Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected? Or False Positives for Trojans?


  • Please log in to reply
7 replies to this topic

#1 dorkpixie

dorkpixie

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Amherst, NY
  • Local time:04:14 PM

Posted 18 October 2013 - 10:05 AM

Hello,

Info: Windows 7 all updated

 

MalwareBytes and SUPERAntiSpyware both found Trojan.Agent/Gen-Stranform within my system; interestingly MB quarantined it, but it disappeared and SAP quarantined it and it is still in quarantine. This particular "Trojan" was associated with Chrome and a LOT of DLL files. Then SAP found Trojan.Agent/Gen-Tracur  having something to do with Windows/SYSWOW64/DISCHANDLER.EXE and just this morning SAP found Trojan.Agent/Gen-Downloader
 in D:\DOWNLOADS\SUPPORT-LOGMEINRESCUE.EXE (whatever this is associtated with is very old as I use this datafile rarely); and I do not even know what it is. What is odd is not only that these keep coming up all within the last month and also odd is that MB scans first and finds very little; late Aug found and qurantined Trojan.Dropper.SP two files and MB finds a LOT of PUPs, which generally are programs I do want ; SAP scans 2nd finds everything and quaranties. I also use Norton 360 and it finds nothing, it does block many intrustions however. All 3 scanners find cookies; no big deal.

 

I just don't know if I am infected; I looked these up and some information points to false positives. If I am infected, I worry that I have something that is just backdooring trojans in once or twice a month. I am just not sure what to think or do. Thank you for any assistance and I do hope I communicated the issue well.

 

Also, other than Hardware issues; I have had no real issues with software.


Edited by dorkpixie, 18 October 2013 - 10:07 AM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,906 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:14 PM

Posted 18 October 2013 - 10:11 AM

Hello, this, DOWNLOADS\SUPPORT-LOGMEINRESCUE.EXE is usually Remote Support & Mgmt. Software like Go To Assist.
Tracur is bad.
Lets scan the machine.

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
.
.
.
ADW Cleaner

Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished...
    <-insert any special instructions here for what to uncheck OR remove this line if there are none->
  • This time click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • .
    .
    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.
    • Last run ESET.
      • Hold down Control and click on this link to open ESET OnlineScan in a new window.
      • Click the esetonlinebtn.png button.
      • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
      • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
      • Double click on the esetsmartinstaller_enu.png icon on your desktop.
      • Check "YES, I accept the Terms of Use."
      • Click the Start button.
      • Accept any security warnings from your browser.
      • Under scan settings, check "Scan Archives" and "Remove found threats"
      • Click Advanced settings and select the following:
      • Scan potentially unwanted applications
      • Scan for potentially unsafe applications
      • Enable Anti-Stealth technology
      • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
      • When the scan completes, click List Threats
      • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
      • Click the Back button.
      • Click the Finish button.
      • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 dorkpixie

dorkpixie
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Amherst, NY
  • Local time:04:14 PM

Posted 18 October 2013 - 06:24 PM

It took a really long time for one of the scans...Some of these programs and the PUPs I don't even know what they are or where they came from; thank you for your help. Logs:

 

MiniToolBox by Farbar  Version: 13-07-2013
Ran by Shannon (administrator) on 18-10-2013 at 11:25:55
Running from "C:\Users\Shannon\Downloads"
Microsoft Windows 7 Professional  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Intel® 82566DM-2 Gigabit Network Connection = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global defaultcurhoplimit=128 icmpredirects=enabled taskoffload=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : Shan2323-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : buffalo.rr.com

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . : buffalo.rr.com
   Description . . . . . . . . . . . : Intel® 82566DM-2 Gigabit Network Connection
   Physical Address. . . . . . . . . : 00-21-86-24-08-F0
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::fd3b:1286:b0f:74d7%10(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.101(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Friday, October 18, 2013 9:42:11 AM
   Lease Expires . . . . . . . . . . : Saturday, October 19, 2013 9:42:10 AM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 234889606
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-68-36-70-00-21-86-24-08-F0
   DNS Servers . . . . . . . . . . . : 209.18.47.61
                                       209.18.47.62
                                       192.168.1.1
                                       209.18.47.61
                                       209.18.47.62
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6abd:9:2e3e:3f57:fe9a(Preferred)
   Link-local IPv6 Address . . . . . : fe80::9:2e3e:3f57:fe9a%11(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.buffalo.rr.com:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : buffalo.rr.com
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  dns-cac-lb-01.rr.com
Address:  209.18.47.61

Name:    google.com
Addresses:  2607:f8b0:4004:803::1004
      74.125.228.39
      74.125.228.40
      74.125.228.41
      74.125.228.46
      74.125.228.32
      74.125.228.33
      74.125.228.34
      74.125.228.35
      74.125.228.36
      74.125.228.37
      74.125.228.38


Pinging google.com [74.125.228.34] with 32 bytes of data:
Reply from 74.125.228.34: bytes=32 time=47ms TTL=49
Reply from 74.125.228.34: bytes=32 time=56ms TTL=49

Ping statistics for 74.125.228.34:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 47ms, Maximum = 56ms, Average = 51ms
Server:  dns-cac-lb-01.rr.com
Address:  209.18.47.61

Name:    yahoo.com
Addresses:  206.190.36.45
      98.138.253.109
      98.139.183.24


Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=226ms TTL=46
Reply from 206.190.36.45: bytes=32 time=85ms TTL=46

Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 85ms, Maximum = 226ms, Average = 155ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=6ms TTL=128
Reply from 127.0.0.1: bytes=32 time=3ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 3ms, Maximum = 6ms, Average = 4ms
===========================================================================
Interface List
 10...00 21 86 24 08 f0 ......Intel® 82566DM-2 Gigabit Network Connection
  1...........................Software Loopback Interface 1
 11...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.101     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link     192.168.1.101    276
    192.168.1.101  255.255.255.255         On-link     192.168.1.101    276
    192.168.1.255  255.255.255.255         On-link     192.168.1.101    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.1.101    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.1.101    276
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 11     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 11     58 2001::/32                On-link
 11    306 2001:0:9d38:6abd:9:2e3e:3f57:fe9a/128
                                    On-link
 10    276 fe80::/64                On-link
 11    306 fe80::/64                On-link
 11    306 fe80::9:2e3e:3f57:fe9a/128
                                    On-link
 10    276 fe80::fd3b:1286:b0f:74d7/128
                                    On-link
  1    306 ff00::/8                 On-link
 11    306 ff00::/8                 On-link
 10    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/18/2013 10:10:06 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid(S-1-5-21-1888359072-949431391-1126342131-1001.bak).  hr = 0x80070539, The security ID structure is invalid.
.


Operation:
   OnIdentify event
   Gathering Writer Data

Context:
   Execution Context: Shadow Copy Optimization Writer
   Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Writer Name: Shadow Copy Optimization Writer
   Writer Instance ID: {5bc6219b-9bb9-4edc-882b-d3098def93dd}

Error: (10/18/2013 10:08:11 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid(S-1-5-21-1888359072-949431391-1126342131-1001.bak).  hr = 0x80070539, The security ID structure is invalid.
.


Operation:
   OnIdentify event
   Gathering Writer Data

Context:
   Execution Context: Shadow Copy Optimization Writer
   Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Writer Name: Shadow Copy Optimization Writer
   Writer Instance ID: {5bc6219b-9bb9-4edc-882b-d3098def93dd}

Error: (10/18/2013 10:05:22 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid(S-1-5-21-1888359072-949431391-1126342131-1001.bak).  hr = 0x80070539, The security ID structure is invalid.
.


Operation:
   OnIdentify event
   Gathering Writer Data

Context:
   Execution Context: Shadow Copy Optimization Writer
   Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Writer Name: Shadow Copy Optimization Writer
   Writer Instance ID: {5bc6219b-9bb9-4edc-882b-d3098def93dd}

Error: (10/18/2013 10:04:25 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid(S-1-5-21-1888359072-949431391-1126342131-1001.bak).  hr = 0x80070539, The security ID structure is invalid.
.


Operation:
   OnIdentify event
   Gathering Writer Data

Context:
   Execution Context: Shadow Copy Optimization Writer
   Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Writer Name: Shadow Copy Optimization Writer
   Writer Instance ID: {5bc6219b-9bb9-4edc-882b-d3098def93dd}

Error: (10/18/2013 09:42:26 AM) (Source: Windows Search Service) (User: )
Description: The index cannot be initialized.


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (10/18/2013 09:42:26 AM) (Source: Windows Search Service) (User: )
Description: The application cannot be initialized.

Context: Windows Application


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (10/18/2013 09:42:26 AM) (Source: Windows Search Service) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (10/18/2013 09:42:26 AM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog


Details:
    Element not found.  (HRESULT : 0x80070490) (0x80070490)

Error: (10/18/2013 09:42:22 AM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.

Context: Windows Application, SystemIndex Catalog


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (10/18/2013 09:42:22 AM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service cannot load the property store information.

Context: Windows Application, SystemIndex Catalog


Details:
    The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)


System errors:
=============
Error: (10/18/2013 10:01:59 AM) (Source: Service Control Manager) (User: )
Description: The NitroPDFReaderDriverCreatorReadSpool3 service terminated unexpectedly.  It has done this 1 time(s).

Error: (10/18/2013 09:44:20 AM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069

Error: (10/18/2013 09:44:20 AM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
%%1330

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (10/18/2013 09:42:29 AM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (10/18/2013 09:42:26 AM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated with service-specific error %%-1073473535.

Error: (10/18/2013 09:42:10 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
WS_Sfilter

Error: (10/18/2013 09:42:09 AM) (Source: Service Control Manager) (User: )
Description: The Remote Desktop Services service failed to start due to the following error:
%%1079

Error: (10/18/2013 09:41:23 AM) (Source: volmgr) (User: )
Description: Crash dump initialization failed!

Error: (10/18/2013 09:39:47 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition.

Error: (10/18/2013 08:25:24 AM) (Source: Service Control Manager) (User: )
Description: The NitroPDFReaderDriverCreatorReadSpool3 service terminated unexpectedly.  It has done this 1 time(s).


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2012-08-26 12:00:37.458
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\explorer.exe because the set of per-page image hashes could not be found on the system.

  Date: 2012-08-26 12:00:37.426
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\explorer.exe because the set of per-page image hashes could not be found on the system.

  Date: 2012-08-26 12:00:37.395
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\explorer.exe because the set of per-page image hashes could not be found on the system.

  Date: 2012-08-26 12:00:37.021
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\explorer.exe because the set of per-page image hashes could not be found on the system.

  Date: 2012-08-26 12:00:36.990
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\explorer.exe because the set of per-page image hashes could not be found on the system.

  Date: 2012-08-26 12:00:36.943
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\explorer.exe because the set of per-page image hashes could not be found on the system.

  Date: 2012-08-26 12:00:36.912
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\explorer.exe because the set of per-page image hashes could not be found on the system.

  Date: 2012-08-26 12:00:36.865
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\explorer.exe because the set of per-page image hashes could not be found on the system.

  Date: 2012-08-26 12:00:36.771
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\explorer.exe because the set of per-page image hashes could not be found on the system.

  Date: 2012-08-25 03:01:20.780
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\WinSxS\x86_microsoft-windows-webcamexperience_31bf3856ad364e35_6.2.8250.0_none_f501a2b45199d3b2\CameraSettingsUIHost.exe because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

 Update for Microsoft Office 2007 (KB2508958)
AC3File 0.6b (Version: 0.6b)
AC3Filter 1.62b (Version: 1.62b)
Adobe AIR (Version: 3.9.0.1030)
Adobe Anchor Service CS4 (Version: 2.0)
Adobe Anchor Service x64 CS4 (Version: 2.0)
Adobe Bridge CS4 (Version: 3)
Adobe CMaps CS4 (Version: 2.0)
Adobe CMaps x64 CS4 (Version: 2.0)
Adobe Color - Photoshop Specific CS4 (Version: 2.0)
Adobe Color EU Extra Settings CS4 (Version: 2.0)
Adobe Color JA Extra Settings CS4 (Version: 2.0)
Adobe Color NA Recommended Settings CS4 (Version: 2.0)
Adobe Color Video Profiles CS CS4 (Version: 2.0)
Adobe CSI CS4 (Version: 1)
Adobe CSI CS4 x64 (Version: 1)
Adobe Default Language CS4 (Version: 2.0)
Adobe Drive CS4 x64 (Version: 1)
Adobe ExtendScript Toolkit CS4 (Version: 3.0.0)
Adobe Flash Player 11 ActiveX (Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (Version: 11.9.900.117)
Adobe Fonts All (Version: 2.0)
Adobe Fonts All x64 (Version: 2.0)
Adobe Linguistics CS4 (Version: 4.0.0)
Adobe Linguistics CS4 x64 (Version: 4.0.0)
Adobe Output Module (Version: 2.0)
Adobe PDF Library Files CS4 (Version: 9.0)
Adobe PDF Library Files x64 CS4 (Version: 9.0)
Adobe Photoshop CS4 (64 Bit) (Version: 11.0)
Adobe Photoshop CS4 (Version: 11.0)
Adobe Photoshop CS4 Support (Version: 11.0)
Adobe Search for Help (Version: 1.0)
Adobe Service Manager Extension (Version: 1.0)
Adobe Setup (Version: 2.0)
Adobe Type Support CS4 (Version: 9.0)
Adobe Type Support x64 CS4 (Version: 9.0)
Adobe Update Manager CS4 (Version: 6.0.0)
Adobe WinSoft Linguistics Plugin (Version: 1.1)
Adobe WinSoft Linguistics Plugin x64 (Version: 1.1)
Adobe XMP Panels CS4 (Version: 2.0)
AdobeColorCommonSetCMYK (Version: 2.0)
AdobeColorCommonSetRGB (Version: 2.0)
Amazon Kindle
Audacity 2.0.3 (Version: 2.0.3)
Avidemux 2.6 (32-bit) (Version: 2.6.4.8696)
Bayou Buddy 2.2 - Pogo Version
BCWipe 6.0 (Version: 6.01.1)
BitTorrent (Version: 7.8.1.30016)
Blaze (Version: 0.5.6.10)
Brother MFL-Pro Suite MFC-7420 (Version: 1.0.1.0)
CamStudio
CCleaner (Version: 4.06)
CDBurnerXP (Version: 4.5.2.4291)
Codec 8.3a
Connect (Version: 1.0.0.1)
CrystalDiskInfo 5.6.2 (Version: 5.6.2)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DivX Setup (Version: 2.6.1.24)
Dropbox (Version: 2.0.8)
EasyBCD 2.1.2 (Version: 2.1.2)
Free YouTube to MP3 Converter version 3.12.2.430 (Version: 3.12.2.430)
FreeStar Free AMR MP3 Converter 1.0.7 (Version: 1.0.7)
Google Earth (Version: 6.2.1.6014)
GooReader (Version: 3)
HD Tune Pro 5.50
Hot CPU Tester Pro 4.4.1 (Version: 4.4 LE)
Info Center 1.0.0.7 (Version: 1.0.0.7)
Intel® Management Engine Interface
Intel® Network Connections Drivers (Version: 14.2)
Intel® Active Management Technology
Java 7 Update 45 (64-bit) (Version: 7.0.450)
Java 7 Update 45 (Version: 7.0.450)
Java Auto Updater (Version: 2.1.9.8)
Kobo (Version: 3.0.1)
kuler (Version: 2.0)
LabSim (Version: 3.1.57)
LogonStudio
Lottso! Deluxe
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Media Player Codec Pack 4.2.9 (Version: 4.2.9)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Multi-Targeting Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Expression Blend 3 SDK (Version: 1.0.1343.0)
Microsoft Expression Blend 4 (Version: 4.0.20525.0)
Microsoft Expression Blend SDK for .NET 4 (Version: 2.0.20525.0)
Microsoft Expression Blend SDK for Silverlight 4 (Version: 2.0.20525.0)
Microsoft Expression Design 4 (Version: 7.0.20516.0)
Microsoft Expression Encoder 4 (Version: 4.0.1639.0)
Microsoft Expression Encoder 4 Screen Capture Codec (Version: 4.0.1639.0)
Microsoft Expression Studio 4 (Version: 4.0.20525.0)
Microsoft Expression Web 4 (Version: 4.0.1303.0)
Microsoft Expression Web 4 Service Pack 2
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Visio 2007 Service Pack 3 (SP3)
Microsoft Office Visio MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Visio Professional 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft Silverlight 3 SDK (Version: 3.0.40818.0)
Microsoft Silverlight 4 SDK (Version: 4.0.50401.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Movie Maker (Version: 16.4.3508.0205)
Mozilla Firefox 24.0 (x86 en-US) (Version: 24.0)
Mozilla Maintenance Service (Version: 24.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT110 (Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
Nitro Reader 3 (Version: 3.5.2.10)
NOOK Study (Version: 2.1.2.28499)
Norton 360 (Version: 20.4.0.40)
Norton Management (Version: 3.2.2.12)
NVIDIA 3D Vision Controller Driver 306.23 (Version: 306.23)
NVIDIA 3D Vision Driver 311.06 (Version: 311.06)
NVIDIA Control Panel 311.06 (Version: 311.06)
NVIDIA Graphics Driver 311.06 (Version: 311.06)
NVIDIA HD Audio Driver 1.3.18.0 (Version: 1.3.18.0)
NVIDIA Install Application (Version: 2.1002.108.688)
NVIDIA PhysX (Version: 9.12.0604)
NVIDIA PhysX System Software 9.12.0604 (Version: 9.12.0604)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.1106)
NVIDIA Update 1.11.3 (Version: 1.11.3)
NVIDIA Update Components (Version: 1.11.3)
PDF Settings CS4 (Version: 9.0)
Photo Gallery (Version: 16.4.3508.0205)
Photoshop Camera Raw (Version: 5.0)
Photoshop Camera Raw_x64 (Version: 5.0)
PrimoPDF -- brought to you by Nitro PDF Software (Version: 5)
Revo Uninstaller 1.95 (Version: 1.95)
ScanSoft PaperPort 11 (Version: 11.1.0000)
Search Protection (Version: 7.5.0.1)
SeaTools for Windows (Version: 1.2.0.7)
Secunia PSI (2.0.0.3003)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
SiSoftware Sandra Professional Home 2009.SP4 (Version: 15.124.2009.9)
SIW version 2011.10.29 (Version: 2011.10.29)
Snagit 9.1.3 (Version: 9.1.3.19)
SoundMAX (Version: 6.10.2.6595)
Suite Shared Configuration CS4 (Version: 1.0)
Super TextTwist (Version: 2.2.4.1)
SUPERAntiSpyware (Version: 5.0.1136)
TestOut Navigator (Stand-Alone Version)
The Poppit! Show
Unity Web Player (Version: )
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (Version: 3)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition
Update for Microsoft Office Visio 2007 Help (KB963666)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
Update for Microsoft Script Editor Help (KB957253)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
VoiceZoneConnect (Version: 1.5.0)
Windows Driver Package - Intel (e1express) Net  (06/05/2009 9.13.12.0) (Version: 06/05/2009 9.13.12.0)
Windows Driver Package - NVIDIA (nvlddmkm) Display  (02/29/2012 8.17.12.9610) (Version: 02/29/2012 8.17.12.9610)
Windows Driver Package - NVIDIA (nvlddmkm) Display  (05/15/2012 8.17.13.0142) (Version: 05/15/2012 8.17.13.0142)
Windows Driver Package - NVIDIA Corporation (NVHDA) MEDIA  (01/17/2012 1.3.12.0) (Version: 01/17/2012 1.3.12.0)
Windows Driver Package - NVIDIA Corporation (NVHDA) MEDIA  (04/18/2012 1.3.16.0) (Version: 04/18/2012 1.3.16.0)
Windows Live Communications Platform (Version: 16.4.3508.0205)
Windows Live Essentials (Version: 16.4.3508.0205)
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)
Windows Live Installer (Version: 16.4.3508.0205)
Windows Live Photo Common (Version: 16.4.3508.0205)
Windows Live PIMT Platform (Version: 16.4.3508.0205)
Windows Live SOXE (Version: 16.4.3508.0205)
Windows Live SOXE Definitions (Version: 16.4.3508.0205)
Windows Live UX Platform (Version: 16.4.3508.0205)
Windows Live UX Platform Language Pack (Version: 16.4.3508.0205)
Wondershare Disk Manager Free(build 1.0.0)
Word Riot Deluxe
WOT for Internet Explorer (Version: 9.4.14.0)
WPF Toolkit February 2010 (Version 3.5.50211.1) (Version: 3.5.50211.1)

========================= Memory info: ===================================

Percentage of memory in use: 29%
Total physical RAM: 7902.3 MB
Available physical RAM: 5576.96 MB
Total Pagefile: 7900.48 MB
Available Pagefile: 5619.54 MB
Total Virtual: 4095.88 MB
Available Virtual: 3973.39 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:148.95 GB) (Free:77.22 GB) NTFS
2 Drive d: (DataI) (Fixed) (Total:298.08 GB) (Free:11.15 GB) NTFS
3 Drive e: (New Volume) (Fixed) (Total:465.76 GB) (Free:140.11 GB) NTFS

========================= Users: ========================================

User accounts for \\SHAN2323-PC

Administrator            Guest                    Jen                      
Shannon                  UpdatusUser              


**** End of log ****
 

 

11:34:09.0514 0x0630  TDSS rootkit removing tool 3.0.0.14 Oct 15 2013 15:35:38
11:34:21.0714 0x0630  ============================================================
11:34:21.0714 0x0630  Current date / time: 2013/10/18 11:34:21.0714
11:34:21.0714 0x0630  SystemInfo:
11:34:21.0714 0x0630  
11:34:21.0714 0x0630  OS Version: 6.1.7601 ServicePack: 1.0
11:34:21.0714 0x0630  Product type: Workstation
11:34:21.0714 0x0630  ComputerName: SHAN2323-PC
11:34:21.0714 0x0630  UserName: Shannon
11:34:21.0714 0x0630  Windows directory: C:\Windows
11:34:21.0714 0x0630  System windows directory: C:\Windows
11:34:21.0714 0x0630  Running under WOW64
11:34:21.0714 0x0630  Processor architecture: Intel x64
11:34:21.0714 0x0630  Number of processors: 2
11:34:21.0714 0x0630  Page size: 0x1000
11:34:21.0714 0x0630  Boot type: Normal boot
11:34:21.0714 0x0630  ============================================================
11:34:26.0066 0x0630  System UUID: {356B2BAA-3E10-F10E-7156-E304049C8560}
11:34:26.0830 0x0630  Drive \Device\Harddisk1\DR1 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:34:26.0846 0x0630  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:34:26.0862 0x0630  Drive \Device\Harddisk2\DR2 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:34:26.0862 0x0630  ============================================================
11:34:26.0862 0x0630  \Device\Harddisk1\DR1:
11:34:26.0862 0x0630  MBR partitions:
11:34:26.0862 0x0630  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
11:34:26.0862 0x0630  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x3283F, BlocksNum 0x129E6282
11:34:26.0862 0x0630  \Device\Harddisk0\DR0:
11:34:26.0862 0x0630  MBR partitions:
11:34:26.0862 0x0630  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A384800
11:34:26.0862 0x0630  \Device\Harddisk2\DR2:
11:34:26.0862 0x0630  MBR partitions:
11:34:26.0877 0x0630  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F00, BlocksNum 0x2542ABB0
11:34:26.0877 0x0630  ============================================================
11:34:26.0893 0x0630  C: <-> \Device\Harddisk1\DR1\Partition2
11:34:26.0924 0x0630  D: <-> \Device\Harddisk2\DR2\Partition1
11:34:26.0940 0x0630  E: <-> \Device\Harddisk0\DR0\Partition1
11:34:26.0940 0x0630  ============================================================
11:34:26.0940 0x0630  Initialize success
11:34:26.0940 0x0630  ============================================================
11:34:38.0624 0x0950  ============================================================
11:34:38.0624 0x0950  Scan started
11:34:38.0624 0x0950  Mode: Manual;
11:34:38.0624 0x0950  ============================================================
11:34:38.0624 0x0950  KSN ping started
11:34:41.0479 0x0950  KSN ping finished: true
11:34:42.0758 0x0950  ================ Scan system memory ========================
11:34:42.0758 0x0950  System memory - ok
11:34:42.0758 0x0950  ================ Scan services =============================
11:34:42.0914 0x0950  [ 581D88B25C4D4121824FED2CA38E562F, 838FFC4270ED32858A4AC14B389DEA1ECCCAAFC94BEAF683F8976B5F5A91DD15 ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
11:34:42.0930 0x0950  !SASCORE - ok
11:34:43.0772 0x0950  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
11:34:43.0803 0x0950  1394ohci - ok
11:34:43.0959 0x0950  7ByteIo - ok
11:34:44.0053 0x0950  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
11:34:44.0084 0x0950  ACPI - ok
11:34:44.0131 0x0950  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
11:34:44.0162 0x0950  AcpiPmi - ok
11:34:44.0240 0x0950  [ D44BCAF639E4E45307C2BC80715273D5, 1E1CDE13C39D835447096CBEC104A2EDDCE15D94288DB3FBB02421B8B8307989 ] adfs            C:\Windows\system32\drivers\adfs.sys
11:34:44.0256 0x0950  adfs - ok
11:34:44.0349 0x0950  [ 502EFC263D7B8564A434861DAB5AC6FF, DD8FFFDFD8E1787B70A29058D3B2662FA3F4D7BC894BD0021DE7181298F64C20 ] ADIHdAudAddService C:\Windows\system32\drivers\ADIHdAud.sys
11:34:44.0380 0x0950  ADIHdAudAddService - ok
11:34:45.0129 0x0950  [ A283108E14F3970432C21AF4C0CB1BCE, 1D3219EF916D54232838870EDE557296AACB714B456ED0AAE0DE3CE3822F4643 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:34:45.0129 0x0950  AdobeFlashPlayerUpdateSvc - ok
11:34:45.0238 0x0950  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
11:34:45.0270 0x0950  adp94xx - ok
11:34:45.0348 0x0950  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
11:34:45.0363 0x0950  adpahci - ok
11:34:45.0394 0x0950  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
11:34:45.0426 0x0950  adpu320 - ok
11:34:45.0472 0x0950  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
11:34:45.0488 0x0950  AeLookupSvc - ok
11:34:45.0597 0x0950  [ 314C17917AC8523EC77A710215012A65, 725CF2D5F63C06F7704C24FE0CFA696215DADC6C0EC445D9671E82F8E23E56AD ] AFD             C:\Windows\system32\drivers\afd.sys
11:34:45.0613 0x0950  AFD - ok
11:34:45.0675 0x0950  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
11:34:45.0706 0x0950  agp440 - ok
11:34:45.0769 0x0950  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
11:34:45.0769 0x0950  ALG - ok
11:34:45.0816 0x0950  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
11:34:45.0847 0x0950  aliide - ok
11:34:45.0894 0x0950  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
11:34:45.0925 0x0950  amdide - ok
11:34:46.0018 0x0950  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
11:34:46.0050 0x0950  AmdK8 - ok
11:34:46.0096 0x0950  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
11:34:46.0128 0x0950  AmdPPM - ok
11:34:46.0206 0x0950  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
11:34:46.0221 0x0950  amdsata - ok
11:34:46.0299 0x0950  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
11:34:46.0315 0x0950  amdsbs - ok
11:34:46.0393 0x0950  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
11:34:46.0393 0x0950  amdxata - ok
11:34:46.0549 0x0950  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
11:34:46.0580 0x0950  AppID - ok
11:34:46.0642 0x0950  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
11:34:46.0674 0x0950  AppIDSvc - ok
11:34:46.0736 0x0950  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
11:34:46.0736 0x0950  Appinfo - ok
11:34:46.0783 0x0950  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
11:34:46.0783 0x0950  AppMgmt - ok
11:34:46.0798 0x0950  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
11:34:46.0798 0x0950  arc - ok
11:34:46.0814 0x0950  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
11:34:46.0814 0x0950  arcsas - ok
11:34:46.0939 0x0950  [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:34:46.0939 0x0950  aspnet_state - ok
11:34:46.0954 0x0950  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
11:34:46.0954 0x0950  AsyncMac - ok
11:34:46.0970 0x0950  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
11:34:46.0970 0x0950  atapi - ok
11:34:47.0017 0x0950  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:34:47.0032 0x0950  AudioEndpointBuilder - ok
11:34:47.0064 0x0950  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
11:34:47.0079 0x0950  AudioSrv - ok
11:34:47.0110 0x0950  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
11:34:47.0110 0x0950  AxInstSV - ok
11:34:47.0157 0x0950  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
11:34:47.0188 0x0950  b06bdrv - ok
11:34:47.0220 0x0950  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
11:34:47.0220 0x0950  b57nd60a - ok
11:34:47.0282 0x0950  [ 2731164DABC032A40319AA527125FB70, 19B3A0420244764E99BF99B755326D04FFE2050FC2CE96E54F0A2A3B1B801043 ] BCSWAP          C:\Windows\system32\drivers\BCSWAP.sys
11:34:47.0282 0x0950  BCSWAP - ok
11:34:47.0313 0x0950  [ 84F93A29C879DAF33C9AB93F6CA154B7, F9DC40D71E82381CA11335002D266917DAA4E783D90CD54CBE37A4422821EF26 ] BCWipeSvc       C:\Program Files (x86)\Jetico\BCWipe\BCWipeSvc.exe
11:34:47.0313 0x0950  BCWipeSvc - ok
11:34:47.0344 0x0950  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
11:34:47.0360 0x0950  BDESVC - ok
11:34:47.0376 0x0950  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
11:34:47.0376 0x0950  Beep - ok
11:34:47.0438 0x0950  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
11:34:47.0454 0x0950  BFE - ok
11:34:47.0641 0x0950  [ B61966860EDA757FDF6EFC4AB39316C4, 8A9F3D69ED458467699B154817D91565927ACFFE1B95CA506BEBEF1FFDA009C0 ] BHDrvx64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.4.0.40\Definitions\BASHDefs\20131002.001\BHDrvx64.sys
11:34:47.0719 0x0950  BHDrvx64 - ok
11:34:47.0766 0x0950  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
11:34:47.0781 0x0950  BITS - ok
11:34:47.0797 0x0950  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
11:34:47.0797 0x0950  blbdrive - ok
11:34:47.0812 0x0950  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
11:34:47.0812 0x0950  bowser - ok
11:34:47.0828 0x0950  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
11:34:47.0828 0x0950  BrFiltLo - ok
11:34:47.0844 0x0950  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
11:34:47.0844 0x0950  BrFiltUp - ok
11:34:47.0890 0x0950  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
11:34:47.0890 0x0950  Browser - ok
11:34:47.0922 0x0950  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\system32\DRIVERS\BrSerId.sys
11:34:47.0937 0x0950  Brserid - ok
11:34:47.0953 0x0950  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
11:34:47.0953 0x0950  BrSerWdm - ok
11:34:47.0953 0x0950  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
11:34:47.0953 0x0950  BrUsbMdm - ok
11:34:47.0968 0x0950  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\system32\DRIVERS\BrUsbSer.sys
11:34:47.0968 0x0950  BrUsbSer - ok
11:34:47.0984 0x0950  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
11:34:48.0000 0x0950  BTHMODEM - ok
11:34:48.0015 0x0950  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
11:34:48.0015 0x0950  bthserv - ok
11:34:48.0046 0x0950  [ 248C952C82DF1E23775432774CBB20F1, D04D382E7963B84E4856534A2FA209787FEBA2B6F21F579CA8F7C6BE4AA10072 ] ccSet_MCLIENT   C:\Windows\system32\drivers\MCLIENTx64\0302020.00C\ccSetx64.sys
11:34:48.0062 0x0950  ccSet_MCLIENT - ok
11:34:48.0109 0x0950  [ 56685951208AC81CF923B9B08BEDF3B7, F5FF438B9A54AD8D54E82DE60E1771C9685A95D5E590D69EB1E4E78D3B9B7769 ] ccSet_N360      C:\Windows\system32\drivers\N360x64\1404000.028\ccSetx64.sys
11:34:48.0124 0x0950  ccSet_N360 - ok
11:34:48.0140 0x0950  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
11:34:48.0140 0x0950  cdfs - ok
11:34:48.0171 0x0950  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
11:34:48.0171 0x0950  cdrom - ok
11:34:48.0202 0x0950  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
11:34:48.0202 0x0950  CertPropSvc - ok
11:34:48.0249 0x0950  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
11:34:48.0249 0x0950  circlass - ok
11:34:48.0280 0x0950  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
11:34:48.0296 0x0950  CLFS - ok
11:34:48.0343 0x0950  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:34:48.0343 0x0950  clr_optimization_v2.0.50727_32 - ok
11:34:48.0390 0x0950  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:34:48.0390 0x0950  clr_optimization_v2.0.50727_64 - ok
11:34:48.0436 0x0950  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:34:48.0436 0x0950  clr_optimization_v4.0.30319_32 - ok
11:34:48.0452 0x0950  [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:34:48.0452 0x0950  clr_optimization_v4.0.30319_64 - ok
11:34:48.0483 0x0950  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
11:34:48.0483 0x0950  CmBatt - ok
11:34:48.0530 0x0950  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
11:34:48.0530 0x0950  cmdide - ok
11:34:48.0577 0x0950  [ AAFCB52FE0037207FB6FBEA070D25EFE, 7D035BFB6DD86944CCDE6D71811891406D7FD08344EF8CF57C4D932E096F1377 ] CNG             C:\Windows\system32\Drivers\cng.sys
11:34:48.0592 0x0950  CNG - ok
11:34:48.0608 0x0950  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
11:34:48.0608 0x0950  Compbatt - ok
11:34:48.0655 0x0950  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
11:34:48.0655 0x0950  CompositeBus - ok
11:34:48.0655 0x0950  COMSysApp - ok
11:34:48.0670 0x0950  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
11:34:48.0670 0x0950  crcdisk - ok
11:34:48.0717 0x0950  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
11:34:48.0733 0x0950  CryptSvc - ok
11:34:48.0780 0x0950  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
11:34:48.0795 0x0950  CSC - ok
11:34:48.0826 0x0950  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
11:34:48.0842 0x0950  CscService - ok
11:34:48.0873 0x0950  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
11:34:48.0889 0x0950  DcomLaunch - ok
11:34:48.0920 0x0950  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
11:34:48.0936 0x0950  defragsvc - ok
11:34:48.0967 0x0950  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
11:34:48.0967 0x0950  DfsC - ok
11:34:49.0014 0x0950  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
11:34:49.0014 0x0950  Dhcp - ok
11:34:49.0029 0x0950  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
11:34:49.0029 0x0950  discache - ok
11:34:49.0061 0x0950  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
11:34:49.0061 0x0950  Disk - ok
11:34:49.0092 0x0950  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
11:34:49.0092 0x0950  Dnscache - ok
11:34:49.0123 0x0950  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
11:34:49.0139 0x0950  dot3svc - ok
11:34:49.0154 0x0950  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
11:34:49.0170 0x0950  DPS - ok
11:34:49.0185 0x0950  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
11:34:49.0185 0x0950  drmkaud - ok
11:34:49.0248 0x0950  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
11:34:49.0279 0x0950  DXGKrnl - ok
11:34:49.0326 0x0950  [ 099E01A94167CA8BDA2CF72037AD0E28, 937501E15A9C8E195DC778DBC9C3A45EB5DD024AF9E4C188ED5B69F94EEC233D ] e1express       C:\Windows\system32\DRIVERS\e1e6232e.sys
11:34:49.0341 0x0950  e1express - ok
11:34:49.0357 0x0950  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
11:34:49.0357 0x0950  EapHost - ok
11:34:49.0466 0x0950  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
11:34:49.0560 0x0950  ebdrv - ok
11:34:49.0638 0x0950  [ A2DA3D8E0B336E13F7A155B5789B58CF, D492E24807857547F62E69B8F2935ABC48113C28832B1155AB3186D04A63DEF1 ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
11:34:49.0669 0x0950  eeCtrl - ok
11:34:49.0685 0x0950  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] EFS             C:\Windows\System32\lsass.exe
11:34:49.0685 0x0950  EFS - ok
11:34:49.0747 0x0950  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
11:34:49.0778 0x0950  ehRecvr - ok
11:34:49.0809 0x0950  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
11:34:49.0809 0x0950  ehSched - ok
11:34:49.0841 0x0950  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
11:34:49.0872 0x0950  elxstor - ok
11:34:49.0919 0x0950  [ 23C3061D2F7F8BCB6140A098447035B4, A89A628D99637DA72F51E90A6C3CBAAB552B423447C2EDC561E3D7CCB4D7EAB7 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
11:34:49.0919 0x0950  EraserUtilRebootDrv - ok
11:34:49.0934 0x0950  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
11:34:49.0934 0x0950  ErrDev - ok
11:34:49.0981 0x0950  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
11:34:49.0997 0x0950  EventSystem - ok
11:34:50.0012 0x0950  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
11:34:50.0028 0x0950  exfat - ok
11:34:50.0043 0x0950  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
11:34:50.0043 0x0950  fastfat - ok
11:34:50.0090 0x0950  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
11:34:50.0121 0x0950  Fax - ok
11:34:50.0137 0x0950  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
11:34:50.0137 0x0950  fdc - ok
11:34:50.0153 0x0950  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
11:34:50.0153 0x0950  fdPHost - ok
11:34:50.0168 0x0950  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
11:34:50.0168 0x0950  FDResPub - ok
11:34:50.0184 0x0950  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
11:34:50.0184 0x0950  FileInfo - ok
11:34:50.0199 0x0950  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
11:34:50.0199 0x0950  Filetrace - ok
11:34:50.0246 0x0950  [ 1F63900E2EB00101B9ACA2B7A870704E, 5AFE1FC852937FECE6B33147BD0110436FE97F33BFDA3F69B1F5EDAD6FFC09C6 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
11:34:50.0262 0x0950  FLEXnet Licensing Service - ok
11:34:50.0324 0x0950  [ 1C3FB052A0BB72EDAED90785C34D6EED, 5300A82D1A79EBA1768F545E73974E3B8CE189AB39CDF905BF42AFA2E497186B ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
11:34:50.0355 0x0950  FLEXnet Licensing Service 64 - ok
11:34:50.0371 0x0950  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
11:34:50.0371 0x0950  flpydisk - ok
11:34:50.0418 0x0950  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
11:34:50.0418 0x0950  FltMgr - ok
11:34:50.0465 0x0950  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
11:34:50.0496 0x0950  FontCache - ok
11:34:50.0543 0x0950  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:34:50.0543 0x0950  FontCache3.0.0.0 - ok
11:34:50.0558 0x0950  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
11:34:50.0558 0x0950  FsDepends - ok
11:34:50.0574 0x0950  [ 34633103BEB91D1C375351BC2B653AB6, AF91DB672F9EE365FF161FD58EAFAE53F1469680CEE7A6FE2A2861DEA816DF86 ] fsh             C:\Windows\system32\drivers\fsh.sys
11:34:50.0589 0x0950  fsh - ok
11:34:50.0605 0x0950  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
11:34:50.0621 0x0950  Fs_Rec - ok
11:34:50.0667 0x0950  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
11:34:50.0683 0x0950  fvevol - ok
11:34:50.0699 0x0950  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
11:34:50.0699 0x0950  gagp30kx - ok
11:34:50.0745 0x0950  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
11:34:50.0761 0x0950  gpsvc - ok
11:34:50.0777 0x0950  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
11:34:50.0777 0x0950  hcw85cir - ok
11:34:50.0823 0x0950  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:34:50.0839 0x0950  HdAudAddService - ok
11:34:50.0855 0x0950  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
11:34:50.0870 0x0950  HDAudBus - ok
11:34:50.0901 0x0950  [ 806C9235C2FBFB9268B9E9F05165DE5D, FAAE1A5019D0C124B698EE48B37A9F3BB25D45A69D2742F12DD9379399001D7D ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
11:34:50.0901 0x0950  HECIx64 - ok
11:34:50.0917 0x0950  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
11:34:50.0917 0x0950  HidBatt - ok
11:34:50.0917 0x0950  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
11:34:50.0933 0x0950  HidBth - ok
11:34:50.0933 0x0950  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
11:34:50.0933 0x0950  HidIr - ok
11:34:50.0948 0x0950  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
11:34:50.0964 0x0950  hidserv - ok
11:34:50.0995 0x0950  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
11:34:50.0995 0x0950  HidUsb - ok
11:34:51.0026 0x0950  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
11:34:51.0026 0x0950  hkmsvc - ok
11:34:51.0057 0x0950  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:34:51.0057 0x0950  HomeGroupListener - ok
11:34:51.0089 0x0950  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:34:51.0089 0x0950  HomeGroupProvider - ok
11:34:51.0120 0x0950  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
11:34:51.0135 0x0950  HpSAMD - ok
11:34:51.0182 0x0950  [ CF44B25AE808765D7308F412AD492DDB, 97A16ACCD6D624B2A57DDA913C8005320FF91542C0EF7F39456741D99D7B2725 ] HTCAND64        C:\Windows\system32\Drivers\ANDROIDUSB.sys
11:34:51.0182 0x0950  HTCAND64 - ok
11:34:51.0213 0x0950  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
11:34:51.0245 0x0950  HTTP - ok
11:34:51.0245 0x0950  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
11:34:51.0245 0x0950  hwpolicy - ok
11:34:51.0276 0x0950  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
11:34:51.0276 0x0950  i8042prt - ok
11:34:51.0307 0x0950  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
11:34:51.0323 0x0950  iaStorV - ok
11:34:51.0385 0x0950  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:34:51.0416 0x0950  idsvc - ok
11:34:51.0494 0x0950  [ B7771B73807E50F7598720BC6C16179F, C8F4AD11DD3194E7E0E87C8603E4479A3F24AC1E97D8A0D8F893DE5AD63509AC ] IDSVia64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.4.0.40\Definitions\IPSDefs\20131017.002\IDSvia64.sys
11:34:51.0525 0x0950  IDSVia64 - ok
11:34:51.0557 0x0950  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
11:34:51.0557 0x0950  iirsp - ok
11:34:51.0603 0x0950  [ FCD84C381E0140AF901E58D48882D26B, 76955FFC230C801E8ED890E32076075F04CD6E5EC79E594FDE6D23797A36B406 ] IKEEXT          C:\Windows\System32\ikeext.dll
11:34:51.0619 0x0950  IKEEXT - ok
11:34:51.0666 0x0950  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
11:34:51.0666 0x0950  intelide - ok
11:34:51.0681 0x0950  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
11:34:51.0681 0x0950  intelppm - ok
11:34:51.0697 0x0950  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
11:34:51.0713 0x0950  IPBusEnum - ok
11:34:51.0728 0x0950  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:34:51.0728 0x0950  IpFilterDriver - ok
11:34:51.0775 0x0950  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
11:34:51.0791 0x0950  iphlpsvc - ok
11:34:51.0822 0x0950  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
11:34:51.0822 0x0950  IPMIDRV - ok
11:34:51.0853 0x0950  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
11:34:51.0853 0x0950  IPNAT - ok
11:34:51.0869 0x0950  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
11:34:51.0869 0x0950  IRENUM - ok
11:34:51.0900 0x0950  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
11:34:51.0900 0x0950  isapnp - ok
11:34:51.0931 0x0950  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
11:34:51.0947 0x0950  iScsiPrt - ok
11:34:51.0978 0x0950  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
11:34:51.0978 0x0950  kbdclass - ok
11:34:52.0009 0x0950  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
11:34:52.0009 0x0950  kbdhid - ok
11:34:52.0025 0x0950  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] KeyIso          C:\Windows\system32\lsass.exe
11:34:52.0025 0x0950  KeyIso - ok
11:34:52.0056 0x0950  [ 97A7070AEA4C058B6418519E869A63B4, 15345C2D6CA159BD498002974A0BD21CAB611124D85E3320248B47652AEF23C8 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
11:34:52.0071 0x0950  KSecDD - ok
11:34:52.0103 0x0950  [ 7EFB9333E4ECCE6AE4AE9D777D9E553E, 94F1382291BD748BAE7EDBCB56F43B8564A1EE22E2DBEB37066559EE3D065FBA ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
11:34:52.0118 0x0950  KSecPkg - ok
11:34:52.0134 0x0950  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
11:34:52.0134 0x0950  ksthunk - ok
11:34:52.0165 0x0950  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
11:34:52.0181 0x0950  KtmRm - ok
11:34:52.0227 0x0950  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
11:34:52.0227 0x0950  LanmanServer - ok
11:34:52.0259 0x0950  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:34:52.0259 0x0950  LanmanWorkstation - ok
11:34:52.0290 0x0950  [ ACEC35F181075B20A5EF4A71958B13DF, E7C471C08241CE1941B2B5CF6C8726AA07DC972846F80E2DF5A11FA515003A33 ] libusb0         C:\Windows\system32\drivers\libusb0.sys
11:34:52.0290 0x0950  libusb0 - ok
11:34:52.0321 0x0950  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
11:34:52.0321 0x0950  lltdio - ok
11:34:52.0352 0x0950  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
11:34:52.0368 0x0950  lltdsvc - ok
11:34:52.0399 0x0950  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
11:34:52.0399 0x0950  lmhosts - ok
11:34:52.0430 0x0950  [ CEDA82048C4958171674D0E9373B1A68, 3FB093DD108D2457A169CA9EE230A3299AC7483BBBC7565360C4E6AB2242368C ] LMS             C:\Program Files (x86)\Intel\AMT\LMS.exe
11:34:52.0430 0x0950  LMS - ok
11:34:52.0461 0x0950  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
11:34:52.0461 0x0950  LSI_FC - ok
11:34:52.0477 0x0950  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
11:34:52.0477 0x0950  LSI_SAS - ok
11:34:52.0493 0x0950  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
11:34:52.0493 0x0950  LSI_SAS2 - ok
11:34:52.0508 0x0950  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
11:34:52.0524 0x0950  LSI_SCSI - ok
11:34:52.0539 0x0950  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
11:34:52.0555 0x0950  luafv - ok
11:34:52.0571 0x0950  [ 0BB97D43299910CBFBA59C461B99B910, 27C22D9D9EE8A410D7396960DA93E9E260D4DCDD38DCE06E85E45C5E24C067DE ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
11:34:52.0571 0x0950  MBAMProtector - ok
11:34:52.0649 0x0950  [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
11:34:52.0649 0x0950  MBAMScheduler - ok
11:34:52.0695 0x0950  [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
11:34:52.0711 0x0950  MBAMService - ok
11:34:52.0773 0x0950  [ 4BA84C832E0741A294C4444556DFE993, 2CC888C85887F0F3EB5395075B9C65FF1307D98608BDC1D88ACE4A375DD9DFD9 ] MCLIENT         C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\ccSvcHst.exe
11:34:52.0773 0x0950  MCLIENT - ok
11:34:52.0805 0x0950  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
11:34:52.0805 0x0950  Mcx2Svc - ok
11:34:52.0836 0x0950  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
11:34:52.0836 0x0950  megasas - ok
11:34:52.0851 0x0950  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
11:34:52.0867 0x0950  MegaSR - ok
11:34:52.0883 0x0950  [ 70EA553BD412C258388BF91B7AF26AD3, 77C7627FF1D3D630614A29642EEF58F75C224ABC7ADEF2863A92F1C34A7CEA28 ] MftWipeFilter   C:\Windows\system32\drivers\MftWipeFilter.sys
11:34:52.0883 0x0950  MftWipeFilter - ok
11:34:52.0914 0x0950  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
11:34:52.0914 0x0950  MMCSS - ok
11:34:52.0929 0x0950  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
11:34:52.0929 0x0950  Modem - ok
11:34:52.0961 0x0950  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
11:34:52.0961 0x0950  monitor - ok
11:34:52.0976 0x0950  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
11:34:52.0992 0x0950  mouclass - ok
11:34:52.0992 0x0950  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
11:34:52.0992 0x0950  mouhid - ok
11:34:53.0007 0x0950  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
11:34:53.0023 0x0950  mountmgr - ok
11:34:53.0085 0x0950  [ 0329A45C849C9D77901094B8FFE8BBB9, 2151C15A4185FABBC3367B8213017B45E08C43E26E1D8942E707E217C6A5EDA7 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:34:53.0101 0x0950  MozillaMaintenance - ok
11:34:53.0117 0x0950  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
11:34:53.0117 0x0950  mpio - ok
11:34:53.0148 0x0950  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
11:34:53.0163 0x0950  mpsdrv - ok
11:34:53.0210 0x0950  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
11:34:53.0226 0x0950  MpsSvc - ok
11:34:53.0273 0x0950  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
11:34:53.0273 0x0950  MRxDAV - ok
11:34:53.0304 0x0950  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
11:34:53.0304 0x0950  mrxsmb - ok
11:34:53.0319 0x0950  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:34:53.0335 0x0950  mrxsmb10 - ok
11:34:53.0366 0x0950  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:34:53.0366 0x0950  mrxsmb20 - ok
11:34:53.0397 0x0950  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
11:34:53.0397 0x0950  msahci - ok
11:34:53.0429 0x0950  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
11:34:53.0429 0x0950  msdsm - ok
11:34:53.0444 0x0950  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
11:34:53.0444 0x0950  MSDTC - ok
11:34:53.0475 0x0950  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
11:34:53.0475 0x0950  Msfs - ok
11:34:53.0475 0x0950  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
11:34:53.0475 0x0950  mshidkmdf - ok
11:34:53.0507 0x0950  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
11:34:53.0507 0x0950  msisadrv - ok
11:34:53.0522 0x0950  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
11:34:53.0538 0x0950  MSiSCSI - ok
11:34:53.0538 0x0950  msiserver - ok
11:34:53.0553 0x0950  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
11:34:53.0553 0x0950  MSKSSRV - ok
11:34:53.0569 0x0950  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
11:34:53.0569 0x0950  MSPCLOCK - ok
11:34:53.0585 0x0950  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
11:34:53.0585 0x0950  MSPQM - ok
11:34:53.0600 0x0950  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
11:34:53.0616 0x0950  MsRPC - ok
11:34:53.0631 0x0950  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
11:34:53.0631 0x0950  mssmbios - ok
11:34:53.0631 0x0950  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
11:34:53.0631 0x0950  MSTEE - ok
11:34:53.0647 0x0950  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
11:34:53.0647 0x0950  MTConfig - ok
11:34:53.0663 0x0950  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
11:34:53.0663 0x0950  Mup - ok
11:34:53.0741 0x0950  [ 1BF9D6476061B31CD7FC2BF848529A56, 95B585543240E823D7850ADEEEA7A4738EF9E18A4B07D921F145F6EF466F0271 ] N360            C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe
11:34:53.0741 0x0950  N360 - ok
11:34:53.0772 0x0950  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
11:34:53.0787 0x0950  napagent - ok
11:34:53.0819 0x0950  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
11:34:53.0834 0x0950  NativeWifiP - ok
11:34:53.0943 0x0950  [ 702E07EC32F96ACDB873E9A5465D4401, 2C6B1C8BA0BF4791AEA064062DCA3678AE4443DF19DB37D6CB55BA6297D8A238 ] NAVENG          C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.4.0.40\Definitions\VirusDefs\20131017.023\ENG64.SYS
11:34:53.0943 0x0950  NAVENG - ok
11:34:54.0037 0x0950  [ 302EA314A1AF0D7CEF0A3D0195F79561, 046DBC2D9D028F2D2E8BAE745CA2ADEF42741689BFF743A13B81EA4228DDCDC6 ] NAVEX15         C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.4.0.40\Definitions\VirusDefs\20131017.023\EX64.SYS
11:34:54.0099 0x0950  NAVEX15 - ok
11:34:54.0177 0x0950  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
11:34:54.0193 0x0950  NDIS - ok
11:34:54.0224 0x0950  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
11:34:54.0240 0x0950  NdisCap - ok
11:34:54.0255 0x0950  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
11:34:54.0255 0x0950  NdisTapi - ok
11:34:54.0287 0x0950  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
11:34:54.0287 0x0950  Ndisuio - ok
11:34:54.0302 0x0950  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
11:34:54.0318 0x0950  NdisWan - ok
11:34:54.0333 0x0950  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
11:34:54.0333 0x0950  NDProxy - ok
11:34:54.0349 0x0950  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
11:34:54.0349 0x0950  NetBIOS - ok
11:34:54.0380 0x0950  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
11:34:54.0380 0x0950  NetBT - ok
11:34:54.0411 0x0950  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] Netlogon        C:\Windows\system32\lsass.exe
11:34:54.0411 0x0950  Netlogon - ok
11:34:54.0443 0x0950  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
11:34:54.0458 0x0950  Netman - ok
11:34:54.0489 0x0950  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:34:54.0489 0x0950  NetMsmqActivator - ok
11:34:54.0489 0x0950  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:34:54.0505 0x0950  NetPipeActivator - ok
11:34:54.0521 0x0950  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
11:34:54.0536 0x0950  netprofm - ok
11:34:54.0536 0x0950  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:34:54.0536 0x0950  NetTcpActivator - ok
11:34:54.0536 0x0950  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:34:54.0552 0x0950  NetTcpPortSharing - ok
11:34:54.0567 0x0950  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
11:34:54.0567 0x0950  nfrd960 - ok
11:34:54.0645 0x0950  [ 9ED6B2F6D9D04FB883F578ABC239EE07, F93F2AFB91AE605D96E83258F2EA20BF08E74FE8C36EEF39650F369071A080AF ] NitroReaderDriverReadSpool3 C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
11:34:54.0661 0x0950  NitroReaderDriverReadSpool3 - ok
11:34:54.0677 0x0950  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
11:34:54.0692 0x0950  NlaSvc - ok
11:34:54.0708 0x0950  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
11:34:54.0708 0x0950  Npfs - ok
11:34:54.0739 0x0950  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
11:34:54.0739 0x0950  nsi - ok
11:34:54.0739 0x0950  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
11:34:54.0739 0x0950  nsiproxy - ok
11:34:54.0817 0x0950  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
11:34:54.0864 0x0950  Ntfs - ok
11:34:54.0879 0x0950  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
11:34:54.0879 0x0950  Null - ok
11:34:54.0911 0x0950  [ 1F07B814C0BB5AABA703ABFF1F31F2E8, 07F578686CAE0FAB5462B472A03DD1BC5DFE0D5DA6307895534CECC330C3D220 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
11:34:54.0926 0x0950  NVHDA - ok
11:34:55.0254 0x0950  [ FCBA1C22727939E7CFF9EB08FE9692AB, 081FBF38EA17746C5CF2260AD32B62385D4A075476E30CBB9A2AA080F8AA0CA4 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:34:55.0550 0x0950  nvlddmkm - ok
11:34:55.0597 0x0950  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
11:34:55.0597 0x0950  nvraid - ok
11:34:55.0628 0x0950  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
11:34:55.0628 0x0950  nvstor - ok
11:34:55.0659 0x0950  [ 10C232F6CFFD51D2332898AE7AE0FF23, 92E5452D8467852C22D702ACAFB5DBFD312A8F72A4353B8D0A9C18AEFCE4B2B2 ] nvsvc           C:\Windows\system32\nvvsvc.exe
11:34:55.0675 0x0950  nvsvc - ok
11:34:55.0769 0x0950  [ 4789E020D2617046862D1790FC235FF6, FCFD56DF2CADA830E7B2D4B91D5A9D2FE783B1396CBA124000765168FA5B6574 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
11:34:55.0815 0x0950  nvUpdatusService - ok
11:34:55.0847 0x0950  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
11:34:55.0847 0x0950  nv_agp - ok
11:34:55.0925 0x0950  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
11:34:55.0940 0x0950  odserv - ok
11:34:55.0956 0x0950  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
11:34:55.0956 0x0950  ohci1394 - ok
11:34:56.0003 0x0950  [ 5408E171D8A27C6F071C2794D20F7315, 972AA86169D26B5716F58D9F3480342460B1A00818C8CAB65CA1D20153D0DA8F ] OrbisClient.Services C:\Program Files (x86)\TestOut\Orbis\OrbisClient.Services.exe
11:34:56.0003 0x0950  OrbisClient.Services - ok
11:34:56.0034 0x0950  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:34:56.0034 0x0950  ose - ok
11:34:56.0205 0x0950  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:34:56.0283 0x0950  osppsvc - ok
11:34:56.0330 0x0950  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
11:34:56.0346 0x0950  p2pimsvc - ok
11:34:56.0361 0x0950  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
11:34:56.0377 0x0950  p2psvc - ok
11:34:56.0408 0x0950  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
11:34:56.0408 0x0950  Parport - ok
11:34:56.0439 0x0950  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
11:34:56.0439 0x0950  partmgr - ok
11:34:56.0439 0x0950  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
11:34:56.0455 0x0950  PcaSvc - ok
11:34:56.0471 0x0950  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
11:34:56.0486 0x0950  pci - ok
11:34:56.0502 0x0950  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
11:34:56.0502 0x0950  pciide - ok
11:34:56.0517 0x0950  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
11:34:56.0517 0x0950  pcmcia - ok
11:34:56.0533 0x0950  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
11:34:56.0533 0x0950  pcw - ok
11:34:56.0564 0x0950  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
11:34:56.0580 0x0950  PEAUTH - ok
11:34:56.0642 0x0950  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
11:34:56.0673 0x0950  PeerDistSvc - ok
11:34:56.0751 0x0950  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
11:34:56.0751 0x0950  PerfHost - ok
11:34:56.0829 0x0950  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
11:34:56.0845 0x0950  pla - ok
11:34:56.0892 0x0950  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
11:34:56.0892 0x0950  PlugPlay - ok
11:34:56.0907 0x0950  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
11:34:56.0923 0x0950  PNRPAutoReg - ok
11:34:56.0939 0x0950  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
11:34:56.0939 0x0950  PNRPsvc - ok
11:34:56.0970 0x0950  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
11:34:56.0970 0x0950  PolicyAgent - ok
11:34:57.0001 0x0950  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
11:34:57.0001 0x0950  Power - ok
11:34:57.0032 0x0950  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
11:34:57.0032 0x0950  PptpMiniport - ok
11:34:57.0048 0x0950  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
11:34:57.0063 0x0950  Processor - ok
11:34:57.0079 0x0950  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
11:34:57.0095 0x0950  ProfSvc - ok
11:34:57.0110 0x0950  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] ProtectedStorage C:\Windows\system32\lsass.exe
11:34:57.0110 0x0950  ProtectedStorage - ok
11:34:57.0141 0x0950  [ 05A4779E4994B21473EDBE85AABE8030, AFD597461B036FDE42013648A4D542B02AE1D7E128BF0B193BA4B478432F0C72 ] psadd           C:\Windows\system32\DRIVERS\psadd.sys
11:34:57.0141 0x0950  psadd - ok
11:34:57.0173 0x0950  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
11:34:57.0173 0x0950  Psched - ok
11:34:57.0219 0x0950  [ FB46E9A827A8799EBD7BFA9128C91F37, 7C40E9C1720522D76AF45A588DFF47BDF0E2A99AF3A396854A00F1273EA13193 ] PSI             C:\Windows\system32\DRIVERS\psi_mf.sys
11:34:57.0219 0x0950  PSI - ok
11:34:57.0282 0x0950  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
11:34:57.0329 0x0950  ql2300 - ok
11:34:57.0360 0x0950  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
11:34:57.0360 0x0950  ql40xx - ok
11:34:57.0391 0x0950  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
11:34:57.0407 0x0950  QWAVE - ok
11:34:57.0422 0x0950  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
11:34:57.0422 0x0950  QWAVEdrv - ok
11:34:57.0422 0x0950  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
11:34:57.0422 0x0950  RasAcd - ok
11:34:57.0453 0x0950  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
11:34:57.0453 0x0950  RasAgileVpn - ok
11:34:57.0469 0x0950  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
11:34:57.0469 0x0950  RasAuto - ok
11:34:57.0500 0x0950  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
11:34:57.0500 0x0950  Rasl2tp - ok
11:34:57.0531 0x0950  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
11:34:57.0547 0x0950  RasMan - ok
11:34:57.0578 0x0950  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
11:34:57.0578 0x0950  RasPppoe - ok
11:34:57.0609 0x0950  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
11:34:57.0609 0x0950  RasSstp - ok
11:34:57.0625 0x0950  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
11:34:57.0656 0x0950  rdbss - ok
11:34:57.0656 0x0950  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
11:34:57.0656 0x0950  rdpbus - ok
11:34:57.0672 0x0950  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
11:34:57.0672 0x0950  RDPCDD - ok
11:34:57.0703 0x0950  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
11:34:57.0703 0x0950  RDPDR - ok
11:34:57.0719 0x0950  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
11:34:57.0719 0x0950  RDPENCDD - ok
11:34:57.0719 0x0950  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
11:34:57.0719 0x0950  RDPREFMP - ok
11:34:57.0765 0x0950  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
11:34:57.0765 0x0950  RdpVideoMiniport - ok
11:34:57.0797 0x0950  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
11:34:57.0875 0x0950  RDPWD - ok
11:34:57.0921 0x0950  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
11:34:57.0937 0x0950  rdyboost - ok
11:34:57.0953 0x0950  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
11:34:57.0953 0x0950  RemoteAccess - ok
11:34:57.0984 0x0950  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
11:34:57.0999 0x0950  RemoteRegistry - ok
11:34:58.0031 0x0950  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
11:34:58.0031 0x0950  RpcEptMapper - ok
11:34:58.0046 0x0950  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
11:34:58.0046 0x0950  RpcLocator - ok
11:34:58.0093 0x0950  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
11:34:58.0109 0x0950  RpcSs - ok
11:34:58.0140 0x0950  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
11:34:58.0140 0x0950  rspndr - ok
11:34:58.0155 0x0950  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
11:34:58.0155 0x0950  s3cap - ok
11:34:58.0171 0x0950  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] SamSs           C:\Windows\system32\lsass.exe
11:34:58.0171 0x0950  SamSs - ok
11:34:58.0233 0x0950  [ 5EFBBFCC6ADAC121C8E2FE76641ED329, 0EAB16C7F54B61620277977F8C332737081A46BC6BBDE50742B6904BDD54F502 ] SANDRA          C:\Program Files\SiSoftware\SiSoftware Sandra Professional Home 2009.SP4\WNt500x64\Sandra.sys
11:34:58.0233 0x0950  SANDRA - ok
11:34:58.0265 0x0950  [ 08EDD7C6E85FC2B8F4910C5A942CB84C, EA64E1AB7535F56E1326D2CD0837D1984130DB0547F61D6092373C3480B78765 ] SandraAgentSrv  C:\Program Files\SiSoftware\SiSoftware Sandra Professional Home 2009.SP4\RpcAgentSrv.exe
11:34:58.0265 0x0950  SandraAgentSrv - ok
11:34:58.0311 0x0950  [ 3289766038DB2CB14D07DC84392138D5, A7790B787690CC1A8B97E4532090C5295350A836A9474DEA74CEB3E81CF26124 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
11:34:58.0311 0x0950  SASDIFSV - ok
11:34:58.0343 0x0950  [ 58A38E75F3316A83C23DF6173D41F2B5, B0A8CDA1D164B7534FB41AB80792861384709BF0F914F44553275CF20194F1A1 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
11:34:58.0343 0x0950  SASKUTIL - ok
11:34:58.0358 0x0950  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
11:34:58.0374 0x0950  sbp2port - ok
11:34:58.0421 0x0950  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
11:34:58.0436 0x0950  SCardSvr - ok
11:34:58.0483 0x0950  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
11:34:58.0483 0x0950  scfilter - ok
11:34:58.0530 0x0950  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
11:34:58.0561 0x0950  Schedule - ok
11:34:58.0592 0x0950  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
11:34:58.0592 0x0950  SCPolicySvc - ok
11:34:58.0623 0x0950  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
11:34:58.0623 0x0950  SDRSVC - ok
11:34:58.0655 0x0950  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
11:34:58.0655 0x0950  secdrv - ok
11:34:58.0686 0x0950  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
11:34:58.0686 0x0950  seclogon - ok
11:34:58.0764 0x0950  [ 2D0599DD0124764FC939C59985C860DE, 8DCECD817F6BFAFE887AECB1F1D5595CB5F26A3B3CEA08905DD3F0C822FCF3FD ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
11:34:58.0779 0x0950  Secunia PSI Agent - ok
11:34:58.0795 0x0950  [ 20B9E1ADBC58958B480933E4DA005DFB, A53DE447A9B904CAB571853D5BCA511C0E713A937622922F2BA28DC4C42E7F68 ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
11:34:58.0811 0x0950  Secunia Update Agent - ok
11:34:58.0826 0x0950  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
11:34:58.0826 0x0950  SENS - ok
11:34:58.0842 0x0950  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
11:34:58.0842 0x0950  SensrSvc - ok
11:34:58.0857 0x0950  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
11:34:58.0873 0x0950  Serenum - ok
11:34:58.0889 0x0950  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
11:34:58.0889 0x0950  Serial - ok
11:34:58.0904 0x0950  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
11:34:58.0920 0x0950  sermouse - ok
11:34:58.0935 0x0950  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
11:34:58.0951 0x0950  SessionEnv - ok
11:34:58.0967 0x0950  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
11:34:58.0967 0x0950  sffdisk - ok
11:34:58.0982 0x0950  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
11:34:58.0982 0x0950  sffp_mmc - ok
11:34:58.0982 0x0950  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
11:34:58.0982 0x0950  sffp_sd - ok
11:34:58.0998 0x0950  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
11:34:58.0998 0x0950  sfloppy - ok
11:34:59.0013 0x0950  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
11:34:59.0045 0x0950  SharedAccess - ok
11:34:59.0060 0x0950  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:34:59.0076 0x0950  ShellHWDetection - ok
11:34:59.0091 0x0950  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:34:59.0091 0x0950  SiSRaid2 - ok
11:34:59.0107 0x0950  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
11:34:59.0107 0x0950  SiSRaid4 - ok
11:34:59.0123 0x0950  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
11:34:59.0123 0x0950  Smb - ok
11:34:59.0154 0x0950  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
11:34:59.0154 0x0950  SNMPTRAP - ok
11:34:59.0169 0x0950  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
11:34:59.0169 0x0950  spldr - ok
11:34:59.0216 0x0950  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
11:34:59.0232 0x0950  Spooler - ok
11:34:59.0357 0x0950  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
11:34:59.0419 0x0950  sppsvc - ok
11:34:59.0435 0x0950  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
11:34:59.0435 0x0950  sppuinotify - ok
11:34:59.0497 0x0950  [ 2FD9346F9D76CB4192D37329CFA47A82, 4CD75B4006147D469116F3CBC10528928A592510DA8037D709CB198D89853CAB ] SRTSP           C:\Windows\system32\drivers\N360x64\1404000.028\SRTSP64.SYS
11:34:59.0544 0x0950  SRTSP - ok
11:34:59.0559 0x0950  [ 0E76CEF892C45734F7AED09FDDF35D4D, C25AF31E411AC3A090859C883132B9AE6A80C8D791168FF219BC0895E35A0359 ] SRTSPX          C:\Windows\system32\drivers\N360x64\1404000.028\SRTSPX64.SYS
11:34:59.0559 0x0950  SRTSPX - ok
11:34:59.0591 0x0950  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
11:34:59.0606 0x0950  srv - ok
11:34:59.0637 0x0950  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
11:34:59.0653 0x0950  srv2 - ok
11:34:59.0669 0x0950  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
11:34:59.0669 0x0950  srvnet - ok
11:34:59.0700 0x0950  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
11:34:59.0700 0x0950  SSDPSRV - ok
11:34:59.0715 0x0950  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
11:34:59.0715 0x0950  SstpSvc - ok
11:34:59.0793 0x0950  [ 5A19667A580B1CE886EAF968B9743F45, 0A9EBE4057A0A6EF4732623794C2416A6BD8B87356DA46652BD92762505F57C7 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
11:34:59.0809 0x0950  Stereo Service - ok
11:34:59.0825 0x0950  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
11:34:59.0825 0x0950  stexstor - ok
11:34:59.0871 0x0950  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
11:34:59.0871 0x0950  stisvc - ok
11:34:59.0903 0x0950  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
11:34:59.0903 0x0950  storflt - ok
11:34:59.0934 0x0950  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
11:34:59.0934 0x0950  StorSvc - ok
11:34:59.0965 0x0950  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
11:34:59.0965 0x0950  storvsc - ok
11:34:59.0981 0x0950  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
11:34:59.0981 0x0950  swenum - ok
11:35:00.0012 0x0950  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
11:35:00.0027 0x0950  swprv - ok
11:35:00.0074 0x0950  [ 52DC0048D667757A8A2E4C87182890AC, 7B43DF6DADFDDBBC5402477FE832052ADB6A39B90111CDA89B5E01CE900F55C5 ] SymDS           C:\Windows\system32\drivers\N360x64\1404000.028\SYMDS64.SYS
11:35:00.0090 0x0950  SymDS - ok
11:35:00.0137 0x0950  [ 599872BAD7CFB45C7CE47CDED4B726D8, 5B15B1B22C3ACA1BC56CAFCAFFC2E974C75C77C0AB7355FBA91F2147C0911499 ] SymEFA          C:\Windows\system32\drivers\N360x64\1404000.028\SYMEFA64.SYS
11:35:00.0183 0x0950  SymEFA - ok
11:35:00.0230 0x0950  [ F19E5E37ED8134B9E5F6287F2D3A75D7, 5804D6DF529213CCF7CD2C345483940554CAA5C6EA065A1B09AA54D114C612F8 ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
11:35:00.0230 0x0950  SymEvent - ok
11:35:00.0277 0x0950  [ ADF37F1A715D6C56C8E065FD8569A9A4, 33E895CB326F62D4D22E345563B0641EB88D23B2104A07E8CEBE5ED150882767 ] SymIRON         C:\Windows\system32\drivers\N360x64\1404000.028\Ironx64.SYS
11:35:00.0277 0x0950  SymIRON - ok
11:35:00.0308 0x0950  [ 9CDCA70485BD6B9D230365F67C31F132, 137995F1F0124E3A10AAA25551F811602BB5FE8361AE8CBA899C6B98486F4CF3 ] SymNetS         C:\Windows\system32\drivers\N360x64\1404000.028\SYMNETS.SYS
11:35:00.0324 0x0950  SymNetS - ok
11:35:00.0386 0x0950  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
11:35:00.0417 0x0950  SysMain - ok
11:35:00.0464 0x0950  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:35:00.0464 0x0950  TabletInputService - ok
11:35:00.0511 0x0950  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
11:35:00.0527 0x0950  TapiSrv - ok
11:35:00.0558 0x0950  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
11:35:00.0558 0x0950  TBS - ok
11:35:00.0636 0x0950  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
11:35:00.0683 0x0950  Tcpip - ok
11:35:00.0761 0x0950  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
11:35:00.0792 0x0950  TCPIP6 - ok
11:35:00.0839 0x0950  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
11:35:00.0839 0x0950  tcpipreg - ok
11:35:00.0854 0x0950  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
11:35:00.0854 0x0950  TDPIPE - ok
11:35:00.0870 0x0950  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
11:35:00.0870 0x0950  TDTCP - ok
11:35:00.0917 0x0950  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
11:35:00.0917 0x0950  tdx - ok
11:35:00.0932 0x0950  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
11:35:00.0948 0x0950  TermDD - ok
11:35:00.0995 0x0950  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
11:35:01.0010 0x0950  TermService - ok
11:35:01.0041 0x0950  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
11:35:01.0041 0x0950  Themes - ok
11:35:01.0057 0x0950  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
11:35:01.0073 0x0950  THREADORDER - ok
11:35:01.0104 0x0950  [ DBCC20C02E8A3E43B03C304A4E40A84F, BF5F3ACCB0342304A6870E94D2576644B08DBF307C853C7DBA4B82B0C7309DA4 ] TPM             C:\Windows\system32\drivers\tpm.sys
11:35:01.0104 0x0950  TPM - ok
11:35:01.0119 0x0950  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
11:35:01.0119 0x0950  TrkWks - ok
11:35:01.0166 0x0950  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:35:01.0182 0x0950  TrustedInstaller - ok
11:35:01.0213 0x0950  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
11:35:01.0213 0x0950  tssecsrv - ok
11:35:01.0244 0x0950  [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
11:35:01.0244 0x0950  TsUsbFlt - ok
11:35:01.0275 0x0950  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
11:35:01.0275 0x0950  tunnel - ok
11:35:01.0307 0x0950  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
11:35:01.0307 0x0950  uagp35 - ok
11:35:01.0338 0x0950  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
11:35:01.0353 0x0950  udfs - ok
11:35:01.0385 0x0950  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
11:35:01.0385 0x0950  UI0Detect - ok
11:35:01.0416 0x0950  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
11:35:01.0416 0x0950  uliagpkx - ok
11:35:01.0431 0x0950  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys
11:35:01.0447 0x0950  umbus - ok
11:35:01.0447 0x0950  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
11:35:01.0447 0x0950  UmPass - ok
11:35:01.0478 0x0950  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
11:35:01.0494 0x0950  UmRdpService - ok
11:35:01.0525 0x0950  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
11:35:01.0541 0x0950  upnphost - ok
11:35:01.0572 0x0950  usbbus - ok
11:35:01.0587 0x0950  [ ACCEA6BC68D0C9A78EB97EE159028B4E, 132F7A543C1DA9456FBABA50552B37E3162ACA612A8567BB3FF0F7DA84231419 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
11:35:01.0587 0x0950  usbccgp - ok
11:35:01.0634 0x0950  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
11:35:01.0634 0x0950  usbcir - ok
11:35:01.0650 0x0950  UsbDiag - ok
11:35:01.0665 0x0950  [ 311C1DD1088E55BEAE15954D17F50646, A663344ABD1414D570617F59CC00020640F31DB34265142EFCA8817328DB842A ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
11:35:01.0665 0x0950  usbehci - ok
11:35:01.0712 0x0950  [ 280E90CBF4B2DDD169F0728CB44D726F, 2B39666C022A4F7338BDDB4CB0D7B4D0CC6B398298D29E38826F27FADF4C29DD ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
11:35:01.0728 0x0950  usbhub - ok
11:35:01.0743 0x0950  USBModem - ok
11:35:01.0759 0x0950  [ 9406D801042FAF859CF81B2C886413DC, D16536EC05260D7A2902314E1AA5E5F73533483B9967739C381FD41B6192B92F ] usbohci         C:\Windows\system32\drivers\usbohci.sys
11:35:01.0759 0x0950  usbohci - ok
11:35:01.0790 0x0950  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
11:35:01.0790 0x0950  usbprint - ok
11:35:01.0806 0x0950  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
11:35:01.0806 0x0950  usbscan - ok
11:35:01.0837 0x0950  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:35:01.0837 0x0950  USBSTOR - ok
11:35:01.0868 0x0950  [ A83D0EC9AE4C31704442099D40BA2471, A29D714FCDF10DF7A2A17D54B131AEFDA61AED988CF8B99C7B30728C50130DCE ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
11:35:01.0868 0x0950  usbuhci - ok
11:35:01.0884 0x0950  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
11:35:01.0899 0x0950  UxSms - ok
11:35:01.0899 0x0950  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] VaultSvc        C:\Windows\system32\lsass.exe
11:35:01.0899 0x0950  VaultSvc - ok
11:35:01.0931 0x0950  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
11:35:01.0931 0x0950  vdrvroot - ok
11:35:01.0977 0x0950  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
11:35:01.0993 0x0950  vds - ok
11:35:02.0024 0x0950  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
11:35:02.0024 0x0950  vga - ok
11:35:02.0024 0x0950  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
11:35:02.0040 0x0950  VgaSave - ok
11:35:02.0055 0x0950  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
11:35:02.0055 0x0950  vhdmp - ok
11:35:02.0102 0x0950  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
11:35:02.0102 0x0950  viaide - ok
11:35:02.0133 0x0950  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
11:35:02.0133 0x0950  vmbus - ok
11:35:02.0149 0x0950  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
11:35:02.0149 0x0950  VMBusHID - ok
11:35:02.0165 0x0950  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
11:35:02.0165 0x0950  volmgr - ok
11:35:02.0211 0x0950  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
11:35:02.0227 0x0950  volmgrx - ok
11:35:02.0243 0x0950  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
11:35:02.0258 0x0950  volsnap - ok
11:35:02.0289 0x0950  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
11:35:02.0305 0x0950  vsmraid - ok
11:35:02.0367 0x0950  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
11:35:02.0414 0x0950  VSS - ok
11:35:02.0430 0x0950  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
11:35:02.0430 0x0950  vwifibus - ok
11:35:02.0461 0x0950  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
11:35:02.0477 0x0950  W32Time - ok
11:35:02.0492 0x0950  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
11:35:02.0492 0x0950  WacomPen - ok
11:35:02.0523 0x0950  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
11:35:02.0523 0x0950  WANARP - ok
11:35:02.0539 0x0950  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
11:35:02.0539 0x0950  Wanarpv6 - ok
11:35:02.0601 0x0950  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
11:35:02.0648 0x0950  WatAdminSvc - ok
11:35:02.0711 0x0950  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
11:35:02.0757 0x0950  wbengine - ok
11:35:02.0789 0x0950  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
11:35:02.0804 0x0950  WbioSrvc - ok
11:35:02.0835 0x0950  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
11:35:02.0851 0x0950  wcncsvc - ok
11:35:02.0867 0x0950  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:35:02.0867 0x0950  WcsPlugInService - ok
11:35:02.0882 0x0950  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
11:35:02.0882 0x0950  Wd - ok
11:35:02.0945 0x0950  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
11:35:02.0960 0x0950  Wdf01000 - ok
11:35:02.0991 0x0950  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
11:35:02.0991 0x0950  WdiServiceHost - ok
11:35:03.0007 0x0950  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
11:35:03.0007 0x0950  WdiSystemHost - ok
11:35:03.0038 0x0950  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
11:35:03.0069 0x0950  WebClient - ok
11:35:03.0116 0x0950  [ D5BA7D43FA2EF656BF7E98A188391E40, 56CF132B7C43A0F9C7C4D070730315FE7AFD2E87E94014DFC3D7107BB52B9C64 ] Wecsvc          C:\Windows\system32\wecsvc.dll
11:35:03.0132 0x0950  Wecsvc - ok
11:35:03.0132 0x0950  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
11:35:03.0147 0x0950  wercplsupport - ok
11:35:03.0163 0x0950  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
11:35:03.0163 0x0950  WerSvc - ok
11:35:03.0194 0x0950  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
11:35:03.0194 0x0950  WfpLwf - ok
11:35:03.0194 0x0950  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
11:35:03.0194 0x0950  WIMMount - ok
11:35:03.0225 0x0950  WinDefend - ok
11:35:03.0225 0x0950  WinHttpAutoProxySvc - ok
11:35:03.0288 0x0950  [ 136760C1E9697BAF4ECDEAE5590A0806, 12E80D0923D794F4C520FEA7CB98EF581231B996FB1876EB20995E6E457EFF56 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
11:35:03.0303 0x0950  Winmgmt - ok
11:35:03.0413 0x0950  [ 3BB6B401A780BF434C8F58137DE10BF7, 1A377C39B78B92A1A1FED699EE5E5ED0271A6FFAC143F1D29FC1FDF4D726A522 ] WinRM           C:\Windows\system32\WsmSvc.dll
11:35:03.0459 0x0950  WinRM - ok
11:35:03.0522 0x0950  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
11:35:03.0522 0x0950  WinUsb - ok
11:35:03.0569 0x0950  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
11:35:03.0600 0x0950  Wlansvc - ok
11:35:03.0740 0x0950  [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:35:03.0771 0x0950  wlidsvc - ok
11:35:03.0803 0x0950  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
11:35:03.0803 0x0950  WmiAcpi - ok
11:35:03.0849 0x0950  [ 4DF841632B62A7CF19A79A05046A8AB1, D80F28FD7FEB95DB83976EAFECB2E9AE1423DA4D34EC5D820FC39A33444B82DA ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
11:35:03.0849 0x0950  wmiApSrv - ok
11:35:03.0865 0x0950  WMPNetworkSvc - ok
11:35:03.0881 0x0950  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
11:35:03.0881 0x0950  WPCSvc - ok
11:35:03.0912 0x0950  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
11:35:03.0912 0x0950  WPDBusEnum - ok
11:35:03.0927 0x0950  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
11:35:03.0927 0x0950  ws2ifsl - ok
11:35:03.0943 0x0950  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
11:35:03.0959 0x0950  wscsvc - ok
11:35:03.0959 0x0950  WSearch - ok
11:35:03.0959 0x0950  WS_Sfilter - ok
11:35:04.0052 0x0950  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
11:35:04.0099 0x0950  wuauserv - ok
11:35:04.0146 0x0950  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
11:35:04.0146 0x0950  WudfPf - ok
11:35:04.0177 0x0950  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
11:35:04.0177 0x0950  WUDFRd - ok
11:35:04.0224 0x0950  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
11:35:04.0224 0x0950  wudfsvc - ok
11:35:04.0255 0x0950  [ FE90B750AB808FB9DD8FBB428B5FF83B, 3F8F592EC813BE292D305A87C5BA852F8BC3D7CE610612D9871F209A17326AA8 ] WwanSvc         C:\Windows\System32\wwansvc.dll
11:35:04.0271 0x0950  WwanSvc - ok
11:35:04.0271 0x0950  ================ Scan global ===============================
11:35:04.0302 0x0950  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
11:35:04.0349 0x0950  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
11:35:04.0395 0x0950  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
11:35:04.0442 0x0950  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
11:35:04.0473 0x0950  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
11:35:04.0489 0x0950  [ Global ] - ok
11:35:04.0489 0x0950  ================ Scan MBR ==================================
11:35:04.0536 0x0950  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
11:35:04.0754 0x0950  \Device\Harddisk1\DR1 - ok
11:35:04.0754 0x0950  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:35:04.0770 0x0950  \Device\Harddisk0\DR0 - ok
11:35:04.0770 0x0950  [ 7BD8FA7706CE18645B1064434C190BCE ] \Device\Harddisk2\DR2
11:35:06.0829 0x0950  \Device\Harddisk2\DR2 - ok
11:35:06.0829 0x0950  ================ Scan VBR ==================================
11:35:06.0829 0x0950  [ 6FF86AA360FB66800EB08BA283E29F33 ] \Device\Harddisk1\DR1\Partition1
11:35:06.0876 0x0950  \Device\Harddisk1\DR1\Partition1 - ok
11:35:06.0907 0x0950  [ 1737C3AC2A3F633F79C017A2AAB6E76C ] \Device\Harddisk1\DR1\Partition2
11:35:06.0907 0x0950  \Device\Harddisk1\DR1\Partition2 - ok
11:35:06.0923 0x0950  [ 7C7326CEA36CB461506001374DA48720 ] \Device\Harddisk0\DR0\Partition1
11:35:06.0923 0x0950  \Device\Harddisk0\DR0\Partition1 - ok
11:35:06.0923 0x0950  [ 779D1E598603BF2F28DA2B60D2200673 ] \Device\Harddisk2\DR2\Partition1
11:35:06.0923 0x0950  \Device\Harddisk2\DR2\Partition1 - ok
11:35:06.0923 0x0950  Waiting for KSN requests completion. In queue: 45
11:35:07.0937 0x0950  Waiting for KSN requests completion. In queue: 45
11:35:08.0951 0x0950  Waiting for KSN requests completion. In queue: 45
11:35:09.0965 0x0950  AV detected via SS2: Norton 360, C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\WSCStub.exe ( 20.4.0.0 ), 0x51000 ( enabled : updated )
11:35:09.0965 0x0950  FW detected via SS2: Norton 360, C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\WSCStub.exe ( 20.4.0.0 ), 0x51010 ( enabled )
11:35:12.0492 0x0950  ============================================================
11:35:12.0492 0x0950  Scan finished
11:35:12.0492 0x0950  ============================================================
11:35:12.0492 0x076c  Detected object count: 0
11:35:12.0492 0x076c  Actual detected object count: 0
 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.7 (10.15.2013:3)
OS: Windows 7 Professional x64
Ran by Shannon on Fri 10/18/2013 at 11:54:04.25
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\searchprotection



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{B2A3AD44-6547-4C2D-A5D0-62B6387E568E}



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Shannon\AppData\Roaming\mozilla\firefox\profiles\7as1hjje.default\minidumps [49 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 10/18/2013 at 12:00:02.79
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 

# AdwCleaner v3.008 - Report created 18/10/2013 at 11:40:27
# Updated 17/10/2013 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Shannon - SHAN2323-PC
# Running from : C:\Users\Shannon\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\Users\Shannon\AppData\Roaming\dvdvideosoftiehelpers
Folder Deleted : C:\Users\Shannon\AppData\Roaming\Search Protection
File Deleted : C:\Users\Shannon\AppData\Roaming\Mozilla\Firefox\Profiles\7as1hjje.default\searchplugins\safesearch.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\safesearch.xml
File Deleted : C:\Users\Shannon\AppData\Roaming\Mozilla\Firefox\Profiles\7as1hjje.default\user.js

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48E4-AD47-84E31C44796C}]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\BHO.DLL
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_m5studio-codec_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_m5studio-codec_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Freecause
Key Deleted : HKLM\Software\GamesBarSetup

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16720


-\\ Mozilla Firefox v24.0 (en-US)

[ File : C:\Users\Shannon\AppData\Roaming\Mozilla\Firefox\Profiles\7as1hjje.default\prefs.js ]


[ File : C:\Users\Jen\AppData\Roaming\Mozilla\Firefox\Profiles\d9szdwk9.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [3135 octets] - [18/10/2013 11:39:23]
AdwCleaner[S0].txt - [2855 octets] - [18/10/2013 11:40:27]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2915 octets] ##########
 

C:\AdwCleaner\Quarantine\C\Users\Shannon\AppData\Roaming\Search Protection\SearchProtection.exe.vir    a variant of Win32/Toolbar.Widgi application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Shannon\AppData\Roaming\Search Protection\Uninstall.exe.vir    probably a variant of Win32/Toolbar.Widgi application    cleaned by deleting - quarantined

C:\Users\Shannon\Downloads\cbsidlm-cbsi134-Media_Player_Codec_Pack-SEO-10749065.exe    probably a variant of Win32/CNETInstaller.A application    cleaned by deleting - quarantined
C:\Users\Shannon\Downloads\cdbxp_setup_4.5.2.4291.exe    Win32/OpenCandy application    cleaned by deleting - quarantined
C:\Users\Shannon\Downloads\CrystalDiskInfo5_6_2-en.exe    Win32/OpenCandy application    cleaned by deleting - quarantined
C:\Users\Shannon\Downloads\FreeYouTubeDownload.exe    Win32/OpenCandy application    cleaned by deleting - quarantined
C:\Users\Shannon\Downloads\FreeYouTubeToMP3Converter.exe    Win32/OpenCandy application    cleaned by deleting - quarantined
C:\Users\Shannon\Downloads\KeyFinderInstaller.exe    Win32/OpenCandy application    cleaned by deleting - quarantined
C:\Users\Shannon\Downloads\PDFXVwer.zip    a variant of Win32/Bundled.Toolbar.Ask application    deleted - quarantined
C:\Users\Shannon\Downloads\PDFXVwer\PDFXVwer.exe    a variant of Win32/Bundled.Toolbar.Ask application    cleaned by deleting - quarantined
D:\Downloads\cbsidlm-tr1_5-BCWipe-10009333.exe    multiple threats    cleaned by deleting - quarantined
D:\Downloads\cdbxp_setup_4.3.8.2568.exe    Win32/OpenCandy application    cleaned by deleting - quarantined
D:\Downloads\FoxitReader501.0523_enu_Setup.exe    a variant of Win32/Bundled.Toolbar.Ask application    cleaned by deleting - quarantined
D:\Downloads\Trials\universal_converter_setup.exe    a variant of Win32/Packed.MoleboxUltra.A application    cleaned by deleting - quarantined
D:\Downloads\Utilities\FoxitReader502.0718_enu_Setup.exe    a variant of Win32/Bundled.Toolbar.Ask application    cleaned by deleting - quarantined
D:\Downloads\Utilities\siw-setup.exe    Win32/OpenCandy application    cleaned by deleting - quarantined
D:\Downloads\Utilities\Utilities\cdbxp_setup_4.3.009.2809.exe    Win32/OpenCandy application    cleaned by deleting - quarantined
D:\Downloads\Windows\pcfix-setup.exe    probably a variant of Win32/Adware.PCFixCleaner application    cleaned by deleting - quarantined
E:\NewestDLs\CrystalDiskInfo5_6_2-en.exe    Win32/OpenCandy application    cleaned by deleting - quarantined
E:\NewestDLs\PDFXVwer.zip    a variant of Win32/Bundled.Toolbar.Ask application    deleted - quarantined
E:\NewestDLs\PDFXVwer\PDFXVwer.exe    a variant of Win32/Bundled.Toolbar.Ask application    cleaned by deleting - quarantined
E:\SHAN2323-PC\Backup Set 2013-06-13 193254\Backup Files 2013-06-13 193254\Backup files 137.zip    a variant of Win32/Bundled.Toolbar.Ask application    deleted - quarantined
E:\SHAN2323-PC\Backup Set 2013-06-13 193254\Backup Files 2013-06-13 193254\Backup files 30.zip    Win32/OpenCandy application    deleted - quarantined
E:\SHAN2323-PC\Backup Set 2013-06-13 193254\Backup Files 2013-06-13 193254\Backup files 31.zip    Win32/OpenCandy application    deleted - quarantined
E:\SHAN2323-PC\Backup Set 2013-06-13 193254\Backup Files 2013-06-13 193254\Backup files 32.zip    Win32/SoftonicDownloader.E application    deleted - quarantined
E:\SHAN2323-PC\Backup Set 2013-06-13 193254\Backup Files 2013-06-13 193254\Backup files 33.zip    a variant of Win32/Bundled.Toolbar.Ask application    deleted - quarantined
 

Why would the AdwCleaner that you had me download be cleaned or quarantined by ESET? Thanks again. Looking forward to understanding what is going on here and how all these programs got into my system in the first place and if they are why I have been getting hit with these Trojans the past month. ~Dorkpixie



#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,906 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:14 PM

Posted 18 October 2013 - 07:44 PM

Hello, looks good now.
I'd guess you infected yourself from bad torrents.

Why would the AdwCleaner that you had me download be cleaned or quarantined by ESET?

 

What you see is ESET cleaning the Quarantine of ADWCleaner not cleaning the tool.

 

 

These toolbars.. are from installs of applications. You need to be care wheb installing. I usually select "Custom: and not "Recommended." Then you can deselect these extra items , like Toolbars.

 

 

Should be running better now.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 dorkpixie

dorkpixie
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Amherst, NY
  • Local time:04:14 PM

Posted 18 October 2013 - 08:23 PM

Hello, looks good now.
I'd guess you infected yourself from bad torrents.

Why would the AdwCleaner that you had me download be cleaned or quarantined by ESET?

 

 

 

 

"These toolbars.. are from installs of applications. You need to be care wheb installing. I usually select "Custom: and not "Recommended." Then you can deselect these extra items , like Toolbars."

 

That's the thing; I always do custom installs and do not allow the toolbars and extra crap; I try to minimize everything as much as possible; that's why I am uncertain as to how they got in. They're getting really crafty I guess. Is it possible that the "Terms and Conditions" allow for these types of things to be installed secretly? And, I always scan my torrents; how does that get past; has MalwareBytes and SUPERAntiSpyware gone downhill? I know SAS found them eventually; but I scan torrents with all 3 before executing files.

Thanks again for all the help; if you have any further recommendations; like maybe using these particular programs regularly I would greatly appreciate. I actually paid for MB and SAS so I would hate to think they aren't working anymore.

 

*Sorry I messed up the quote process.

 

 


Edited by dorkpixie, 19 October 2013 - 10:56 AM.


#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,906 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:14 PM

Posted 20 October 2013 - 08:27 PM

Some of it was in your backed up files so it may be old. Yes sometimes they still get thru, so monthly scanning is required. I like both MBAm and SAS, I run them along with JRT and ADWcleaner monthly.
But NONE of these are an Antivirus and one should be installed. You can also scan the files with it.

 

Try one of these free AV's


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 dorkpixie

dorkpixie
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Amherst, NY
  • Local time:04:14 PM

Posted 21 October 2013 - 02:06 AM

 

Some of it was in your backed up files so it may be old. Yes sometimes they still get thru, so monthly scanning is required. I like both MBAm and SAS, I run them along with JRT and ADWcleaner monthly.
But NONE of these are an Antivirus and one should be installed. You can also scan the files with it.

 

Try one of these free AV's

 

Oh, yea, I have Norton 360 installed. MBAM is an anti-viral I thought. And, I actually paid for MBAM and SAS so they run in the background along with the Norton and all do nightly scans; although Norton is more useful for other things at times. I will add JRT and ADWcleaner to my security repitiore as well. Thanks again for all your help...


Edited by dorkpixie, 21 October 2013 - 02:07 AM.


#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,906 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:14 PM

Posted 21 October 2013 - 11:13 AM

Sounds like a good plan
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users