE269 ] pcmcia          C:\windows\system32\drivers\pcmcia.sys
03:16:51.0882 0x1c54  pcmcia - ok
03:16:51.0902 0x1c54  [ CEBBAD5391C2644560C55628A40BFD27 ] pcw             C:\windows\system32\drivers\pcw.sys
03:16:51.0904 0x1c54  pcw - ok
03:16:51.0937 0x1c54  [ 0698DEDEAD6A00AD0D468C687D830FBF ] pdc             C:\windows\system32\drivers\pdc.sys
03:16:51.0940 0x1c54  pdc - ok
03:16:51.0981 0x1c54  [ 61FE70659CD43E07F94DA4DC31DEC493 ] PEAUTH          C:\windows\system32\drivers\peauth.sys
03:16:51.0994 0x1c54  PEAUTH - ok
03:16:52.0084 0x1c54  [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A ] PerfHost        C:\windows\SysWow64\perfhost.exe
03:16:52.0090 0x1c54  PerfHost - ok
03:16:52.0153 0x1c54  [ 6E84BFF58F7643499277F29DFA2F8C8D ] pla             C:\windows\system32\pla.dll
03:16:52.0179 0x1c54  pla - ok
03:16:52.0214 0x1c54  [ 799BE46D45D486704CE0F37CA5385262 ] PlugPlay        C:\windows\system32\umpnpmgr.dll
03:16:52.0223 0x1c54  PlugPlay - ok
03:16:52.0251 0x1c54  [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\System32\HPZipm12.dll
03:16:52.0337 0x1c54  Pml Driver HPZ12 - ok
03:16:52.0363 0x1c54  [ 8E2414E818C26C4A9C70CB2B8567F04F ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll
03:16:52.0370 0x1c54  PNRPAutoReg - ok
03:16:52.0387 0x1c54  [ AB76700D764A342D7475FB8F47CAB18C ] PNRPsvc         C:\windows\system32\pnrpsvc.dll
03:16:52.0397 0x1c54  PNRPsvc - ok
03:16:52.0430 0x1c54  [ F1E067F56373F11EA4B785CAE823740A ] Power           C:\windows\system32\umpo.dll
03:16:52.0439 0x1c54  Power - ok
03:16:52.0467 0x1c54  [ 362D47E5B4D67270DE4B8606036F4ADD ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys
03:16:52.0471 0x1c54  PptpMiniport - ok
03:16:52.0588 0x1c54  [ C2D3B3D0060619D5E03E696BD56FF59F ] PrintNotify     C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
03:16:52.0625 0x1c54  PrintNotify - ok
03:16:52.0656 0x1c54  [ DD979EB6A7212F60E4AFBE96EDC7AE6D ] Processor       C:\windows\System32\drivers\processr.sys
03:16:52.0660 0x1c54  Processor - ok
03:16:52.0688 0x1c54  [ 429E8502AD2227CF88F8840FC5BD590D ] ProfSvc         C:\windows\system32\profsvc.dll
03:16:52.0698 0x1c54  ProfSvc - ok
03:16:52.0713 0x1c54  [ EB8034147D4820CD31BFCB11A2A652DF ] Psched          C:\windows\system32\DRIVERS\pacer.sys
03:16:52.0718 0x1c54  Psched - ok
03:16:52.0754 0x1c54  [ 07D57B890DD5693A6AB660CBAE8F91B4 ] PxHlpa64        C:\windows\system32\Drivers\PxHlpa64.sys
03:16:52.0757 0x1c54  PxHlpa64 - ok
03:16:52.0778 0x1c54  [ 0AFBF333B6F87A2F598EAB379AF100B8 ] QWAVE           C:\windows\system32\qwave.dll
03:16:52.0789 0x1c54  QWAVE - ok
03:16:52.0817 0x1c54  [ 13D47BB0CCA2FC51BD15F8E85C6A078E ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys
03:16:52.0820 0x1c54  QWAVEdrv - ok
03:16:52.0848 0x1c54  [ 194ED3C117525613E701FF257882303E ] RadioHIDMini    C:\windows\System32\drivers\RadioHIDMini.sys
03:16:52.0851 0x1c54  RadioHIDMini - ok
03:16:52.0871 0x1c54  [ 873C60F8178100557740A832FCE10B5F ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
03:16:52.0873 0x1c54  RasAcd - ok
03:16:52.0910 0x1c54  [ 69B93F623B130976243ECA3D84CC99CA ] RasAgileVpn     C:\windows\system32\DRIVERS\AgileVpn.sys
03:16:52.0912 0x1c54  RasAgileVpn - ok
03:16:52.0924 0x1c54  [ 005F6E54C4A2DA4EBF68FB0392CE8BB0 ] RasAuto         C:\windows\System32\rasauto.dll
03:16:52.0933 0x1c54  RasAuto - ok
03:16:52.0945 0x1c54  [ A14D625C5AEE5FFE0F47D1A1D419FAAE ] Rasl2tp         C:\windows\system32\DRIVERS\rasl2tp.sys
03:16:52.0949 0x1c54  Rasl2tp - ok
03:16:52.0983 0x1c54  [ C923C785A2DE0B396AD6D13ACAFF2DE9 ] RasMan          C:\windows\System32\rasmans.dll
03:16:52.0996 0x1c54  RasMan - ok
03:16:53.0016 0x1c54  [ 00695B9C2DB6111064499C529E90C042 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys
03:16:53.0019 0x1c54  RasPppoe - ok
03:16:53.0033 0x1c54  [ A7F24D8CD1956B0A1FDCB86CC5114DE4 ] RasSstp         C:\windows\system32\DRIVERS\rassstp.sys
03:16:53.0037 0x1c54  RasSstp - ok
03:16:53.0070 0x1c54  [ CA03D642ACE58E1BA54E4B383F91CD69 ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys
03:16:53.0079 0x1c54  rdbss - ok
03:16:53.0101 0x1c54  [ CA7DF5EC95D8DE0DD24BE7FF97369F68 ] rdpbus          C:\windows\System32\drivers\rdpbus.sys
03:16:53.0110 0x1c54  rdpbus - ok
03:16:53.0128 0x1c54  [ B2A3AD74FF2E2FFA73AF2567108231B3 ] RDPDR           C:\windows\system32\drivers\rdpdr.sys
03:16:53.0132 0x1c54  RDPDR - ok
03:16:53.0164 0x1c54  [ 57F4787E4602A3FCA719C0A33137C6DA ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
03:16:53.0166 0x1c54  RdpVideoMiniport - ok
03:16:53.0202 0x1c54  [ B3CB0721E81E30419CE7D837EF4EA151 ] RDPWD           C:\windows\system32\drivers\RDPWD.sys
03:16:53.0207 0x1c54  RDPWD - ok
03:16:53.0229 0x1c54  [ 62C1F8A0685FE07E998AA296C4F697C4 ] rdyboost        C:\windows\system32\drivers\rdyboost.sys
03:16:53.0235 0x1c54  rdyboost - ok
03:16:53.0262 0x1c54  [ E80DD61E52EDFFF9DA1ED7260A68855B ] RemoteRegistry  C:\windows\system32\regsvc.dll
03:16:53.0272 0x1c54  RemoteRegistry - ok
03:16:53.0301 0x1c54  [ CCBFCABDFE2BC22F0645CEAADDB36004 ] RFCOMM          C:\windows\System32\drivers\rfcomm.sys
03:16:53.0306 0x1c54  RFCOMM - ok
03:16:53.0346 0x1c54  [ 73F2E030B5C24E4E41401B5F0D59E6FD ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll
03:16:53.0355 0x1c54  RpcEptMapper - ok
03:16:53.0384 0x1c54  [ 10B21284B3D964AB3DC45490E57D422E ] RpcLocator      C:\windows\system32\locator.exe
03:16:53.0390 0x1c54  RpcLocator - ok
03:16:53.0426 0x1c54  [ 1EC6E533C954BDDF2A37E7851A7E58FD ] RpcSs           C:\windows\system32\rpcss.dll
03:16:53.0441 0x1c54  RpcSs - ok
03:16:53.0481 0x1c54  [ E04E770DD198B9399640717145E79EBF ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys
03:16:53.0485 0x1c54  rspndr - ok
03:16:53.0513 0x1c54  [ 8EB6DCEB7473C232D8BC9A886E3183AC ] RSUSBVSTOR      C:\windows\System32\Drivers\RtsUVStor.sys
03:16:53.0519 0x1c54  RSUSBVSTOR - ok
03:16:53.0562 0x1c54  [ 34DA0D14F5C3F1883A331AFB975AB434 ] RTL8168         C:\windows\system32\DRIVERS\Rt630x64.sys
03:16:53.0573 0x1c54  RTL8168 - ok
03:16:53.0620 0x1c54  [ AE03548B97CC32199B69E20D29951BD6 ] RTL8192su       C:\windows\system32\DRIVERS\RTL8192su.sys
03:16:53.0632 0x1c54  RTL8192su - ok
03:16:53.0667 0x1c54  [ 752EC7DCD2F96871A3857EEE6AFE965A ] s3cap           C:\windows\System32\drivers\vms3cap.sys
03:16:53.0670 0x1c54  s3cap - ok
03:16:53.0707 0x1c54  [ F702AB6181513303AB0FC8D59E52708B ] SamSs           C:\windows\system32\lsass.exe
03:16:53.0713 0x1c54  SamSs - ok
03:16:53.0743 0x1c54  [ 9C7B28CE0D136DB226E24DB3BC817F92 ] sbp2port        C:\windows\system32\drivers\sbp2port.sys
03:16:53.0747 0x1c54  sbp2port - ok
03:16:53.0781 0x1c54  [ 14316954FCE79C9DE5A0AFF9D42C83AA ] SCardSvr        C:\windows\System32\SCardSvr.dll
03:16:53.0791 0x1c54  SCardSvr - ok
03:16:53.0804 0x1c54  [ 5D7733A12756B267FCA021672B26BC9E ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys
03:16:53.0806 0x1c54  scfilter - ok
03:16:53.0861 0x1c54  [ ED40ED9A65F3E79A8C43DD50C5FDADBF ] Schedule        C:\windows\system32\schedsvc.dll
03:16:53.0885 0x1c54  Schedule - ok
03:16:53.0917 0x1c54  [ BAF8F0F55BC300E5F882E521F054E345 ] SCPolicySvc     C:\windows\System32\certprop.dll
03:16:53.0921 0x1c54  SCPolicySvc - ok
03:16:53.0970 0x1c54  [ F58B030A0664385C707B8C1C63682041 ] sdbus           C:\windows\System32\drivers\sdbus.sys
03:16:54.0037 0x1c54  sdbus - ok
03:16:54.0072 0x1c54  [ 92968277ED491E4B3DDA361E3952361E ] SDRSVC          C:\windows\System32\SDRSVC.dll
03:16:54.0082 0x1c54  SDRSVC - ok
03:16:54.0114 0x1c54  [ BB107AA9980B0DA4E19A3A90C3BD4460 ] sdstor          C:\windows\System32\drivers\sdstor.sys
03:16:54.0118 0x1c54  sdstor - ok
03:16:54.0150 0x1c54  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\windows\system32\drivers\secdrv.sys
03:16:54.0153 0x1c54  secdrv - ok
03:16:54.0172 0x1c54  [ CD282626738B6BC92B6E7CD0AAE95B63 ] seclogon        C:\windows\system32\seclogon.dll
03:16:54.0180 0x1c54  seclogon - ok
03:16:54.0197 0x1c54  [ 9C51620998F0763039DFA6BF68E475ED ] SENS            C:\windows\System32\sens.dll
03:16:54.0205 0x1c54  SENS - ok
03:16:54.0223 0x1c54  [ 0D50B4B860DAB65241628D04CD33ACAE ] SensrSvc        C:\windows\system32\sensrsvc.dll
03:16:54.0233 0x1c54  SensrSvc - ok
03:16:54.0250 0x1c54  [ 87C46B239A7EEF30FDFDD5E9BD46130C ] SerCx           C:\windows\system32\drivers\SerCx.sys
03:16:54.0253 0x1c54  SerCx - ok
03:16:54.0259 0x1c54  [ 7A1F9347C85FD55E39B8A76B3A25C5AD ] Serenum         C:\windows\System32\drivers\serenum.sys
03:16:54.0262 0x1c54  Serenum - ok
03:16:54.0268 0x1c54  [ F640A0A218BBF857F1D04A15D7D939F6 ] Serial          C:\windows\System32\drivers\serial.sys
03:16:54.0273 0x1c54  Serial - ok
03:16:54.0280 0x1c54  [ F1A5F56B2620B862CC28FF96A0A6DAAB ] sermouse        C:\windows\System32\drivers\sermouse.sys
03:16:54.0283 0x1c54  sermouse - ok
03:16:54.0318 0x1c54  [ CB60A60340788C8D6DE2A269D28086AB ] SessionEnv      C:\windows\system32\sessenv.dll
03:16:54.0329 0x1c54  SessionEnv - ok
03:16:54.0335 0x1c54  [ 7EE65419B29302C795714FF8073969A1 ] sfloppy         C:\windows\System32\drivers\sfloppy.sys
03:16:54.0338 0x1c54  sfloppy - ok
03:16:54.0398 0x1c54  [ 090AE16F79C8EAD04E6031F863DA85F3 ] SharedAccess    C:\windows\System32\ipnathlp.dll
03:16:54.0410 0x1c54  SharedAccess - ok
03:16:54.0444 0x1c54  [ A77F3ABE13FCC698511E5DEC7ACEBD5F ] ShellHWDetection C:\windows\System32\shsvcs.dll
03:16:54.0459 0x1c54  ShellHWDetection - ok
03:16:54.0465 0x1c54  [ 2560721D6F16D5B611C36A3A9D28C1B2 ] SiSRaid2        C:\windows\system32\drivers\SiSRaid2.sys
03:16:54.0468 0x1c54  SiSRaid2 - ok
03:16:54.0489 0x1c54  [ 3AA8FDE1DBF65BB8B88B053529554A0D ] SiSRaid4        C:\windows\system32\drivers\sisraid4.sys
03:16:54.0493 0x1c54  SiSRaid4 - ok
03:16:54.0547 0x1c54  [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
03:16:54.0551 0x1c54  SkypeUpdate - ok
03:16:54.0581 0x1c54  [ E660156A4588A84305CB772FD2C0DB21 ] SNMPTRAP        C:\windows\System32\snmptrap.exe
03:16:54.0589 0x1c54  SNMPTRAP - ok
03:16:54.0637 0x1c54  [ FD3AF5575B99871BADB94E7699DBCE08 ] spaceport       C:\windows\system32\drivers\spaceport.sys
03:16:54.0643 0x1c54  spaceport - ok
03:16:54.0661 0x1c54  [ 3D8679C8DF52EB26EB7583A4E0A29202 ] SpbCx           C:\windows\system32\drivers\SpbCx.sys
03:16:54.0664 0x1c54  SpbCx - ok
03:16:54.0702 0x1c54  [ 3F215BF2D4D8D6756298B25B579772C2 ] Spooler         C:\windows\System32\spoolsv.exe
03:16:54.0720 0x1c54  Spooler - ok
03:16:54.0841 0x1c54  [ 061A977C920FBE4BF71FF47C966DDDCA ] sppsvc          C:\windows\system32\sppsvc.exe
03:16:54.0954 0x1c54  sppsvc - ok
03:16:54.0984 0x1c54  [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6 ] srv             C:\windows\system32\DRIVERS\srv.sys
03:16:54.0992 0x1c54  srv - ok
03:16:55.0023 0x1c54  [ 56218A571ECF8D55E0CDFF8DF2546CF1 ] srv2            C:\windows\system32\DRIVERS\srv2.sys
03:16:55.0034 0x1c54  srv2 - ok
03:16:55.0065 0x1c54  [ 14FC338B80CFF7E04215133B568D15C4 ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys
03:16:55.0071 0x1c54  srvnet - ok
03:16:55.0104 0x1c54  [ 8F8324ED1DE63FFC7B1A02CD2D963C72 ] ssadbus         C:\windows\System32\drivers\ssadbus.sys
03:16:55.0127 0x1c54  ssadbus - ok
03:16:55.0153 0x1c54  [ 58221EFCB74167B73667F0024C661CE0 ] ssadmdfl        C:\windows\system32\DRIVERS\ssadmdfl.sys
03:16:55.0156 0x1c54  ssadmdfl - ok
03:16:55.0175 0x1c54  [ 4DA7C71BFAC5AD71255B7E4CAB980163 ] ssadmdm         C:\windows\system32\DRIVERS\ssadmdm.sys
03:16:55.0180 0x1c54  ssadmdm - ok
03:16:55.0218 0x1c54  [ 7A20882D76D4A78240A5AC9F2C2EBA21 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll
03:16:55.0229 0x1c54  SSDPSRV - ok
03:16:55.0240 0x1c54  [ D233B16999A8E626F6004BD7814C57EC ] SstpSvc         C:\windows\system32\sstpsvc.dll
03:16:55.0249 0x1c54  SstpSvc - ok
03:16:55.0301 0x1c54  [ 3DBF9D2E5DE3A72B37AB27ABB79FEE69 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
03:16:55.0308 0x1c54  Steam Client Service - ok
03:16:55.0340 0x1c54  [ 4E85355B94CFCB67C135F6521A4895A7 ] stexstor        C:\windows\system32\drivers\stexstor.sys
03:16:55.0343 0x1c54  stexstor - ok
03:16:55.0378 0x1c54  [ BAC8A721736AECC55A4F71523AEAB65F ] stisvc          C:\windows\System32\wiaservc.dll
03:16:55.0394 0x1c54  stisvc - ok
03:16:55.0429 0x1c54  [ B240874B2CA0CD02E8CD11E140B14C57 ] storahci        C:\windows\system32\drivers\storahci.sys
03:16:55.0433 0x1c54  storahci - ok
03:16:55.0466 0x1c54  [ F74DBC95A57B1EE866D3732EB5F79BE2 ] storflt         C:\windows\system32\DRIVERS\vmstorfl.sys
03:16:55.0469 0x1c54  storflt - ok
03:16:55.0497 0x1c54  [ 5337E138B49ED1F44CCBA4073BC35C20 ] StorSvc         C:\windows\system32\storsvc.dll
03:16:55.0506 0x1c54  StorSvc - ok
03:16:55.0524 0x1c54  [ 543CD3CC0E05B8D8815E0D4F040B6F59 ] storvsc         C:\windows\system32\drivers\storvsc.sys
03:16:55.0527 0x1c54  storvsc - ok
03:16:55.0544 0x1c54  [ 8BC1C1ED6EF9C985A3FAA6A72F41679A ] svsvc           C:\windows\system32\svsvc.dll
03:16:55.0552 0x1c54  svsvc - ok
03:16:55.0568 0x1c54  [ 4AFD66AAE74FFB5986BC240744DC5FC9 ] swenum          C:\windows\System32\drivers\swenum.sys
03:16:55.0571 0x1c54  swenum - ok
03:16:55.0599 0x1c54  [ 502F9488540051F3E6C39889ECFA76BB ] swprv           C:\windows\System32\swprv.dll
03:16:55.0616 0x1c54  swprv - ok
03:16:55.0661 0x1c54  [ B9337BA722226E765AE00E9EE6D72DEB ] SynTP           C:\windows\system32\DRIVERS\SynTP.sys
03:16:55.0668 0x1c54  SynTP - ok
03:16:55.0733 0x1c54  [ A06CB9269D29EE3D0F3F5630ABB660B8 ] SysMain         C:\windows\system32\sysmain.dll
03:16:55.0758 0x1c54  SysMain - ok
03:16:55.0787 0x1c54  [ 6FB88606C4A71E1BFAF97D63A676C673 ] SystemEventsBroker C:\windows\System32\SystemEventsBrokerServer.dll
03:16:55.0797 0x1c54  SystemEventsBroker - ok
03:16:55.0826 0x1c54  [ A6C06C45C44AD06C70AF8899AEC15BDC ] TabletInputService C:\windows\System32\TabSvc.dll
03:16:55.0835 0x1c54  TabletInputService - ok
03:16:55.0861 0x1c54  [ 66DCA83E5EC76FA1B004BF04D885D29F ] taphss6         C:\windows\system32\DRIVERS\taphss6.sys
03:16:55.0885 0x1c54  taphss6 - ok
03:16:55.0908 0x1c54  [ 88B7721AB551C4325036B25A34A2BF7B ] TapiSrv         C:\windows\System32\tapisrv.dll
03:16:55.0922 0x1c54  TapiSrv - ok
03:16:55.0992 0x1c54  [ 1794C43A000A47D92B3304FC1E3E512A ] Tcpip           C:\windows\system32\drivers\tcpip.sys
03:16:56.0024 0x1c54  Tcpip - ok
03:16:56.0062 0x1c54  [ 1794C43A000A47D92B3304FC1E3E512A ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys
03:16:56.0084 0x1c54  TCPIP6 - ok
03:16:56.0111 0x1c54  [ 8F2A13A5DF99D72FDDE87F502A66F989 ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys
03:16:56.0114 0x1c54  tcpipreg - ok
03:16:56.0129 0x1c54  [ 73DC722CE5DF26D7638CE2446F2655C7 ] tdx             C:\windows\system32\DRIVERS\tdx.sys
03:16:56.0133 0x1c54  tdx - ok
03:16:56.0153 0x1c54  [ F7C8AB5D8AFFAA318D6A21093D139BF4 ] terminpt        C:\windows\System32\drivers\terminpt.sys
03:16:56.0156 0x1c54  terminpt - ok
03:16:56.0193 0x1c54  [ 541EE228D0DEF392F7B2DFD885DD021B ] TermService     C:\windows\System32\termsrv.dll
03:16:56.0210 0x1c54  TermService - ok
03:16:56.0232 0x1c54  [ 519A6F672FFF56B7D8EE8C730CEC8ECD ] Themes          C:\windows\system32\themeservice.dll
03:16:56.0241 0x1c54  Themes - ok
03:16:56.0270 0x1c54  [ EEE908BE7143FCA48CF0CB87214E2AB8 ] THREADORDER     C:\windows\system32\mmcss.dll
03:16:56.0275 0x1c54  THREADORDER - ok
03:16:56.0310 0x1c54  [ 4515B9E4140F04FB3907692DF89FCA87 ] TimeBroker      C:\windows\System32\TimeBrokerServer.dll
03:16:56.0320 0x1c54  TimeBroker - ok
03:16:56.0350 0x1c54  [ 6F0BFF80EE2A5BC841286A51F893CBAD ] TPM             C:\windows\system32\drivers\tpm.sys
03:16:56.0354 0x1c54  TPM - ok
03:16:56.0376 0x1c54  [ 8C8CF3041B27E7657ADD0EE17F6DBFCA ] TrkWks          C:\windows\System32\trkwks.dll
03:16:56.0385 0x1c54  TrkWks - ok
03:16:56.0440 0x1c54  [ 8ABBB5CE0C62E0A6D28F32F44B7F865C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
03:16:56.0444 0x1c54  TrustedInstaller - ok
03:16:56.0479 0x1c54  [ 4E7C5FB10A50435523DE0CAA37DE2BD3 ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys
03:16:56.0482 0x1c54  TsUsbFlt - ok
03:16:56.0489 0x1c54  [ 16D684A820872EE54F6370703AC0B513 ] TsUsbGD         C:\windows\System32\drivers\TsUsbGD.sys
03:16:56.0492 0x1c54  TsUsbGD - ok
03:16:56.0510 0x1c54  [ 78C9EE193AC2B4CBDBC48B620314D740 ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys
03:16:56.0515 0x1c54  tunnel - ok
03:16:56.0529 0x1c54  [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A ] uagp35          C:\windows\system32\drivers\uagp35.sys
03:16:56.0532 0x1c54  uagp35 - ok
03:16:56.0541 0x1c54  [ 6FD6D03B7752C78712E5CFF29A305026 ] UASPStor        C:\windows\System32\drivers\uaspstor.sys
03:16:56.0545 0x1c54  UASPStor - ok
03:16:56.0570 0x1c54  [ 4834158B8D06A153FADAB6B85320FBBE ] UCX01000        C:\windows\System32\drivers\ucx01000.sys
03:16:56.0576 0x1c54  UCX01000 - ok
03:16:56.0610 0x1c54  [ 25C50F4EDF70D0A831E0566BD181CCF2 ] udfs            C:\windows\system32\DRIVERS\udfs.sys
03:16:56.0617 0x1c54  udfs - ok
03:16:56.0658 0x1c54  [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D ] UI0Detect       C:\windows\system32\UI0Detect.exe
03:16:56.0666 0x1c54  UI0Detect - ok
03:16:56.0683 0x1c54  [ 07FEBCDF24FABA0D47B635D85A0FFB7A ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys
03:16:56.0686 0x1c54  uliagpkx - ok
03:16:56.0700 0x1c54  [ 02CEB3FE6152668A7BA420B93B664860 ] umbus           C:\windows\System32\drivers\umbus.sys
03:16:56.0703 0x1c54  umbus - ok
03:16:56.0710 0x1c54  [ 991EE6B5FC41EAEF99C8AF5B92F2CA09 ] UmPass          C:\windows\System32\drivers\umpass.sys
03:16:56.0713 0x1c54  UmPass - ok
03:16:56.0728 0x1c54  [ 43FEFB040A0CC30F795FBF544169594D ] UmRdpService    C:\windows\System32\umrdp.dll
03:16:56.0740 0x1c54  UmRdpService - ok
03:16:56.0851 0x1c54  [ DBE2E6388379D5CC78099650541E9566 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
03:16:56.0857 0x1c54  UNS - ok
03:16:56.0888 0x1c54  [ 14D22C411854AA2560AFC94CD2D5E61F ] upnphost        C:\windows\System32\upnphost.dll
03:16:56.0904 0x1c54  upnphost - ok
03:16:56.0926 0x1c54  [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64       C:\windows\System32\Drivers\usbaapl64.sys
03:16:56.0929 0x1c54  USBAAPL64 - ok
03:16:56.0963 0x1c54  [ 3FBE0784E42E7BA93FCC5201D2BAFE23 ] usbaudio        C:\windows\system32\drivers\usbaudio.sys
03:16:56.0967 0x1c54  usbaudio - ok
03:16:56.0988 0x1c54  [ 2AF9F0E16D75B8F783A1ACE74EF51C9B ] usbccgp         C:\windows\System32\drivers\usbccgp.sys
03:16:56.0992 0x1c54  usbccgp - ok
03:16:57.0012 0x1c54  [ B395B62B62F28106218FA6FB17F4C797 ] usbcir          C:\windows\System32\drivers\usbcir.sys
03:16:57.0017 0x1c54  usbcir - ok
03:16:57.0053 0x1c54  [ 52F267AEE8CA5AA5CEB88C6A71EE1E86 ] usbehci         C:\windows\System32\drivers\usbehci.sys
03:16:57.0056 0x1c54  usbehci - ok
03:16:57.0095 0x1c54  [ ADBF89B8E0BB372FEFE2E4B84E1E20AE ] usbhub          C:\windows\System32\drivers\usbhub.sys
03:16:57.0103 0x1c54  usbhub - ok
03:16:57.0142 0x1c54  [ EA040D4C6C94F315A85F3D0EAA884B37 ] USBHUB3         C:\windows\System32\drivers\UsbHub3.sys
03:16:57.0151 0x1c54  USBHUB3 - ok
03:16:57.0169 0x1c54  [ 325F6179009B5A7F6118951A5BA422AB ] usbohci         C:\windows\System32\drivers\usbohci.sys
03:16:57.0172 0x1c54  usbohci - ok
03:16:57.0188 0x1c54  [ BA3ABE0CD1C14B3295BAD0F076B84CAC ] usbprint        C:\windows\System32\drivers\usbprint.sys
03:16:57.0191 0x1c54  usbprint - ok
03:16:57.0221 0x1c54  [ A9858597B6DB695F78A37F6755A6FF98 ] usbscan         C:\windows\system32\DRIVERS\usbscan.sys
03:16:57.0224 0x1c54  usbscan - ok
03:16:57.0262 0x1c54  [ BFC7FE4AAEB61317A921871B4085EF4B ] USBSTOR         C:\windows\System32\drivers\USBSTOR.SYS
03:16:57.0266 0x1c54  USBSTOR - ok
03:16:57.0291 0x1c54  [ D25EF4A6EC244C5DE85D88A05B7C149D ] usbuhci         C:\windows\System32\drivers\usbuhci.sys
03:16:57.0309 0x1c54  usbuhci - ok
03:16:57.0344 0x1c54  [ 09799E701B4327097E9F63D3FE221083 ] usbvideo        C:\windows\System32\Drivers\usbvideo.sys
03:16:57.0350 0x1c54  usbvideo - ok
03:16:57.0382 0x1c54  [ 1ADCF0A490C2845637B334626669CD6F ] USBXHCI         C:\windows\System32\drivers\USBXHCI.SYS
03:16:57.0409 0x1c54  USBXHCI - ok
03:16:57.0435 0x1c54  [ F702AB6181513303AB0FC8D59E52708B ] VaultSvc        C:\windows\system32\lsass.exe
03:16:57.0440 0x1c54  VaultSvc - ok
03:16:57.0460 0x1c54  [ BACECBFF9C97F7627A60B0E0F1FE7EE8 ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys
03:16:57.0462 0x1c54  vdrvroot - ok
03:16:57.0497 0x1c54  [ 1B4488988E5E7512E6C5CD1255E9E973 ] vds             C:\windows\System32\vds.exe
03:16:57.0514 0x1c54  vds - ok
03:16:57.0526 0x1c54  [ 74FA2D4368DE6F6CE14393EDF1F342BE ] VerifierExt     C:\windows\system32\drivers\VerifierExt.sys
03:16:57.0530 0x1c54  VerifierExt - ok
03:16:57.0577 0x1c54  [ 500BE6B2E49883720D0AE8BB859ED7A3 ] vhdmp           C:\windows\System32\drivers\vhdmp.sys
03:16:57.0586 0x1c54  vhdmp - ok
03:16:57.0607 0x1c54  [ F5B4A14B00E89250C50982AC762DDD1D ] viaide          C:\windows\system32\drivers\viaide.sys
03:16:57.0610 0x1c54  viaide - ok
03:16:57.0627 0x1c54  [ 78DB50F7329F6D1311658DABFFFC8BE0 ] vmbus           C:\windows\system32\drivers\vmbus.sys
03:16:57.0631 0x1c54  vmbus - ok
03:16:57.0637 0x1c54  [ ECFEE2F2BA3932C7880D1A8F67D68F91 ] VMBusHID        C:\windows\System32\drivers\VMBusHID.sys
03:16:57.0641 0x1c54  VMBusHID - ok
03:16:57.0673 0x1c54  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicheartbeat   C:\windows\System32\ICSvc.dll
03:16:57.0683 0x1c54  vmicheartbeat - ok
03:16:57.0692 0x1c54  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmickvpexchange C:\windows\System32\ICSvc.dll
03:16:57.0699 0x1c54  vmickvpexchange - ok
03:16:57.0708 0x1c54  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicrdv         C:\windows\System32\ICSvc.dll
03:16:57.0715 0x1c54  vmicrdv - ok
03:16:57.0725 0x1c54  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicshutdown    C:\windows\System32\ICSvc.dll
03:16:57.0732 0x1c54  vmicshutdown - ok
03:16:57.0741 0x1c54  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmictimesync    C:\windows\System32\ICSvc.dll
03:16:57.0748 0x1c54  vmictimesync - ok
03:16:57.0757 0x1c54  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicvss         C:\windows\System32\ICSvc.dll
03:16:57.0764 0x1c54  vmicvss - ok
03:16:57.0787 0x1c54  [ CB60FAAED8B49B812EBBF77EB87D9B18 ] volmgr          C:\windows\system32\drivers\volmgr.sys
03:16:57.0792 0x1c54  volmgr - ok
03:16:57.0816 0x1c54  [ A74101DA9809251BCD0E5A26BAE0F824 ] volmgrx         C:\windows\system32\drivers\volmgrx.sys
03:16:57.0823 0x1c54  volmgrx - ok
03:16:57.0851 0x1c54  [ 78A5BBA3819FFFC62FFEC3E2220D102D ] volsnap         C:\windows\system32\drivers\volsnap.sys
03:16:57.0858 0x1c54  volsnap - ok
03:16:57.0879 0x1c54  [ A8DA1C1B52ECEA3726DEBED4FF1B700D ] vpci            C:\windows\System32\drivers\vpci.sys
03:16:57.0882 0x1c54  vpci - ok
03:16:57.0891 0x1c54  [ 38A60CD9C009C55C6D3B5586F8E6A353 ] vsmraid         C:\windows\system32\drivers\vsmraid.sys
03:16:57.0895 0x1c54  vsmraid - ok
03:16:57.0958 0x1c54  [ D0C69E44BC1E1D4AD290FD84104623D8 ] VSS             C:\windows\system32\vssvc.exe
03:16:57.0986 0x1c54  VSS - ok
03:16:58.0014 0x1c54  [ A0F6FE0FC2F647C22BBFD6BD4249DBCC ] VSTXRAID        C:\windows\system32\drivers\vstxraid.sys
03:16:58.0020 0x1c54  VSTXRAID - ok
03:16:58.0024 0x1c54  vToolbarUpdater17.0.1 - ok
03:16:58.0051 0x1c54  [ 62460A45435A26A334907E3F2EA45611 ] vwifibus        C:\windows\System32\drivers\vwifibus.sys
03:16:58.0054 0x1c54  vwifibus - ok
03:16:58.0081 0x1c54  [ 095E943D27025E4D588AF0A72CC2318F ] vwififlt        C:\windows\system32\DRIVERS\vwififlt.sys
03:16:58.0085 0x1c54  vwififlt - ok
03:16:58.0101 0x1c54  [ 73FA1A41A97A5C34ADC03B3577FF1A86 ] vwifimp         C:\windows\system32\DRIVERS\vwifimp.sys
03:16:58.0103 0x1c54  vwifimp - ok
03:16:58.0141 0x1c54  [ F690B6EEAA94576727B24376D7ED3601 ] W32Time         C:\windows\system32\w32time.dll
03:16:58.0153 0x1c54  W32Time - ok
03:16:58.0161 0x1c54  [ 6B806E893714019969E2B50D7EF6A4D9 ] WacomPen        C:\windows\System32\drivers\wacompen.sys
03:16:58.0164 0x1c54  WacomPen - ok
03:16:58.0206 0x1c54  [ 61F6972FF9AC9A8D0B4D62076DC30051 ] Wanarp          C:\windows\system32\DRIVERS\wanarp.sys
03:16:58.0210 0x1c54  Wanarp - ok
03:16:58.0214 0x1c54  [ 61F6972FF9AC9A8D0B4D62076DC30051 ] Wanarpv6        C:\windows\system32\DRIVERS\wanarp.sys
03:16:58.0217 0x1c54  Wanarpv6 - ok
03:16:58.0260 0x1c54  [ 42DF22F8C448E7CD219F6D63743505E2 ] wbengine        C:\windows\system32\wbengine.exe
03:16:58.0289 0x1c54  wbengine - ok
03:16:58.0317 0x1c54  [ 31D37B2F6069C631EF0557D322924812 ] WbioSrvc        C:\windows\System32\wbiosrvc.dll
03:16:58.0330 0x1c54  WbioSrvc - ok
03:16:58.0415 0x1c54  [ AF1349386D4C6786EF4E34FACEF15042 ] Wcmsvc          C:\windows\System32\wcmsvc.dll
03:16:58.0428 0x1c54  Wcmsvc - ok
03:16:58.0464 0x1c54  [ 5B5FEAB51172F5513C2CF7B39CFA6A01 ] wcncsvc         C:\windows\System32\wcncsvc.dll
03:16:58.0479 0x1c54  wcncsvc - ok
03:16:58.0501 0x1c54  [ E19556D414332E2BEBA1F368229006B4 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
03:16:58.0510 0x1c54  WcsPlugInService - ok
03:16:58.0548 0x1c54  [ B3A4D918DAB90505B6BC7B70632913CB ] Wd              C:\windows\system32\drivers\wd.sys
03:16:58.0550 0x1c54  Wd - ok
03:16:58.0588 0x1c54  [ FD47DF026B32969B8A68721A0243E8EE ] WdBoot          C:\windows\system32\drivers\WdBoot.sys
03:16:58.0591 0x1c54  WdBoot - ok
03:16:58.0640 0x1c54  [ 2ADC985B85A71BD7D99712EC0C24358B ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys
03:16:58.0653 0x1c54  Wdf01000 - ok
03:16:58.0672 0x1c54  [ 5F425D842DD6ADE9F95A51A0616AFAD7 ] WdFilter        C:\windows\system32\drivers\WdFilter.sys
03:16:58.0679 0x1c54  WdFilter - ok
03:16:58.0697 0x1c54  [ 240FC332484572227CD1DF82407F33E5 ] WdiServiceHost  C:\windows\system32\wdi.dll
03:16:58.0707 0x1c54  WdiServiceHost - ok
03:16:58.0713 0x1c54  [ 240FC332484572227CD1DF82407F33E5 ] WdiSystemHost   C:\windows\system32\wdi.dll
03:16:58.0722 0x1c54  WdiSystemHost - ok
03:16:58.0763 0x1c54  [ F2002DA5E6B78C15B2CD48CFF8F0FBB6 ] WebClient       C:\windows\System32\webclnt.dll
03:16:58.0775 0x1c54  WebClient - ok
03:16:58.0789 0x1c54  [ 35FD720943D4FCD75C3275BF062FF140 ] Wecsvc          C:\windows\system32\wecsvc.dll
03:16:58.0801 0x1c54  Wecsvc - ok
03:16:58.0822 0x1c54  [ 4D2612E3C462B68F499D840B1133263E ] wercplsupport   C:\windows\System32\wercplsupport.dll
03:16:58.0833 0x1c54  wercplsupport - ok
03:16:58.0868 0x1c54  [ 5F70EBFC1F75B487DE79501E3CCBDB54 ] WerSvc          C:\windows\System32\WerSvc.dll
03:16:58.0878 0x1c54  WerSvc - ok
03:16:58.0903 0x1c54  [ 3F1F31883EAC9DDDF836ACC6D1DAC36C ] WFPLWFS         C:\windows\system32\DRIVERS\wfplwfs.sys
03:16:58.0907 0x1c54  WFPLWFS - ok
03:16:58.0923 0x1c54  [ 60E0C220593DA4F7C289CB909D2DBAE0 ] WiaRpc          C:\windows\System32\wiarpc.dll
03:16:58.0933 0x1c54  WiaRpc - ok
03:16:58.0952 0x1c54  [ A3C7624A42A3447EF5EDD1ED37FE4E60 ] WIMMount        C:\windows\system32\drivers\wimmount.sys
03:16:58.0955 0x1c54  WIMMount - ok
03:16:58.0985 0x1c54  WinDefend - ok
03:16:59.0033 0x1c54  [ 7911470B6018059A880469A63B65700A ] WinHttpAutoProxySvc C:\windows\system32\winhttp.dll
03:16:59.0050 0x1c54  WinHttpAutoProxySvc - ok
03:16:59.0114 0x1c54  [ 3D6B518B71C75C8FA4115A33615C107A ] Winmgmt         C:\windows\system32\wbem\WMIsvc.dll
03:16:59.0120 0x1c54  Winmgmt - ok
03:16:59.0207 0x1c54  [ 8E212A627F33F6FC3B5F3BB47212F66E ] WinRM           C:\windows\system32\WsmSvc.dll
03:16:59.0252 0x1c54  WinRM - ok
03:16:59.0295 0x1c54  [ BB20956C424531003F7FA6CD36F11D5D ] WinUsb          C:\windows\system32\DRIVERS\WinUsb.sys
03:16:59.0298 0x1c54  WinUsb - ok
03:16:59.0351 0x1c54  [ 6351724B8FA0255C2DBD970297F00B93 ] WlanSvc         C:\windows\System32\wlansvc.dll
03:16:59.0377 0x1c54  WlanSvc - ok
03:16:59.0446 0x1c54  [ B330CE47FB74A6BE9A3FFFF4B3F64D9B ] wlidsvc         C:\windows\system32\wlidsvc.dll
03:16:59.0480 0x1c54  wlidsvc - ok
03:16:59.0509 0x1c54  [ E2A596CACFC6504306CDB7B593B90084 ] WmiAcpi         C:\windows\System32\drivers\wmiacpi.sys
03:16:59.0513 0x1c54  WmiAcpi - ok
03:16:59.0551 0x1c54  [ D113499052C5E541906B727779F0F959 ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe
03:16:59.0556 0x1c54  wmiApSrv - ok
03:16:59.0607 0x1c54  WMPNetworkSvc - ok
03:16:59.0633 0x1c54  [ C6FF953D5D6F2EAE3B8883474D5076B3 ] wpcfltr         C:\windows\system32\DRIVERS\wpcfltr.sys
03:16:59.0636 0x1c54  wpcfltr - ok
03:16:59.0669 0x1c54  [ A6ED163169876BFD2437E872FE2F1509 ] WPCSvc          C:\windows\System32\wpcsvc.dll
03:16:59.0678 0x1c54  WPCSvc - ok
03:16:59.0702 0x1c54  [ 3013658A4D327854BEEC4A08D9655194 ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll
03:16:59.0713 0x1c54  WPDBusEnum - ok
03:16:59.0730 0x1c54  [ 0346CAFC181C91C6E2330332EB332ED6 ] WpdUpFltr       C:\windows\system32\drivers\WpdUpFltr.sys
03:16:59.0733 0x1c54  WpdUpFltr - ok
03:16:59.0767 0x1c54  [ BC8B5CB336E63BB25EAD1CE8EDD34B81 ] ws2ifsl         C:\windows\system32\drivers\ws2ifsl.sys
03:16:59.0769 0x1c54  ws2ifsl - ok
03:16:59.0797 0x1c54  [ 012CFE7F0F95266F554EE3B91EE2128A ] wscsvc          C:\windows\System32\wscsvc.dll
03:16:59.0808 0x1c54  wscsvc - ok
03:16:59.0814 0x1c54  WSearch - ok
03:16:59.0885 0x1c54  [ D4D04839F3DFAF09D94BAB1016F7A297 ] WSService       C:\windows\System32\WSService.dll
03:16:59.0925 0x1c54  WSService - ok
03:17:00.0016 0x1c54  [ 9DEC60D4783377097014DFCCA31E69F8 ] wuauserv        C:\windows\system32\wuaueng.dll
03:17:00.0067 0x1c54  wuauserv - ok
03:17:00.0103 0x1c54  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\windows\system32\drivers\WudfPf.sys
03:17:00.0107 0x1c54  WudfPf - ok
03:17:00.0127 0x1c54  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\windows\System32\drivers\WUDFRd.sys
03:17:00.0131 0x1c54  WUDFRd - ok
03:17:00.0140 0x1c54  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFSensorLP    C:\windows\system32\DRIVERS\WUDFRd.sys
03:17:00.0144 0x1c54  WUDFSensorLP - ok
03:17:00.0181 0x1c54  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\windows\System32\WUDFSvc.dll
03:17:00.0191 0x1c54  wudfsvc - ok
03:17:00.0200 0x1c54  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdFs       C:\windows\system32\DRIVERS\WUDFRd.sys
03:17:00.0203 0x1c54  WUDFWpdFs - ok
03:17:00.0210 0x1c54  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdMtp      C:\windows\system32\DRIVERS\WUDFRd.sys
03:17:00.0213 0x1c54  WUDFWpdMtp - ok
03:17:00.0261 0x1c54  [ 6D9E07436B6646EC8F7EFFD39B6BA288 ] WwanSvc         C:\windows\System32\wwansvc.dll
03:17:00.0276 0x1c54  WwanSvc - ok
03:17:00.0338 0x1c54  [ 03CD249A16CF815FFFD347DC61EF9E6D ] ZAtheros Bt and Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
03:17:00.0417 0x1c54  ZAtheros Bt and Wlan Coex Agent - ok
03:17:00.0518 0x1c54  ‮etadpug ( Rootkit.Win32.PMax.gen ) - infected
03:17:00.0518 0x1c54  ‮etadpug - detected Rootkit.Win32.PMax.gen (0)
03:17:00.0525 0x1c54  ================ Scan global ===============================
03:17:00.0569 0x1c54  [ DDC1AFBF9DDF880CE9BD3896114D8DED ] C:\windows\system32\basesrv.dll
03:17:00.0595 0x1c54  [ E9343076AE704D20BB0D01F3AF3EFFEF ] C:\windows\system32\winsrv.dll
03:17:00.0632 0x1c54  [ BD7C6949984D19AAA609896B675E7357 ] C:\windows\system32\sxssrv.dll
03:17:00.0678 0x1c54  [ 8F226143046435C75C033B0C52E90FFE ] C:\windows\system32\services.exe
03:17:00.0690 0x1c54  [Global] - ok
03:17:00.0691 0x1c54  ================ Scan MBR ==================================
03:17:00.0704 0x1c54  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
03:17:00.0712 0x1c54  \Device\Harddisk0\DR0 - ok
03:17:00.0713 0x1c54  ================ Scan VBR ==================================
03:17:00.0724 0x1c54  [ BACDD0A24F9B4AA7E3657C9B392CBE8E ] \Device\Harddisk0\DR0\Partition1
03:17:00.0726 0x1c54  \Device\Harddisk0\DR0\Partition1 - ok
03:17:00.0738 0x1c54  [ 30437BABCE2B18ACD31A90E76C729379 ] \Device\Harddisk0\DR0\Partition2
03:17:00.0740 0x1c54  \Device\Harddisk0\DR0\Partition2 - ok
03:17:00.0751 0x1c54  [ C92971123E4B40A85E5F3ED2A0D2C250 ] \Device\Harddisk0\DR0\Partition3
03:17:00.0752 0x1c54  \Device\Harddisk0\DR0\Partition3 - ok
03:17:00.0759 0x1c54  [ 1CDFA47B57C16C8A733D4E2173A15794 ] \Device\Harddisk0\DR0\Partition4
03:17:00.0761 0x1c54  \Device\Harddisk0\DR0\Partition4 - ok
03:17:00.0795 0x1c54  [ 26C1094C3DAE09627CD0CDCD05ED22E0 ] \Device\Harddisk0\DR0\Partition5
03:17:00.0796 0x1c54  \Device\Harddisk0\DR0\Partition5 - ok
03:17:00.0814 0x1c54  [ 2E226773C81AB18ECA70895D2A29130C ] \Device\Harddisk0\DR0\Partition6
03:17:00.0815 0x1c54  \Device\Harddisk0\DR0\Partition6 - ok
03:17:00.0816 0x1c54  ============================================================
03:17:00.0816 0x1c54  Scan finished
03:17:00.0816 0x1c54  ============================================================
03:17:00.0828 0x1ce8  Detected object count: 1
03:17:00.0828 0x1ce8  Actual detected object count: 1
03:17:15.0145 0x1ce8  HKLM\SYSTEM\ControlSet001\services\‮etadpug - will be deleted on reboot
03:17:15.0390 0x1ce8  C:\Program Files (x86)\Google\Desktop\Install\{dba38142-b90f-8f8a-9c78-c905f18f694e}\   \...\‮ﯹ๛\{dba38142-b90f-8f8a-9c78-c905f18f694e}\GoogleUpdate.exe - will be deleted on reboot
03:17:15.0390 0x1ce8  ‮etadpug ( Rootkit.Win32.PMax.gen ) - User select action: Delete 
03:17:33.0404 0x21c0  Deinitialize success
 

AdwCleaner log:

 

# AdwCleaner v3.005 - Report created 25/09/2013 at 03:26:20
# Updated 22/09/2013 by Xplode
# Operating System : Windows 8  (64 bits)
# Username : Thomas - BATCOMPUTER
# Running from : C:\Users\Thomas\Downloads\AdwCleaner (1).exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\4oqzs72j.default\jetpack
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v10.0.9200.16688
 
 
-\\ Mozilla Firefox v23.0.1 (en-US)
 
[ File : C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\4oqzs72j.default\prefs.js ]
 
 
-\\ Google Chrome v29.0.1547.76
 
[ File : C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [5830 octets] - [23/09/2013 16:15:59]
AdwCleaner[R1].txt - [1100 octets] - [25/09/2013 03:25:01]
AdwCleaner[S0].txt - [5851 octets] - [23/09/2013 16:16:42]
AdwCleaner[S1].txt - [1026 octets] - [25/09/2013 03:26:20]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1086 octets] ##########
 

 

ESET log:

 

C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\File System\001\t\00\00000000 Win32/InstalleRex.K application cleaned by deleting - quarantined
C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\File System\001\t\00\00000001 Win32/InstalleRex.K application cleaned by deleting - quarantined
C:\Users\Thomas\Downloads\cbsidlm-cbsi134-VSDC_Free_Video_Editor-ORG-75764187.exe probably a variant of Win32/CNETInstaller.A application cleaned by deleting - quarantined
C:\Users\Thomas\Downloads\FFSetup3.1.1.0.exe multiple threats cleaned by deleting - quarantined
 
---------

 

Thanks again for the help.



#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,026 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:04 AM

Posted 25 September 2013 - 07:25 PM

Hello, you have the latest version of a ZeroAccess rootkit. To remove it we need to get a deeper look. Please follow this Preparation Guide and post in a new topic.
Let me know if all went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 komododragon

komododragon
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:07:04 AM

Posted 25 September 2013 - 09:59 PM

Okay, thanks! New topic has been posted here http://www.bleepingcomputer.com/forums/t/509013/zeroaccess-rootkit-need-help-removing/



#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,026 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:04 AM

Posted 26 September 2013 - 01:36 PM

You're welcome!!

Now that your log is properly posted, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a Malware Removal Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.
From this point on the Malware Removal Team should be the only members that you take advice from, until they have verified your log as clean.
Please be patient. It may take a while to get a response because the Malware Removal Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the Malware Removal Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRL Team member is already assisting you and not open the thread to respond.
The current wait time is 1 - 2 days and ALL logs are answered.
If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.
To avoid confusion, I am closing this topic.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users