Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Sluggish Laptop, Hacked E-mail


  • Please log in to reply
6 replies to this topic

#1 MDLopez

MDLopez

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:44 AM

Posted 25 September 2013 - 12:46 AM

Hi, this is my first post so bear with me.

 

I was gifted a used laptop a while back which the previous user was frustrated with. Their reason for handing it over was because of the random freezes and slow spells it would have. Since owning the laptop I have run antivirus scans, disk defrags, and cleanups but nothing seemed to stop the sporadic sluggishness/unresponsiveness. Recently, I had my e-mail send out spam messages to people in my contacts list and I think that could have something to do with the slowness, whether it be malware that hasn't been found or what have you. I have since ran MBAM and Windows Security Essentials and changed my password.

 

I mostly use this computer to surf the web with Google Chrome so that is when the slowness starts. I'd start up the laptop, click on my browser and maybe 20-30 minutes in my HDD light would go on, the hard drive would start making high pitched noises, and the computer would slow down to a crawl or completely freeze for minutes at a time. I'm running Windows Vista.

 

In short, I think I'm infected. Is their any steps I can take to make sure I'm not? Any help would be greatly appreciated. Thanks.



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:44 AM

Posted 02 October 2013 - 09:49 PM

Hello MDLopez, let's see if we can see something.

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



    Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .
    ADW Cleaner

    Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 MDLopez

MDLopez
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:44 AM

Posted 03 October 2013 - 10:42 PM

Hey Boopme, thanks for your time.
 
 
MiniToolBox by Farbar  Version: 13-07-2013
Ran by Kathy (administrator) on 03-10-2013 at 21:12:59
Running from "C:\Users\Kathy\Desktop"
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
 
127.0.0.1                               hl2rcv.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1                               adobe.activate.com
127.0.0.1                               adobeereg.com                        
127.0.0.1                               www.adobeereg.com                    
127.0.0.1                               wwis-dubc1-vip60.adobe.com           
127.0.0.1                               125.252.224.90                       
 
There are 1 more lines starting with "127.0.0.1"
 
========================= IP Configuration: ================================
 
MAC Bridge Miniport = Network Bridge (Connected)
Broadcom 4321AG 802.11a/b/g/draft-n Wi-Fi Adapter = Wireless Network Connection (Connected)
NVIDIA nForce 10/100 Mbps Ethernet  = Local Area Connection (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Mike-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Ethernet adapter Network Bridge:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : MAC Bridge Miniport
   Physical Address. . . . . . . . . : 02-1B-24-81-51-BC
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::44da:e8fa:63dd:7835%13(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.104(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Monday, September 30, 2013 1:12:38 AM
   Lease Expires . . . . . . . . . . : Friday, October 04, 2013 7:53:16 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 352459379
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-0E-6B-68-0F-00-1B-24-81-51-BC
   DNS Servers . . . . . . . . . . . : 167.206.245.130
                                       167.206.245.129
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter Local Area Connection* 6:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : isatap.{488DA277-49C8-4E03-ACFE-FC34BFC1B9A4}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 7:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 02-00-54-55-4E-01
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6abd:1437:2815:3f57:fe97(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::1437:2815:3f57:fe97%10(Preferred) 
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  vdns2.srv.prnynj.cv.net
Address:  167.206.245.130
 
Name:    google.com
Addresses:  2607:f8b0:4006:802::1008
 173.194.43.7
 173.194.43.5
 173.194.43.0
 173.194.43.1
 173.194.43.14
 173.194.43.2
 173.194.43.3
 173.194.43.4
 173.194.43.6
 173.194.43.9
 173.194.43.8
 
 
 
Pinging google.com [74.125.226.233] with 32 bytes of data:
 
Reply from 74.125.226.233: bytes=32 time=12ms TTL=55
 
Reply from 74.125.226.233: bytes=32 time=12ms TTL=55
 
 
 
Ping statistics for 74.125.226.233:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 12ms, Maximum = 12ms, Average = 12ms
 
Server:  vdns2.srv.prnynj.cv.net
Address:  167.206.245.130
 
Name:    yahoo.com
Addresses:  98.139.183.24
 206.190.36.45
 98.138.253.109
 
 
 
Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
 
Reply from 206.190.36.45: bytes=32 time=174ms TTL=48
 
Reply from 206.190.36.45: bytes=32 time=128ms TTL=49
 
 
 
Ping statistics for 206.190.36.45:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 128ms, Maximum = 174ms, Average = 151ms
 
 
 
Pinging 127.0.0.1 with 32 bytes of data:
 
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
 
 
Ping statistics for 127.0.0.1:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
 
===========================================================================
Interface List
 13 ...02 1b 24 81 51 bc ...... MAC Bridge Miniport
  1 ........................... Software Loopback Interface 1
 14 ...00 00 00 00 00 00 00 e0  isatap.{488DA277-49C8-4E03-ACFE-FC34BFC1B9A4}
 10 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.104     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link     192.168.1.104    281
    192.168.1.104  255.255.255.255         On-link     192.168.1.104    281
    192.168.1.255  255.255.255.255         On-link     192.168.1.104    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.1.104    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.1.104    281
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 10     18 ::/0                     On-link
  1    306 ::1/128                  On-link
 10     18 2001::/32                On-link
 10    266 2001:0:9d38:6abd:1437:2815:3f57:fe97/128
                                    On-link
 13    281 fe80::/64                On-link
 10    266 fe80::/64                On-link
 10    266 fe80::1437:2815:3f57:fe97/128
                                    On-link
 13    281 fe80::44da:e8fa:63dd:7835/128
                                    On-link
  1    306 ff00::/8                 On-link
 10    266 ff00::/8                 On-link
 13    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 mswsock.dll [File Not found] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
 
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 mswsock.dll [File Not found] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
 
Catalog5 06 C:\Windows\system32\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (10/03/2013 05:38:19 PM) (Source: MsiInstaller) (User: MIKE-PC)
Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed.  Contact your technical support group.  System Error 1612.
 
Error: (10/03/2013 00:38:22 PM) (Source: MsiInstaller) (User: MIKE-PC)
Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed.  Contact your technical support group.  System Error 1612.
 
Error: (10/03/2013 07:09:08 AM) (Source: MsiInstaller) (User: MIKE-PC)
Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed.  Contact your technical support group.  System Error 1612.
 
Error: (10/03/2013 01:07:11 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 53477
 
Error: (10/03/2013 01:07:11 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 53477
 
Error: (10/03/2013 01:07:11 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (10/03/2013 01:07:10 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 52479
 
Error: (10/03/2013 01:07:10 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 52479
 
Error: (10/03/2013 01:07:10 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (10/03/2013 01:07:09 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 51480
 
 
System errors:
=============
Error: (10/02/2013 03:49:43 AM) (Source: Service Control Manager) (User: )
Description: 30000stisvc
 
Error: (09/30/2013 01:13:50 AM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058
 
Error: (09/30/2013 01:12:21 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 5:47:31 PM on 9/29/2013 was unexpected.
 
Error: (09/29/2013 03:43:27 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058
 
Error: (09/29/2013 03:42:36 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 3:39:21 PM on 9/29/2013 was unexpected.
 
Error: (09/29/2013 01:38:48 AM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058
 
Error: (09/29/2013 01:37:52 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 1:35:42 AM on 9/29/2013 was unexpected.
 
Error: (09/27/2013 03:43:28 PM) (Source: DCOM) (User: )
Description: {752073A1-23F2-4396-85F0-8FDB879ED0ED}
 
Error: (09/24/2013 11:48:03 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058
 
Error: (09/24/2013 10:57:42 PM) (Source: Service Control Manager) (User: )
Description: Windows Search%%1053
 
 
Microsoft Office Sessions:
=========================
Error: (10/03/2013 05:38:19 PM) (Source: MsiInstaller)(User: MIKE-PC)
Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed.  Contact your technical support group.  System Error 1612.(NULL)(NULL)(NULL)(NULL)
 
Error: (10/03/2013 00:38:22 PM) (Source: MsiInstaller)(User: MIKE-PC)
Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed.  Contact your technical support group.  System Error 1612.(NULL)(NULL)(NULL)(NULL)
 
Error: (10/03/2013 07:09:08 AM) (Source: MsiInstaller)(User: MIKE-PC)
Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed.  Contact your technical support group.  System Error 1612.(NULL)(NULL)(NULL)(NULL)
 
Error: (10/03/2013 01:07:11 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 53477
 
Error: (10/03/2013 01:07:11 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 53477
 
Error: (10/03/2013 01:07:11 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (10/03/2013 01:07:10 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 52479
 
Error: (10/03/2013 01:07:10 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 52479
 
Error: (10/03/2013 01:07:10 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (10/03/2013 01:07:09 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 51480
 
 
CodeIntegrity Errors:
===================================
  Date: 2013-09-07 23:01:13.018
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-09-07 23:01:12.508
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-09-07 23:01:12.047
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-09-07 23:01:11.548
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-09-07 23:01:11.085
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-09-07 23:01:10.595
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-03-14 18:56:31.547
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Microsoft Security Client\Drivers\Backup\NisDrv\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-03-14 18:56:31.155
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Microsoft Security Client\Drivers\Backup\NisDrv\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-03-14 18:56:30.751
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Microsoft Security Client\Drivers\Backup\NisDrv\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-03-14 18:56:30.355
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Microsoft Security Client\Drivers\Backup\NisDrv\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.
 
 
=========================== Installed Programs ============================
 
7-Zip 9.20
ActiveCheck component for HP Active Support Library (Version: 3.0.0.2)
Adobe AIR (Version: 3.1.0.4880)
Adobe Community Help (Version: 3.4.980)
Adobe Content Viewer (Version: 1.4.0)
Adobe Flash Player 10 ActiveX (Version: 10.3.183.10)
Adobe Flash Player 10 Plugin (Version: 10.3.183.7)
Adobe Reader X (10.1.6) (Version: 10.1.6)
Apple Application Support (Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (Version: 2.1.3.127)
Bonjour (Version: 3.0.0.10)
CCleaner (Version: 3.12)
Conexant HD Audio (Version: 4.36.7.61)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Defraggler (Version: 2.15)
ESU for Microsoft Vista (Version: 2.0.5.1)
Google Chrome (Version: 30.0.1599.66)
Google Talk Plugin (Version: 3.8.1.9672)
HDAUDIO Soft Data Fax Modem with SmartCP
HP Active Support Library (Version: 3.1.9.1)
HP Active Support Library 32 bit components (Version: 1.0.9)
HP Doc Viewer (Version: 1.01.0005)
HP Help and Support (Version: 1.1.0)
HP MediaSmart Webcam (Version: 2.1.1208)
HP Photosmart Essential 2.0 (Version: 2.0)
HP Photosmart Essential2.5 (Version: 1.00.0000)
HP Quick Launch Buttons (Version: 6.50.14.1)
HP Update (Version: 5.002.008.001)
HP User Guides 0057 (Version: 1.03.0000)
HP Wireless Assistant (Version: 3.00 H3)
HPAsset component for HP Active Support Library (Version: 3.0.1.0)
HPNetworkAssistant (Version: 1.1.70)
iTunes (Version: 11.1.0.126)
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
LightScribe  1.6.43.1 (Version: 1.6.43.1)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Professional 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Single Image 2010 (Version: 14.0.7015.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Security Client (Version: 4.3.0216.0)
Microsoft Security Essentials (Version: 4.3.216.0)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
MSCU for Microsoft Vista (Version: 1.0.1.3)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NVIDIA Drivers (Version: 1.4)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
PSSWCORE (Version: 2.00.5000)
QuickTime (Version: 7.72.80.56)
Rhapsody Player Engine (Version: 1.0.604)
Roxio Activation Module (Version: 1.0)
Segoe UI (Version: 15.4.2271.0615)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
SmartAudio
Synaptics Pointing Device Driver (Version: 15.3.29.0)
Update for Microsoft .NET Framework 3.5 SP1 (KB2836940) (Version: 1)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (Version: 1)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553157) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589370) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760758) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
VLC media player 2.0.5 (Version: 2.0.5)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Xvid Video Codec (Version: 1.3.2)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 63%
Total physical RAM: 958.18 MB
Available physical RAM: 345.2 MB
Total Pagefile: 2560.55 MB
Available Pagefile: 1472.4 MB
Total Virtual: 2047.88 MB
Available Virtual: 1946.21 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:140.62 GB) (Free:78.93 GB) NTFS
2 Drive d: (HP_RECOVERY) (Fixed) (Total:7.36 GB) (Free:0.44 GB) NTFS
3 Drive e: () (Fixed) (Total:1.07 GB) (Free:0.74 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\MIKE-PC
 
Administrator            Guest                    Kathy                    
 
 
**** End of log ****
 
 
 
 
 
 
 
 
21:29:02.0855 0x0f14  TDSS rootkit removing tool 3.0.0.11 Sep 30 2013 09:17:03
21:29:03.0340 0x0f14  ============================================================
21:29:03.0340 0x0f14  Current date / time: 2013/10/03 21:29:03.0340
21:29:03.0340 0x0f14  SystemInfo:
21:29:03.0340 0x0f14  
21:29:03.0340 0x0f14  OS Version: 6.0.6002 ServicePack: 2.0
21:29:03.0340 0x0f14  Product type: Workstation
21:29:03.0340 0x0f14  ComputerName: MIKE-PC
21:29:03.0341 0x0f14  UserName: Kathy
21:29:03.0341 0x0f14  Windows directory: C:\Windows
21:29:03.0341 0x0f14  System windows directory: C:\Windows
21:29:03.0341 0x0f14  Processor architecture: Intel x86
21:29:03.0341 0x0f14  Number of processors: 2
21:29:03.0341 0x0f14  Page size: 0x1000
21:29:03.0341 0x0f14  Boot type: Normal boot
21:29:03.0341 0x0f14  ============================================================
21:29:10.0390 0x0f14  System UUID: {B71495C2-E1DB-6DE4-1784-FDCA55C25DAB}
21:29:13.0362 0x0f14  Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
21:29:13.0413 0x0f14  ============================================================
21:29:13.0413 0x0f14  \Device\Harddisk0\DR0:
21:29:13.0413 0x0f14  MBR partitions:
21:29:13.0413 0x0f14  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1193E536
21:29:13.0413 0x0f14  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1193E575, BlocksNum 0xEB7D4C
21:29:13.0413 0x0f14  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x127F6800, BlocksNum 0x222800
21:29:13.0413 0x0f14  ============================================================
21:29:13.0442 0x0f14  C: <-> \Device\Harddisk0\DR0\Partition1
21:29:13.0553 0x0f14  D: <-> \Device\Harddisk0\DR0\Partition2
21:29:13.0627 0x0f14  E: <-> \Device\Harddisk0\DR0\Partition3
21:29:13.0627 0x0f14  ============================================================
21:29:13.0627 0x0f14  Initialize success
21:29:13.0627 0x0f14  ============================================================
21:29:51.0004 0x0a7c  ============================================================
21:29:51.0004 0x0a7c  Scan started
21:29:51.0004 0x0a7c  Mode: Manual; 
21:29:51.0004 0x0a7c  ============================================================
21:29:51.0004 0x0a7c  KSN ping started
21:30:07.0304 0x0a7c  KSN ping finished: true
21:30:08.0017 0x0a7c  ================ Scan system memory ========================
21:30:08.0017 0x0a7c  System memory - ok
21:30:08.0017 0x0a7c  ================ Scan services =============================
21:30:08.0230 0x0a7c  [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI            C:\Windows\system32\drivers\acpi.sys
21:30:08.0242 0x0a7c  ACPI - ok
21:30:08.0354 0x0a7c  [ 3927397AC60D943DAF8808AFFED582B7, 2688254085C219E8CA9C5494ABDAD8FAE52533CEF7FA3C152715E0B78D591BCF ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
21:30:08.0366 0x0a7c  AdobeARMservice - ok
21:30:08.0471 0x0a7c  [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB, 0342700760874683A6DF4F149DACACEF0569D40C45FC5958C67100B3C5D9BBBC ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
21:30:08.0516 0x0a7c  adp94xx - ok
21:30:08.0548 0x0a7c  [ B84088CA3CDCA97DA44A984C6CE1CCAD, 87009809FB101BF51483FA32318CBCD209386582880C82417BE4FFAD1B04C8C1 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
21:30:08.0560 0x0a7c  adpahci - ok
21:30:08.0585 0x0a7c  [ 7880C67BCCC27C86FD05AA2AFB5EA469, C8B06E203EEA6EAD19651F212432005ABADFF21E2AA5699E34040527394F2677 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
21:30:08.0600 0x0a7c  adpu160m - ok
21:30:08.0642 0x0a7c  [ 9AE713F8E30EFC2ABCCD84904333DF4D, B0C7801AC6E0811C38F0474703F34283914C8873D851F59EE232834F7C0D8087 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
21:30:08.0660 0x0a7c  adpu320 - ok
21:30:08.0706 0x0a7c  [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
21:30:08.0708 0x0a7c  AeLookupSvc - ok
21:30:08.0760 0x0a7c  [ 3911B972B55FEA0478476B2E777B29FA, 62545B90C7DD3F73777E62CD8264E611A4D71B6956CABFD2D820D25F41F471FD ] AFD             C:\Windows\system32\drivers\afd.sys
21:30:08.0800 0x0a7c  AFD - ok
21:30:08.0885 0x0a7c  [ EF23439CDD587F64C2C1B8825CEAD7D8, 762665CFC202B3E16CA2338887896FDF996331A363DC709F1EC088BF927133A3 ] agp440          C:\Windows\system32\drivers\agp440.sys
21:30:08.0888 0x0a7c  agp440 - ok
21:30:08.0940 0x0a7c  [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
21:30:08.0950 0x0a7c  aic78xx - ok
21:30:08.0981 0x0a7c  [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG             C:\Windows\System32\alg.exe
21:30:08.0984 0x0a7c  ALG - ok
21:30:09.0001 0x0a7c  [ 90395B64600EBB4552E26E178C94B2E4, 73095893964DC7915983B58A567184FC51949C99341E7E0D04D70CC4C4F95E37 ] aliide          C:\Windows\system32\drivers\aliide.sys
21:30:09.0003 0x0a7c  aliide - ok
21:30:09.0028 0x0a7c  [ 2B13E304C9DFDFA5EB582F6A149FA2C7, 196CCE13E0376526B79D9C43D4071990576C4DD210A48E9E922B438AA11C95E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
21:30:09.0040 0x0a7c  amdagp - ok
21:30:09.0060 0x0a7c  [ 0577DF1D323FE75A739C787893D300EA, 079EF3CA18FB847DB7E62929071BFF007FAF390E1DBF4C59F28DAAC6B9C2DE51 ] amdide          C:\Windows\system32\drivers\amdide.sys
21:30:09.0062 0x0a7c  amdide - ok
21:30:09.0137 0x0a7c  [ DC487885BCEF9F28EECE6FAC0E5DDFC5, 24A62F6E628AD46273BC226F7BC3453A9C7B76F81ABB9FB801EBEFADB2AB7C9B ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
21:30:09.0161 0x0a7c  AmdK7 - ok
21:30:09.0243 0x0a7c  [ 93AE7F7DD54AB986A6F1A1B37BE7442D, ECE0ABA2DECEED94AC678240A4B604F04022F0740F2295CBD07D25F5917E878A ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
21:30:09.0266 0x0a7c  AmdK8 - ok
21:30:09.0313 0x0a7c  [ C6D704C7F0434DC791AAC37CAC4B6E14, 35CF7D1895F97637E0C678A39F3049B871BCA9526D379C7793ED33B87D2EAC4C ] Appinfo         C:\Windows\System32\appinfo.dll
21:30:09.0315 0x0a7c  Appinfo - ok
21:30:09.0381 0x0a7c  [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:30:09.0385 0x0a7c  Apple Mobile Device - ok
21:30:09.0415 0x0a7c  [ 5F673180268BB1FDB69C99B6619FE379, C4307A861163F96648109046A6C7D53AB1C9B10D0B841DD1A7D147D22F462649 ] arc             C:\Windows\system32\drivers\arc.sys
21:30:09.0419 0x0a7c  arc - ok
21:30:09.0437 0x0a7c  [ 957F7540B5E7F602E44648C7DE5A1C05, F03C7708A6C9D2579ECE5A7413AFA068E1067D7191EC653A78BA4FEDE76CFBD8 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
21:30:09.0441 0x0a7c  arcsas - ok
21:30:09.0587 0x0a7c  [ 776ACEFA0CA9DF0FAA51A5FB2F435705, 72DF7ED6B085BC468994F5B3189506FD726A9A17A9C42ACA1E420D787691361D ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
21:30:09.0660 0x0a7c  aspnet_state - ok
21:30:09.0686 0x0a7c  [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
21:30:09.0688 0x0a7c  AsyncMac - ok
21:30:09.0713 0x0a7c  [ 1F05B78AB91C9075565A9D8A4B880BC4, 737BE9F9376DAB0CCDFED93EA6D67F0C432367EA63CD772A453485BE769AF3BD ] atapi           C:\Windows\system32\drivers\atapi.sys
21:30:09.0714 0x0a7c  atapi - ok
21:30:09.0762 0x0a7c  [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:30:09.0775 0x0a7c  AudioEndpointBuilder - ok
21:30:09.0793 0x0a7c  [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
21:30:09.0803 0x0a7c  Audiosrv - ok
21:30:09.0964 0x0a7c  [ 34A0A6386256080F52C74076C6157026, F3B7753958C4F990DA0619EA1095C0531D996593FDBB364E915FBBC7B53B8EE1 ] BCM43XV         C:\Windows\system32\DRIVERS\bcmwl6.sys
21:30:10.0041 0x0a7c  BCM43XV - ok
21:30:10.0175 0x0a7c  [ 34A0A6386256080F52C74076C6157026, F3B7753958C4F990DA0619EA1095C0531D996593FDBB364E915FBBC7B53B8EE1 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl6.sys
21:30:10.0213 0x0a7c  BCM43XX - ok
21:30:10.0298 0x0a7c  [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep            C:\Windows\system32\drivers\Beep.sys
21:30:10.0306 0x0a7c  Beep - ok
21:30:10.0364 0x0a7c  [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] BFE             C:\Windows\System32\bfe.dll
21:30:10.0386 0x0a7c  BFE - ok
21:30:10.0464 0x0a7c  [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] BITS            C:\Windows\System32\qmgr.dll
21:30:10.0509 0x0a7c  BITS - ok
21:30:10.0522 0x0a7c  blbdrive - ok
21:30:10.0623 0x0a7c  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:30:10.0667 0x0a7c  Bonjour Service - ok
21:30:10.0730 0x0a7c  [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
21:30:10.0734 0x0a7c  bowser - ok
21:30:10.0815 0x0a7c  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
21:30:10.0817 0x0a7c  BrFiltLo - ok
21:30:10.0829 0x0a7c  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
21:30:10.0831 0x0a7c  BrFiltUp - ok
21:30:10.0870 0x0a7c  [ B1564976D98E91FC764D5DC28A0297DA, 1BDF7FAAEFA097D46BBBE1FFF255C73AB3D9469E83DFCBD720ADB48C571C1363 ] Bridge          C:\Windows\system32\DRIVERS\bridge.sys
21:30:10.0875 0x0a7c  Bridge - ok
21:30:10.0885 0x0a7c  [ B1564976D98E91FC764D5DC28A0297DA, 1BDF7FAAEFA097D46BBBE1FFF255C73AB3D9469E83DFCBD720ADB48C571C1363 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
21:30:10.0888 0x0a7c  BridgeMP - ok
21:30:10.0958 0x0a7c  [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser         C:\Windows\System32\browser.dll
21:30:10.0988 0x0a7c  Browser - ok
21:30:11.0142 0x0a7c  [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid         C:\Windows\system32\DRIVERS\BrSerId.sys
21:30:11.0146 0x0a7c  Brserid - ok
21:30:11.0169 0x0a7c  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
21:30:11.0179 0x0a7c  BrSerWdm - ok
21:30:11.0231 0x0a7c  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
21:30:11.0247 0x0a7c  BrUsbMdm - ok
21:30:11.0270 0x0a7c  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\system32\DRIVERS\BrUsbSer.sys
21:30:11.0272 0x0a7c  BrUsbSer - ok
21:30:11.0323 0x0a7c  [ AD07C1EC6665B8B35741AB91200C6B68, DCE1305A30D6713222A01C1F1D03ED0ADABE23C742CE1E82BB142531B82A3FF7 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
21:30:11.0342 0x0a7c  BTHMODEM - ok
21:30:11.0398 0x0a7c  [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
21:30:11.0402 0x0a7c  cdfs - ok
21:30:11.0444 0x0a7c  [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
21:30:11.0448 0x0a7c  cdrom - ok
21:30:11.0524 0x0a7c  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc     C:\Windows\System32\certprop.dll
21:30:11.0527 0x0a7c  CertPropSvc - ok
21:30:11.0577 0x0a7c  [ DA8E0AFC7BAA226C538EF53AC2F90897, 2BBB9966671A3B8325D215DBC29FBD7D912C13ADC562A0D4521D1FF9A6F445C0 ] circlass        C:\Windows\system32\drivers\circlass.sys
21:30:11.0579 0x0a7c  circlass - ok
21:30:11.0644 0x0a7c  [ D7659D3B5B92C31E84E53C1431F35132, 6BFE644AD9890A8CEEDCC4B97ADD564AD57202FBC5D21599469E0C4B31BB27C6 ] CLFS            C:\Windows\system32\CLFS.sys
21:30:11.0655 0x0a7c  CLFS - ok
21:30:11.0755 0x0a7c  [ 8EE772032E2FE80A924F3B8DD5082194, B743DF91563A22CC15D9B44105804B5866A29D3DFC156DBE88DFAFEF903B94C0 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:30:11.0771 0x0a7c  clr_optimization_v2.0.50727_32 - ok
21:30:11.0799 0x0a7c  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:30:11.0948 0x0a7c  clr_optimization_v4.0.30319_32 - ok
21:30:11.0975 0x0a7c  [ 99AFC3795B58CC478FBBBCDC658FCB56, 0D1B27C42A058C5D56A0157B5ECA9A054254F6B9C8015D0321021A7EFCE10CE2 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
21:30:11.0977 0x0a7c  CmBatt - ok
21:30:12.0009 0x0a7c  [ 45201046C776FFDAF3FC8A0029C581C8, 68A68CF2B76598BC8610EB5B2D3FD5BDC9D51CFC6F51FB7A0B0C92A2BE910FC6 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
21:30:12.0011 0x0a7c  cmdide - ok
21:30:12.0073 0x0a7c  [ B6E7991E3D6146C04C85CD31AF22A381, 808393C7C5E59F273D03C62745A2AF759F588C102EDB6A2B8DD94C9A6AAF3F10 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT32.sys
21:30:12.0082 0x0a7c  CnxtHdAudService - ok
21:30:12.0175 0x0a7c  [ C7A0E61D5714AC20DE52D4F66EC773B8, 53F0C91FD62E6787221EFB4BFDB087C2087CACD6B0C0605F58FC391F546EBA7A ] Com4QLBEx       C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
21:30:12.0185 0x0a7c  Com4QLBEx - ok
21:30:12.0253 0x0a7c  [ 6AFEF0B60FA25DE07C0968983EE4F60A, E4037EF9EDE57A1039AB814EBCE9A8B12C9A084E7FAC6296212ACF2394DD37B6 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
21:30:12.0255 0x0a7c  Compbatt - ok
21:30:12.0279 0x0a7c  COMSysApp - ok
21:30:12.0312 0x0a7c  [ 2A213AE086BBEC5E937553C7D9A2B22C, 1F91ACC0426E0ED1717555B282F65629EF15021375B24A63C29C89ADE916EE2A ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
21:30:12.0314 0x0a7c  crcdisk - ok
21:30:12.0334 0x0a7c  [ 22A7F883508176489F559EE745B5BF5D, D6341E3FBC8A46D2D1F0477FA60EC4828B585D35B14609CD02868FD04ECD14DB ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
21:30:12.0337 0x0a7c  Crusoe - ok
21:30:12.0388 0x0a7c  [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
21:30:12.0394 0x0a7c  CryptSvc - ok
21:30:12.0459 0x0a7c  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] DcomLaunch      C:\Windows\system32\rpcss.dll
21:30:12.0492 0x0a7c  DcomLaunch - ok
21:30:12.0524 0x0a7c  [ 622C41A07CA7E6DD91770F50D532CB6C, 2A9040949CB45F9970FDE930278F30D2F08E957290CB3D4DC4F2CA94F3D444D2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
21:30:12.0528 0x0a7c  DfsC - ok
21:30:12.0708 0x0a7c  [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR            C:\Windows\system32\DFSR.exe
21:30:12.0819 0x0a7c  DFSR - ok
21:30:12.0934 0x0a7c  [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
21:30:12.0943 0x0a7c  Dhcp - ok
21:30:12.0981 0x0a7c  [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk            C:\Windows\system32\drivers\disk.sys
21:30:12.0984 0x0a7c  disk - ok
21:30:13.0030 0x0a7c  [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache        C:\Windows\System32\dnsrslvr.dll
21:30:13.0055 0x0a7c  Dnscache - ok
21:30:13.0186 0x0a7c  [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc         C:\Windows\System32\dot3svc.dll
21:30:13.0227 0x0a7c  dot3svc - ok
21:30:13.0270 0x0a7c  [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS             C:\Windows\system32\dps.dll
21:30:13.0277 0x0a7c  DPS - ok
21:30:13.0289 0x0a7c  [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
21:30:13.0304 0x0a7c  drmkaud - ok
21:30:13.0408 0x0a7c  [ 5DE0FAEC9E5D1AAE74F8568897891A01, 72E57A7F3591C8ABD3C4DF9842A661049A9B6883A534630EF460D60ACFAA4C9C ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
21:30:13.0452 0x0a7c  DXGKrnl - ok
21:30:13.0512 0x0a7c  [ C0B00E55CF82D122D25983C7A6A53DEA, 88C7A1A4907DD03F025A0E523887ADBDEB5AE0AFF7CD726FE00CDD0380BA93D7 ] E100B           C:\Windows\system32\DRIVERS\e100b325.sys
21:30:13.0535 0x0a7c  E100B - ok
21:30:13.0567 0x0a7c  [ F88FB26547FD2CE6D0A5AF2985892C48, F02E06E16830F5D3FAF61991F5A91E54BB3461F58AFE3BFB7A9066CD302B879F ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
21:30:13.0573 0x0a7c  E1G60 - ok
21:30:13.0669 0x0a7c  [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost         C:\Windows\System32\eapsvc.dll
21:30:13.0673 0x0a7c  EapHost - ok
21:30:13.0735 0x0a7c  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371, F3E9CF5D8E9124CB06F08454C5F0E510DE19A92780151FB2F8A58A0905D59B8F ] Ecache          C:\Windows\system32\drivers\ecache.sys
21:30:13.0741 0x0a7c  Ecache - ok
21:30:13.0837 0x0a7c  [ 9BE3744D295A7701EB425332014F0797, 1A139EE9232581E466591C5EBEF41E4BF1F82D99C1959F1C68C879B240E9F46D ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
21:30:13.0849 0x0a7c  ehRecvr - ok
21:30:13.0888 0x0a7c  [ AD1870C8E5D6DD340C829E6074BF3C3F, 064D07106A1BBE80294F1913354832F2B67D22274BB4D36C81D2D83C96FE0B88 ] ehSched         C:\Windows\ehome\ehsched.exe
21:30:13.0894 0x0a7c  ehSched - ok
21:30:13.0948 0x0a7c  [ C27C4EE8926E74AA72EFCAB24C5242C3, F1EBF78CCE9BA76AFD0478BC66B67CA44DEAF3C380369BFCE91BD8F678C8608A ] ehstart         C:\Windows\ehome\ehstart.dll
21:30:13.0950 0x0a7c  ehstart - ok
21:30:13.0999 0x0a7c  [ E8F3F21A71720C84BCF423B80028359F, 63114E6120F634224A0E83A5047B37C7D6F26CF99FE3C01CFC0AB8B1763BB084 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
21:30:14.0022 0x0a7c  elxstor - ok
21:30:14.0086 0x0a7c  [ 4E6B23DFC917EA39306B529B773950F4, C4BA77632B4BD46C4C1797F7F57399DB506D3EB6E5A0A36C269A793DAA3445C2 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
21:30:14.0119 0x0a7c  EMDMgmt - ok
21:30:14.0175 0x0a7c  [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem     C:\Windows\system32\es.dll
21:30:14.0186 0x0a7c  EventSystem - ok
21:30:14.0273 0x0a7c  [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat           C:\Windows\system32\drivers\exfat.sys
21:30:14.0280 0x0a7c  exfat - ok
21:30:14.0316 0x0a7c  [ 1E9B9A70D332103C52995E957DC09EF8, 7E709D545D4025A2E9F3489CF2A231040904CB53E3E4EEAC15A22468FAB2A5B3 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
21:30:14.0322 0x0a7c  fastfat - ok
21:30:14.0391 0x0a7c  [ 63BDADA84951B9C03E641800E176898A, AD3EA20CAD0E0C438422D5D39AEA9E0AAD9E1DC866A696AE503C76F5FAC4BE6E ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
21:30:14.0401 0x0a7c  fdc - ok
21:30:14.0453 0x0a7c  [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost         C:\Windows\system32\fdPHost.dll
21:30:14.0456 0x0a7c  fdPHost - ok
21:30:14.0509 0x0a7c  [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub        C:\Windows\system32\fdrespub.dll
21:30:14.0512 0x0a7c  FDResPub - ok
21:30:14.0544 0x0a7c  [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
21:30:14.0557 0x0a7c  FileInfo - ok
21:30:14.0583 0x0a7c  [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
21:30:14.0586 0x0a7c  Filetrace - ok
21:30:14.0644 0x0a7c  [ 6603957EFF5EC62D25075EA8AC27DE68, B52D112301A6BFBD60959D7D2502AB2E1EB6BB7F5DCED46899F1F006C7F1E887 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
21:30:14.0653 0x0a7c  flpydisk - ok
21:30:14.0707 0x0a7c  [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
21:30:14.0716 0x0a7c  FltMgr - ok
21:30:14.0802 0x0a7c  [ 119ACA7CADCA75BEA6B38E999443BAA6, 82A2C47AD4262E85AE9E8DAC22F4E4D31115E649DA28BFA5B7C64CD9BD3F7D39 ] FontCache       C:\Windows\system32\FntCache.dll
21:30:14.0847 0x0a7c  FontCache - ok
21:30:14.0918 0x0a7c  [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
21:30:14.0957 0x0a7c  FontCache3.0.0.0 - ok
21:30:14.0989 0x0a7c  [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
21:30:14.0991 0x0a7c  Fs_Rec - ok
21:30:15.0020 0x0a7c  [ 4E1CD0A45C50A8882616CAE5BF82F3C5, 1B909AF150F7119A5685999451A85012F4A92F15F38390A281EA507E2D247BAE ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
21:30:15.0023 0x0a7c  gagp30kx - ok
21:30:15.0111 0x0a7c  [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:30:15.0162 0x0a7c  GEARAspiWDM - ok
21:30:15.0223 0x0a7c  [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] gpsvc           C:\Windows\System32\gpsvc.dll
21:30:15.0256 0x0a7c  gpsvc - ok
21:30:15.0295 0x0a7c  [ 93AEE3434935FC2F805FEFD8DC5ED1B4, EF4A76725B76FFB9EA14E6274A1FDE8482DA907A9B967E3D7EDD365BF132AD42 ] HBtnKey         C:\Windows\system32\DRIVERS\cpqbttn.sys
21:30:15.0297 0x0a7c  HBtnKey - ok
21:30:15.0340 0x0a7c  [ A08F4808FB19A40792A6056848187AFE, 3988DC8A995E11531EDD32A8816E0CC215EF60111AC4C05AA087472E620D8D68 ] HdAudAddService C:\Windows\system32\drivers\CHDART.sys
21:30:15.0353 0x0a7c  HdAudAddService - ok
21:30:15.0412 0x0a7c  [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
21:30:15.0446 0x0a7c  HDAudBus - ok
21:30:15.0509 0x0a7c  [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth          C:\Windows\system32\drivers\hidbth.sys
21:30:15.0511 0x0a7c  HidBth - ok
21:30:15.0543 0x0a7c  [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058E74A871E0BAD4A ] HidIr           C:\Windows\system32\drivers\hidir.sys
21:30:15.0546 0x0a7c  HidIr - ok
21:30:15.0573 0x0a7c  [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv         C:\Windows\system32\hidserv.dll
21:30:15.0576 0x0a7c  hidserv - ok
21:30:15.0601 0x0a7c  [ CCA4B519B17E23A00B826C55716809CC, 91AD0758A6185B0FBBE383BDB1B457FFB850477AFF8DE040DE9527A97D28EF62 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
21:30:15.0613 0x0a7c  HidUsb - ok
21:30:15.0645 0x0a7c  [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc          C:\Windows\system32\kmsvc.dll
21:30:15.0650 0x0a7c  hkmsvc - ok
21:30:15.0700 0x0a7c  [ A19B0BB5A7EB6DF2DD4A0711D36955EE, 307648CAFB3DDCD76FD730CA623945ED71D4276715A38D8CBB203C157C45F691 ] HP Health Check Service c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
21:30:15.0724 0x0a7c  HP Health Check Service - ok
21:30:15.0769 0x0a7c  [ DF353B401001246853763C4B7AAA6F50, 05C043493BDD99DEFBB0F5C3D8C475B06C2BF5629565ACF6F3B754002519B836 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
21:30:15.0772 0x0a7c  HpCISSs - ok
21:30:15.0799 0x0a7c  [ 1210960FF8928950D2A786895B0C424A, 22C8785E024CFDD3A43FAEAAA96B8332C37E9B6C765AB7AFBCD3DAA2DC9EFFC7 ] HpqKbFiltr      C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
21:30:15.0801 0x0a7c  HpqKbFiltr - ok
21:30:15.0842 0x0a7c  [ 04C1DCBB226C6AE647B794833CE3CEB6, 7C89908766962169FA877D1A78C3628EDBAE2B25A3BBEE6DBB1D19C272A428D0 ] hpqwmiex        C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
21:30:15.0848 0x0a7c  hpqwmiex - ok
21:30:15.0904 0x0a7c  [ 46D67209550973257601A533E2AC5785, 3C0D97781947BA8532344AA5D9F3B684761B5B3263A0A294F4593E76EE41DB0C ] HSFHWAZL        C:\Windows\system32\DRIVERS\VSTAZL3.SYS
21:30:15.0949 0x0a7c  HSFHWAZL - ok
21:30:16.0024 0x0a7c  [ 1882827F41DEE51C70E24C567C35BFB5, C3508BDB045F0CB2205733D9F0CF7A2BEE03C4E4A8690B7D305EBEE887E588C6 ] HSF_DPV         C:\Windows\system32\DRIVERS\HSX_DPV.sys
21:30:16.0079 0x0a7c  HSF_DPV - ok
21:30:16.0150 0x0a7c  [ A44DDF3BA83E4664BF4DE9220097578C, 1EF22D06F6954F8E46241E8D7F231DC4BC2F78D898A9515D95BDEB4A0D372194 ] HSXHWAZL        C:\Windows\system32\DRIVERS\HSXHWAZL.sys
21:30:16.0174 0x0a7c  HSXHWAZL - ok
21:30:16.0254 0x0a7c  [ F870AA3E254628EBEAFE754108D664DE, B0444E7D246AA1982094030ACB991690F6A7DD3FB07B1BB6A1BC0F3AA9718A70 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
21:30:16.0276 0x0a7c  HTTP - ok
21:30:16.0338 0x0a7c  [ 324C2152FF2C61ABAE92D09F3CCA4D63, 2D09964C8003277F7DB1FFAA0DAEF15B205F3C4100FF601950BC9E544DC0B91F ] i2omp           C:\Windows\system32\drivers\i2omp.sys
21:30:16.0341 0x0a7c  i2omp - ok
21:30:16.0403 0x0a7c  [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
21:30:16.0652 0x0a7c  i8042prt - ok
21:30:16.0784 0x0a7c  [ 496DB78E6A0C4C44023D9A92B4A7AC31, 2B44213C39F05090D2057E3A21C1718DFC4478E976D44255B6FA5C3B8CF20FFF ] ialm            C:\Windows\system32\DRIVERS\igdkmd32.sys
21:30:16.0871 0x0a7c  ialm - ok
21:30:16.0978 0x0a7c  [ C957BF4B5D80B46C5017BF0101E6C906, 6B9186335E50E7E0DBAF574A224E524EC526B57AA02F509E4A8D0F905C9CE880 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
21:30:17.0103 0x0a7c  iaStorV - ok
21:30:17.0238 0x0a7c  [ 6F95324909B502E2651442C1548AB12F, FF1B104990FE186C6100ED229A45345FF695323AC778688EC11AA8F5A87B141E ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
21:30:17.0242 0x0a7c  IDriverT - ok
21:30:17.0354 0x0a7c  [ 98477B08E61945F974ED9FDC4CB6BDAB, C7E8F661F6FBF6AB493E950D2E70363496E155B1838CE7B490B981BD840B04FC ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:30:17.0410 0x0a7c  idsvc - ok
21:30:17.0446 0x0a7c  [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp           C:\Windows\system32\drivers\iirsp.sys
21:30:17.0449 0x0a7c  iirsp - ok
21:30:17.0509 0x0a7c  [ 9908D8A397B76CD8D31D0D383C5773C9, FFA6996BE9F11A81CB63C849C2400EB44A07706D1EEB7A3502D4110DAC3684A2 ] IKEEXT          C:\Windows\System32\ikeext.dll
21:30:17.0543 0x0a7c  IKEEXT - ok
21:30:17.0567 0x0a7c  [ 97469037714070E45194ED318D636401, DDB5AE39BE0BD37ECB44969A5FA740E5B1169342347D0DB3E5DF0353A6708271 ] intelide        C:\Windows\system32\drivers\intelide.sys
21:30:17.0569 0x0a7c  intelide - ok
21:30:17.0592 0x0a7c  [ CE44CC04262F28216DD4341E9E36A16F, 2B316C4124DCFEAD7838B3D8FB8DBEC3F3B1EA8EA612AABB05B1275D0B230CCD ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
21:30:17.0595 0x0a7c  intelppm - ok
21:30:17.0633 0x0a7c  [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
21:30:17.0638 0x0a7c  IPBusEnum - ok
21:30:17.0704 0x0a7c  [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:30:17.0707 0x0a7c  IpFilterDriver - ok
21:30:17.0764 0x0a7c  [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
21:30:17.0773 0x0a7c  iphlpsvc - ok
21:30:17.0782 0x0a7c  IpInIp - ok
21:30:17.0804 0x0a7c  [ 40F34F8ABA2A015D780E4B09138B6C17, 22F86888C6B4F76836E863A90730D8F0DBD518305D87A399A159387E79E9D2F7 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
21:30:17.0807 0x0a7c  IPMIDRV - ok
21:30:17.0849 0x0a7c  [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
21:30:17.0854 0x0a7c  IPNAT - ok
21:30:17.0916 0x0a7c  [ C00149A7027081539A66DC5A46695EAD, 51F01CD6B37BA52B3D4DC9CAE3A9FBDDB2FA6FB6A9E779C9157BB056CEC3BEC9 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
21:30:17.0950 0x0a7c  iPod Service - ok
21:30:17.0981 0x0a7c  [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
21:30:17.0984 0x0a7c  IRENUM - ok
21:30:18.0016 0x0a7c  [ 350FCA7E73CF65BCEF43FAE1E4E91293, 68403FE3F4DC40919CD26A2CC42BE4386AE6874F47DD382348FFD79080721A13 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
21:30:18.0019 0x0a7c  isapnp - ok
21:30:18.0066 0x0a7c  [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
21:30:18.0088 0x0a7c  iScsiPrt - ok
21:30:18.0133 0x0a7c  [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
21:30:18.0136 0x0a7c  iteatapi - ok
21:30:18.0157 0x0a7c  [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
21:30:18.0160 0x0a7c  iteraid - ok
21:30:18.0192 0x0a7c  [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
21:30:18.0195 0x0a7c  kbdclass - ok
21:30:18.0260 0x0a7c  [ EDE59EC70E25C24581ADD1FBEC7325F7, 41B37778E9A12675FC0DF74606AAF18C652EB88513B3C4889C5C512E14587CEE ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
21:30:18.0262 0x0a7c  kbdhid - ok
21:30:18.0293 0x0a7c  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] KeyIso          C:\Windows\system32\lsass.exe
21:30:18.0295 0x0a7c  KeyIso - ok
21:30:18.0351 0x0a7c  [ 4A1445EFA932A3BAF5BDB02D7131EE20, 9DD262ED72DF268FE024063788F54124E320D0775D8DC0C5CAD099CD5F655DA2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
21:30:18.0385 0x0a7c  KSecDD - ok
21:30:18.0438 0x0a7c  [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm           C:\Windows\system32\msdtckrm.dll
21:30:18.0460 0x0a7c  KtmRm - ok
21:30:18.0496 0x0a7c  [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer    C:\Windows\system32\srvsvc.dll
21:30:18.0504 0x0a7c  LanmanServer - ok
21:30:18.0577 0x0a7c  [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:30:18.0600 0x0a7c  LanmanWorkstation - ok
21:30:18.0671 0x0a7c  [ 31D8B705DCD5F2366186E731F87C7A71, D73DC732EF74C3C0EADD650B65BC6EEB44EA2C4E86BFD5BE989971A34FBA160A ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
21:30:18.0697 0x0a7c  LightScribeService - ok
21:30:18.0741 0x0a7c  [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
21:30:18.0745 0x0a7c  lltdio - ok
21:30:18.0797 0x0a7c  [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
21:30:18.0806 0x0a7c  lltdsvc - ok
21:30:18.0837 0x0a7c  [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts         C:\Windows\System32\lmhsvc.dll
21:30:18.0840 0x0a7c  lmhosts - ok
21:30:18.0907 0x0a7c  [ A2262FB9F28935E862B4DB46438C80D2, 792684A68726BC007ACABB584682FDF4F059AE60888FB5B47ED68A97EA0BB5E6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
21:30:18.0911 0x0a7c  LSI_FC - ok
21:30:18.0960 0x0a7c  [ 30D73327D390F72A62F32C103DAF1D6D, 7BB5BFB0DCF33AF9907539B52DF7BA1943C1E75A17715B58DBC702ACA6D406EA ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
21:30:18.0964 0x0a7c  LSI_SAS - ok
21:30:18.0998 0x0a7c  [ E1E36FEFD45849A95F1AB81DE0159FE3, DA02B23A881D156A02D3874B41E6D042F84AD558B434280A6A6AC6B619668647 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
21:30:19.0002 0x0a7c  LSI_SCSI - ok
21:30:19.0027 0x0a7c  [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv           C:\Windows\system32\drivers\luafv.sys
21:30:19.0031 0x0a7c  luafv - ok
21:30:19.0054 0x0a7c  [ 4470E3C1E0C3378E4CAB137893C12C3A, CA8E66356F0E671D5454E561E7EAD74DE25DCF53BE452369F96ECACFA8709489 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
21:30:19.0056 0x0a7c  MBAMProtector - ok
21:30:19.0138 0x0a7c  [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler   C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
21:30:19.0173 0x0a7c  MBAMScheduler - ok
21:30:19.0244 0x0a7c  [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService     C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
21:30:19.0289 0x0a7c  MBAMService - ok
21:30:19.0323 0x0a7c  [ AEF9BABB8A506BC4CE0451A64AADED46, D5608A703EA7E97F11ED4D029B4B820440B0C9317DB7D7DC0152253CD723DC07 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
21:30:19.0327 0x0a7c  Mcx2Svc - ok
21:30:19.0363 0x0a7c  [ 0CEA2D0D3FA284B85ED5B68365114F76, E6FF0EC98FDC3F628438B613C356C237E68686E3B5B17A58A60C16F4B9A2B968 ] mdmxsdk         C:\Windows\system32\DRIVERS\mdmxsdk.sys
21:30:19.0365 0x0a7c  mdmxsdk - ok
21:30:19.0420 0x0a7c  [ D153B14FC6598EAE8422A2037553ADCE, D5408B07B6EBA0146A605F11106497DC3DF8EC72E0DCC44BE1366A2A58ABE478 ] megasas         C:\Windows\system32\drivers\megasas.sys
21:30:19.0423 0x0a7c  megasas - ok
21:30:19.0440 0x0a7c  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS           C:\Windows\system32\mmcss.dll
21:30:19.0444 0x0a7c  MMCSS - ok
21:30:19.0499 0x0a7c  [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem           C:\Windows\system32\drivers\modem.sys
21:30:19.0502 0x0a7c  Modem - ok
21:30:19.0542 0x0a7c  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
21:30:19.0545 0x0a7c  monitor - ok
21:30:19.0570 0x0a7c  [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
21:30:19.0573 0x0a7c  mouclass - ok
21:30:19.0618 0x0a7c  [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
21:30:19.0620 0x0a7c  mouhid - ok
21:30:19.0649 0x0a7c  [ BDAFC88AA6B92F7842416EA6A48E1600, 2CA8A7BB260016D6B7953980A94C45A3C5D41F7DC7E73EEFB1C18EA144749503 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
21:30:19.0653 0x0a7c  MountMgr - ok
21:30:19.0679 0x0a7c  [ 24406D75B40F0F6B3C1AC7031D734565, B58AA80E9C3738CFD826D7C8129D5467166A4397CCFEEEF7F14542DEBB659A51 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
21:30:19.0689 0x0a7c  MpFilter - ok
21:30:19.0733 0x0a7c  [ 583A41F26278D9E0EA548163D6139397, 1F09D2FEEE1A8D4F1D9E53596158154099FD436A408F7E72E40F50778A3838A1 ] mpio            C:\Windows\system32\drivers\mpio.sys
21:30:19.0737 0x0a7c  mpio - ok
21:30:19.0841 0x0a7c  MpKsld38c627e - ok
21:30:19.0880 0x0a7c  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
21:30:19.0895 0x0a7c  mpsdrv - ok
21:30:19.0967 0x0a7c  [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] MpsSvc          C:\Windows\system32\mpssvc.dll
21:30:19.0991 0x0a7c  MpsSvc - ok
21:30:20.0028 0x0a7c  [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
21:30:20.0046 0x0a7c  Mraid35x - ok
21:30:20.0082 0x0a7c  [ 82CEA0395524AACFEB58BA1448E8325C, 16E37990A291C848DE35F48EA7E09AE5B258AE589EB08A3FA2C60DC1278DE182 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
21:30:20.0087 0x0a7c  MRxDAV - ok
21:30:20.0121 0x0a7c  [ 1E94971C4B446AB2290DEB71D01CF0C2, 4701AA1B419AEF735CB2DA34532B0F1844433272C36D79F4EB55807E39B923D1 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
21:30:20.0126 0x0a7c  mrxsmb - ok
21:30:20.0157 0x0a7c  [ 4FCCB34D793B116423209C0F8B7A3B03, 7A483AEB691ADBE82779F12F0BB1CCCBFFD7E92902EC1ADC99AB7D129F887143 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:30:20.0167 0x0a7c  mrxsmb10 - ok
21:30:20.0179 0x0a7c  [ C3CB1B40AD4A0124D617A1199B0B9D7C, B975A39DE6D324C6274B6E3B883F36082A958F028335CEB3A37F44481EB284B3 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:30:20.0184 0x0a7c  mrxsmb20 - ok
21:30:20.0210 0x0a7c  [ 742AED7939E734C36B7E8D6228CE26B7, 6F727144BBD42C9C5555087CA51DE8D501B5CBEFB9967866CC578733E3C5E681 ] msahci          C:\Windows\system32\drivers\msahci.sys
21:30:20.0212 0x0a7c  msahci - ok
21:30:20.0233 0x0a7c  [ 3FC82A2AE4CC149165A94699183D3028, 8575BE62A209672A5D8C68D75BBBB4FF06220CA73A939B0793442DAD2272598C ] msdsm           C:\Windows\system32\drivers\msdsm.sys
21:30:20.0238 0x0a7c  msdsm - ok
21:30:20.0266 0x0a7c  [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC           C:\Windows\System32\msdtc.exe
21:30:20.0273 0x0a7c  MSDTC - ok
21:30:20.0341 0x0a7c  [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
21:30:20.0343 0x0a7c  Msfs - ok
21:30:20.0384 0x0a7c  [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
21:30:20.0386 0x0a7c  msisadrv - ok
21:30:20.0449 0x0a7c  [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
21:30:20.0455 0x0a7c  MSiSCSI - ok
21:30:20.0467 0x0a7c  msiserver - ok
21:30:20.0509 0x0a7c  [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
21:30:20.0511 0x0a7c  MSKSSRV - ok
21:30:20.0577 0x0a7c  [ 3EA6A1A744D79328AE7E2C6FAE4C4420, CB4F8F744B454FCC16D4C0D28126BC31B1B5C9F9FB5DAE3152D9B3B7F4165523 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
21:30:20.0578 0x0a7c  MsMpSvc - ok
21:30:20.0590 0x0a7c  [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
21:30:20.0592 0x0a7c  MSPCLOCK - ok
21:30:20.0639 0x0a7c  [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
21:30:20.0641 0x0a7c  MSPQM - ok
21:30:20.0675 0x0a7c  [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
21:30:20.0683 0x0a7c  MsRPC - ok
21:30:20.0727 0x0a7c  [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
21:30:20.0730 0x0a7c  mssmbios - ok
21:30:20.0752 0x0a7c  [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
21:30:20.0753 0x0a7c  MSTEE - ok
21:30:20.0809 0x0a7c  [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup             C:\Windows\system32\Drivers\mup.sys
21:30:20.0812 0x0a7c  Mup - ok
21:30:20.0861 0x0a7c  [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent        C:\Windows\system32\qagentRT.dll
21:30:20.0875 0x0a7c  napagent - ok
21:30:20.0961 0x0a7c  [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
21:30:21.0018 0x0a7c  NativeWifiP - ok
21:30:21.0232 0x0a7c  [ 1357274D1883F68300AEADD15D7BBB42, EE6352CBF0D9D633816F338159CDA27F1A805C3DDC3402D8605B50D8F3CD3300 ] NDIS            C:\Windows\system32\drivers\ndis.sys
21:30:21.0552 0x0a7c  NDIS - ok
21:30:21.0632 0x0a7c  [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
21:30:21.0665 0x0a7c  NdisTapi - ok
21:30:21.0726 0x0a7c  [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
21:30:21.0740 0x0a7c  Ndisuio - ok
21:30:21.0789 0x0a7c  [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
21:30:21.0809 0x0a7c  NdisWan - ok
21:30:21.0905 0x0a7c  [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
21:30:21.0949 0x0a7c  NDProxy - ok
21:30:21.0986 0x0a7c  [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
21:30:22.0024 0x0a7c  NetBIOS - ok
21:30:22.0154 0x0a7c  [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
21:30:22.0211 0x0a7c  netbt - ok
21:30:22.0246 0x0a7c  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] Netlogon        C:\Windows\system32\lsass.exe
21:30:22.0249 0x0a7c  Netlogon - ok
21:30:22.0447 0x0a7c  [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman          C:\Windows\System32\netman.dll
21:30:22.0670 0x0a7c  Netman - ok
21:30:22.0774 0x0a7c  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:30:23.0152 0x0a7c  NetMsmqActivator - ok
21:30:23.0176 0x0a7c  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:30:23.0180 0x0a7c  NetPipeActivator - ok
21:30:23.0255 0x0a7c  [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm        C:\Windows\System32\netprofm.dll
21:30:23.0300 0x0a7c  netprofm - ok
21:30:23.0312 0x0a7c  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:30:23.0317 0x0a7c  NetTcpActivator - ok
21:30:23.0357 0x0a7c  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:30:23.0361 0x0a7c  NetTcpPortSharing - ok
21:30:23.0422 0x0a7c  [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
21:30:23.0433 0x0a7c  nfrd960 - ok
21:30:23.0486 0x0a7c  [ C58DB40E4C95BE8EE727BE872BE6383F, D64AFF36EAA058880E7144E9BB122C01302DB6783DB725CD3810DDDA47336C0F ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
21:30:23.0491 0x0a7c  NisDrv - ok
21:30:23.0683 0x0a7c  [ C5BC0144F8FF164425B197CB78620B5F, FC016ED16F9C1F52B6E6961FBE552126D4EDC48F62DC8DA9D3AE7F05808400D5 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
21:30:23.0715 0x0a7c  NisSrv - ok
21:30:23.0856 0x0a7c  [ 2997B15415F9BBE05B5A4C1C85E0C6A2, 5455536515FE740E18E090329FDCC40288724372AD18ACDB2CB4BB9D85CF681E ] NlaSvc          C:\Windows\System32\nlasvc.dll
21:30:23.0945 0x0a7c  NlaSvc - ok
21:30:24.0019 0x0a7c  [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
21:30:24.0046 0x0a7c  Npfs - ok
21:30:24.0080 0x0a7c  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi             C:\Windows\system32\nsisvc.dll
21:30:24.0099 0x0a7c  nsi - ok
21:30:24.0136 0x0a7c  [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
21:30:24.0160 0x0a7c  nsiproxy - ok
21:30:24.0283 0x0a7c  [ 2C1121F2B87E9A6B12485DF53CD848C7, E580428F3BA7B201C6C7CFADF1F44A6ECA4F589EDB034DA14260136236195936 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
21:30:24.0915 0x0a7c  Ntfs - ok
21:30:25.0010 0x0a7c  [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
21:30:25.0020 0x0a7c  ntrigdigi - ok
21:30:25.0101 0x0a7c  [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null            C:\Windows\system32\drivers\Null.sys
21:30:25.0138 0x0a7c  Null - ok
21:30:25.0310 0x0a7c  [ D958A2B5F6AD5C3B8CCDC4D7DA62466C, 574DC2C4C1C46E3B6F53E0A14E0595493E73EEE03EA1FF9DD1D3266B414B9941 ] NVENETFD        C:\Windows\system32\DRIVERS\nvmfdx32.sys
21:30:25.0388 0x0a7c  NVENETFD - ok
21:30:25.0831 0x0a7c  [ D65BC32C1795191B7F2B028351AB4FE2, 16A345F3A0AC24EED2E55A47C0011CD4EB793EC3C81B2B36D8EAD9C60C949353 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:30:26.0263 0x0a7c  nvlddmkm - ok
21:30:26.0778 0x0a7c  [ E69E946F80C1C31C53003BFBF50CBB7C, A0A4BC57822B2CBC75602A969E28DCEDE04B41CC084E1EF1532B1BCDAEAA43BB ] nvraid          C:\Windows\system32\drivers\nvraid.sys
21:30:27.0162 0x0a7c  nvraid - ok
21:30:27.0459 0x0a7c  [ 9AEBC32F9D6E02EBEE0369AB296FE7C8, 4B13E58E93856C6FFDE971593E0FAACDEEF56C9463FA6EB654312A71D10DF042 ] nvsmu           C:\Windows\system32\DRIVERS\nvsmu.sys
21:30:27.0584 0x0a7c  nvsmu - ok
21:30:27.0680 0x0a7c  [ 9E0BA19A28C498A6D323D065DB76DFFC, EA9E33ED2820ED39932FAE114A9CF1D87780ED6605D0260A6F22F920B48F34E9 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
21:30:27.0758 0x0a7c  nvstor - ok
21:30:28.0150 0x0a7c  [ A8C043670699C956D56B9F1F3DAEFC98, 1D951638546C426737872C1A64A11597DD02A736CEEE789024968437DAD2FC94 ] nvsvc           C:\Windows\system32\nvvsvc.exe
21:30:28.0322 0x0a7c  nvsvc - ok
21:30:28.0472 0x0a7c  [ 07C186427EB8FCC3D8D7927187F260F7, 9AFDE1CB7B7232BD019804BFC691580B9CC2E51A5BC0E5584B23907D532600D8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
21:30:28.0642 0x0a7c  nv_agp - ok
21:30:28.0651 0x0a7c  NwlnkFlt - ok
21:30:28.0661 0x0a7c  NwlnkFwd - ok
21:30:28.0894 0x0a7c  [ 6F310E890D46E246E0E261A63D9B36B4, 7050B0C43CC0DF2DDAD3EB8D2FF9EEE425A627C68654CBB154D55A4B1A47AA08 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
21:30:29.0095 0x0a7c  ohci1394 - ok
21:30:29.0901 0x0a7c  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:30:30.0096 0x0a7c  ose - ok
21:30:33.0593 0x0a7c  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7, F342100E2E9001F11FDF93F856B50FA43F9B85D2C6B5706EC0433E77206498DA ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:30:34.0366 0x0a7c  osppsvc - ok
21:30:34.0487 0x0a7c  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
21:30:34.0565 0x0a7c  p2pimsvc - ok
21:30:34.0643 0x0a7c  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc          C:\Windows\system32\p2psvc.dll
21:30:34.0664 0x0a7c  p2psvc - ok
21:30:34.0719 0x0a7c  [ 0FA9B5055484649D63C303FE404E5F4D, ABF357001A5E7B21621560E74FA538E2D899C5111A6AAC784B5B12D9D819C6CD ] Parport         C:\Windows\system32\drivers\parport.sys
21:30:34.0724 0x0a7c  Parport - ok
21:30:34.0784 0x0a7c  [ B9C2B89F08670E159F7181891E449CD9, BD48CE95CF4B75D1FD5FD379B2A8727BC000F2B6748B77636C6BDB0B37B0344A ] partmgr         C:\Windows\system32\drivers\partmgr.sys
21:30:34.0788 0x0a7c  partmgr - ok
21:30:34.0842 0x0a7c  [ 4F9A6A8A31413180D0FCB279AD5D8112, DCE48BC6E3447403521BB9FBF727E629DEE45B69B8AE8CFEE1A67FECAE3CB9D3 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
21:30:34.0859 0x0a7c  Parvdm - ok
21:30:34.0905 0x0a7c  [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc          C:\Windows\System32\pcasvc.dll
21:30:34.0909 0x0a7c  PcaSvc - ok
21:30:34.0947 0x0a7c  [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci             C:\Windows\system32\drivers\pci.sys
21:30:34.0958 0x0a7c  pci - ok
21:30:34.0977 0x0a7c  [ 1636D43F10416AEB483BC6001097B26C, 36E61A993693A46538FE0F726D67BB28886F61D53384AD600D1282296A27662E ] pciide          C:\Windows\system32\drivers\pciide.sys
21:30:34.0979 0x0a7c  pciide - ok
21:30:35.0027 0x0a7c  [ E6F3FB1B86AA519E7698AD05E58B04E5, 2C4B45DDD3B980C9DAA6F039CAEFCD6E84A4D5BB43AFBA73C0C42B5556C1303C ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
21:30:35.0035 0x0a7c  pcmcia - ok
21:30:35.0141 0x0a7c  [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
21:30:35.0217 0x0a7c  PEAUTH - ok
21:30:35.0359 0x0a7c  [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla             C:\Windows\system32\pla.dll
21:30:35.0448 0x0a7c  pla - ok
21:30:35.0505 0x0a7c  [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
21:30:35.0517 0x0a7c  PlugPlay - ok
21:30:35.0565 0x0a7c  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
21:30:35.0586 0x0a7c  PNRPAutoReg - ok
21:30:35.0631 0x0a7c  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
21:30:35.0652 0x0a7c  PNRPsvc - ok
21:30:35.0726 0x0a7c  [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
21:30:35.0748 0x0a7c  PolicyAgent - ok
21:30:35.0797 0x0a7c  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
21:30:35.0801 0x0a7c  PptpMiniport - ok
21:30:35.0864 0x0a7c  [ 0E3CEF5D28B40CF273281D620C50700A, 8ADA99B4563AE2129B95136295EE92A94102B035EBBC83D4C8587ECE8B0DEE60 ] Processor       C:\Windows\system32\drivers\processr.sys
21:30:35.0867 0x0a7c  Processor - ok
21:30:35.0882 0x0a7c  [ 0508FAA222D28835310B7BFCA7A77346, 3AE2340C6E365F137CC00D9560069501DD2724756EA9EBF7A6CDFFC91B43709C ] ProfSvc         C:\Windows\system32\profsvc.dll
21:30:35.0899 0x0a7c  ProfSvc - ok
21:30:35.0917 0x0a7c  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] ProtectedStorage C:\Windows\system32\lsass.exe
21:30:35.0920 0x0a7c  ProtectedStorage - ok
21:30:35.0946 0x0a7c  [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
21:30:35.0951 0x0a7c  PSched - ok
21:30:36.0028 0x0a7c  [ CCDAC889326317792480C0A67156A1EC, 3D3B561B6D4E12DE442C98993C929765F002AF5CFB5A00EFACE6ABE957F7E8AF ] ql2300          C:\Windows\system32\drivers\ql2300.sys
21:30:36.0084 0x0a7c  ql2300 - ok
21:30:36.0110 0x0a7c  [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
21:30:36.0115 0x0a7c  ql40xx - ok
21:30:36.0164 0x0a7c  [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE           C:\Windows\system32\qwave.dll
21:30:36.0187 0x0a7c  QWAVE - ok
21:30:36.0216 0x0a7c  [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
21:30:36.0233 0x0a7c  QWAVEdrv - ok
21:30:36.0291 0x0a7c  [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
21:30:36.0293 0x0a7c  RasAcd - ok
21:30:36.0325 0x0a7c  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto         C:\Windows\System32\rasauto.dll
21:30:36.0332 0x0a7c  RasAuto - ok
21:30:36.0367 0x0a7c  [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
21:30:36.0371 0x0a7c  Rasl2tp - ok
21:30:36.0414 0x0a7c  [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan          C:\Windows\System32\rasmans.dll
21:30:36.0437 0x0a7c  RasMan - ok
21:30:36.0460 0x0a7c  [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
21:30:36.0463 0x0a7c  RasPppoe - ok
21:30:36.0521 0x0a7c  [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
21:30:36.0525 0x0a7c  RasSstp - ok
21:30:36.0558 0x0a7c  [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
21:30:36.0568 0x0a7c  rdbss - ok
21:30:36.0598 0x0a7c  [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
21:30:36.0600 0x0a7c  RDPCDD - ok
21:30:36.0658 0x0a7c  [ E8BD98D46F2ED77132BA927FCCB47D8B, 5187CF8F00AD67EDDF27DF675F3210C0D72E552578A89C58DF6953B1D5BEBCB8 ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
21:30:36.0694 0x0a7c  rdpdr - ok
21:30:36.0704 0x0a7c  [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
21:30:36.0706 0x0a7c  RDPENCDD - ok
21:30:36.0756 0x0a7c  [ C127EBD5AFAB31524662C48DFCEB773A, 40A6B88FEAFF02D1B5C0CA32F290CF3D9B48B85D248C7532F30CC5C09BAA4D89 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
21:30:36.0765 0x0a7c  RDPWD - ok
21:30:36.0800 0x0a7c  [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess    C:\Windows\System32\mprdim.dll
21:30:36.0805 0x0a7c  RemoteAccess - ok
21:30:36.0876 0x0a7c  [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
21:30:36.0883 0x0a7c  RemoteRegistry - ok
21:30:36.0914 0x0a7c  [ 355AAC141B214BEF1DBC1483AFD9BD50, EB9AF96E81C1644C0190D269119BE71C63B60D50153C6EA2659B488C4456DBDF ] rimmptsk        C:\Windows\system32\DRIVERS\rimmptsk.sys
21:30:36.0917 0x0a7c  rimmptsk - ok
21:30:36.0928 0x0a7c  [ A4216C71DD4F60B26418CCFD99CD0815, C189953DD7B3AB31167D8746E8F829D222FEF3F8866317814414EF3E0D92B9E1 ] rimsptsk        C:\Windows\system32\DRIVERS\rimsptsk.sys
21:30:36.0931 0x0a7c  rimsptsk - ok
21:30:36.0951 0x0a7c  [ C663AF77E2F4EABF8EB08B388D2F1F36, D03FA3C1CED2BC5289DE3B922D7FB3B986E917BCF6C63744E4540DD0F174903F ] rismxdp         C:\Windows\system32\DRIVERS\rixdptsk.sys
21:30:36.0963 0x0a7c  rismxdp - ok
21:30:37.0016 0x0a7c  [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator      C:\Windows\system32\locator.exe
21:30:37.0019 0x0a7c  RpcLocator - ok
21:30:37.0069 0x0a7c  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] RpcSs           C:\Windows\system32\rpcss.dll
21:30:37.0088 0x0a7c  RpcSs - ok
21:30:37.0123 0x0a7c  [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
21:30:37.0127 0x0a7c  rspndr - ok
21:30:37.0150 0x0a7c  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] SamSs           C:\Windows\system32\lsass.exe
21:30:37.0152 0x0a7c  SamSs - ok
21:30:37.0192 0x0a7c  [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
21:30:37.0196 0x0a7c  sbp2port - ok
21:30:37.0235 0x0a7c  [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
21:30:37.0242 0x0a7c  SCardSvr - ok
21:30:37.0315 0x0a7c  [ 1A58069DB21D05EB2AB58EE5753EBE8D, EED8111EB613F4C93D1638C74FDB0A6DC6694E1B108DCD0D794B5B5F9B8C6EE4 ] Schedule        C:\Windows\system32\schedsvc.dll
21:30:37.0360 0x0a7c  Schedule - ok
21:30:37.0389 0x0a7c  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc     C:\Windows\System32\certprop.dll
21:30:37.0391 0x0a7c  SCPolicySvc - ok
21:30:37.0433 0x0a7c  [ 8F36B54688C31EED4580129040C6A3D3, DC150689CBAEEC94B9DE0CA6A633FAD16CDDDC452521232E0C2A44BAE61E08D9 ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
21:30:37.0448 0x0a7c  sdbus - ok
21:30:37.0481 0x0a7c  [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
21:30:37.0489 0x0a7c  SDRSVC - ok
21:30:37.0520 0x0a7c  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
21:30:37.0523 0x0a7c  secdrv - ok
21:30:37.0573 0x0a7c  [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon        C:\Windows\system32\seclogon.dll
21:30:37.0577 0x0a7c  seclogon - ok
21:30:37.0640 0x0a7c  [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS            C:\Windows\System32\sens.dll
21:30:37.0645 0x0a7c  SENS - ok
21:30:37.0686 0x0a7c  [ 68E44E331D46F0FB38F0863A84CD1A31, 0778D85B6869CE2610820DC9724360538BFE832426E898AEBC34E53D2AB4322B ] Serenum         C:\Windows\system32\drivers\serenum.sys
21:30:37.0689 0x0a7c  Serenum - ok
21:30:37.0712 0x0a7c  [ C70D69A918B178D3C3B06339B40C2E1B, 40BEEECA4C797A3355F4B01C57C2763C33028F27826315062320789A496D0810 ] Serial          C:\Windows\system32\drivers\serial.sys
21:30:37.0732 0x0a7c  Serial - ok
21:30:37.0768 0x0a7c  [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
21:30:37.0771 0x0a7c  sermouse - ok
21:30:37.0833 0x0a7c  [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv      C:\Windows\system32\sessenv.dll
21:30:37.0839 0x0a7c  SessionEnv - ok
21:30:37.0861 0x0a7c  [ 103B79418DA647736EE95645F305F68A, E4D356FD8C62B616D3584FE84905995A1CEE452288E3A456CC358FF41FEAB1B7 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
21:30:37.0863 0x0a7c  sffdisk - ok
21:30:37.0879 0x0a7c  [ 8FD08A310645FE872EEEC6E08C6BF3EE, 702A148C9DE172E7B5E331F057487255E0729FD42F949BB0FF2D5A01775933CF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
21:30:37.0881 0x0a7c  sffp_mmc - ok
21:30:37.0893 0x0a7c  [ 9CFA05FCFCB7124E69CFC812B72F9614, E9CFCE695E4D1AF146781CFAA295878536E573F06AEA65438878DE29EC9959AD ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
21:30:37.0895 0x0a7c  sffp_sd - ok
21:30:37.0909 0x0a7c  [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
21:30:37.0920 0x0a7c  sfloppy - ok
21:30:37.0963 0x0a7c  [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
21:30:37.0985 0x0a7c  SharedAccess - ok
21:30:38.0028 0x0a7c  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:30:38.0050 0x0a7c  ShellHWDetection - ok
21:30:38.0075 0x0a7c  [ D2A595D6EEBEEAF4334F8E50EFBC9931, 851B8205C657BF806C4D815DC75356E99B4246016B6E1C1F51BAF8AD1E6D5299 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
21:30:38.0079 0x0a7c  sisagp - ok
21:30:38.0120 0x0a7c  [ CEDD6F4E7D84E9F98B34B3FE988373AA, E102977E6FAC30B5ABEEC0B412A9F2A10C5C42F4D9C3AD69296BF9E1E88B6141 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
21:30:38.0123 0x0a7c  SiSRaid2 - ok
21:30:38.0147 0x0a7c  [ DF843C528C4F69D12CE41CE462E973A7, A2BEC74FCB8D8B6B9D8DD4746C013DFDF1DD662AEFE9B88CA495E5B83B4A76F9 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
21:30:38.0151 0x0a7c  SiSRaid4 - ok
21:30:38.0351 0x0a7c  [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc           C:\Windows\system32\SLsvc.exe
21:30:38.0582 0x0a7c  slsvc - ok
21:30:38.0649 0x0a7c  [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify      C:\Windows\system32\SLUINotify.dll
21:30:38.0655 0x0a7c  SLUINotify - ok
21:30:38.0687 0x0a7c  [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb             C:\Windows\system32\DRIVERS\smb.sys
21:30:38.0691 0x0a7c  Smb - ok
21:30:38.0753 0x0a7c  [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
21:30:38.0757 0x0a7c  SNMPTRAP - ok
21:30:38.0785 0x0a7c  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr           C:\Windows\system32\drivers\spldr.sys
21:30:38.0788 0x0a7c  spldr - ok
21:30:38.0848 0x0a7c  [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler         C:\Windows\System32\spoolsv.exe
21:30:38.0856 0x0a7c  Spooler - ok
21:30:38.0913 0x0a7c  [ 41987F9FC0E61ADF54F581E15029AD91, A46E718648C2DD3B43FC3798932C966315893A59442A0686CE46C605B9E4641E ] srv             C:\Windows\system32\DRIVERS\srv.sys
21:30:38.0935 0x0a7c  srv - ok
21:30:38.0957 0x0a7c  [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
21:30:38.0964 0x0a7c  srv2 - ok
21:30:39.0001 0x0a7c  [ 7605C0E1D01A08F3ECD743F38B834A44, 83A77E31004BCF83443F30EFC290E04BB1A2F332E8DFD614AB6E25B527C92299 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
21:30:39.0006 0x0a7c  srvnet - ok
21:30:39.0046 0x0a7c  [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
21:30:39.0055 0x0a7c  SSDPSRV - ok
21:30:39.0114 0x0a7c  [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc         C:\Windows\system32\sstpsvc.dll
21:30:39.0121 0x0a7c  SstpSvc - ok
21:30:39.0185 0x0a7c  [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc          C:\Windows\System32\wiaservc.dll
21:30:39.0219 0x0a7c  stisvc - ok
21:30:39.0246 0x0a7c  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
21:30:39.0249 0x0a7c  swenum - ok
21:30:39.0328 0x0a7c  [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv           C:\Windows\System32\swprv.dll
21:30:39.0343 0x0a7c  swprv - ok
21:30:39.0374 0x0a7c  [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
21:30:39.0377 0x0a7c  Symc8xx - ok
21:30:39.0402 0x0a7c  [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
21:30:39.0405 0x0a7c  Sym_hi - ok
21:30:39.0423 0x0a7c  [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
21:30:39.0440 0x0a7c  Sym_u3 - ok
21:30:39.0543 0x0a7c  [ 6DD49E1A5FA0F01824652F1A0A8866FB, E8839AF50AAA06A51A24004D26562694286DF638C7F86AB8408E496A7FEE52A4 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
21:30:39.0587 0x0a7c  SynTP - ok
21:30:39.0683 0x0a7c  [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain         C:\Windows\system32\sysmain.dll
21:30:39.0739 0x0a7c  SysMain - ok
21:30:39.0772 0x0a7c  [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:30:39.0778 0x0a7c  TabletInputService - ok
21:30:39.0817 0x0a7c  [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv         C:\Windows\System32\tapisrv.dll
21:30:39.0840 0x0a7c  TapiSrv - ok
21:30:39.0920 0x0a7c  [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS             C:\Windows\System32\tbssvc.dll
21:30:39.0980 0x0a7c  TBS - ok
21:30:40.0180 0x0a7c  [ 6D0D344F643E28B31262AC2682109A3C, 276736661876CE69A30CEED117AFCF26677221F278E234B9C7D03B85869B2C92 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
21:30:40.0235 0x0a7c  Tcpip - ok
21:30:40.0302 0x0a7c  [ 6D0D344F643E28B31262AC2682109A3C, 276736661876CE69A30CEED117AFCF26677221F278E234B9C7D03B85869B2C92 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
21:30:40.0328 0x0a7c  Tcpip6 - ok
21:30:40.0358 0x0a7c  [ 5877A786EF27E42C4E84D1356F922302, 1CDCC7D91086DC0FE80057EE8E1AE609A38DD9D241BC17145E7811C916E662C3 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
21:30:40.0362 0x0a7c  tcpipreg - ok
21:30:40.0389 0x0a7c  [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
21:30:40.0391 0x0a7c  TDPIPE - ok
21:30:40.0434 0x0a7c  [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
21:30:40.0437 0x0a7c  TDTCP - ok
21:30:40.0473 0x0a7c  [ 76B06EB8A01FC8624D699E7045303E54, EC30F244B48A35622ED3EE91792F6A1517C5A50770FAB3945E7A945EB7AF28A8 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
21:30:40.0477 0x0a7c  tdx - ok
21:30:40.0525 0x0a7c  [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
21:30:40.0528 0x0a7c  TermDD - ok
21:30:40.0573 0x0a7c  [ BB95DA09BEF6E7A131BFF3BA5032090D, BAF6997F8D944F85F0553957677866C7F22E72AA434BA45FFFB6CC41041070DC ] TermService     C:\Windows\System32\termsrv.dll
21:30:40.0606 0x0a7c  TermService - ok
21:30:40.0648 0x0a7c  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes          C:\Windows\system32\shsvcs.dll
21:30:40.0658 0x0a7c  Themes - ok
21:30:40.0674 0x0a7c  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER     C:\Windows\system32\mmcss.dll
21:30:40.0678 0x0a7c  THREADORDER - ok
21:30:40.0736 0x0a7c  [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks          C:\Windows\System32\trkwks.dll
21:30:40.0742 0x0a7c  TrkWks - ok
21:30:40.0791 0x0a7c  [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:30:40.0794 0x0a7c  TrustedInstaller - ok
21:30:40.0861 0x0a7c  [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3, 1CBB5106A32362ABDEE73BF170E205FE64DDBF826C5F6DFFCCD229F220B9C85E ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
21:30:40.0864 0x0a7c  tssecsrv - ok
21:30:40.0901 0x0a7c  [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
21:30:40.0903 0x0a7c  tunmp - ok
21:30:40.0933 0x0a7c  [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
21:30:40.0936 0x0a7c  tunnel - ok
21:30:40.0979 0x0a7c  [ C3ADE15414120033A36C0F293D4A4121, 74A002C4B5EBD94E33EDEACB6639AF44ED72A8DDE3083C6DE71C1EE937EF1A9C ] uagp35          C:\Windows\system32\drivers\uagp35.sys
21:30:40.0982 0x0a7c  uagp35 - ok
21:30:41.0029 0x0a7c  [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
21:30:41.0039 0x0a7c  udfs - ok
21:30:41.0088 0x0a7c  [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
21:30:41.0093 0x0a7c  UI0Detect - ok
21:30:41.0119 0x0a7c  [ 75E6890EBFCE0841D3291B02E7A8BDB0, FDF9CDCCCCC0AA2A52623C5A67AC5F5224557EE4C8F6487CB13CAEB012575E2A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
21:30:41.0123 0x0a7c  uliagpkx - ok
21:30:41.0200 0x0a7c  [ 3CD4EA35A6221B85DCC25DAA46313F8D, 100A7E12B8EA395F70A00874328E87B930CE88FF442F3576FE88B105A22E04C5 ] uliahci         C:\Windows\system32\drivers\uliahci.sys
21:30:41.0211 0x0a7c  uliahci - ok
21:30:41.0242 0x0a7c  [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata          C:\Windows\system32\drivers\ulsata.sys
21:30:41.0247 0x0a7c  UlSata - ok
21:30:41.0272 0x0a7c  [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
21:30:41.0279 0x0a7c  ulsata2 - ok
21:30:41.0310 0x0a7c  [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
21:30:41.0313 0x0a7c  umbus - ok
21:30:41.0354 0x0a7c  [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost        C:\Windows\System32\upnphost.dll
21:30:41.0377 0x0a7c  upnphost - ok
21:30:41.0421 0x0a7c  [ 6E421CCC57059B0186C6259CA3B6DFC9, E348BF23CCD6C14FD10C1689BBDC77E125245331F97BFE60D4C8FD9A8711CB59 ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
21:30:41.0424 0x0a7c  USBAAPL - ok
21:30:41.0450 0x0a7c  [ CAF811AE4C147FFCD5B51750C7F09142, BD670CF88D8F932AD1C6BA91FB68A7204BC473657C6A057C92AFB84D164D393C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
21:30:41.0454 0x0a7c  usbccgp - ok
21:30:41.0486 0x0a7c  [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
21:30:41.0490 0x0a7c  usbcir - ok
21:30:41.0571 0x0a7c  [ 79E96C23A97CE7B8F14D310DA2DB0C9B, EB441D3B93965CD927E0C181031AD1082F59F9885BF35CABFDCA08C6C76B0DAF ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
21:30:41.0574 0x0a7c  usbehci - ok
21:30:41.0608 0x0a7c  [ 4673BBCB006AF60E7ABDDBE7A130BA42, 0B7DED0D887A3530AA5497FDBCB69389486FB9E2B6FAE3163E33713256D575BA ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
21:30:41.0617 0x0a7c  usbhub - ok
21:30:41.0660 0x0a7c  [ CE697FEE0D479290D89BEC80DFE793B7, D10F6BAD0467672CCE4F97C7F2E13437CE89AC754C895EAE05F0726B6DC617B1 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
21:30:41.0662 0x0a7c  usbohci - ok
21:30:41.0694 0x0a7c  [ E75C4B5269091D15A2E7DC0B6D35F2F5, B0A4141B69B66276890836DE98EB8BC790D35CE59FA503060593E8CC12AA106B ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
21:30:41.0696 0x0a7c  usbprint - ok
21:30:41.0741 0x0a7c  [ A508C9BD8724980512136B039BBA65E9, B39B72471C468AC997AEC528599EDC98A031F5A7EB91C4F9471402D48D2D4E3E ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
21:30:41.0744 0x0a7c  usbscan - ok
21:30:41.0787 0x0a7c  [ BE3DA31C191BC222D9AD503C5224F2AD, 201FB0FDBF423342202686DC0D8A3221B7798AE04C04A649D3441C257C733CE8 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:30:41.0791 0x0a7c  USBSTOR - ok
21:30:41.0823 0x0a7c  [ 325DBBACB8A36AF9988CCF40EAC228CC, 22FE5658A12296634FBE9D8565485BEE8CB200C47182F70DC9D2B0442E10C4AA ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
21:30:41.0825 0x0a7c  usbuhci - ok
21:30:41.0859 0x0a7c  [ E67998E8F14CB0627A769F6530BCB352, 60982F168E9BF13954328C728F55F4D3ADDC572CACB65289B0E895A63DAA08C1 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
21:30:41.0866 0x0a7c  usbvideo - ok
21:30:41.0901 0x0a7c  [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms           C:\Windows\System32\uxsms.dll
21:30:41.0906 0x0a7c  UxSms - ok
21:30:41.0917 0x0a7c  vdrive - ok
21:30:42.0002 0x0a7c  [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds             C:\Windows\System32\vds.exe
21:30:42.0020 0x0a7c  vds - ok
21:30:42.0048 0x0a7c  [ 7D92BE0028ECDEDEC74617009084B5EF, D0749CE6FA3415BA4364299F8D6D53F133E8D2F44C6F1057996243415A540A53 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
21:30:42.0050 0x0a7c  vga - ok
21:30:42.0082 0x0a7c  [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave         C:\Windows\System32\drivers\vga.sys
21:30:42.0086 0x0a7c  VgaSave - ok
21:30:42.0110 0x0a7c  [ 045D9961E591CF0674A920B6BA3BA5CB, EBF498A0424CEA0F7ECBAAE144A8669CE6B5DD67115DE22CEC5A46AED26CD90B ] viaagp          C:\Windows\system32\drivers\viaagp.sys
21:30:42.0113 0x0a7c  viaagp - ok
21:30:42.0138 0x0a7c  [ 56A4DE5F02F2E88182B0981119B4DD98, 36FC94BCFD41907838DBCB02E6EA24065FDED4224239CD19E90D14433BE9108B ] ViaC7           C:\Windows\system32\drivers\viac7.sys
21:30:42.0141 0x0a7c  ViaC7 - ok
21:30:42.0167 0x0a7c  [ FD2E3175FCADA350C7AB4521DCA187EC, 1C914B184478611A27E0141F90EBC34FC63DFB2A83441DD36DFA43D945FB1C52 ] viaide          C:\Windows\system32\drivers\viaide.sys
21:30:42.0180 0x0a7c  viaide - ok
21:30:42.0215 0x0a7c  [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
21:30:42.0218 0x0a7c  volmgr - ok
21:30:42.0247 0x0a7c  [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
21:30:42.0260 0x0a7c  volmgrx - ok
21:30:42.0283 0x0a7c  [ 786DB5771F05EF300390399F626BF30A, 4A07BE5AEDBA4C15C2F9A91250F0488A0B0305C67BB7A037508D5CBF86D4E1B7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
21:30:42.0293 0x0a7c  volsnap - ok
21:30:42.0328 0x0a7c  [ D984439746D42B30FC65A4C3546C6829, B134A9890638C2B4964A9C30812A2828A3E0CC641690CBF22D9FCE65EE3C2385 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
21:30:42.0333 0x0a7c  vsmraid - ok
21:30:42.0412 0x0a7c  [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS             C:\Windows\system32\vssvc.exe
21:30:42.0477 0x0a7c  VSS - ok
21:30:42.0554 0x0a7c  [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time         C:\Windows\system32\w32time.dll
21:30:42.0568 0x0a7c  W32Time - ok
21:30:42.0593 0x0a7c  [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
21:30:42.0596 0x0a7c  WacomPen - ok
21:30:42.0644 0x0a7c  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
21:30:42.0648 0x0a7c  Wanarp - ok
21:30:42.0656 0x0a7c  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
21:30:42.0659 0x0a7c  Wanarpv6 - ok
21:30:42.0715 0x0a7c  [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
21:30:42.0735 0x0a7c  wcncsvc - ok
21:30:42.0769 0x0a7c  [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:30:42.0774 0x0a7c  WcsPlugInService - ok
21:30:42.0809 0x0a7c  [ AFC5AD65B991C1E205CF25CFDBF7A6F4, 544173AE85A11B99B9221DB30B6803DAEB3EB7FCA57FE62F0D13EF70B9C69A89 ] Wd              C:\Windows\system32\drivers\wd.sys
21:30:42.0811 0x0a7c  Wd - ok
21:30:42.0841 0x0a7c  [ D6EFAF429FD30C5DF613D220E344CCE7, 807D4563E8AD4073688691078EB13AF240E14BA5E0C8506A48B3060A20B90082 ] WDC_SAM         C:\Windows\system32\DRIVERS\wdcsam.sys
21:30:42.0843 0x0a7c  WDC_SAM - ok
21:30:42.0908 0x0a7c  [ A840213F1ACDCC175B4D1D5AAEAC0D7A, B20F7CAEEA790290072BC170EBEEADB4C19E1C40DB0B3FE0D4A640D0D82300D6 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
21:30:42.0963 0x0a7c  Wdf01000 - ok
21:30:43.0024 0x0a7c  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost  C:\Windows\system32\wdi.dll
21:30:43.0030 0x0a7c  WdiServiceHost - ok
21:30:43.0038 0x0a7c  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost   C:\Windows\system32\wdi.dll
21:30:43.0043 0x0a7c  WdiSystemHost - ok
21:30:43.0083 0x0a7c  [ 04C37D8107320312FBAE09926103D5E2, 1C6726A9871CBACB240AFA93E57781515F01758D43693DDA395EA683D97234F0 ] WebClient       C:\Windows\System32\webclnt.dll
21:30:43.0105 0x0a7c  WebClient - ok
21:30:43.0136 0x0a7c  [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
21:30:43.0145 0x0a7c  Wecsvc - ok
21:30:43.0173 0x0a7c  [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport   C:\Windows\System32\wercplsupport.dll
21:30:43.0179 0x0a7c  wercplsupport - ok
21:30:43.0206 0x0a7c  [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc          C:\Windows\System32\WerSvc.dll
21:30:43.0218 0x0a7c  WerSvc - ok
21:30:43.0296 0x0a7c  [ E096FFB754F1E45AE1BDDAC1275AE2C5, DB88308520805EB9EE1FC70C057C75A1928DBAB00F8DDE7908FE79B964259CB3 ] winachsf        C:\Windows\system32\DRIVERS\HSX_CNXT.sys
21:30:43.0352 0x0a7c  winachsf - ok
21:30:43.0427 0x0a7c  [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
21:30:43.0438 0x0a7c  WinDefend - ok
21:30:43.0452 0x0a7c  WinHttpAutoProxySvc - ok
21:30:43.0519 0x0a7c  [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
21:30:43.0553 0x0a7c  Winmgmt - ok
21:30:43.0589 0x0a7c  WinRing0_1_2_0 - ok
21:30:43.0716 0x0a7c  [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM           C:\Windows\system32\WsmSvc.dll
21:30:43.0826 0x0a7c  WinRM - ok
21:30:43.0892 0x0a7c  [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc         C:\Windows\System32\wlansvc.dll
21:30:43.0926 0x0a7c  Wlansvc - ok
21:30:44.0076 0x0a7c  [ 0A70F4022EC2E14C159EFC4F69AA2477, FF248136576F9803762C54DE5439D3411B52DCBC95B93176A5DAB857967D9AC4 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:30:44.0164 0x0a7c  wlidsvc - ok
21:30:44.0205 0x0a7c  [ 2E7255D172DF0B8283CDFB7B433B864E, 60C786CF0EA4A29B309B9457F0496D5A0AF1F093FC2C5D88078865814B7DBBA3 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
21:30:44.0207 0x0a7c  WmiAcpi - ok
21:30:44.0243 0x0a7c  [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
21:30:44.0250 0x0a7c  wmiApSrv - ok
21:30:44.0370 0x0a7c  [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
21:30:44.0425 0x0a7c  WMPNetworkSvc - ok
21:30:44.0461 0x0a7c  [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
21:30:44.0470 0x0a7c  WPCSvc - ok
21:30:44.0512 0x0a7c  [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
21:30:44.0519 0x0a7c  WPDBusEnum - ok
21:30:44.0551 0x0a7c  [ DE9D36F91A4DF3D911626643DEBF11EA, 8029ECE76E29276BFB6ED3387AC560A9A779AAF683A4416E96334FAF7BDBADA0 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
21:30:44.0554 0x0a7c  WpdUsb - ok
21:30:44.0649 0x0a7c  [ B800EEC15851597405784126C407188C, 78FE6A9CBFC2C10DB88D5D8616DBFD848849630907906D06199C14DC4F6C152D ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
21:30:44.0714 0x0a7c  WPFFontCache_v0400 - ok
21:30:44.0748 0x0a7c  [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
21:30:44.0750 0x0a7c  ws2ifsl - ok
21:30:44.0780 0x0a7c  [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc          C:\Windows\System32\wscsvc.dll
21:30:44.0786 0x0a7c  wscsvc - ok
21:30:44.0794 0x0a7c  WSearch - ok
21:30:44.0940 0x0a7c  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll
21:30:45.0051 0x0a7c  wuauserv - ok
21:30:45.0139 0x0a7c  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
21:30:45.0143 0x0a7c  WudfPf - ok
21:30:45.0169 0x0a7c  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
21:30:45.0176 0x0a7c  WUDFRd - ok
21:30:45.0214 0x0a7c  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
21:30:45.0220 0x0a7c  wudfsvc - ok
21:30:45.0250 0x0a7c  [ 19E7C173B6242AD7521E537AE54768BF, AC2D2B3BD94B8EAADC54E18110F5291FFDF0F365880C2CAF80D497BE5609AC7F ] XAudio          C:\Windows\system32\DRIVERS\xaudio.sys
21:30:45.0252 0x0a7c  XAudio - ok
21:30:45.0296 0x0a7c  [ CDA0BC78672B50C43649FF34E1FD0FF8, 7FDAA363E17E0EC391C014166051C952722CEA01E0552E574EF7C146BFCC856F ] XAudioService   C:\Windows\system32\DRIVERS\xaudio.exe
21:30:45.0318 0x0a7c  XAudioService - ok
21:30:45.0338 0x0a7c  ================ Scan global ===============================
21:30:45.0384 0x0a7c  [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\system32\basesrv.dll
21:30:45.0437 0x0a7c  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
21:30:45.0503 0x0a7c  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
21:30:45.0558 0x0a7c  [ D4E6D91C1349B7BFB3599A6ADA56851B, 8748091BF27F05D28D45688E04DD9229A4B2E159209A64F457703F66A8CECE4D ] C:\Windows\system32\services.exe
21:30:45.0572 0x0a7c  [ Global ] - ok
21:30:45.0572 0x0a7c  ================ Scan MBR ==================================
21:30:45.0584 0x0a7c  [ 1A1A06F62E891045814007163C1C76C3 ] \Device\Harddisk0\DR0
21:30:46.0024 0x0a7c  \Device\Harddisk0\DR0 - ok
21:30:46.0024 0x0a7c  ================ Scan VBR ==================================
21:30:46.0031 0x0a7c  [ 970286D319B6550B626608F60E103DB3 ] \Device\Harddisk0\DR0\Partition1
21:30:46.0037 0x0a7c  \Device\Harddisk0\DR0\Partition1 - ok
21:30:46.0044 0x0a7c  [ A4CB0A38C08995F14FA87F730ED1ABEF ] \Device\Harddisk0\DR0\Partition2
21:30:46.0050 0x0a7c  \Device\Harddisk0\DR0\Partition2 - ok
21:30:46.0095 0x0a7c  [ 95A0373F16B63030AC972FA700594A02 ] \Device\Harddisk0\DR0\Partition3
21:30:46.0097 0x0a7c  \Device\Harddisk0\DR0\Partition3 - ok
21:30:46.0098 0x0a7c  Waiting for KSN requests completion. In queue: 167
21:30:47.0098 0x0a7c  Waiting for KSN requests completion. In queue: 167
21:30:48.0098 0x0a7c  Waiting for KSN requests completion. In queue: 167
21:30:49.0098 0x0a7c  Waiting for KSN requests completion. In queue: 167
21:30:50.0098 0x0a7c  Waiting for KSN requests completion. In queue: 167
21:30:51.0526 0x0a7c  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.3.216.0 ), 0x61000 ( enabled : updated )
21:30:51.0624 0x0a7c  Win FW state via NFP2: enabled
21:30:56.0421 0x0a7c  ============================================================
21:30:56.0421 0x0a7c  Scan finished
21:30:56.0421 0x0a7c  ============================================================
21:30:56.0449 0x0da0  Detected object count: 0
21:30:56.0449 0x0da0  Actual detected object count: 0
 
 
 
 
 
 
 
 
# AdwCleaner v3.006 - Report created 03/10/2013 at 21:43:42
# Updated 01/10/2013 by Xplode
# Operating System : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# Username : Kathy - MIKE-PC
# Running from : C:\Users\Kathy\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v9.0.8112.16506
 
 
-\\ Google Chrome v
 
[ File : C:\Users\Kathy\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [915 octets] - [03/10/2013 21:41:37]
AdwCleaner[S0].txt - [841 octets] - [03/10/2013 21:43:42]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [900 octets] ##########
 
 
 
 
That's everything except the ESET log which is running at a snail's pace right now. It's probably worth noting that ESET found 3 infected files. I'll post the log after it finishes scanning. 

Edited by MDLopez, 03 October 2013 - 11:36 PM.


#4 MDLopez

MDLopez
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:44 AM

Posted 03 October 2013 - 11:35 PM

C:\WINDOWS\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H59JNOXX\index[4].htm HTML/IFrame.L trojan
C:\Users\Kathy\Downloads\CodecPerformerSetup.exe a variant of Win32/InstallBrain.AP application cleaned by deleting - quarantined
C:\WINDOWS\$NtUninstallKB54515$\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H59JNOXX\index[4].htm HTML/IFrame.L trojan cleaned by deleting - quarantined


#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:44 AM

Posted 04 October 2013 - 08:59 AM

Hi as per what ESET found....

Go to Start ... Run and type in cmd
A dos Window will appear.
Type in the dos window: netsh winsock reset
Click on the enter key.

Reboot your system to complete the process.


Empty your temp folders using TFC (Temporary File Cleaner)

  • Please download TFC by Old Timer and save it to your desktop.
    alternate download link
  • Save any unsaved work. (TFC will close ALL open programs including your browser!)
  • Double-click on TFC.exe to run it. (If you are using Vista, right-click on the file and choose "Run As Administrator".)
  • Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
  • Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway allowing Windows to load normally (not into Safe Mode) to ensure a complete clean.
  • Last

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 MDLopez

MDLopez
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:44 AM

Posted 05 October 2013 - 12:41 AM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.3 (09.27.2013:1)
OS: Windows Vista ™ Home Premium x86
Ran by Kathy on Sat 10/05/2013 at  1:35:25.90
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\torch
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\torch
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{E4A7BA5D-1FCA-4261-85CA-307FC5471A6D}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{E4A7BA5D-1FCA-4261-85CA-307FC5471A6D}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{037039D8-8C53-43CC-95BE-198556E66531}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{037039D8-8C53-43CC-95BE-198556E66531}
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Empty Folder] C:\Users\Kathy\appdata\local\{FCD5DA87-BDE8-4C5D-A7D1-0D2F23FBEF09}
 
 
 
~~~ Chrome
 
Successfully deleted: [Folder] C:\Users\Kathy\appdata\local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\kiplfnciaokpcennlkldkdaeaaomamof
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 10/05/2013 at  1:38:22.22
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:44 AM

Posted 06 October 2013 - 07:33 PM

Good, it looks clean.
 
These are outdated and exploitable by malware.
 
In Control panel remove
Adobe Reader X (10.1.6) (Version: 10.1.6)
Java 7 Update 25 (Version: 7.0.250)
 
Reboot
 
Install
Adobe reader XI
Java Version 7 Update 40 , select Windows Offline (32-bit)
 
 
NOTE: UNcheck any extra install items ,such as
 
Yes, install Google Chrome as my default browser and Google Toolbar for Internet Explorer.

google_banner_225x66.png




If all is good then....
Create a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been backed up, renamed and saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can re-infect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state. The easiest and safest way to do this is:
  • Go to Start > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Then use Disk Cleanup
  • to remove all but the most recently created Restore Point.
  • Go to Start > Run and type: Cleanmgr
  • Click "Ok". Disk Cleanup will scan your files for several minutes, then open.
  • Click the "More Options" tab, then click the "Clean up" button under System Restore.
  • Click Ok. You will be prompted with "Are you sure you want to delete all but the most recent restore point?"
  • Click Yes, then click Ok.
  • Click Yes again when prompted with "Are you sure you want to perform these actions?"
  • Disk Cleanup will remove the files and close automatically. Vista and Windows 7 users can refer to these links:
  • Create a New Restore Point in Vista
  • Create a New Restore Point in Windows 7 (alternate method)
  • Disk Cleanup in Vista
  • Disk Cleanup in Windows 7
  • ◾Reboot and see how it is.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users