Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Posible INFECTED...!


  • This topic is locked This topic is locked
7 replies to this topic

#1 gozstar

gozstar

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:03:34 AM

Posted 21 October 2013 - 11:02 AM

Hello, Good morning, I have windows 8 and then disinfected in safe mode I get to that I have on:
 
Centrix hijaker search .....
spyware.nsKeyLogger also ...
also trojan-spy.win32.DZub.ji
 
no more to do. I need a help ... from already thank you very much!!...


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:34 AM

Posted 21 October 2013 - 11:12 AM

Hello gozstar...Run these next.

 

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:

  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

 

Download TDSSKiller and save it to your desktop.

  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.

.
.
.
ADW Cleaner

Please download AdwCleaner by Xplode and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished...
    <-insert any special instructions here for what to uncheck OR remove this line if there are none->
  • This time click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • .
    .
    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

[/*]

[/*]
[/LIST]


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 gozstar

gozstar
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:03:34 AM

Posted 23 October 2013 - 09:14 AM

MiniToolBox by Farbar  Version: 13-07-2013
Ran by GozStar (administrator) on 23-10-2013 at 10:57:10
Running from "D:\Gabriel\LIMPIAR"
Microsoft Windows 8 Pro with Media Center  (X86)
Boot Mode: Network
***************************************************************************
 
========================= Flush DNS: ===================================
 
Configuraci¢n IP de Windows
 
Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
 
 
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
 
There are 15413 more lines starting with "127.0.0.1"
 
========================= IP Configuration: ================================
 
VIA Rhine III Fast Ethernet Adapter = Ethernet (Connected)
Realtek PCIe GBE Family Controller = Ethernet 2 (Media disconnected)
 
 
# ----------------------------------
# Configuraci¢n de IPv4
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
set interface interface="Local Area Connection* 9" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
 
 
popd
# Fin de la configuraci¢n de IPv4
 
 
 
Configuraci¢n IP de Windows
 
   Nombre de host. . . . . . . . . : PHENOM720SRV
   Sufijo DNS principal  . . . . . : 
   Tipo de nodo. . . . . . . . . . : h¡brido
   Enrutamiento IP habilitado. . . : no
   Proxy WINS habilitado . . . . . : no
 
Adaptador de Ethernet Ethernet 2:
 
   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 
   Descripci¢n . . . . . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Direcci¢n f¡sica. . . . . . . . . . . . . : 8C-89-A5-C7-DF-4D
   DHCP habilitado . . . . . . . . . . . . . : s¡
   Configuraci¢n autom tica habilitada . . . : s¡
 
Adaptador de Ethernet Ethernet:
 
   Sufijo DNS espec¡fico para la conexi¢n. . : 
   Descripci¢n . . . . . . . . . . . . . . . : VIA Rhine III Fast Ethernet Adapter
   Direcci¢n f¡sica. . . . . . . . . . . . . : 00-E0-7D-EA-9E-EE
   DHCP habilitado . . . . . . . . . . . . . : s¡
   Configuraci¢n autom tica habilitada . . . : s¡
   V¡nculo: direcci¢n IPv6 local. . . : fe80::14d6:ec0c:2e96:201b%12(Preferido) 
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.38(Preferido) 
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Concesi¢n obtenida. . . . . . . . . . . . : mi‚rcoles, 23 de octubre de 2013 10:54:20
   La concesi¢n expira . . . . . . . . . . . : s bado, 26 de octubre de 2013 10:54:20
   Puerta de enlace predeterminada . . . . . : 192.168.1.1
   Servidor DHCP . . . . . . . . . . . . . . : 192.168.1.1
   IAID DHCPv6 . . . . . . . . . . . . . . . : 251715709
   DUID de cliente DHCPv6. . . . . . . . . . : 00-01-00-01-19-F7-79-A5-00-E0-7D-EA-9E-EE
   Servidores DNS. . . . . . . . . . . . . . : 192.168.1.1
   NetBIOS sobre TCP/IP. . . . . . . . . . . : habilitado
 
Adaptador de t£nel isatap.{1305AA9E-142B-4738-A80C-22D20C543A20}:
 
   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 
   Descripci¢n . . . . . . . . . . . . . . . : Microsoft ISATAP Adapter
   Direcci¢n f¡sica. . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP habilitado . . . . . . . . . . . . . : no
   Configuraci¢n autom tica habilitada . . . : s¡
 
Adaptador de t£nel Teredo Tunneling Pseudo-Interface:
 
   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 
   Descripci¢n . . . . . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Direcci¢n f¡sica. . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP habilitado . . . . . . . . . . . . . : no
   Configuraci¢n autom tica habilitada . . . : s¡
Servidor:  UnKnown
Address:  192.168.1.1
 
Nombre:  google.com
Addresses:  173.194.42.4
 173.194.42.5
 173.194.42.1
 173.194.42.6
 173.194.42.2
 173.194.42.8
 173.194.42.7
 173.194.42.3
 173.194.42.9
 173.194.42.0
 173.194.42.14
 
 
Haciendo ping a google.com [173.194.42.7] con 32 bytes de datos:
Respuesta desde 173.194.42.7: bytes=32 tiempo=32ms TTL=54
Respuesta desde 173.194.42.7: bytes=32 tiempo=37ms TTL=54
 
Estad¡sticas de ping para 173.194.42.7:
    Paquetes: enviados = 2, recibidos = 2, perdidos = 0
    (0% perdidos),
Tiempos aproximados de ida y vuelta en milisegundos:
    M¡nimo = 32ms, M ximo = 37ms, Media = 34ms
Servidor:  UnKnown
Address:  192.168.1.1
 
Nombre:  yahoo.com
Addresses:  206.190.36.45
 98.138.253.109
 98.139.183.24
 
 
Haciendo ping a yahoo.com [98.138.253.109] con 32 bytes de datos:
Respuesta desde 98.138.253.109: bytes=32 tiempo=269ms TTL=47
Respuesta desde 98.138.253.109: bytes=32 tiempo=270ms TTL=48
 
Estad¡sticas de ping para 98.138.253.109:
    Paquetes: enviados = 2, recibidos = 2, perdidos = 0
    (0% perdidos),
Tiempos aproximados de ida y vuelta en milisegundos:
    M¡nimo = 269ms, M ximo = 270ms, Media = 269ms
 
Haciendo ping a 127.0.0.1 con 32 bytes de datos:
Respuesta desde 127.0.0.1: bytes=32 tiempo<1m TTL=128
Respuesta desde 127.0.0.1: bytes=32 tiempo<1m TTL=128
 
Estad¡sticas de ping para 127.0.0.1:
    Paquetes: enviados = 2, recibidos = 2, perdidos = 0
    (0% perdidos),
Tiempos aproximados de ida y vuelta en milisegundos:
    M¡nimo = 0ms, M ximo = 0ms, Media = 0ms
===========================================================================
ILista de interfaces
 13...8c 89 a5 c7 df 4d ......Realtek PCIe GBE Family Controller
 12...00 e0 7d ea 9e ee ......VIA Rhine III Fast Ethernet Adapter
  1...........................Software Loopback Interface 1
 14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 15...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
 
IPv4 Tabla de enrutamiento
===========================================================================
Rutas activas:
Destino de red        M scara de red   Puerta de enlace   Interfaz  M‚trica
          0.0.0.0          0.0.0.0      192.168.1.1     192.168.1.38     20
        127.0.0.0        255.0.0.0      En v¡nculo         127.0.0.1    306
        127.0.0.1  255.255.255.255      En v¡nculo         127.0.0.1    306
  127.255.255.255  255.255.255.255      En v¡nculo         127.0.0.1    306
      192.168.1.0    255.255.255.0      En v¡nculo      192.168.1.38    276
     192.168.1.38  255.255.255.255      En v¡nculo      192.168.1.38    276
    192.168.1.255  255.255.255.255      En v¡nculo      192.168.1.38    276
        224.0.0.0        240.0.0.0      En v¡nculo         127.0.0.1    306
        224.0.0.0        240.0.0.0      En v¡nculo      192.168.1.38    276
  255.255.255.255  255.255.255.255      En v¡nculo         127.0.0.1    306
  255.255.255.255  255.255.255.255      En v¡nculo      192.168.1.38    276
===========================================================================
Rutas persistentes:
  Ninguno
 
IPv6 Tabla de enrutamiento
===========================================================================
Rutas activas:
 Cuando destino de red m‚trica      Puerta de enlace
  1    306 ::1/128                  En v¡nculo
 12    276 fe80::/64                En v¡nculo
 12    276 fe80::14d6:ec0c:2e96:201b/128
                                    En v¡nculo
  1    306 ff00::/8                 En v¡nculo
 12    276 ff00::/8                 En v¡nculo
===========================================================================
Rutas persistentes:
  Ninguno
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\pnrpnsp.dll [67584] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [67584] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\NLAapi.dll [55296] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\mswsock.dll [289280] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\winrnr.dll [21504] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [289280] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (10/23/2013 10:38:08 AM) (Source: SideBySide) (User: )
Description: Error al generar el contexto de activación para "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
No se encontró el ensamblado dependiente Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0".
Use sxstrace.exe para obtener un diagnóstico detallado.
 
 
System errors:
=============
Error: (10/23/2013 10:58:45 AM) (Source: DCOM) (User: PHENOM720SRV)
Description: 1084WSearchUnavailable{9E175B6D-F52A-11D8-B9A5-505054503030}
 
Error: (10/23/2013 10:58:45 AM) (Source: DCOM) (User: PHENOM720SRV)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}
 
Error: (10/23/2013 10:58:15 AM) (Source: DCOM) (User: PHENOM720SRV)
Description: 1084WSearchUnavailable{9E175B6D-F52A-11D8-B9A5-505054503030}
 
Error: (10/23/2013 10:58:15 AM) (Source: DCOM) (User: PHENOM720SRV)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}
 
Error: (10/23/2013 10:57:45 AM) (Source: DCOM) (User: PHENOM720SRV)
Description: 1084WSearchUnavailable{9E175B6D-F52A-11D8-B9A5-505054503030}
 
Error: (10/23/2013 10:57:45 AM) (Source: DCOM) (User: PHENOM720SRV)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}
 
Error: (10/23/2013 10:57:15 AM) (Source: DCOM) (User: PHENOM720SRV)
Description: 1084WSearchUnavailable{9E175B6D-F52A-11D8-B9A5-505054503030}
 
Error: (10/23/2013 10:57:11 AM) (Source: DCOM) (User: PHENOM720SRV)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}
 
Error: (10/23/2013 10:56:45 AM) (Source: DCOM) (User: PHENOM720SRV)
Description: 1084WSearchUnavailable{9E175B6D-F52A-11D8-B9A5-505054503030}
 
Error: (10/23/2013 10:56:45 AM) (Source: DCOM) (User: PHENOM720SRV)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}
 
 
Microsoft Office Sessions:
=========================
Error: (10/23/2013 10:38:08 AM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\glary utilities 3\DPInst64.exe
 
 
=========================== Installed Programs ============================
 
AMD Accelerated Video Transcoding (Version: 13.15.100.30830)
AMD Catalyst Control Center (Version: 2013.0830.1944.33589)
AMD Catalyst Install Manager (Version: 8.0.915.0)
AMD Fuel (Version: 2013.0830.1944.33589)
Arovax AntiSpyware 2.1.153 (Version: 2.1.153)
aTube Catcher (Version: 2.9.1501)
avast! Free Antivirus (Version: 9.0.2006)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2013.0830.1944.33589)
Catalyst Control Center InstallProxy (Version: 2013.0830.1944.33589)
Catalyst Control Center Localization All (Version: 2013.0830.1944.33589)
CCC Help Chinese Standard (Version: 2013.0830.1943.33589)
CCC Help Chinese Traditional (Version: 2013.0830.1943.33589)
CCC Help Czech (Version: 2013.0830.1943.33589)
CCC Help Danish (Version: 2013.0830.1943.33589)
CCC Help Dutch (Version: 2013.0830.1943.33589)
CCC Help English (Version: 2013.0830.1943.33589)
CCC Help Finnish (Version: 2013.0830.1943.33589)
CCC Help French (Version: 2013.0830.1943.33589)
CCC Help German (Version: 2013.0830.1943.33589)
CCC Help Greek (Version: 2013.0830.1943.33589)
CCC Help Hungarian (Version: 2013.0830.1943.33589)
CCC Help Italian (Version: 2013.0830.1943.33589)
CCC Help Japanese (Version: 2013.0830.1943.33589)
CCC Help Korean (Version: 2013.0830.1943.33589)
CCC Help Norwegian (Version: 2013.0830.1943.33589)
CCC Help Polish (Version: 2013.0830.1943.33589)
CCC Help Portuguese (Version: 2013.0830.1943.33589)
CCC Help Russian (Version: 2013.0830.1943.33589)
CCC Help Spanish (Version: 2013.0830.1943.33589)
CCC Help Swedish (Version: 2013.0830.1943.33589)
CCC Help Thai (Version: 2013.0830.1943.33589)
CCC Help Turkish (Version: 2013.0830.1943.33589)
ccc-utility (Version: 2013.0830.1944.33589)
CloneDVD 5.6.1.2
COMODO Registry Cleaner 1.0.17.23
CPUID CPU-Z 1.66.1
CyberLink PowerDVD 10 (Version: 10.0.1516)
Definition update for Microsoft Office 2010 (KB982726)
FreeArc 0.666 (Version: 0.666)
Glary Utilities 3.9 (Version: 3.9.0.137)
Google Chrome (Version: 30.0.1599.101)
Google Update Helper (Version: 1.3.21.165)
High-Definition Video Playback 10 (Version: 7.0.11400.29.0)
MagicDisc 2.7.106
Malwarebytes Anti-Malware versión 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Primary Interoperability Assemblies 2005 (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (Version: 11.0.50727.1)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (Version: 11.0.50727)
Nero 10 Menu TemplatePack Basic (Version: 10.0.10600.6.0)
Nero 10 Movie ThemePack Basic (Version: 10.0.10600.6.0)
Nero BackItUp 10 (Version: 5.4.11800.21.100)
Nero BackItUp 10 Help (CHM) (Version: 1.0.10700)
Nero Burning ROM 10 (Version: 10.0.11100.10.100)
Nero BurningROM 10 Help (CHM) (Version: 1.0.10700)
Nero BurnRights 10 (Version: 4.0.11000.12.100)
Nero BurnRights 10 Help (CHM) (Version: 1.0.10600)
Nero Control Center 10 (Version: 10.0.12000.1.4)
Nero ControlCenter 10 Help (CHM) (Version: 1.0.10700)
Nero Core Components 10 (Version: 2.0.13700.0.1)
Nero CoverDesigner 10 (Version: 5.0.10900.11.100)
Nero CoverDesigner 10 Help (CHM) (Version: 1.0.10600)
Nero DiscCopy Gadget 10 (Version: 3.0.10700.9.100)
Nero DiscCopyGadget 10 Help (CHM) (Version: 1.0.10600)
Nero DiscSpeed 10 (Version: 6.0.10800.7.100)
Nero DiscSpeed 10 Help (CHM) (Version: 1.0.10600)
Nero Dolby Files 10 (Version: 2.0.11000.0.10)
Nero Express 10 (Version: 10.0.11000.10.100)
Nero Express 10 Help (CHM) (Version: 1.0.10700)
Nero InfoTool 10 (Version: 7.0.10800.8.100)
Nero InfoTool 10 Help (CHM) (Version: 1.0.10600)
Nero MediaHub 10 (Version: 1.0.13400.11.100)
Nero MediaHub 10 Help (CHM) (Version: 1.0.10700)
Nero Multimedia Suite 10 (Version: 10.0.13200)
Nero Recode 10 (Version: 4.6.10900.4.100)
Nero Recode 10 Help (CHM) (Version: 1.0.10600)
Nero RescueAgent 10 (Version: 3.0.10900.9.100)
Nero RescueAgent 10 Help (CHM) (Version: 1.0.10700)
Nero SoundTrax 10 (Version: 4.6.10600.2.100)
Nero SoundTrax 10 Help (CHM) (Version: 1.0.10600)
Nero StartSmart 10 (Version: 10.0.11200.12.100)
Nero StartSmart 10 Help (CHM) (Version: 1.0.10700)
Nero Update (Version: 1.0.0017)
Nero Vision 10 (Version: 7.0.11100.8.100)
Nero Vision 10 Help (CHM) (Version: 1.0.10600)
Nero WaveEditor 10 (Version: 5.6.10600.2.100)
Nero WaveEditor 10 Help (CHM) (Version: 1.0.10600)
PowerISO (Version: 5.4)
Realtek Ethernet Controller Driver (Version: 8.15.410.2013)
Realtek High Definition Audio Driver (Version: 6.0.1.6959)
Revo Uninstaller 1.95 (Version: 1.95)
SeaTools for Windows (Version: 1.2.0.0)
Spybot - Search & Destroy (Version: 2.1.21)
Unlocker 1.9.2 (Version: 1.9.2)
WinRAR 4.20 (32-bit) (Version: 4.20.0)
WinZip 11.1 (Version: 11.1.7466)
WinZip Self-Extractor
 
========================= Memory info: ===================================
 
Percentage of memory in use: 29%
Total physical RAM: 3058.23 MB
Available physical RAM: 2154.28 MB
Total Pagefile: 6130.23 MB
Available Pagefile: 5256.41 MB
Total Virtual: 2047.88 MB
Available Virtual: 1943.83 MB
 
========================= Partitions: =====================================
 
1 Drive c: (Win 8) (Fixed) (Total:110.86 GB) (Free:91.04 GB) NTFS
2 Drive d: (Datos) (Fixed) (Total:820.31 GB) (Free:626.54 GB) NTFS
4 Drive f: (WIN8-16in1-AIO) (CDROM) (Total:4.38 GB) (Free:0 GB) UDF
 
========================= Users: ========================================
 
Cuentas de usuario de \\PHENOM720SRV
 
Administrator            GozStar                  Guest                    
Se ha completado el comando correctamente.
 
 
**** End of log ****
11:12:10.0400 0x04c0  TDSS rootkit removing tool 3.0.0.14 Oct 15 2013 15:35:38
11:12:13.0714 0x04c0  ============================================================
11:12:13.0714 0x04c0  Current date / time: 2013/10/23 11:12:13.0714
11:12:13.0714 0x04c0  SystemInfo:
11:12:13.0714 0x04c0  
11:12:13.0714 0x04c0  OS Version: 6.2.9200 ServicePack: 0.0
11:12:13.0714 0x04c0  Product type: Workstation
11:12:13.0714 0x04c0  ComputerName: PHENOM720SRV
11:12:13.0714 0x04c0  UserName: GozStar
11:12:13.0714 0x04c0  Windows directory: C:\Windows
11:12:13.0714 0x04c0  System windows directory: C:\Windows
11:12:13.0714 0x04c0  Processor architecture: Intel x86
11:12:13.0714 0x04c0  Number of processors: 3
11:12:13.0714 0x04c0  Page size: 0x1000
11:12:13.0714 0x04c0  Boot type: Safe boot with network
11:12:13.0714 0x04c0  ============================================================
11:12:14.0475 0x04c0  System UUID: {2A6DF849-3CC0-97D1-793B-4E67CA4E3100}
11:12:14.0814 0x04c0  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0CADE00 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
11:12:14.0818 0x04c0  ============================================================
11:12:14.0818 0x04c0  \Device\Harddisk0\DR0:
11:12:14.0818 0x04c0  MBR partitions:
11:12:14.0818 0x04c0  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xAF000
11:12:14.0818 0x04c0  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xAF800, BlocksNum 0xDDB7000
11:12:14.0818 0x04c0  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xDE66800, BlocksNum 0x6689F000
11:12:14.0818 0x04c0  ============================================================
11:12:14.0837 0x04c0  C: <-> \Device\Harddisk0\DR0\Partition2
11:12:14.0861 0x04c0  D: <-> \Device\Harddisk0\DR0\Partition3
11:12:14.0861 0x04c0  ============================================================
11:12:14.0861 0x04c0  Initialize success
11:12:14.0861 0x04c0  ============================================================
11:12:16.0297 0x06c8  ============================================================
11:12:16.0297 0x06c8  Scan started
11:12:16.0297 0x06c8  Mode: Manual; 
11:12:16.0297 0x06c8  ============================================================
11:12:16.0297 0x06c8  KSN ping started
11:12:18.0912 0x06c8  KSN ping finished: true
11:12:19.0221 0x06c8  ================ Scan system memory ========================
11:12:19.0222 0x06c8  System memory - ok
11:12:19.0222 0x06c8  ================ Scan services =============================
11:12:19.0457 0x06c8  [ E7B9E170EFF01486D3118E372BA0AF21, 70A640CBA334F087D216D13005E98484DE125541A941D669398673243B714189 ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
11:12:19.0460 0x06c8  1394ohci - ok
11:12:19.0474 0x06c8  [ 96191579DDB1A201A2FB79C1D05680B4, 0A21C2F3031A9D147DF3E34F25F382B54A62B8764C05A26C388C4F05F56E6F73 ] 3ware           C:\Windows\system32\drivers\3ware.sys
11:12:19.0476 0x06c8  3ware - ok
11:12:19.0499 0x06c8  [ 682595B152AA55B2237D40EB9A3271FC, 350B91F98E79A666E667A69D3D041951B7A07743653B0B571AE96179FC45DBCF ] ACPI            C:\Windows\system32\drivers\ACPI.sys
11:12:19.0505 0x06c8  ACPI - ok
11:12:19.0512 0x06c8  [ 3A5DA97644B9E2662CFF186A8798519C, 8AF47B3C6C2CDACD1323E97B9C02FDDFA2CAF68D660B4E8713B160D3C81491ED ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
11:12:19.0513 0x06c8  acpiex - ok
11:12:19.0516 0x06c8  [ 87C4AE693CA8AB6E2A13B7C7453466DB, 127D0B337F6B26DCC00E8FBC6A0A403DBEF1436D2F3B2C81B2AAA0DE6B0A879F ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
11:12:19.0517 0x06c8  acpipagr - ok
11:12:19.0520 0x06c8  [ C7D2BA04BA3C6CA702C2615A0C50469C, AA6EF530F76B89BA380DF696AE88E63D345407A6164D7DA67827B362144B6F8C ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys
11:12:19.0520 0x06c8  AcpiPmi - ok
11:12:19.0524 0x06c8  [ 38E110C96B2ACAB4D9A701777C9BCD98, D62A26C5EE6B9900F4BCC1B941437A9B6115478563FC8B77860D783BE83C32A9 ] acpitime        C:\Windows\System32\drivers\acpitime.sys
11:12:19.0524 0x06c8  acpitime - ok
11:12:19.0549 0x06c8  [ 2FE756FD6E0336990D0B3652A07EBB9B, 17B803E37096E89EF02EF30E7D26B82BCD21469C98092B83D853B1108E1CD757 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
11:12:19.0556 0x06c8  adp94xx - ok
11:12:19.0568 0x06c8  [ CC579EC50EE5435A4070306C0E4EF9E6, CEEF9B8821B6C68AA217B7650DD778381670807E7487D0E82367585FE6C6F494 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
11:12:19.0573 0x06c8  adpahci - ok
11:12:19.0580 0x06c8  [ 82743090D0259BF9F1373AD48372CBAC, B667E0F830B4250737955E6F83D5AC39FCEFB2FB27F37EEBF89E130D0055F550 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
11:12:19.0583 0x06c8  adpu320 - ok
11:12:19.0617 0x06c8  [ 79CF09E53A6D3EF6851B6A779D4B18B3, D4F78198B4A549A83BACB2B10DCEB859A748458234DF2AB8731CA7F46AA2965B ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
11:12:19.0620 0x06c8  AeLookupSvc - ok
11:12:19.0649 0x06c8  [ 6043C72306D5C7B8BC823A1CC49F53B8, 473E27328AE8D4C74A1762EA94E295F55E8EDBDDC1585D013E0FE4099B322FA3 ] AFD             C:\Windows\system32\drivers\afd.sys
11:12:19.0657 0x06c8  AFD - ok
11:12:19.0662 0x06c8  [ 73BB2C687305C4195ED7511587B041AA, AF3151C3BDBEEEF422B6A2672E376AA0FC0AF5E800A48659256CDE7E522FBE13 ] agp440          C:\Windows\system32\drivers\agp440.sys
11:12:19.0663 0x06c8  agp440 - ok
11:12:19.0674 0x06c8  [ B5A707E902BE5FC9B93C389FBA6EDF9C, 3274D0FC8B3CC0C27EBE3D1E7AA31BF261F265FA31B0EF767F15289E2843A1D6 ] ALG             C:\Windows\System32\alg.exe
11:12:19.0676 0x06c8  ALG - ok
11:12:19.0687 0x06c8  [ 8F12F6811F8C4C248E2FAA8779C6FCFE, FFFF2F7F3E60FDF669D37B2396B987CBAE9E32E74C5D59297AB7B5BCE7B3ADAA ] AllUserInstallAgent C:\Windows\system32\AUInstallAgent.dll
11:12:19.0690 0x06c8  AllUserInstallAgent - ok
11:12:19.0734 0x06c8  [ 1E6A262D8BF96C06C3320E4E8821B636, 34BCD3F1C0B76F44DF4B44AB1472B0E5E4781BE79CCB41A0D8ACFFAD6369C73C ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
11:12:19.0738 0x06c8  AMD External Events Utility - ok
11:12:19.0815 0x06c8  AMD FUEL Service - ok
11:12:19.0822 0x06c8  [ E44885EA3E89A54BF14C78892CE85EA0, C80C5FA0D1CE02E1E03D4EEC6C77A3C3ACAFFE5A01F24A66183EB4447C027801 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
11:12:19.0824 0x06c8  amdagp - ok
11:12:19.0830 0x06c8  [ E546E3E390EFD4C2AB908E29C5BEA55D, BB8A0F17636E41EAC2ED81ED0BB70836683BB44F626D7CFAFECD9195D6A8A1B6 ] AmdK8           C:\Windows\System32\drivers\amdk8.sys
11:12:19.0832 0x06c8  AmdK8 - ok
11:12:19.0863 0x06c8  [ 88ACA84C30B22430FF148A198CBFA6F3, B7495DA6BF03D2EAB6A5B5683DC256A1903A2D8176A958EB9ABDAF1C94BCF70F ] amdkmafd        C:\Windows\system32\drivers\amdkmafd.sys
11:12:19.0863 0x06c8  amdkmafd - ok
11:12:20.0208 0x06c8  [ A65B09573989C33C83102FFF4ECA2FD0, 7BE714778016D98BCDCB879D04FBAD6389517FCB62CD22583CE9C85E87F02FD4 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
11:12:20.0402 0x06c8  amdkmdag - ok
11:12:20.0441 0x06c8  [ 75B4D2EED4465640300BA16CCE334565, 1CA778B0696178285EEDD45F0E932076A300C8EA147D906272AFE098F088EAFF ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
11:12:20.0450 0x06c8  amdkmdap - ok
11:12:20.0456 0x06c8  [ DF8CD36E27310F425A7ABB586AB05550, 7967818B6EB6DC829F9E71BFD5DBDB551CA55193C123F1A2A050732652E9C568 ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
11:12:20.0457 0x06c8  AmdPPM - ok
11:12:20.0462 0x06c8  [ 8D5D89177552EDFD5C9730CCE79F7FCC, 5A62F0FA7C2A2EBDD88B0670CA017B96C82D1591BF50DDC58B93518CEF67D179 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
11:12:20.0463 0x06c8  amdsata - ok
11:12:20.0480 0x06c8  [ 5725597CF5E002FB665C6C69787DAA8A, E2C284A4380C014319DA29B3224EDB45E12FE0FE0ED81C35AA5A1A91D9BDF7EE ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
11:12:20.0484 0x06c8  amdsbs - ok
11:12:20.0487 0x06c8  [ FB336B5F110770CF22F6BFEB1906E773, C1673F45081137E29E22DBF1BDE882ADC9E9508CF72EF1583A53339B65098E35 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
11:12:20.0488 0x06c8  amdxata - ok
11:12:20.0503 0x06c8  [ C44ACA940360C90C0274C35944AE63D3, 3AD8FB383500971F3AFED39B6283946D6A685C4F2F89EEF492AE4221B875B04C ] AODDriver4.2    C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys
11:12:20.0504 0x06c8  AODDriver4.2 - ok
11:12:20.0509 0x06c8  [ CB3613E82A5B058AB6A69846B0DDC6C5, 56C2E1DD51C8EDB5057A2DCF5B12400695715BDCF81A9D75C786186D08B80147 ] AppID           C:\Windows\system32\drivers\appid.sys
11:12:20.0511 0x06c8  AppID - ok
11:12:20.0525 0x06c8  [ 721C445A7EE59589B26EE0DC767A7967, 2EFE73128524DC70D61FE8B3429AAEA23F29F931E904949BD554BD50F93D9797 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
11:12:20.0526 0x06c8  AppIDSvc - ok
11:12:20.0542 0x06c8  [ 9EC93DFD472298D7006627C5F81DE250, 963B993F17E659C212C1F2B784BABBA3139414C938ADB6F9529D46FE03DCA47E ] Appinfo         C:\Windows\System32\appinfo.dll
11:12:20.0543 0x06c8  Appinfo - ok
11:12:20.0549 0x06c8  [ 8F0F777B167CADDF9D206180B8558433, 4811E247DC398C3E0F49AD494CF3DB4349678D9D3A0DB2CE8F684E4E63515BF9 ] AppMgmt         C:\Windows\System32\appmgmts.dll
11:12:20.0553 0x06c8  AppMgmt - ok
11:12:20.0558 0x06c8  [ A0982052EE6B01DC9B0CB7FEFD13040F, BB307503D44BBA825A4FA3B2E138F6603D06CC1BDADD25AEDF4CEDF8F456C58B ] arc             C:\Windows\system32\drivers\arc.sys
11:12:20.0560 0x06c8  arc - ok
11:12:20.0566 0x06c8  [ 7E17A734B0D33B8F9287F28F1C583DD7, FE5B11768A17BFDBE5566DC3FC9E33F6D692B74321D2945CDE1EE9C5C49A7FC4 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
11:12:20.0568 0x06c8  arcsas - ok
11:12:20.0607 0x06c8  [ D5730129EA9ADF7AE710DA0B14F9DE19, 79DECECA6DF86D85280C41242924753302B181584E3C4E60EF0F0E8EE2672E64 ] aswFsBlk        C:\Windows\system32\drivers\aswFsBlk.sys
11:12:20.0607 0x06c8  aswFsBlk - ok
11:12:20.0650 0x06c8  [ 6F23333C8358D267718F9ECB21CBB6F4, 647A743E9E95763B45BF2A83A30C5FD08CB085DC805B096724ACE29037AF29A1 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
11:12:20.0652 0x06c8  aswMonFlt - ok
11:12:20.0669 0x06c8  [ 2206985EF126AB90F3D7F1A020589DC9, F9BAA1E5B087977A113B9F46C3F6C9E41D36D87DBCF5BA4632FE1BD6099E6424 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
11:12:20.0670 0x06c8  aswRdr - ok
11:12:20.0689 0x06c8  [ F385467DF95D0A73775CB3B076B8B969, D427A5F4FB4D1DAB04AFC29E7EC510844F907ABBA053538995E65747BAD37422 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
11:12:20.0690 0x06c8  aswRvrt - ok
11:12:20.0731 0x06c8  [ 50C85412AD31F5C0F687F00C2E34C673, D8EBD884AD717DFC78948177A1DED1D6FD8E3E88B20847751078B553F6C5D54A ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
11:12:20.0745 0x06c8  aswSnx - ok
11:12:20.0780 0x06c8  [ DDEBA353975F0827143484D5A9310935, 639FFE049A95679FB7B58D971A11DD73A37233DE0F7A017388E4B7A47E0D21BD ] aswSP           C:\Windows\system32\drivers\aswSP.sys
11:12:20.0787 0x06c8  aswSP - ok
11:12:20.0805 0x06c8  [ BADA8FD627F1D0E22308211C33F0BDB5, F88751280969B8963DCFC684C99C7CCF396B50FD0AC0F869628A009557438609 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
11:12:20.0809 0x06c8  aswVmm - ok
11:12:20.0820 0x06c8  [ E12BC771325E70C2A875136B0BAF491E, B01621A5B26551A9AA0D379976ABB6CF1672F8F9A7689A651AFAB4A8E72DF343 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
11:12:20.0820 0x06c8  AsyncMac - ok
11:12:20.0824 0x06c8  [ 48D8C3F2006698691F5AE0BB595FDCC8, 374DC9E6DF7D97A1AEBBA38F04387B0621C8C994056DC7679F02F2FBE6C6C6E7 ] atapi           C:\Windows\system32\drivers\atapi.sys
11:12:20.0825 0x06c8  atapi - ok
11:12:20.0852 0x06c8  [ 9DA5646DAE413D3B8CA8EB61A5C8330C, FAC2DD96FEF04F60E3C2568ABFB61A2C07A98EE294A4795D07F8C14781101357 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW83.sys
11:12:20.0854 0x06c8  AtiHDAudioService - ok
11:12:20.0875 0x06c8  [ 252EB0813E33927F6BFD1223F0B3CD2F, D488E66AAFAA5F3BD89E19BED6524E8C44F53EE82FE52996B12400CF6E661202 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
11:12:20.0878 0x06c8  AudioEndpointBuilder - ok
11:12:20.0908 0x06c8  [ C6283C0BEB1E2CCE58F0703DCAB13987, F5E60F88FD3E5FDC62DD9FDD03A26135C789A9811833199EBAD9B9A70F62B17A ] Audiosrv        C:\Windows\System32\Audiosrv.dll
11:12:20.0919 0x06c8  Audiosrv - ok
11:12:21.0028 0x06c8  [ 4BE7EC02133544CDE7A580875E130208, DF665024664252BB6005B80B99C091905F9B5873D58CE9FED2E66F578E372D13 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
11:12:21.0029 0x06c8  avast! Antivirus - ok
11:12:21.0036 0x06c8  [ 3F642D45EC0BE2E4843C35A2A1AA93D5, 2F00E40B6C0105D6EF9B1F37B7635E30197DF5F6455DA4AF08D3F38E7A117F1A ] AxInstSV        C:\Windows\System32\AxInstSV.dll
11:12:21.0038 0x06c8  AxInstSV - ok
11:12:21.0055 0x06c8  [ A96A499B6C931B7242D964D5D695A506, 8AFA1F9709494DF7D541868B3A9C9041E83BA7F02605D86A1DE84F3BE7905C7D ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
11:12:21.0056 0x06c8  BasicDisplay - ok
11:12:21.0064 0x06c8  [ D313E4D7DF0187CEDA121793F937EA89, 213D1F9115D929E2103D193BEF72BD14BA0828A3629F99940F42B07989DCAC49 ] BasicRender     C:\Windows\System32\drivers\BasicRender.sys
11:12:21.0065 0x06c8  BasicRender - ok
11:12:21.0096 0x06c8  [ C63A675938990568FB78E366C5E4CACB, 41C72A56DCC82CE38323CE528F4CFC8639DC5E3305EA01C664AE282B870184FE ] BDESVC          C:\Windows\System32\bdesvc.dll
11:12:21.0099 0x06c8  BDESVC - ok
11:12:21.0115 0x06c8  [ E53DDF8C101E3CB6A0483D592A8CC476, DB688B7E857D9A95F61773E6CA5C2F6CED22B1E781822730AF31BBCAD63C4BBA ] Beep            C:\Windows\system32\drivers\Beep.sys
11:12:21.0115 0x06c8  Beep - ok
11:12:21.0145 0x06c8  [ E53E0DE96BE9EABD01F7D26D2DD40236, 14F7084EB523ED92FB7953B8BB5FF9EE58CC1AC0733AABC51CA78B6DA8A10051 ] BFE             C:\Windows\System32\bfe.dll
11:12:21.0154 0x06c8  BFE - ok
11:12:21.0195 0x06c8  [ 6723B30920D4371367F468DF6061A7E9, 39D7B7F5EB2A3D7B30B49DDD92ED90B0BF57C864AC10F61E5C730AC85108777F ] BITS            C:\Windows\System32\qmgr.dll
11:12:21.0208 0x06c8  BITS - ok
11:12:21.0221 0x06c8  BootDefragDriver - ok
11:12:21.0226 0x06c8  [ D7148E90581185DB2CC6A2EED9C8281C, 8E8D87E744895CE035EF484EFE66D2BA1CAC7947058F0CE40F6B13AA3FFF3FEC ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
11:12:21.0228 0x06c8  bowser - ok
11:12:21.0247 0x06c8  [ 00F71A3AF06D56430DF0E9458668F04F, A9E7539A21B3E96EF1A4657E1D8A7BFB301AF40176573AFD643756D074E1FB91 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
11:12:21.0250 0x06c8  BrokerInfrastructure - ok
11:12:21.0260 0x06c8  [ 771EE7009E428CCC3476838CB22DBA8D, ABA093468160F9D3E73B19F38E43299972FD583883BDD824BE366D0D3E3F8C49 ] Browser         C:\Windows\System32\browser.dll
11:12:21.0262 0x06c8  Browser - ok
11:12:21.0267 0x06c8  [ 6FCAE779413713A4E433BC1DCFE5DBB2, 345C071282FAA0A18C4A9C6A768FAE63A2527B604FD523BA0E400EE7B217EC6F ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
11:12:21.0268 0x06c8  BthAvrcpTg - ok
11:12:21.0272 0x06c8  [ 3EEEA1B69C16A8D159B53896EC78420C, 048039CE173B1ACBBBF97500107F2E2C1BDA1A58C2CD0F7B279D16CCCEB0A88B ] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys
11:12:21.0273 0x06c8  BthHFEnum - ok
11:12:21.0277 0x06c8  [ 64FA4CDA349E8B3E184EB036E114CBC9, F8BFC69DA502F9502DDD4B9B80787D3082F7BA930F29627CA9341F193E3CCC59 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
11:12:21.0277 0x06c8  bthhfhid - ok
11:12:21.0281 0x06c8  [ 0C706A8B022A44413F6C36ECEAAA2838, 7C2476F99AF4391FAEADA7F37B14631BEA15950F837176167D7036CC3A48CF39 ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
11:12:21.0282 0x06c8  BTHMODEM - ok
11:12:21.0332 0x06c8  [ 171AF9795CABEC4985D45640D3A5F8F0, D50FD89FDC392720FBB0FE23341EAE95E446FC98D5487B7EE0EDC2533CA0D5A9 ] bthserv         C:\Windows\system32\bthserv.dll
11:12:21.0333 0x06c8  bthserv - ok
11:12:21.0349 0x06c8  [ 00B4FA77732C7823D292ECD672660882, 214102B841193654BFCF6618F7D3D1928D303A01EB44A57E6333AA72CFD9F124 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
11:12:21.0351 0x06c8  cdfs - ok
11:12:21.0368 0x06c8  [ 4E707EC5071DD8F5C29A7410780BD4C3, 425881E5A122439A86D3C1CD54CD5CD0A122CE6689A1798887759D714E5E586C ] cdrom           C:\Windows\System32\drivers\cdrom.sys
11:12:21.0370 0x06c8  cdrom - ok
11:12:21.0376 0x06c8  [ BAEE72BFBEC7B96AA85F861A6F4FE428, 78E6C63848C5AFCD67C08F2A17BFD764524B8A9117EAF74CD5514F8239E155CB ] CertPropSvc     C:\Windows\System32\certprop.dll
11:12:21.0379 0x06c8  CertPropSvc - ok
11:12:21.0383 0x06c8  [ 17BE1CB162768E886B2BBA63F8B89371, 115EB95F7203BD62F7B9DE051592849195BD1ED8F42C58F1BA32419DEE18275D ] circlass        C:\Windows\System32\drivers\circlass.sys
11:12:21.0384 0x06c8  circlass - ok
11:12:21.0392 0x06c8  [ D5370A0D3A8F7E531FE9BA3E3C81BAC8, F9E795D2D8E7AD553C69BA148C910AF1BB30864F90B3A17D69944BBB595A0740 ] CLFS            C:\Windows\system32\drivers\CLFS.sys
11:12:21.0397 0x06c8  CLFS - ok
11:12:21.0414 0x06c8  [ 16744C84320D33880E38DF7409585EBF, 1ED734A585BBBDECFB3E248EBFEC26FAC6B6931C5E469772E30EC7BA5FC53667 ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
11:12:21.0415 0x06c8  CmBatt - ok
11:12:21.0436 0x06c8  [ FC5C6FC2D889D34CDFE50ECBCE0EDDD6, 36E90FCF63C683C3D0C3F1BA6C224763DD14F75E6E5570DE13E838D3394480F9 ] CNG             C:\Windows\system32\Drivers\cng.sys
11:12:21.0445 0x06c8  CNG - ok
11:12:21.0450 0x06c8  [ E65DF0F65ECD3F74012C5C6D4F0523FD, 148DDD6A2F31F5699D960B7DC4E4FD0C9E17C46C2B9908363594833C2B8CBAD6 ] cnghwassist     C:\Windows\system32\DRIVERS\cnghwassist.sys
11:12:21.0450 0x06c8  cnghwassist - ok
11:12:21.0454 0x06c8  [ 357444DE560252A907F8B687005B3DCA, EE9D4FB34E8DF1AED4C16C47507820D958BE270E0761DF5C178DAB66491BAAE3 ] CompositeBus    C:\Windows\System32\drivers\CompositeBus.sys
11:12:21.0455 0x06c8  CompositeBus - ok
11:12:21.0458 0x06c8  COMSysApp - ok
11:12:21.0471 0x06c8  [ F1B79B7B595B0D7990756C12FA64F00E, AD7D3984D2A519ED8AD472AC61011B6371C1D18BB2DA8CBE5E74AE062E238AD0 ] condrv          C:\Windows\system32\drivers\condrv.sys
11:12:21.0472 0x06c8  condrv - ok
11:12:21.0483 0x06c8  [ 42EAE3259F8F39C7E22D0F385DBFADA9, 953978FBB9848A1BEBE318FE3DA4939F6CF7B9001FC780AA83B64F86DE91B7D7 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
11:12:21.0484 0x06c8  CryptSvc - ok
11:12:21.0507 0x06c8  [ 8AF45624AD6EA2F4D44B06E7E06983AD, E6EC2153A5BC1C189C43466785887A40A1B5AC07C820E1637A94D9ECB7630728 ] CSC             C:\Windows\system32\drivers\csc.sys
11:12:21.0515 0x06c8  CSC - ok
11:12:21.0541 0x06c8  [ A36C84BAC3128A6A3F41136A6ED426B1, AEDB1FAABACB304546D9432BACF0A7B1DB5BAB203EA381A885DC8D0386036855 ] CscService      C:\Windows\System32\cscsvc.dll
11:12:21.0552 0x06c8  CscService - ok
11:12:21.0561 0x06c8  [ 05107EAC6D02D8789BABB79199152BC6, 145C473B1185C4D2A5D54C1866C80657BC3C810F8EB1987367950D65E2EDFAE8 ] dam             C:\Windows\system32\drivers\dam.sys
11:12:21.0562 0x06c8  dam - ok
11:12:21.0582 0x06c8  [ BCD3562ACB27B8137BF809F61BA44E80, 3BE2617996696AD8A2402C0767E55CE53EF48B4234660C9948E153B5ACBE98C7 ] DcomLaunch      C:\Windows\system32\rpcss.dll
11:12:21.0595 0x06c8  DcomLaunch - ok
11:12:21.0619 0x06c8  [ 3D36FBE5ABAF0D531085C5D3381DC770, 87FAF495F6403EAA3728C6D100A7A87A6D9AE2376E29D654B6BEDA4394F08090 ] defragsvc       C:\Windows\System32\defragsvc.dll
11:12:21.0625 0x06c8  defragsvc - ok
11:12:21.0634 0x06c8  [ E5935B79D5AE9288AEB72487E1A1B662, 2DED999FCC89C29649E519D7545A40925E8AD1785EF00EA6826A36B441863012 ] DeviceAssociationService C:\Windows\system32\das.dll
11:12:21.0639 0x06c8  DeviceAssociationService - ok
11:12:21.0664 0x06c8  [ D87B33F7F58822B431320769FD1668D8, 6E1A0761840FBB0C35DEB8C620C4D0033DE4975C2304726F41C1BC488BB8154F ] DeviceInstall   C:\Windows\system32\umpnpmgr.dll
11:12:21.0667 0x06c8  DeviceInstall - ok
11:12:21.0686 0x06c8  [ B21FDAC50FCD4CE53C203F097273532A, C148DA5FE4A8A98FE63CBB36CF8B57DD339535CEE62B49A707E41F97794C0232 ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
11:12:21.0688 0x06c8  Dfsc - ok
11:12:21.0697 0x06c8  [ D8FF12C3C892A707FE84BF457AFBD46C, 147FDE25F86F4C55CA84E4215B0D225C5354916B31BA122CEAAE605DE2546AD2 ] Dhcp            C:\Windows\system32\dhcpcore.dll
11:12:21.0703 0x06c8  Dhcp - ok
11:12:21.0714 0x06c8  [ C0C87CCE88C4532B575AD60A95E7FD57, E1E8EF3FEDA44E39F36687D5387E7E84216D0A37A8DE0EADAC3B96C6761E01A0 ] discache        C:\Windows\system32\drivers\discache.sys
11:12:21.0715 0x06c8  discache - ok
11:12:21.0720 0x06c8  [ 4E3237D8266580412CCA774321056111, 781B4CF6ED4F26C0D3EEB77805DE9B3696E7D1BFF54D9344D2955D5AAC11D137 ] disk            C:\Windows\system32\drivers\disk.sys
11:12:21.0722 0x06c8  disk - ok
11:12:21.0735 0x06c8  [ 9B20A9DB154249E0E40036BC8BDC3E38, F506C7DDE0FC8014F579D82AE35522B76E5F5FFCC89E401F17E1B31C02E79697 ] dmvsc           C:\Windows\System32\drivers\dmvsc.sys
11:12:21.0736 0x06c8  dmvsc - ok
11:12:21.0754 0x06c8  [ 1626A054AE163343B80C8EECA51FDB26, 26426E6BF91B1877E10F1A5B58C3B1CF244E3CFDFD4C3A0F379141DB1796E266 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
11:12:21.0758 0x06c8  Dnscache - ok
11:12:21.0770 0x06c8  [ 7F0C01E0C0BB063136DF09845FFC4CE1, 94542591AF4BCED1EDCF033D6617CC0A1AAE592BB7ACDC51AC6B26C32B9C6DB2 ] dot3svc         C:\Windows\System32\dot3svc.dll
11:12:21.0775 0x06c8  dot3svc - ok
11:12:21.0782 0x06c8  [ 07D96198AFB530CF4A0A9B5C0E49073F, 988B50CDA4EBC3A8626A947CB741F74F6682877AB313822B717D88CDA2227A6B ] DPS             C:\Windows\system32\dps.dll
11:12:21.0786 0x06c8  DPS - ok
11:12:21.0809 0x06c8  [ E48E86694E57723C67478F3AC082D42B, E336B17F4EEDE06933A1CBA01F15E86FDA8FA4D666F380B5E4E5ACBCF3EC14B5 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
11:12:21.0810 0x06c8  drmkaud - ok
11:12:21.0816 0x06c8  [ 0EF9D082E38EC861DD4886896666103B, 767EF67BE56CC9630EB6404C53CFD6103A8252E464601D29E00A1A482FBD95B0 ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
11:12:21.0820 0x06c8  DsmSvc - ok
11:12:21.0871 0x06c8  [ 124BFF0C570E00C5BA27B13BB16600B7, 5D29F430630CCF468D7847A21F32F1A2966447EC47008C58B2B1F46CCB5C6619 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
11:12:21.0893 0x06c8  DXGKrnl - ok
11:12:21.0938 0x06c8  [ 59ECF01342E0CDB726C7948E36A43309, 045AB706C24B6717ABBEA749D5382A2EBB894D871CCA641D7CDC40DB76F38B76 ] EapHost         C:\Windows\System32\eapsvc.dll
11:12:21.0940 0x06c8  EapHost - ok
11:12:21.0955 0x06c8  [ 747ED861374E5589EE56D28E01BDCFE1, C9F5587A0CEC8D63ECD235BE9585A3023F9BFC5DAB28F57D50D85BAB3BE1BCB3 ] EFS             C:\Windows\System32\lsass.exe
11:12:21.0957 0x06c8  EFS - ok
11:12:22.0016 0x06c8  [ 93FAE5E2EDD59B1D292D18BE7A5AFEE3, 5A4E5DE57982FC04DD2CEFDE78514D1B77010ED7729F3773E51E3EFE296D311D ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
11:12:22.0026 0x06c8  ehRecvr - ok
11:12:22.0038 0x06c8  [ E0F8A73BFB3AE5D1A47AFF94B6814EE5, 2F3344999E269608D18FEBA2854653D46962901DD76B924EF70C830A6AC1B868 ] ehSched         C:\Windows\ehome\ehsched.exe
11:12:22.0040 0x06c8  ehSched - ok
11:12:22.0045 0x06c8  [ BC7119CF5B5BC9F54C8FAE221C3227F2, 96F089419DD28E84F81A23BE6EDDC2440DDE58B626031EE2778F55708747EA42 ] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys
11:12:22.0046 0x06c8  EhStorClass - ok
11:12:22.0062 0x06c8  [ 1A5945FA87A05A97A1175657B7BA4EDB, A4909FF016E363E3C3E6F7236C5A867C20BA0FD88D09828272809FA8323AE5F6 ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
11:12:22.0064 0x06c8  EhStorTcgDrv - ok
11:12:22.0068 0x06c8  [ 8B22B788A329645F08AB4F86B9580AF3, 7C0772A049AA0279E46334BE210038666E543437305A5FCF31750B10F6012B95 ] ErrDev          C:\Windows\System32\drivers\errdev.sys
11:12:22.0068 0x06c8  ErrDev - ok
11:12:22.0101 0x06c8  [ 39FB0D2C74D4201F01BA30D06162525A, D37571D3B7F50282A45168A64F379331E7ACAECF74578A6F2C3A403F6342E429 ] EventSystem     C:\Windows\system32\es.dll
11:12:22.0109 0x06c8  EventSystem - ok
11:12:22.0116 0x06c8  [ B60B2A0E110D640440263268FC02C726, 4E90F01E2E65987DFF1BD919277D800B8A32DF693862D7D3D8D78EBB3C07DA07 ] exfat           C:\Windows\system32\drivers\exfat.sys
11:12:22.0119 0x06c8  exfat - ok
11:12:22.0126 0x06c8  [ C8B18803E1521225BDBA86B5F7D2E9FC, B28722E9CE8474E5A85219F65B4748EB154455DB138FF428182B2F3FCDEDC108 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
11:12:22.0129 0x06c8  fastfat - ok
11:12:22.0159 0x06c8  [ 22A38E2F78153AB500482FD0D4A9DB65, 43BE0D52487DED1CD608210D2786D010A5E5A7652A5273950707FE1FFD59DBA0 ] Fax             C:\Windows\system32\fxssvc.exe
11:12:22.0169 0x06c8  Fax - ok
11:12:22.0173 0x06c8  [ 9709867A1354A4D10046ADE31DA67511, 0DF012548E04E5AA2B7A65CB328E46F8BA8D202D8638F6D72BA0802880A8AD0B ] fdc             C:\Windows\System32\drivers\fdc.sys
11:12:22.0174 0x06c8  fdc - ok
11:12:22.0185 0x06c8  [ E099DF1CE3285FCA613AF84D792DBC15, 1F8037BE6385BF7BC3C572A696E83FC28E09FDA1BAB05F3AE0C9AE873FF2120A ] fdPHost         C:\Windows\system32\fdPHost.dll
11:12:22.0186 0x06c8  fdPHost - ok
11:12:22.0195 0x06c8  [ 141B98F42D71B4F5CFB0D8D4769FBA0C, CEF7061874C9AB713F793768D273153351E7C883FF4B4006EBCFA3758BC8173E ] FDResPub        C:\Windows\system32\fdrespub.dll
11:12:22.0196 0x06c8  FDResPub - ok
11:12:22.0205 0x06c8  [ B427CFD8FDA7D54ED386CA80A7647F50, 9E6B376CBD9F68278EFF41446DE6A6A50448F404BDED6970CA6131FCE0F4F0B4 ] FETNDIS         C:\Windows\system32\DRIVERS\fetn63.sys
11:12:22.0206 0x06c8  FETNDIS - ok
11:12:22.0211 0x06c8  [ 75846E35191416EF2ED3D9893CD9EBC7, 8A0CC5F537BC2C88CE7E5D1A63F9FB90102386050DD8A0D2D33C4DC8B20D71C5 ] fhsvc           C:\Windows\system32\fhsvc.dll
11:12:22.0213 0x06c8  fhsvc - ok
11:12:22.0218 0x06c8  [ 1018AE04A4D36BA60247C2C22D7BA7D1, CA0A60CCCD31A34E78F6A494288FE152B3977ECB45C8C8AD5ACCC36FDE02C411 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
11:12:22.0219 0x06c8  FileInfo - ok
11:12:22.0223 0x06c8  [ 3A2F87EF4400B5E542E2C2BA8FAB4222, 9145B79639FEACE79274C4DE05FA5D2FF79B4E0A57A802DFB9A0844DAC7A8A76 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
11:12:22.0224 0x06c8  Filetrace - ok
11:12:22.0227 0x06c8  [ F37314C92AB8C876DB478A36A6D9FF0E, 68238B5242F9CB2D62BCD26B206E6BA49364A9B18EDFE7EE9DBFEC642A13345E ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
11:12:22.0228 0x06c8  flpydisk - ok
11:12:22.0237 0x06c8  [ 13C0B6F6EFD0D5C6871C07B56CB5403D, 7D099F06CB9FE72B36477D60A8B6DADAE3FDB6B20D40F0D1620A471E88EE68A5 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
11:12:22.0243 0x06c8  FltMgr - ok
11:12:22.0278 0x06c8  [ 3DB1B88F7BFABFAB2609D278EA241DEF, A28CDDC609BD53C42F48852CD1B5F15DCDC3CDDE080C622826BD641DB2F49BAD ] FontCache       C:\Windows\system32\FntCache.dll
11:12:22.0297 0x06c8  FontCache - ok
11:12:22.0374 0x06c8  [ 2AAF650823623D89B5FE5C399FC5D1BD, 101E96BF8CA63BAF69C4F4EDAFAB42D39A8203D3A70BB131693828CEDC882CE2 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
11:12:22.0375 0x06c8  FontCache3.0.0.0 - ok
11:12:22.0379 0x06c8  [ 16D4CC9AE485BC60B6AE026FF2497DE8, 8247B2C487782A15F74CB2E39A6BB9357E0D86CFC4D3CCBFA116BA33DD8EC7AB ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
11:12:22.0381 0x06c8  FsDepends - ok
11:12:22.0388 0x06c8  [ 28E64CAC27FE3A7CA34E2F93E9A8092A, AFEF4BABE162581217FCA01AD2E637A9049B584F6FFB562355E1EDD61DABFB4F ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
11:12:22.0389 0x06c8  Fs_Rec - ok
11:12:22.0401 0x06c8  [ D49DB3B4F82296B3BDF3336442A10516, C32269BA1B4D0123B22F9EC2AC6246A96599733CA14CDB941A1BD3C92316048C ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
11:12:22.0409 0x06c8  fvevol - ok
11:12:22.0416 0x06c8  [ BD9C0C40ED4DEB4FC7562DD62FA18FD7, 4E7D464DF5947444CE63FCBFE67B9F4294CDC7E7C97260D57CBD664FDA12E6BE ] FxPPM           C:\Windows\System32\drivers\fxppm.sys
11:12:22.0417 0x06c8  FxPPM - ok
11:12:22.0421 0x06c8  [ B5AD0B13AD7FD1C749FC45D81392B9DF, 2C5CA3934A47538292F537DB5E60740C12C6D489BFEE378015A1F4CD63963843 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
11:12:22.0422 0x06c8  gagp30kx - ok
11:12:22.0428 0x06c8  [ A9608FF3B1B577BFC969A7B6797B1FC1, 2D90C1554C099BC7666A24F26ECEFAFC4CC03DE7F7FE1AA2991FE3283EF9D590 ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
11:12:22.0429 0x06c8  gencounter - ok
11:12:22.0445 0x06c8  [ 9F3695F4FAEA73BE6D0BA856C4D5C3BD, AB36F5CFBCA966D0954A0BFDEDB0FD2B979D1D55EB5278F82F632DBF4CF2FEBA ] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys
11:12:22.0447 0x06c8  GPIOClx0101 - ok
11:12:22.0494 0x06c8  [ B13CCD3028A44C6E16E03A3E1AD95FA4, 151CB2605C3B7FA8A3925B07CFF5F999EA7F3D6D5F9881C3149609826B4B90A5 ] gpsvc           C:\Windows\System32\gpsvc.dll
11:12:22.0521 0x06c8  gpsvc - ok
11:12:22.0575 0x06c8  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
11:12:22.0577 0x06c8  gupdate - ok
11:12:22.0581 0x06c8  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
11:12:22.0584 0x06c8  gupdatem - ok
11:12:22.0616 0x06c8  [ 4A614E902AC77D6DB7AFC6C1BC52ADBF, 5D4E8C6FA86C063B2B00A0D9370BA06C9814AF0AE2010C2D19464A2CE2FB30CE ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:12:22.0621 0x06c8  HdAudAddService - ok
11:12:22.0626 0x06c8  [ 0E3FC2062E796F6A9B1ED995E1CBB25E, F98092DB624B3CD1B28A9B98A88E4B889ABC72467D4D492518820E93FA314194 ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
11:12:22.0628 0x06c8  HDAudBus - ok
11:12:22.0631 0x06c8  [ 8CBCFA78D2B43CCC23BF5A4C09A700CA, DBAB62EB256146BAF02D1B043ACE7F1A2DEB2D29FD0150848CC7629A670B217F ] HidBatt         C:\Windows\System32\drivers\HidBatt.sys
11:12:22.0632 0x06c8  HidBatt - ok
11:12:22.0637 0x06c8  [ 9AF33AB459FE639783CF7CDBFFC7A449, 9670818D19237580EEE77E248CC9323E6ECDCB338DDEF8CF90263D1249813BEF ] HidBth          C:\Windows\System32\drivers\hidbth.sys
11:12:22.0639 0x06c8  HidBth - ok
11:12:22.0643 0x06c8  [ D96C09F3C4A9C642C06089481F375C2D, F0FE8FF0CB0453455B37CE9A90C7199FC1D8F87A4DE3EFC408C57AD105577000 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
11:12:22.0643 0x06c8  hidi2c - ok
11:12:22.0647 0x06c8  [ 11A4D12F4CADD18CDA334C2756FE450A, 54ACCD91991D223E5A93BDFF0A4D270F0746945836796FBF04DB42EE33708FD0 ] HidIr           C:\Windows\System32\drivers\hidir.sys
11:12:22.0648 0x06c8  HidIr - ok
11:12:22.0660 0x06c8  [ C0A9999E5B4C1953C6B07CD9105B41FD, A83C91DC0BC3A4E19877846A567A2A39C83FA9B468CC508405137A91E77F0780 ] hidserv         C:\Windows\system32\hidserv.dll
11:12:22.0662 0x06c8  hidserv - ok
11:12:22.0672 0x06c8  [ 1887E321B54832AD18CB0867DE359EE3, EE0CB433F925C094BB0D7922984D820E395FD94B82B489950A7B6001D527DC7D ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
11:12:22.0673 0x06c8  HidUsb - ok
11:12:22.0682 0x06c8  [ 40AAA716A3F2E494E7F533C45DA3E7E8, 1A0085CCBFC7E67B6C6028B76361A45E6706FFE2C37F763C3A434FB66EBBC0F1 ] hkmsvc          C:\Windows\system32\kmsvc.dll
11:12:22.0684 0x06c8  hkmsvc - ok
11:12:22.0698 0x06c8  [ F36978787320658EBE7F853B7FDEE5FA, 1EBC8D6136C58FCDF9E1B51DCC541FD837591B9F3DB328E4EC95CBA3535C3679 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:12:22.0702 0x06c8  HomeGroupListener - ok
11:12:22.0739 0x06c8  [ EFC6EEA348478FBAFCF2B2D03DE0B127, 82B6CFFE1A55D847D33D15AD0539C80902CE9587F0E0ADFDA4425525CD8F5278 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:12:22.0746 0x06c8  HomeGroupProvider - ok
11:12:22.0750 0x06c8  [ D7544353157E11864C00A48BC90EF183, 5991C823E8C18E7650FFE8B33D19E552D2D91DB76957895C2719B04B0CCCE0BD ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
11:12:22.0752 0x06c8  HpSAMD - ok
11:12:22.0784 0x06c8  [ A4D4F99BB5B32D967651E77288384678, 4942F67A52A5DD7F1D2BC94DFFD2F85C2B47924B5F37260E58B809FAB5E3697E ] HTTP            C:\Windows\system32\drivers\HTTP.sys
11:12:22.0796 0x06c8  HTTP - ok
11:12:22.0800 0x06c8  [ 4A3E6732E5BEF6DF531A217B5EBB5C54, BA259C5F3D1FA4B16DB709F6D417F2998751C9983F73712C4F62E50CF661E788 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
11:12:22.0801 0x06c8  hwpolicy - ok
11:12:22.0809 0x06c8  [ 0F819743721DFB5906734243ED0CE935, A67E7ED2B0948E494C3953A6639AC75AB88B9CE33C3E107E64290CC4EBDD8A92 ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
11:12:22.0809 0x06c8  hyperkbd - ok
11:12:22.0813 0x06c8  [ A14A2EBA22929901F64B496C1D555982, DD9C19B1D01B0E3A6423BA1932428C49DE4CDC1DA8D1E0B7D55CEF5568D7FA1D ] HyperVideo      C:\Windows\system32\DRIVERS\HyperVideo.sys
11:12:22.0813 0x06c8  HyperVideo - ok
11:12:22.0828 0x06c8  [ 11EDC37780E8A2F8E311D73F7658A4D7, CB60EFBD16467692C0877DE70FF34F54058CABB38413FD03F7905156D2FE4AB8 ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
11:12:22.0829 0x06c8  i8042prt - ok
11:12:22.0854 0x06c8  [ C444F83C318BE18719DC1FDAEFF10898, E5A9D49A478D67BF0530930276B7A5C751CF49C72710FA37E50283F145DAE44B ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
11:12:22.0860 0x06c8  iaStorV - ok
11:12:22.0865 0x06c8  [ 7BB542C7156FA72CC83C1177BB190F94, BD50E0CBB67521EEDC9F6156ED85C3086B3A64F417CE04B7E1FB6040D10E1017 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
11:12:22.0866 0x06c8  iirsp - ok
11:12:22.0899 0x06c8  [ C11ABA489324651697A23ACC84D744D2, C1FA4BD4CD93644316D3CC6611F63954C3A3DD56599808CF2CB9002C69736C88 ] IKEEXT          C:\Windows\System32\ikeext.dll
11:12:22.0912 0x06c8  IKEEXT - ok
11:12:23.0011 0x06c8  [ 9E36C303A36DF5EDF0C002859F13E4B7, 373B2DE134EC8B5D8C6719F1EEC58A9D119DD2E1E3F4D0D085A9AB11072C7C57 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
11:12:23.0059 0x06c8  IntcAzAudAddService - ok
11:12:23.0066 0x06c8  [ A43BC9416741ABEA2B8DF60D2C0EA6A2, 74FF63BB16F62B1085CF2D09E666EA8B5965A6CE44A98F1F9CF9C6ABCA7BD23C ] intelide        C:\Windows\system32\drivers\intelide.sys
11:12:23.0067 0x06c8  intelide - ok
11:12:23.0071 0x06c8  [ 9081A954273763F0AC25DE0C2B2DB593, C9CAD343FBC7632062B3610F4DB792DCBD8C0E08CAD2E6A9243F9F961157310D ] intelppm        C:\Windows\System32\drivers\intelppm.sys
11:12:23.0073 0x06c8  intelppm - ok
11:12:23.0077 0x06c8  [ AB308167857138B84E4DECDF2000DD27, D761E84A3B0986B4351D970110701BF4E628C19941552FC436CA8559A5E4B468 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:12:23.0079 0x06c8  IpFilterDriver - ok
11:12:23.0098 0x06c8  [ BA07258793CC554B38A78018730AFC43, 400EBFD6C22766DE5E61B41DCC2EC4A8200F46A20D45CED2196C44EC9979EBB3 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
11:12:23.0112 0x06c8  iphlpsvc - ok
11:12:23.0118 0x06c8  [ 7E4FEE6D5C5BC52199C481DAC564FE43, BA4EA6A83CEB08D2781C7F64069A9DE39A93457A2FB04AA8AEF2DB1695F16250 ] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys
11:12:23.0119 0x06c8  IPMIDRV - ok
11:12:23.0125 0x06c8  [ 57B0C0D982013C72911A3F5CBA795034, 2A09BC1565772C3698153A7F0B9727A8B8DA4A98CC3E3290A1D8FC2350E9168C ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
11:12:23.0127 0x06c8  IPNAT - ok
11:12:23.0144 0x06c8  [ 9D6DB34476AC6448B3CA59D8676F7CE6, A77A8207719F571D62EE8AE3D3185E7C5D9F44747DD1276418B0B4B4C6B5182B ] IRENUM          C:\Windows\system32\drivers\irenum.sys
11:12:23.0145 0x06c8  IRENUM - ok
11:12:23.0154 0x06c8  [ 2E1347C9CC7DDB43183AF725135ACF0D, 08AF2DDFD929332D0C373CA9FFD75E86A5109C6F228F6391C3AD4841922045BB ] isapnp          C:\Windows\system32\drivers\isapnp.sys
11:12:23.0155 0x06c8  isapnp - ok
11:12:23.0163 0x06c8  [ 0E3BDF6F27031D5BBC030E14EB7EACCB, EB6E33051A33DC93777CE259E1E14631B166461273B95EA93FDBD970BAF4F809 ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
11:12:23.0168 0x06c8  iScsiPrt - ok
11:12:23.0172 0x06c8  [ 4533BE9F8D67BDCF5FECA87DCC345448, 89852E7479EFD73309037083B43DB94AAACC2FA4BB323C547F87CD66C59C20D7 ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
11:12:23.0173 0x06c8  kbdclass - ok
11:12:23.0176 0x06c8  [ 8F73A6DAEF7F7D102FBBA6F3EBC47F97, 5FBF9348D9886961E8FD771E8B4F81FA37B0EBC076AC62C5D4A024078CC4CF1F ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
11:12:23.0177 0x06c8  kbdhid - ok
11:12:23.0181 0x06c8  [ F7E302012680B0617C904B58594E0376, 2269289081D3E03270C8D3675D1B5901B0EE0C6C8F6A9F3381B3C34BDAF07E1A ] kdnic           C:\Windows\system32\DRIVERS\kdnic.sys
11:12:23.0181 0x06c8  kdnic - ok
11:12:23.0188 0x06c8  [ 747ED861374E5589EE56D28E01BDCFE1, C9F5587A0CEC8D63ECD235BE9585A3023F9BFC5DAB28F57D50D85BAB3BE1BCB3 ] KeyIso          C:\Windows\system32\lsass.exe
11:12:23.0190 0x06c8  KeyIso - ok
11:12:23.0195 0x06c8  [ 65AE68224E27425871354430E542252A, 9D1B2FDD0CABFBCCB0C3295691B4D073BD8671C7922032EE8AAC64AA9D1E5FA8 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
11:12:23.0196 0x06c8  KSecDD - ok
11:12:23.0203 0x06c8  [ 6FABC01A91D5F2D5B4DAD2F5F1C6C249, 913585C149E7C7F934401F931FBFE327668AD51F14C793F5B1AA083793F733BE ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
11:12:23.0206 0x06c8  KSecPkg - ok
11:12:23.0226 0x06c8  [ C2ADC979C11A858949ECC1B9233B884C, 43AB852954F801D31956C17513F8178B1F2AB9808BB64A3995C794651960EE5C ] KtmRm           C:\Windows\system32\msdtckrm.dll
11:12:23.0232 0x06c8  KtmRm - ok
11:12:23.0251 0x06c8  [ 57BA03D561180AFABCB812A57704BFA7, AC516431F1109A62AD4F6A5B4CEF159C5B7C23DBB7EC6530F553796FF3E97354 ] LanmanServer    C:\Windows\system32\srvsvc.dll
11:12:23.0257 0x06c8  LanmanServer - ok
11:12:23.0271 0x06c8  [ 7867CD2CC05D8B1377DC7FEE93716015, 22546EFB97DE4EC89A5FDB5FC0779C3DCC9EEA885B7340B88C55B25A4CFA5698 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:12:23.0275 0x06c8  LanmanWorkstation - ok
11:12:23.0288 0x06c8  [ AD581D8BA8C2CE46933D44392BA35C24, 9520352D564AD670BC003B90ACDB8EFCD581D2540286729708E1085C659EF262 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
11:12:23.0289 0x06c8  lltdio - ok
11:12:23.0302 0x06c8  [ BCDCFD2C2115334419EF025C533AB6C5, 8461B3A9B721905A46020B2384B7587FB699D87E13050390D1D7936CB1EB9C83 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
11:12:23.0307 0x06c8  lltdsvc - ok
11:12:23.0316 0x06c8  [ FBA8BDF947B5289E85324F00043CC5D8, 28091B1CB0137024E4EDA28A8AD0C3C090090942E8D2CEC242CFAFE91F7E69F2 ] lmhosts         C:\Windows\System32\lmhsvc.dll
11:12:23.0317 0x06c8  lmhosts - ok
11:12:23.0323 0x06c8  [ 6B01CB678E1E390CEA9514D4774EFB51, D1454269D2054C71ED732D34E5D625E468ED01689824603704E64A6AF0125629 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
11:12:23.0325 0x06c8  LSI_SAS - ok
11:12:23.0338 0x06c8  [ 4C3AFBA9ED36535313054AC26532E9DE, 1557BEA6F30B1DE7C4D9E4FECB6DDF8AFA87D91586ACD5B700E1966446F2DA85 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
11:12:23.0340 0x06c8  LSI_SAS2 - ok
11:12:23.0346 0x06c8  [ 0715DC27611C202D04BC0365D666DD27, EAF76A9A5CD515C874AB1964A035CEC7FF446FDFE642A67491028190B464CE38 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
11:12:23.0348 0x06c8  LSI_SCSI - ok
11:12:23.0352 0x06c8  [ DB6B9554AA4F83212E80D5107D8C53EE, CF8032926AAE9846291FCEDE10E8633AAE01DCCBE67F6907584A61259FFE7DC4 ] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys
11:12:23.0354 0x06c8  LSI_SSS - ok
11:12:23.0375 0x06c8  [ 2ED5C59FF66818436934724FE443FBB7, 2132D3988963D5C53BD14B5A7E2B0B24F73E6A3C81B80FE107E1AB465E8CA2CA ] LSM             C:\Windows\System32\lsm.dll
11:12:23.0382 0x06c8  LSM - ok
11:12:23.0388 0x06c8  [ F731770C339FEB6563397D410793A756, 6338F009BE439AE507AC878ACE92D96A8A87FD9EFEA2B47D5A350A835C98A427 ] luafv           C:\Windows\system32\drivers\luafv.sys
11:12:23.0390 0x06c8  luafv - ok
11:12:23.0413 0x06c8  [ 29CB85A1FE091C9D3AA3C72D66DF3E69, FB196EC7F8095752713A336B79835D796F8EA738EE0512386C9116B277A9F210 ] MBfilt          C:\Windows\system32\drivers\MBfilt32.sys
11:12:23.0414 0x06c8  MBfilt - ok
11:12:23.0437 0x06c8  [ 8FD868E32459ECE2A1BB0169F513D31E, F28E47FBEC8EC8424FFFB359668E0FEEA66A69E9D737D75472934FAC39770390 ] mcdbus          C:\Windows\System32\drivers\mcdbus.sys
11:12:23.0439 0x06c8  mcdbus - ok
11:12:23.0461 0x06c8  [ 10780F0686FE44C294D38ED157826409, E33D719F4369E87A89664B3E83076B60244CDA5B5BFBF0F752E6CAE187803B95 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
11:12:23.0463 0x06c8  Mcx2Svc - ok
11:12:23.0468 0x06c8  [ 125C3C5A315500A1AD54F0B4766AF815, 6ED651E48818B56EB772B5278D7A4BC183FC02599C5C6554ACA9B8DBA65AEC2B ] megasas         C:\Windows\system32\drivers\megasas.sys
11:12:23.0469 0x06c8  megasas - ok
11:12:23.0478 0x06c8  [ 05457CC7F5586C6E8D02FFA7F23FCEDF, 9D5C4E6988701515FC745F0833ABE81749779235615EE3FEC74825E9C7B1B1FF ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
11:12:23.0484 0x06c8  MegaSR - ok
11:12:23.0501 0x06c8  [ D3C9785D97C09EE702FC06BDE74C7FE0, DB5B5625FF41FA977BE939AD662CB781D65B7DEF0777238C7A2FE58A01B63349 ] MMCSS           C:\Windows\system32\mmcss.dll
11:12:23.0503 0x06c8  MMCSS - ok
11:12:23.0507 0x06c8  [ 049E433162AFE9B08C05D81D2C62CD61, 3CA4F3D569E2E827A1E70E3FACF65739499E23890848896BEF91B93230249746 ] Modem           C:\Windows\system32\drivers\modem.sys
11:12:23.0508 0x06c8  Modem - ok
11:12:23.0519 0x06c8  [ 7E93949414DA50029E2B5746AD8BB3A3, 97A5E5B93BD83C1375A1E1964684FBDFDB4D0E72B433240FE1821003AA718C44 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
11:12:23.0520 0x06c8  monitor - ok
11:12:23.0534 0x06c8  [ 9D3F069A705325E7B7CEA36BFB65E616, C32805CBD337F17BB263F1A7677DD03EE4E7017A53C671606C96EF1F686D8B68 ] mouclass        C:\Windows\System32\drivers\mouclass.sys
11:12:23.0535 0x06c8  mouclass - ok
11:12:23.0539 0x06c8  [ A6BA920D42A6154B3F272F4290D33B48, DA600DD9F05C99ACE7E49413F68977FBD1B568C7F6C59B283281D70F6FF8B573 ] mouhid          C:\Windows\System32\drivers\mouhid.sys
11:12:23.0540 0x06c8  mouhid - ok
11:12:23.0544 0x06c8  [ 13D8E3077EF0AE583F4634236D9A0992, B3ACB79B56738A4462BBA6E30A513523FFA0C00B6E7F5AF9C7DD61DDF1B71146 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
11:12:23.0546 0x06c8  mountmgr - ok
11:12:23.0550 0x06c8  [ C8D0E7A4C5033EF0A7DD076F08CF2F70, D16D415D419F74493EBE862D936BCD59E6890ECB53DAE02992ADBE022551993A ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
11:12:23.0551 0x06c8  mpsdrv - ok
11:12:23.0580 0x06c8  [ 0D99C0E7582A42AFEE071A8558520155, C6FB60BD52E04C47A2C31A604EC503C175884638A197DCB7CF0A1EE9BE2D4445 ] MpsSvc          C:\Windows\system32\mpssvc.dll
11:12:23.0594 0x06c8  MpsSvc - ok
11:12:23.0600 0x06c8  [ 329E3ACBFC616666D3D04C6FDC1B71E0, 124D98145025966987B6973B9B3A52A11AB99B72F036616D8D41B64717676523 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
11:12:23.0603 0x06c8  MRxDAV - ok
11:12:23.0624 0x06c8  [ 7E23F6BFB65A90F42359D803D1F335A3, 33B7D0578B5645499AE4B7D3503EBF328299E76E002442F73574769A521298F6 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
11:12:23.0630 0x06c8  mrxsmb - ok
11:12:23.0642 0x06c8  [ B9F3DA35CDE171B5CBA70319AD7D5E59, A05FD89B048CBF96FFC0E78E58304B1468E2C0272288FEB200C0B92361239722 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:12:23.0647 0x06c8  mrxsmb10 - ok
11:12:23.0654 0x06c8  [ BDF3BD11E6839190E1F70664B7CD2705, F5D5D8A58437CFBD1E3A7F4B8A78172CFD94F63AC948AEE6F0FB7713F3D6D3B9 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:12:23.0658 0x06c8  mrxsmb20 - ok
11:12:23.0677 0x06c8  [ 61E23CF0A54EDBAE5CFE3322E960ECC9, FA6BC02B2502BAB383A0A021B4283CF48513CF8CE2F2902C80F3F992F82B82DE ] MsBridge        C:\Windows\system32\DRIVERS\bridge.sys
11:12:23.0679 0x06c8  MsBridge - ok
11:12:23.0692 0x06c8  [ 37594E0C3119827CA7F8D16D187239E0, A41B23E7EFC03F87D6DE6937D1E695AE386E04C21192E5D037BE00B756F39DDC ] MSDTC           C:\Windows\System32\msdtc.exe
11:12:23.0695 0x06c8  MSDTC - ok
11:12:23.0702 0x06c8  [ 651DEF4337DD77E6A607CEE49D3C4B30, C236987022AAF21BCF076D73D51A93DD12CAFDADC3CC2291790EF1F5B54CC4AA ] Msfs            C:\Windows\system32\drivers\Msfs.sys
11:12:23.0702 0x06c8  Msfs - ok
11:12:23.0706 0x06c8  [ C660BE16B4201D1D48CFDF14F8BDB93E, 4320D5367721BAE7177AB91758CE72E22C0FD71DABC5EAF484A1C713D2ADC314 ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys
11:12:23.0707 0x06c8  msgpiowin32 - ok
11:12:23.0720 0x06c8  [ 26BBD77D23FFABB14C3291A1B8555EA5, C49421E288922F4E55D4A30929D6EC459FFDA7F74E0F75D0E0F242A06CC4EA52 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
11:12:23.0721 0x06c8  mshidkmdf - ok
11:12:23.0724 0x06c8  [ 51808FEF911B77758A6CF7CEB469AF9E, C5CECAC8CB7BA8DE3B41F7C9EA4C1EB57FE36798D74EB31A521BD0AE60F37812 ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys
11:12:23.0724 0x06c8  mshidumdf - ok
11:12:23.0738 0x06c8  [ F103DF830D370B7535FDA3D477C8D8A0, B46C8C3767FBFEC39F43BD7018227B69D9BBEB1EA8D2BB73E9590931719F4B6E ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
11:12:23.0739 0x06c8  msisadrv - ok
11:12:23.0757 0x06c8  [ 2C777DD7FD2340F9F9F8BD76B9810956, B626AC922488274C2EA82F880FE9041EFBC9017F8C87A1316312E9B5BB7EE3B9 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
11:12:23.0760 0x06c8  MSiSCSI - ok
11:12:23.0763 0x06c8  msiserver - ok
11:12:23.0766 0x06c8  [ 3FCF6AA904516872CF70ED248F86889B, 00D72A08BDFBE1E10F7C05C144D50946708CDF42258C0F353B677B35696DC1D7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
11:12:23.0766 0x06c8  MSKSSRV - ok
11:12:23.0788 0x06c8  [ 10C229EAC28FDB8550EE93D955932F83, 5A45CE23CEADB7234C38C85173D35897CB7D2AA132B7391EF8014C1BEE439932 ] MsLldp          C:\Windows\system32\DRIVERS\mslldp.sys
11:12:23.0789 0x06c8  MsLldp - ok
11:12:23.0793 0x06c8  [ BA786F089895196E18120F66F996A3D2, 5760FBD42095205C02BBBE31FDFFFD5E81B7152014A7838AC946D664B61337CA ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
11:12:23.0793 0x06c8  MSPCLOCK - ok
11:12:23.0796 0x06c8  [ 362950A5F7B1794DA9CB985AF7BBCC4B, 2F106BEC7533FE7E584A04369390D487563B7D5E1B92FBAF9ABB8F97457DE829 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
11:12:23.0796 0x06c8  MSPQM - ok
11:12:23.0804 0x06c8  [ 79A14AB6C6A5B01E9CE99937D1304D13, EC2FF1D0E3BF3C056D111803D3EAAB64F35E40CE4354F765F1EDF76A5C05341F ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
11:12:23.0808 0x06c8  MsRPC - ok
11:12:23.0813 0x06c8  [ A819A3006C27870AF05E408AD06FACFF, C97A384944962E6A5DAC416A98342B7BFFE3B0793A33EA099DA0951F2A5F5067 ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
11:12:23.0814 0x06c8  mssmbios - ok
11:12:23.0831 0x06c8  [ FB1D61A2998A5C4456C6B73DD41D5352, C11FDA9240A36BA45878C70416F5A40E34A127B4D2F0F7E65F1E9D407D69338D ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
11:12:23.0832 0x06c8  MSTEE - ok
11:12:23.0835 0x06c8  [ 3CC687876469F0FD3B2D936FA7A6EC59, A61610E34DD8258924ECD9FF95E28D69CAC90DC6EE3BF64CE3126332761625FD ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
11:12:23.0836 0x06c8  MTConfig - ok
11:12:23.0840 0x06c8  [ 6779B2A319A563C68B56DE8491E9EA76, DFD78A3931014668E88274DFCDCB08713FD5E5DEE14F9AF16BCACA45604FB5C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
11:12:23.0841 0x06c8  Mup - ok
11:12:23.0846 0x06c8  [ 1DEF95DC467131BF4AB52A8F72C42D89, 9141A50E1C472D09D273E02C48B2C36CEE5EC6E4A7E9E568A096A144F9B7AB91 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
11:12:23.0847 0x06c8  mvumis - ok
11:12:23.0869 0x06c8  [ 34FEF8CBBD7C4FACDD6AB68E39E02062, EE10E2C22A2DEC635BC97E4C044052232353891B63D81C429FE2984D278C8371 ] napagent        C:\Windows\system32\qagentRT.dll
11:12:23.0876 0x06c8  napagent - ok
11:12:23.0901 0x06c8  [ D48E3B33BD911BA28413A4337456724F, B68A782BDEB0B2E592A6FE72E1BAC3636D6385B6535443608B2F8B2F42705BC6 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
11:12:23.0907 0x06c8  NativeWifiP - ok
11:12:23.0954 0x06c8  [ E4534BCCDD1EA7A7A256BB9D6688A5FC, 68AFEDC17BF449DF7FC9CC9D7F020C1D82ABE91C40C7E6419DF87FAFDA700A0E ] NAUpdate        C:\Program Files\Nero\Update\NASvc.exe
11:12:23.0962 0x06c8  NAUpdate - ok
11:12:23.0980 0x06c8  [ 4B947B7F1ADCF1AE86B0EB717D55CE0C, 6E0A0C1AA5B4DB709DFC28C708176731C934A48451E7AE8F11DE75DEAB7CAAE7 ] NcaSvc          C:\Windows\System32\ncasvc.dll
11:12:23.0984 0x06c8  NcaSvc - ok
11:12:23.0994 0x06c8  [ 466C47B1335533884C06CA88D073B759, F2C989EA1FE487020E35FDF121721D81FAA6E2A51FF7E12309D933EFECFE0FEA ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
11:12:23.0996 0x06c8  NcdAutoSetup - ok
11:12:24.0018 0x06c8  [ C1068477FA29568D8C4AC262AF594871, 5FABBE45369590525EC99E3FED06B05077ADCDC0C8B5CA0B53459D7919C6D1D4 ] NDIS            C:\Windows\system32\drivers\ndis.sys
11:12:24.0033 0x06c8  NDIS - ok
11:12:24.0051 0x06c8  [ 9B8BC481DEEAA07C51DA214D2CEF2FC9, 187D3BE38CF64AA695512ACCB2D0050772F07A21E200AFA6C6BA6030A2680AD9 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
11:12:24.0052 0x06c8  NdisCap - ok
11:12:24.0064 0x06c8  [ 1EA68DB9E05248EF9B940D6D0A0725B3, 7D3DADA83FCF7346516907D5CBF2F9AD2D49955A3F9F29ED2DCCB51F7B44D3D1 ] NdisImPlatform  C:\Windows\system32\DRIVERS\NdisImPlatform.sys
11:12:24.0066 0x06c8  NdisImPlatform - ok
11:12:24.0080 0x06c8  [ 2964220E48230056BBF6D4CED10BF117, F85BB6EA9CEDF2C8AF526A16C57B3F0F2B2658A06490728622BA1BF3F8942B30 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
11:12:24.0080 0x06c8  NdisTapi - ok
11:12:24.0085 0x06c8  [ DDC67239BFE82DC5A878039B464B1968, 11A9DDC53C1FBF12623964BF2788C5B3F6F1C45D4F283A7CC407E4050CD1F071 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
11:12:24.0086 0x06c8  Ndisuio - ok
11:12:24.0097 0x06c8  [ 556DB924D61BC4A5E0F95D383E9B1009, 17848845E920400CA1C97F6A8F1FD9CEF66C7B761663EFB3809DC80F7F3BB748 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
11:12:24.0100 0x06c8  NdisWan - ok
11:12:24.0105 0x06c8  [ 556DB924D61BC4A5E0F95D383E9B1009, 17848845E920400CA1C97F6A8F1FD9CEF66C7B761663EFB3809DC80F7F3BB748 ] NDISWANLEGACY   C:\Windows\system32\DRIVERS\ndiswan.sys
11:12:24.0108 0x06c8  NDISWANLEGACY - ok
11:12:24.0112 0x06c8  [ 9C05D1F7D2ED34D5F3653386B33637FA, C40218034693731B326B32B6850472533635A8C9B2B63DB9048EE06521787DBE ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
11:12:24.0113 0x06c8  NDProxy - ok
11:12:24.0118 0x06c8  [ 583F95CEFCD5D896B5531BD338030401, 0CB24459430CBDC367B86B8085C14D0F9DC1992BC1B282F543641583B752CF38 ] Ndu             C:\Windows\system32\drivers\Ndu.sys
11:12:24.0120 0x06c8  Ndu - ok
11:12:24.0124 0x06c8  [ 4CA677A214248DB8227F8035B546F7D0, 50B89A5AF9423EE0820E7E15F22345EF9EFB284882B2C4CDC6E86B898C74108D ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
11:12:24.0125 0x06c8  NetBIOS - ok
11:12:24.0147 0x06c8  [ 303A053C25E468B9925C22288BEF8484, 7A5BCE4B6BB0D20187E4F9E253D86F0F6ACD90C16367DD427F6FB5DE76B79A5F ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
11:12:24.0152 0x06c8  NetBT - ok
11:12:24.0166 0x06c8  [ 747ED861374E5589EE56D28E01BDCFE1, C9F5587A0CEC8D63ECD235BE9585A3023F9BFC5DAB28F57D50D85BAB3BE1BCB3 ] Netlogon        C:\Windows\system32\lsass.exe
11:12:24.0168 0x06c8  Netlogon - ok
11:12:24.0190 0x06c8  [ A54157CE7FF480834897CC0FA6DDF620, E126AA31791CE374E83472C51BEDE5EBD80CF3A6B69B10767D50E26C2AC328BA ] Netman          C:\Windows\System32\netman.dll
11:12:24.0194 0x06c8  Netman - ok
11:12:24.0217 0x06c8  [ 2C58C6C773922EBCDF8580C22AB81790, 23CAF61D21EC1786122AC9783A7A3332858E59BBCB42899DC86518586936FBB8 ] netprofm        C:\Windows\System32\netprofmsvc.dll
11:12:24.0224 0x06c8  netprofm - ok
11:12:24.0276 0x06c8  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:12:24.0279 0x06c8  NetTcpPortSharing - ok
11:12:24.0283 0x06c8  [ 4B539272E9F5C3B8D9714D137FD340A6, 382E36ADA5B80119915B4A3506EDBE4EAB96427CFFD591B9AC2930884C60A67B ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
11:12:24.0284 0x06c8  nfrd960 - ok
11:12:24.0293 0x06c8  [ CC5B6F39D39E43017B3C345AFC1F6C82, A7F4B6ED9239AA13A3F353220F75D7B2F1DD2FA451A7B7B8E3187C99E89831B6 ] NlaSvc          C:\Windows\System32\nlasvc.dll
11:12:24.0300 0x06c8  NlaSvc - ok
11:12:24.0304 0x06c8  [ EAC569A77BE92B247FCA51E498B17DF1, 3295DB8AC8BE62AE39A4EF212E1E02E72F4AC13F56D3D6105590A0906B27DD69 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
11:12:24.0305 0x06c8  Npfs - ok
11:12:24.0308 0x06c8  [ 6E994702ED294CDBED7621590EC75735, 475DAD1282C2959C385397D93D99EB610081A05A85D0210735FBDF160FA64A38 ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys
11:12:24.0309 0x06c8  npsvctrig - ok
11:12:24.0321 0x06c8  [ 61C583D971CC3411CCD3D58704E9301B, 4B4A24B39FAA4E755C016253B69CE48A7FEBF1D1A910D4373D7F60C2CF2A8D63 ] nsi             C:\Windows\system32\nsisvc.dll
11:12:24.0323 0x06c8  nsi - ok
11:12:24.0327 0x06c8  [ 9588CCD14571FA22F8F2ECCF198AB448, 7F194114CD81E2DEE36D1000B8A89402399216815837C34239B35EA1CCD7A59D ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
11:12:24.0327 0x06c8  nsiproxy - ok
11:12:24.0379 0x06c8  [ 78541BBEC14065243D88D8958BB8AEC2, 7DB1008389FDDCF80D3B629E066023405000C264431E8A5C801352030F4FCCF0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
11:12:24.0408 0x06c8  Ntfs - ok
11:12:24.0480 0x06c8  [ 0F965AF67042AF539274738FFD0C8C71, 69CE25330134F30B6FE9205D7AAAEC1B6EE2D9784300DD7816295B766B2BA027 ] Null            C:\Windows\system32\drivers\Null.sys
11:12:24.0481 0x06c8  Null - ok
11:12:24.0497 0x06c8  [ BD23FF50A9A59AAF48052F5E7D0682B0, 36177EA9B24B5F6E9A5F4431056AC0B682B3495A0373468E8B37662DB434A31F ] nvraid          C:\Windows\system32\drivers\nvraid.sys
11:12:24.0499 0x06c8  nvraid - ok
11:12:24.0506 0x06c8  [ 108DD54A5B1E73F583AF7DC94CCE52B8, 5F581FEAFEA38FD7DBB4F2159C16395FBD2E02ABC53F580DAADA1D40DA216E99 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
11:12:24.0509 0x06c8  nvstor - ok
11:12:24.0514 0x06c8  [ 5ED87C9C51CFE59B1DDFF8290719E0E4, 29AF0085237B8E0E972BD4909734A613216E6BC13EBBECF35142D65FF0F64293 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
11:12:24.0517 0x06c8  nv_agp - ok
11:12:24.0575 0x06c8  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:12:24.0578 0x06c8  ose - ok
11:12:24.0752 0x06c8  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7, F342100E2E9001F11FDF93F856B50FA43F9B85D2C6B5706EC0433E77206498DA ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:12:24.0835 0x06c8  osppsvc - ok
11:12:24.0889 0x06c8  [ BB3916021D0AC8D33C02C1161B7A2621, 01452A201C2CA555706356CF1EB9890BD4857DD906DFC1CF66AAA3E29D4562A2 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
11:12:24.0895 0x06c8  p2pimsvc - ok
11:12:24.0913 0x06c8  [ 433A776514D8A57DA92467991AE2FEFF, 44ABE749266FBAFE4AE72B7777572D458A2E4ED77A256CF59FDFAEBA3CBE5827 ] p2psvc          C:\Windows\system32\p2psvc.dll
11:12:24.0921 0x06c8  p2psvc - ok
11:12:24.0930 0x06c8  [ 8BCE63AF5B52642E832630F862DE96EF, 8D5D282A3F9CADA3A08211997828E36979400A048A850D3E06E7E66C90D90F6F ] Parport         C:\Windows\System32\drivers\parport.sys
11:12:24.0932 0x06c8  Parport - ok
11:12:24.0947 0x06c8  [ 14401940703A32D62EF015173D0DD008, 3C0ACD0E8E0B5354E0F539DA2F85B2D5F61EFEE851CB85D00FF02B284396D7F6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
11:12:24.0949 0x06c8  partmgr - ok
11:12:24.0952 0x06c8  [ 49A439FEAB060F74B8EC7DBF44D4A7BA, FCA6A9809A9930902DA8C9F1643F0A77CBF81012FC43ED5B039C3A1E5F9A67C7 ] Parvdm          C:\Windows\System32\drivers\parvdm.sys
11:12:24.0953 0x06c8  Parvdm - ok
11:12:24.0983 0x06c8  [ 1DAABA22886AB5568BF1527D35279895, 088F55A467486E021296ADF08AE4DFDAD13D2A1DD0C2191F6E91B247D120CA14 ] PcaSvc          C:\Windows\System32\pcasvc.dll
11:12:24.0990 0x06c8  PcaSvc - ok
11:12:24.0998 0x06c8  [ EA828C84C8948D0E4994C1E0A45EB05F, 5B6BB5AA870BC2F46CA8E037B21DC0B9748C2D26E3C2C9079330302783FAC5B9 ] pci             C:\Windows\system32\drivers\pci.sys
11:12:25.0001 0x06c8  pci - ok
11:12:25.0005 0x06c8  [ B4444133ED61F87FD49A2ADD28285115, 26DB2CF0B9832FE5677C108C833A8A416354EC91707AD54A05A01F0F6906074D ] pciide          C:\Windows\system32\drivers\pciide.sys
11:12:25.0005 0x06c8  pciide - ok
11:12:25.0013 0x06c8  [ 6E11FDE71F2015007CDD4AE9D2D700C9, BA9D2D9433B947A0B47F879FA7689C7C5F6DB28B93CDA32C672B8A72E92C7E3C ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
11:12:25.0017 0x06c8  pcmcia - ok
11:12:25.0039 0x06c8  [ 5B6C11DE7E839C05248CED8825470FEF, DB57DFD02C18461B1B383DF759730FFEE9C7FA8577E1679FD4740A590303EE79 ] pcouffin        C:\Windows\System32\Drivers\pcouffin.sys
11:12:25.0041 0x06c8  pcouffin - ok
11:12:25.0045 0x06c8  [ 8A56B080B12950D448D556FE4BA6C68C, 850DB538CE4F65E18F5402E57BE5FF458F1EF68C8BBA5A7B0B5EBF3E4C5B990F ] pcw             C:\Windows\system32\drivers\pcw.sys
11:12:25.0046 0x06c8  pcw - ok
11:12:25.0050 0x06c8  [ 810769DE828C28E986F9163B09EDEB66, 40F1C3DF0FAC53BCCDA9979C1E77B24521EAF3A2C901F7828B9D26E47611B3FC ] pdc             C:\Windows\system32\drivers\pdc.sys
11:12:25.0051 0x06c8  pdc - ok
11:12:25.0081 0x06c8  [ 50F9CC87D2F7DA89356C99B9F73580D6, 4C65D71F899B0C2A75811F5C62F7F0A63008EA019CDB84AA540355AC472F7AE9 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
11:12:25.0094 0x06c8  PEAUTH - ok
11:12:25.0163 0x06c8  [ D90D72035BA6DB320C9700E16552D0FE, 0DD0FD650A7532ACC9C5BC5D98F41484852DBC17929A55D99632C04A04D06C97 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
11:12:25.0200 0x06c8  PeerDistSvc - ok
11:12:25.0261 0x06c8  [ CCF3E6C601D71A4CBB4C08B5591E5D26, 93976471B32211328FCDBBEC10BCA0E9B4497A8A6AA21125894CE54E11A7014F ] pla             C:\Windows\system32\pla.dll
11:12:25.0288 0x06c8  pla - ok
11:12:25.0308 0x06c8  [ D87B33F7F58822B431320769FD1668D8, 6E1A0761840FBB0C35DEB8C620C4D0033DE4975C2304726F41C1BC488BB8154F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
11:12:25.0311 0x06c8  PlugPlay - ok
11:12:25.0315 0x06c8  [ 7BB1FAB338641C440FDCDEB8B243648A, 8A9DAA73A674409EE7A8CEDED2769F3B365FBB183A1EC510BEE00F30A7DF8119 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
11:12:25.0316 0x06c8  PNRPAutoReg - ok
11:12:25.0326 0x06c8  [ BB3916021D0AC8D33C02C1161B7A2621, 01452A201C2CA555706356CF1EB9890BD4857DD906DFC1CF66AAA3E29D4562A2 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
11:12:25.0331 0x06c8  PNRPsvc - ok
11:12:25.0357 0x06c8  [ 9DC57EB201F2F77E874084176EAD5BCF, 6B0E37955FAA6E1835D9280669B2AA703DE846C1B8D1EDEE32B46A5206699069 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
11:12:25.0365 0x06c8  PolicyAgent - ok
11:12:25.0380 0x06c8  [ 4DF174DF7A1924273186F260DB63D162, 3718B21922C3FF7F2F68968AF3D93D940345AED57E165F136073B02030F07D52 ] Power           C:\Windows\system32\umpo.dll
11:12:25.0382 0x06c8  Power - ok
11:12:25.0387 0x06c8  [ 03D522782A0BB5108C8A43A10EE51CB0, B1CE7693A119091B5924125B6C1CCBD7DC8519F7D649DBE9F5FD667E4F8F6861 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
11:12:25.0389 0x06c8  PptpMiniport - ok
11:12:25.0495 0x06c8  [ 2D55A1BE48C6D5B695D05A829E528D42, AC797C4FD9912BAD8A91E9596455276A6CBA2E98D36EE17A1687FE24BC9442C8 ] PrintNotify     C:\Windows\system32\spool\DRIVERS\W32X86\3\PrintConfig.dll
11:12:25.0535 0x06c8  PrintNotify - ok
11:12:25.0542 0x06c8  [ 03B982CAD4C2661076061F726200699E, C2E41C86F9F0AA4A1989587CE176059EFA51EF9A0878747733F8B8D3798D0F4E ] Processor       C:\Windows\System32\drivers\processr.sys
11:12:25.0544 0x06c8  Processor - ok
11:12:25.0563 0x06c8  [ FEE5D89ABE17FBD24FE8A6FD91543316, 9B6BB5CE63963ABB9535B5FCA64A605EC01A93A7799FFD78404E714F757524ED ] ProfSvc         C:\Windows\system32\profsvc.dll
11:12:25.0567 0x06c8  ProfSvc - ok
11:12:25.0579 0x06c8  [ 42E46DC7767F5AB664E3F6B36D9764AD, E4D6D493DC0C7A3881572BB238744AF8B040D40C9A4A53F2A5067FBAE63DC21C ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
11:12:25.0581 0x06c8  Psched - ok
11:12:25.0590 0x06c8  [ 9D8D860A9CF57A47E0041C9BDA415130, FADAB842C0C8EA69E6341B192F64946FB1C2EC25DF21EF789FB94CBBEA2B3DBF ] QWAVE           C:\Windows\system32\qwave.dll
11:12:25.0596 0x06c8  QWAVE - ok
11:12:25.0610 0x06c8  [ 29E548E1C511BFBE56FA6438488DE0E0, 9C8E314FEA828BDAF91F54D338339116AD26203D91A7043B7DB006940F20888A ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
11:12:25.0611 0x06c8  QWAVEdrv - ok
11:12:25.0621 0x06c8  [ C07E9331431C78D41F30E62A15E1D324, AEB4ACD4352149CC5EE88CCB73386559FDC03735E1F641271CE7D137EF923ED1 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
11:12:25.0622 0x06c8  RasAcd - ok
11:12:25.0635 0x06c8  [ F63755B2DCE1BE7927F5CEAB7991EFED, 6BBDC6ED8948CCF47F196E5F1109FE29137B05F796D5C0A52524F146277CB89E ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
11:12:25.0637 0x06c8  RasAgileVpn - ok
11:12:25.0654 0x06c8  [ 63A57B7DDF705E4D7D6B0FF86BDBBF96, DD2B68A0C0F7EBDB38DA7D9F6B211B88F498404B55F8E6ED552988272377B573 ] RasAuto         C:\Windows\System32\rasauto.dll
11:12:25.0657 0x06c8  RasAuto - ok
11:12:25.0662 0x06c8  [ 6E0649D7325D85C47C844EB3267E4625, 56D80C2AC5D6EFE28FA7EEAD042ACA4E400A6CAF46DE639E7FA3A8370EBB8344 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
11:12:25.0664 0x06c8  Rasl2tp - ok
11:12:25.0684 0x06c8  [ FA17FE26953E6B0DE7A5A966253869E9, 313D036927D7D27D839688DD047823C6EE856B2702A8CDB65D68DB956AB6A73A ] RasMan          C:\Windows\System32\rasmans.dll
11:12:25.0690 0x06c8  RasMan - ok
11:12:25.0707 0x06c8  [ 5BA6DB7AD04A8EADE0A41E6C8427582B, 2ADCDCA17983A684CCB215F589DF40C0CC5BF7B74FB537048DFF13C18EF9C760 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
11:12:25.0709 0x06c8  RasPppoe - ok
11:12:25.0724 0x06c8  [ 3A421DDA09E3BF96E9D698D13FDC139E, 97069847CFCE7A15FCD918FA782D23B5F04298FB06DA1279932AD52F0F3D2662 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
11:12:25.0725 0x06c8  RasSstp - ok
11:12:25.0748 0x06c8  [ E0E033E0A8122FEC2AAF48B99EBC70F9, 33F80156832991CF44DF32BF7CBF333B9B0B0E5216AFEA3DD27DF5088E7D489E ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
11:12:25.0754 0x06c8  rdbss - ok
11:12:25.0767 0x06c8  [ 4FB0345ADE5C2E15EA1A22F173E71D37, 9E2D9C111F0C3B52EE0AB5E914C60490929B9EA27F5D643CD1C0CAA1E7AC5FE5 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
11:12:25.0768 0x06c8  rdpbus - ok
11:12:25.0774 0x06c8  [ 2CAD2A13569741C67CD9C52F97E0F992, 4093D72D191972BF4111B6F9FC69AEA4669B330F2BD4463777990822316BB166 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
11:12:25.0777 0x06c8  RDPDR - ok
11:12:25.0797 0x06c8  [ DD7A269C2E3CDEBDBC872A1BBB547FFD, 0CEE314EC2DCA210FBAD6DFBEA332C34AAE8EF944B6ACBDE5ED2C9CECDD599AF ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
11:12:25.0798 0x06c8  RdpVideoMiniport - ok
11:12:25.0809 0x06c8  [ EA0E833A1418C28E6085DFFA68731EA5, B9D18B4F5E32AE73EF70AF3BADA878970727A32A26E94245D567AA22B589A85C ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
11:12:25.0813 0x06c8  RDPWD - ok
11:12:25.0820 0x06c8  [ 38A8012D03150D6852B9CDDB24280F1A, EDFBDC31D42BE580B34726EE165A822E21B14A5CAB5FED874D9C600454CDFC45 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
11:12:25.0824 0x06c8  rdyboost - ok
11:12:25.0835 0x06c8  [ 9F38A0A16958C33552C92EAE5AFC9E5F, A6972B39BC5AA9F647361BC6ECAB603F49204C0FF9C0FA9BF524BC9F2AEE129E ] RemoteAccess    C:\Windows\System32\mprdim.dll
11:12:25.0838 0x06c8  RemoteAccess - ok
11:12:25.0843 0x06c8  [ 8331C0CF128BD1A56440B2E82AAA5EB5, 91F7A7E116F509E1455F4CF955A996CBF65C769CF3A3D21079DB77E9E38D6414 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
11:12:25.0847 0x06c8  RemoteRegistry - ok
11:12:25.0858 0x06c8  [ 34BBB60111AAB2BC2F17BCA77A803F20, C81043ACEB0F335E5B40E902AE8172B5C6585BFCF05AC68AC4A724F1F632C4BA ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
11:12:25.0860 0x06c8  RpcEptMapper - ok
11:12:25.0868 0x06c8  [ A8DDFFFBA3F655C82AB5D4A249E4D414, A11C67BB58C7518FCEEB87F3693343CD662B6971605EE7E6CE0AE298BBB3D632 ] RpcLocator      C:\Windows\system32\locator.exe
11:12:25.0870 0x06c8  RpcLocator - ok
11:12:25.0898 0x06c8  [ BCD3562ACB27B8137BF809F61BA44E80, 3BE2617996696AD8A2402C0767E55CE53EF48B4234660C9948E153B5ACBE98C7 ] RpcSs           C:\Windows\system32\rpcss.dll
11:12:25.0911 0x06c8  RpcSs - ok
11:12:25.0917 0x06c8  [ C7BD738B9BF45E797A6089AF946BAC47, 1AE7B4671444AF1D597A2E69AF07809DA6B1277532EC74157BE64F914ADC684F ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
11:12:25.0918 0x06c8  rspndr - ok
11:12:25.0976 0x06c8  [ 1AACAC056C75D08ABCDD7A8E8BF441E1, FFD21F75C99AAC9D3881FB78483A27C2400D1727E1BAF1A1A2ABA39BB1347368 ] RTL8168         C:\Windows\system32\DRIVERS\Rt630x86.sys
11:12:25.0989 0x06c8  RTL8168 - ok
11:12:26.0006 0x06c8  [ E21867D4A8FF3824150E56979E333610, 00FD801EAF2D7104537D33FD5044E314A13743FB9E94DA72F8D7A3AD66CFD1F2 ] s3cap           C:\Windows\System32\drivers\vms3cap.sys
11:12:26.0006 0x06c8  s3cap - ok
11:12:26.0021 0x06c8  [ 747ED861374E5589EE56D28E01BDCFE1, C9F5587A0CEC8D63ECD235BE9585A3023F9BFC5DAB28F57D50D85BAB3BE1BCB3 ] SamSs           C:\Windows\system32\lsass.exe
11:12:26.0023 0x06c8  SamSs - ok
11:12:26.0031 0x06c8  [ 434F805B0B3840A52C19C96A7BB64AA3, B5B92E07091ECB75B1A72AF1E15F856C05492236D5F86137163DAE60B64CCA44 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
11:12:26.0033 0x06c8  sbp2port - ok
11:12:26.0052 0x06c8  [ B1B737661EF9D779FEE8866CC38F7B98, DD3DC0057A280F59FF83C6F8D111B28A60AE53200FE0732CEE71C8E207584169 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
11:12:26.0057 0x06c8  SCardSvr - ok
11:12:26.0103 0x06c8  [ 89CF8543BB208261C5A684636D379154, D68C8AB2B7FD1ED446D0D173F68905E998FF82A8AEE55DC4F40D0136C82AE319 ] SCDEmu          C:\Windows\system32\drivers\SCDEmu.sys
11:12:26.0106 0x06c8  SCDEmu - ok
11:12:26.0121 0x06c8  [ 3F21FBE0550B41240B6A864F6C8C15E4, ED54180631DEADDF76649E3B78D5CFC213274075E3BD11541D99C7765CC048CD ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
11:12:26.0122 0x06c8  scfilter - ok
11:12:26.0160 0x06c8  [ CDFE4C8A7AB71BD52B2804E5B4E9C4A2, 9B351CB00C1CA78C735104FD5F1073A6E007AB3BB7BE061E3E88D7CFE8C650B7 ] Schedule        C:\Windows\system32\schedsvc.dll
11:12:26.0178 0x06c8  Schedule - ok
11:12:26.0198 0x06c8  [ BAEE72BFBEC7B96AA85F861A6F4FE428, 78E6C63848C5AFCD67C08F2A17BFD764524B8A9117EAF74CD5514F8239E155CB ] SCPolicySvc     C:\Windows\System32\certprop.dll
11:12:26.0201 0x06c8  SCPolicySvc - ok
11:12:26.0208 0x06c8  [ 10446CEE425ACE208B99EC43FCADCAD1, DD83F62BE062B3950005F7A4E0A6B1B9C74C8ADF35AE98761A5970164190AF31 ] sdbus           C:\Windows\System32\drivers\sdbus.sys
11:12:26.0211 0x06c8  sdbus - ok
11:12:26.0217 0x06c8  [ B433671D5A6D36D35141A56B6E75D086, 46E8DBE722E8422ECDF5F4410F26100B55F0799A0293AFFF27AD3BD4DF0FC9E7 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
11:12:26.0220 0x06c8  SDRSVC - ok
11:12:26.0356 0x06c8  [ 95AA9E165C7DE1B64A11E8B18E91E499, 505BB51F358EAE5835071A89069530DFDA99E9C5220EA6A648842C15E74E4907 ] SDScannerService C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
11:12:26.0388 0x06c8  SDScannerService - ok
11:12:26.0395 0x06c8  [ BCAE716C7A79CCE1012BF6BF910D31A3, 16BE6A5763812CE18CF149266A2FA235C2809677DA787E1812AB12093A7A27DB ] sdstor          C:\Windows\System32\drivers\sdstor.sys
11:12:26.0396 0x06c8  sdstor - ok
11:12:26.0430 0x06c8  [ D31398D4BB4907B517B6E784C2100C4A, 36BDB2BFAC2C0ADF8C6DF6D1511ECF43C8F6ED7D4D76244DC5232AD97BA5E9C9 ] SDUpdateService C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
11:12:26.0448 0x06c8  SDUpdateService - ok
11:12:26.0456 0x06c8  [ 6AE8E702D1027A9627DDE2B77BB9992B, 5EA68E2A487D252A68DB0861E7FAFA69956D266CBAA5A1D77751F7E6BD4169B7 ] SDWSCService    C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
11:12:26.0459 0x06c8  SDWSCService - ok
11:12:26.0462 0x06c8  [ A8CC993CED4DF9710ADAABC9DA66B660, 76D64D0D762DCF05AE494749514D91D3F0FF4EC2D0A1FFEA8A5F8708832DF17C ] secdrv          C:\Windows\system32\drivers\secdrv.sys
11:12:26.0463 0x06c8  secdrv - ok
11:12:26.0479 0x06c8  [ B83564D1603B821CCD82CC335C87AD97, 05E75C0E0F69637462FE6F844FBF6835558E5FD0660A8C0CBA621DC3E2F39C9B ] seclogon        C:\Windows\system32\seclogon.dll
11:12:26.0481 0x06c8  seclogon - ok
11:12:26.0495 0x06c8  [ 64355214ECE4573F553353597779EF11, EE47948A806B75EC62A02E13D4A01882DA2F68D05C4D87C98DF96A80590CC115 ] SENS            C:\Windows\System32\sens.dll
11:12:26.0498 0x06c8  SENS - ok
11:12:26.0509 0x06c8  [ 7E4F0DCAF6739C830B8043CCBF79ABBF, 2028E9BDE0DE22D700EB1CC5488CD2FB404FDC3AB77D551A14EB1E76816C38F5 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
11:12:26.0513 0x06c8  SensrSvc - ok
11:12:26.0517 0x06c8  [ 3DE395F302C4DCD3D4792EB786A7B402, 7D6EB490079DE0E05B69B27862F4722B2CC7BAEBCB99C5BD4BF991BD76434348 ] SerCx           C:\Windows\system32\drivers\SerCx.sys
11:12:26.0519 0x06c8  SerCx - ok
11:12:26.0523 0x06c8  [ C706C88BAEE6B23C86C791EF47D901D4, 626378C827D9877575098475B6AB7C30D19B6904AAD1ABD4F369E8880A443586 ] Serenum         C:\Windows\System32\drivers\serenum.sys
11:12:26.0524 0x06c8  Serenum - ok
11:12:26.0529 0x06c8  [ F492965E2EDDB1BCA2E000A1085BE082, 6897D67B22483635F896C04C3FDDA320CF2716EE75D22D1C839B324668CC5A4B ] Serial          C:\Windows\System32\drivers\serial.sys
11:12:26.0531 0x06c8  Serial - ok
11:12:26.0534 0x06c8  [ 409C91880A6A70FDD33CFEDC43D0F808, 306FC21667EC8C360E09E3B7CDEF8CCF99D08A33E4041195B968706B75DD6349 ] sermouse        C:\Windows\System32\drivers\sermouse.sys
11:12:26.0535 0x06c8  sermouse - ok
11:12:26.0547 0x06c8  [ E19B1B639B5017BF6224744565B08E38, 80E3EF170E3DB3FCA318D3EE2DAA49FF27814AD53DB4FABB6567A8BBBD269B98 ] SessionEnv      C:\Windows\system32\sessenv.dll
11:12:26.0553 0x06c8  SessionEnv - ok
11:12:26.0557 0x06c8  [ BDF7F7AC3700DAF0A19D19C008D408C0, E56F2E8669D1DFF7F0EFDA95F3247E685E25ABA17321A1DB51B5F7CD75512337 ] sfloppy         C:\Windows\System32\drivers\sfloppy.sys
11:12:26.0558 0x06c8  sfloppy - ok
11:12:26.0580 0x06c8  [ 578AA5D3C4A4C1052C9B13B4FA748B00, ABFA1E1E64B1CFD7AA52D47580A77C0D1AAF935B694FAA7876C815398744D325 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
11:12:26.0589 0x06c8  SharedAccess - ok
11:12:26.0620 0x06c8  [ C416B8E2EF38D100DA19C4DA8A3E8A17, 1939FB82DEDF5BC7A9F70A0B6013E4C76D8384823400BA9DE15477A86C3C9D40 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:12:26.0630 0x06c8  ShellHWDetection - ok
11:12:26.0636 0x06c8  [ A5A3C56B5E46F77E6992A3772F8E4C8D, 87368D7F54964D699D648771F035F70FBB3FB504FA64106CFE4E3E7784C6E5AD ] sisagp          C:\Windows\system32\drivers\sisagp.sys
11:12:26.0637 0x06c8  sisagp - ok
11:12:26.0642 0x06c8  [ 39763193254A265FDA6F08EF375549DF, 19FD327F61F4057221C180DFA3C0BF6BD35FF3F6185E677A10877B74A8DA0B02 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
11:12:26.0643 0x06c8  SiSRaid2 - ok
11:12:26.0648 0x06c8  [ 2A95CC135283B3C56B783171532B62D0, 5041D60D1F89C0551C7237FCF1C3F59C5124C98CDA10B2669255E9A859FD4B93 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
11:12:26.0649 0x06c8  SiSRaid4 - ok
11:12:26.0668 0x06c8  [ 1FA732F662375B134B510B44686BABD2, 19AABA3445994003592EFFA46476C0892028DB0BC8E9ACCC9EBBB4471CDA433A ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
11:12:26.0670 0x06c8  SNMPTRAP - ok
11:12:26.0679 0x06c8  [ 3B3EDACFE0E7B117AF01A4C8F37C9913, 3311B3B33E8DB9F82B05989F4F7D1455D8329DC08F649B35F04ACA7CCFC1CAA8 ] spaceport       C:\Windows\system32\drivers\spaceport.sys
11:12:26.0683 0x06c8  spaceport - ok
11:12:26.0687 0x06c8  [ C8E9372645392E23CF36B4C1686B1509, 7D894F94240172C2DD7E95BF0EBC698F1F261C53767EFCD46AB2E3A7F9B412C9 ] SpbCx           C:\Windows\system32\drivers\SpbCx.sys
11:12:26.0688 0x06c8  SpbCx - ok
11:12:26.0703 0x06c8  [ D246A6F32CD74A0AE1F00EF7C73A1DBC, 771CFD6D6474DE9CF0ABAF2AF3E800125217CC7EAEA92D6D04F8274080961E5E ] Spooler         C:\Windows\System32\spoolsv.exe
11:12:26.0713 0x06c8  Spooler - ok
11:12:26.0840 0x06c8  [ ED4B93745C905B985BBE197970FFBF2E, E091FB48BDC4DDBEE5F197443B7637ECC3C03CFE142DE13883CCACC0DF432934 ] sppsvc          C:\Windows\system32\sppsvc.exe
11:12:26.0909 0x06c8  sppsvc - ok
11:12:26.0924 0x06c8  [ 8B20E19AF56E21E9549D4CA496BB78D6, 31DE1ACAFDD97E1BA978A88C2649D50B089C0550ACCE6AD6B88E6DFC7BCA3021 ] srv             C:\Windows\system32\DRIVERS\srv.sys
11:12:26.0931 0x06c8  srv - ok
11:12:26.0945 0x06c8  [ 1E5FB77B4D1A1FE002A1BB248FA7484A, D2BA4C849E2169B86D58088419EAA33719566E0214E5A8593D01AF0FC34CF038 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
11:12:26.0954 0x06c8  srv2 - ok
11:12:26.0962 0x06c8  [ 3CC26136D8A0180899F3FF02F44DD43B, FD689CAF3806532AE5788D148AA44DB3F55C4E7846B1A6C9E11C97D332D33DA4 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
11:12:26.0966 0x06c8  srvnet - ok
11:12:26.0974 0x06c8  [ 9B4B2E29751312BF65CBE301AFB746A1, 1D7A8F818A6ABCE927E393E91D365B6269BF03D15A0D5BB212A683CDF49565BB ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
11:12:26.0979 0x06c8  SSDPSRV - ok
11:12:26.0988 0x06c8  [ F23D18AF0C34B5167BA72F9B95EEAB06, 4565F7740650456C559BCF692CFD060556F540C42610CFC19EABE20630D60E9F ] SstpSvc         C:\Windows\system32\sstpsvc.dll
11:12:26.0991 0x06c8  SstpSvc - ok
11:12:27.0001 0x06c8  [ CC17B7A7C4DD72BE2B10DAF254147A2B, E208860E58D1B9E8B3481404BA67A2B6131415B329ADED5BDE8C35B40B9372C3 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
11:12:27.0002 0x06c8  stexstor - ok
11:12:27.0032 0x06c8  [ B9A28B6DA5EFEE202FAD396FEDFE73D8, EE7F313EFAAE36337B51F3A1EAB68906F9116B6A6F4365C515EAC89CCED5B4FB ] StiSvc          C:\Windows\System32\wiaservc.dll
11:12:27.0041 0x06c8  StiSvc - ok
11:12:27.0047 0x06c8  [ C34BCFA72A8BFE7D80092084B6A1E375, 2D88B9227A1D2237F9C343C65AA0B1698B982277D4678A67D96D3BB2DB8CED58 ] storahci        C:\Windows\system32\drivers\storahci.sys
11:12:27.0048 0x06c8  storahci - ok
11:12:27.0062 0x06c8  [ B00DA575ADF228C1D33269CDE92A68EC, 33787F3314CB28B0112E24D1E4160E76A051B102BB54B800FE44DBB2AA0B331E ] storflt         C:\Windows\system32\DRIVERS\vmstorfl.sys
11:12:27.0063 0x06c8  storflt - ok
11:12:27.0070 0x06c8  [ 9AA77CAD9ADF035109B9E65EB3F8D61A, 9CB8A2D0DA85FED8D1B1C809C15BC25C0905B10F32B018A1E6D7DB7D224E631D ] StorSvc         C:\Windows\system32\storsvc.dll
11:12:27.0072 0x06c8  StorSvc - ok
11:12:27.0076 0x06c8  [ 5C538C4975B53C31500BC535FF436CDC, 84FE3FA917970B00C73AF4364357204548956D23286F5CC5BFFA76996C30F358 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
11:12:27.0077 0x06c8  storvsc - ok
11:12:27.0081 0x06c8  [ 8DF8D4AEADF32F5D4C6FFA9936E16A10, BC8A7B1E63B4BDE541E51338CF20247D62944665C2A68C40145787EEC90C1847 ] svsvc           C:\Windows\system32\svsvc.dll
11:12:27.0082 0x06c8  svsvc - ok
11:12:27.0096 0x06c8  [ 8DCA45AD5E2D83E00A1952BE2B541A27, FA80FD42EFB4F0D27CC28DC3E92C5D365D851389643D7E083B5A8AD493E10815 ] swenum          C:\Windows\System32\drivers\swenum.sys
11:12:27.0097 0x06c8  swenum - ok
11:12:27.0116 0x06c8  [ B53421FCD315F35837A07716E9F7A1E7, C38F0E84343B0A0E253B90949B2E707C5F0C3266BDDAF728D0F9B8CDAD81592E ] swprv           C:\Windows\System32\swprv.dll
11:12:27.0124 0x06c8  swprv - ok
11:12:27.0167 0x06c8  [ 72EFFCDAAFDB8FB568A56B02D5703B76, 46A8CA3452B0E16DC50C44742C28C7AF470A08F809F3E1C5371827439EAAF9A1 ] SysMain         C:\Windows\system32\sysmain.dll
11:12:27.0187 0x06c8  SysMain - ok
11:12:27.0194 0x06c8  [ E2B1F6EB353D82635977490AB163800F, 3189791DF2A4AF9B364F7B36E6DBF995CCAFE8EDCE14F99B183C166BBCA9008B ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
11:12:27.0198 0x06c8  SystemEventsBroker - ok
11:12:27.0209 0x06c8  [ 3705A5E2A2834EA94EF073D87AF88D8F, 739DADA36D2061104866DAC763C8963E81A4779DC9F7C57D7B892DCEAF09FF40 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:12:27.0212 0x06c8  TabletInputService - ok
11:12:27.0234 0x06c8  [ 4A10477302BB35A17ED818CD8720478A, BA8916728A27ACE600292AC40AE2F5FB6864DC07A0AD4845644CBF5DA1C53536 ] TapiSrv         C:\Windows\System32\tapisrv.dll
11:12:27.0239 0x06c8  TapiSrv - ok
11:12:27.0300 0x06c8  [ FF19CA1C64458F4E0F4F0FAEA22313C2, D012C0C1EF8048BAF348D0F493033F2DCB1EAECFADBCB64478E747848D85EEC7 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
11:12:27.0332 0x06c8  Tcpip - ok
11:12:27.0389 0x06c8  [ FF19CA1C64458F4E0F4F0FAEA22313C2, D012C0C1EF8048BAF348D0F493033F2DCB1EAECFADBCB64478E747848D85EEC7 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
11:12:27.0422 0x06c8  TCPIP6 - ok
11:12:27.0439 0x06c8  [ D40FB114D559FDDE599293E1B5107644, A716D610199DF1DB3D59EF83E2BB7251C3E3398D63747ED51626F6876ED58AE0 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
11:12:27.0440 0x06c8  tcpipreg - ok
11:12:27.0446 0x06c8  [ 0886D9F1B5A5334FBB143A260E4BFB5C, 97850CE2E2852913E9C190FAA7D5AC4E7223C0F0F63844E440968C8788104B20 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
11:12:27.0448 0x06c8  tdx - ok
11:12:27.0458 0x06c8  [ 0E099CC6D72DD47CAB9CC3D5DDF0A93E, 5F76385F0087A7C2823FDA92081919DD22EB90CB6C140417522AC0A00AD5E49B ] terminpt        C:\Windows\System32\drivers\terminpt.sys
11:12:27.0459 0x06c8  terminpt - ok
11:12:27.0489 0x06c8  [ 10DA7F780EF287FEA7D70C1633C68F0B, 826A196631142742FDE0735F9970D9FA8C4A7648F916E8598F440C1687B41019 ] TermService     C:\Windows\System32\termsrv.dll
11:12:27.0501 0x06c8  TermService - ok
11:12:27.0517 0x06c8  [ 14378287DC6D4CF1E3279AA9EBD70665, 50AD9D328802097DF85D10486521AEDA980CDA37FCD47DA4C77ACF607A4F633B ] Themes          C:\Windows\system32\themeservice.dll
11:12:27.0519 0x06c8  Themes - ok
11:12:27.0523 0x06c8  [ D3C9785D97C09EE702FC06BDE74C7FE0, DB5B5625FF41FA977BE939AD662CB781D65B7DEF0777238C7A2FE58A01B63349 ] THREADORDER     C:\Windows\system32\mmcss.dll
11:12:27.0525 0x06c8  THREADORDER - ok
11:12:27.0531 0x06c8  [ ED259852AE0DBE2FB53725194F55A728, 1B330A54AC2798EB7387819866E0FCC2444A534C71A8E6CD2D0AADC75641C678 ] TimeBroker      C:\Windows\System32\TimeBrokerServer.dll
11:12:27.0535 0x06c8  TimeBroker - ok
11:12:27.0540 0x06c8  [ 637E61491154755211931D8535BB75A5, 43A5326AA0EA5E893C490EF92BADB0AF1A092B0045357F074F3F118D50C35855 ] TPM             C:\Windows\system32\drivers\tpm.sys
11:12:27.0543 0x06c8  TPM - ok
11:12:27.0548 0x06c8  [ 7B19BA44B3A44494DBA300206FABA998, 3D69F17E4D25C0D72E8A575FEB3763E600835ABBE64F460A166EED27BA0878C0 ] TrkWks          C:\Windows\System32\trkwks.dll
11:12:27.0551 0x06c8  TrkWks - ok
11:12:27.0588 0x06c8  [ FD9F6ED4C26CA21B8DD2994F14BD98FC, FA67F7BE7D7E1A83F311B3C4ABA2F45B5C5299FD2E4598CEBE77DA2E4A58D0E7 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:12:27.0590 0x06c8  TrustedInstaller - ok
11:12:27.0600 0x06c8  [ B9E622309DE8C780E6818531586F2221, B43A6C6DC2CE521BDEB381C9E6B7D2B5951FC5290145C5131BB4B324A52D990C ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
11:12:27.0601 0x06c8  TsUsbFlt - ok
11:12:27.0605 0x06c8  [ 074440A1C04913F7DF81839565A47917, F5AC1F6B44B0BA924C20CEEF6824D20E000D2C9E7D2041D0AB2A70332771998D ] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys
11:12:27.0606 0x06c8  TsUsbGD - ok
11:12:27.0635 0x06c8  [ 62EE13D4EE7DB793C13F33F51A21170E, 7597353FF7E272A9A2ED6835F0E6C5980F19C2AB243C7AA34CDA4D11B4307007 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
11:12:27.0637 0x06c8  tunnel - ok
11:12:27.0642 0x06c8  [ E0750A399E378C8433165C843FD7F732, B9C12C7FA1C029988B3CAFA6D2BDBA36FE0CB3BF25793821608964750CB9A63E ] uagp35          C:\Windows\system32\drivers\uagp35.sys
11:12:27.0643 0x06c8  uagp35 - ok
11:12:27.0648 0x06c8  [ B3B9DDEEFC3B823B3067DCADCD80014D, CA1F7B7E79820F401112CB5568E4DF3D4FE93B24EE29BDCD97DD5539FA1405DC ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
11:12:27.0650 0x06c8  UASPStor - ok
11:12:27.0657 0x06c8  [ 2654E9900694EA7605A23117D3BEFE01, E39004323E938A1F4271FE49A3F2AC3F2970B59AEA026DA5EBC206DF1B06E6C6 ] UCX01000        C:\Windows\System32\drivers\ucx01000.sys
11:12:27.0661 0x06c8  UCX01000 - ok
11:12:27.0679 0x06c8  [ 942D7B29F95DC6C5D14B8758044627C1, 570A5018F2411319599155DDDED365C84309D33DB89F77752C24F687B264A835 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
11:12:27.0684 0x06c8  udfs - ok
11:12:27.0698 0x06c8  [ 3F7B87F8E850907783AC681AF542601D, BBAB875B6DD8275B6B21633F2FA95542FBDA8DB17FAD4B77013FD38033453C18 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
11:12:27.0700 0x06c8  UI0Detect - ok
11:12:27.0718 0x06c8  [ C4FE9CC8AA769B1D140C07308574969D, BBD51A54D35B15FE72A0096A10A350911C15B07B232F933D6A80E38CFA6C8B8E ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
11:12:27.0720 0x06c8  uliagpkx - ok
11:12:27.0730 0x06c8  [ D54E16CE5FF8493E611CFF34F96F5A00, 65666C17E0CD6935D54C121D582D44C4C83DA7E7967CA2809CC7CD2590DC67B8 ] umbus           C:\Windows\System32\drivers\umbus.sys
11:12:27.0731 0x06c8  umbus - ok
11:12:27.0734 0x06c8  [ 4F92FB5D2353C1B75F0C3138C1822FC3, 807A38D264E84ABD4275B696B1762BAA1BD5D143279EB305D8C9255BB697FF92 ] UmPass          C:\Windows\System32\drivers\umpass.sys
11:12:27.0735 0x06c8  UmPass - ok
11:12:27.0746 0x06c8  [ CC0CC034C75F8D445B7E561BA018E166, 3431B446D7612F027066A878199A5600417521738F6CDB880E1AC39BA4A37FB4 ] UmRdpService    C:\Windows\System32\umrdp.dll
11:12:27.0751 0x06c8  UmRdpService - ok
11:12:27.0771 0x06c8  [ BB879DCFD22926EFBEB3298129898CBB, 2A24E6CD5D6E0CEA3082C0699A2371084CC1268B31BC714098EA0D0C11B3AFAC ] UnlockerDriver5 C:\Program Files\Unlocker\UnlockerDriver5.sys
11:12:27.0771 0x06c8  UnlockerDriver5 - ok
11:12:27.0784 0x06c8  [ 4359A695FB0CF5C0C78A7FD2DACABC00, CB2EC1CF683ECA588C9C7C3F4DA0FE32B6E02DC4424D96F55763FF5330E79B1F ] upnphost        C:\Windows\System32\upnphost.dll
11:12:27.0793 0x06c8  upnphost - ok
11:12:27.0799 0x06c8  [ ABFF3E6009343A2613D31FDC241A6D6E, 700913929142A497543D6D95A8A80D1F357F1827ED74236C59A6FB4A473FB352 ] usbccgp         C:\Windows\System32\drivers\usbccgp.sys
11:12:27.0801 0x06c8  usbccgp - ok
11:12:27.0815 0x06c8  [ 614BDD1AB210F6DCE5EDFE0624717C94, D7473C35A6835311A8D2A351EC03B813ACDE3D7546A696A80479A0286D2C5369 ] usbcir          C:\Windows\System32\drivers\usbcir.sys
11:12:27.0817 0x06c8  usbcir - ok
11:12:27.0836 0x06c8  [ 45D0D613CC52BE4AB7E812005C95D247, 5E9B8168CAC5D87C02F950C08DA8AE613EDA242A133D0012DC5420581BF9FCFF ] usbehci         C:\Windows\System32\drivers\usbehci.sys
11:12:27.0838 0x06c8  usbehci - ok
11:12:27.0849 0x06c8  [ 8D1406D4522DC66AA2D46440CF29D299, DF8132F77FCBA07C6150A5DF99BD561B0E9F3859A625F62E45C40EB97F094E7D ] usbhub          C:\Windows\System32\drivers\usbhub.sys
11:12:27.0855 0x06c8  usbhub - ok
11:12:27.0867 0x06c8  [ C038764D6A507F50B9FEEAAF77E696D6, B543AC14CB1C9B7FCE814C7CCE57334828D01F3F5339868A59DCEE0BB837576B ] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys
11:12:27.0874 0x06c8  USBHUB3 - ok
11:12:27.0890 0x06c8  [ A925F668D3D5E64D295B788A12AF31D5, 3B8BEC20E6C782C024C7899693418B6CDCFD397E2408B96B594662993392F4BF ] usbohci         C:\Windows\System32\drivers\usbohci.sys
11:12:27.0891 0x06c8  usbohci - ok
11:12:27.0895 0x06c8  [ 81F2E53B5945995FD5D459180EB21AE7, A84708FC3AF4B04F0468253FF771E4C08ED76C6B9C67F3483650A71290986E70 ] usbprint        C:\Windows\System32\drivers\usbprint.sys
11:12:27.0895 0x06c8  usbprint - ok
11:12:27.0900 0x06c8  [ 727CE341DF7EFDC94F2868393549F497, 7E2F2AF92561514F4C78C5D4F825F2E9F942A66FAE450AA1EA6922CBD10CC0A6 ] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS
11:12:27.0903 0x06c8  USBSTOR - ok
11:12:27.0910 0x06c8  [ 0A1FFF3F4A9CEE5FA5C28146DE41E06B, 1A16E57E5D8B042ECE3B7062F580B777F5C80EAC26D954D14A21AC77CCCD90BB ] usbuhci         C:\Windows\System32\drivers\usbuhci.sys
11:12:27.0910 0x06c8  usbuhci - ok
11:12:27.0920 0x06c8  [ A7A42FDE5D91EF214F1D2A80569FFC59, 7037F70E8E016FB5DA4CA5E74FF4EA34B7465030E35963D3D20349FC89E511BF ] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS
11:12:27.0925 0x06c8  USBXHCI - ok
11:12:27.0933 0x06c8  [ 747ED861374E5589EE56D28E01BDCFE1, C9F5587A0CEC8D63ECD235BE9585A3023F9BFC5DAB28F57D50D85BAB3BE1BCB3 ] VaultSvc        C:\Windows\system32\lsass.exe
11:12:27.0935 0x06c8  VaultSvc - ok
11:12:27.0939 0x06c8  [ 0AA85E1C967652071D283147AC4B17CD, CA643FA1B71751D286C55C36BD9A7492E899526F7851839208A46AE17E65D59D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
11:12:27.0940 0x06c8  vdrvroot - ok
11:12:27.0965 0x06c8  [ 893312F9BEE9C66FEEE6561E059A7CE9, 3402F53F3991BDCB0D6789987FEC6B8CB5126D680D570A92229A687AC5660CCC ] vds             C:\Windows\System32\vds.exe
11:12:27.0977 0x06c8  vds - ok
11:12:27.0983 0x06c8  [ F70882757673FA7D4E466D811E1AC029, 6C940022DEF2F1D174953C15B73A3197218BD5528821923580657B2BED9FA607 ] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys
11:12:27.0984 0x06c8  VerifierExt - ok
11:12:28.0010 0x06c8  [ 38DF48D22D63C1054DEF23629003B027, E79A9451F2E40E33D9080188097E45180AC74DEA061933DDD3E3680681F757AF ] vhdmp           C:\Windows\System32\drivers\vhdmp.sys
11:12:28.0017 0x06c8  vhdmp - ok
11:12:28.0022 0x06c8  [ 91A67D2DDDD75D173A6590B75E305E3C, 06B05073187B93263FE1697DAC2A76EAB16265EEE16E3CE86575B5DA97673AB7 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
11:12:28.0023 0x06c8  viaagp - ok
11:12:28.0028 0x06c8  [ 0C3370E2CFE0C1A51C37B58A1938837F, 6B81B9DE17674CFFCBFF4C16DF3C5946D39F74C5D858C03F9358E5C2C0D13714 ] ViaC7           C:\Windows\System32\drivers\viac7.sys
11:12:28.0029 0x06c8  ViaC7 - ok
11:12:28.0033 0x06c8  [ 11283532CE62BA51557D00E09262ED78, 150AF6DE38A1B4C286AAAD465A5284C141B174FF9196C8F96132241B83757C4F ] viaide          C:\Windows\system32\drivers\viaide.sys
11:12:28.0034 0x06c8  viaide - ok
11:12:28.0044 0x06c8  [ 2E4777120FC246CCF76A69C7BB4AEF57, FA156E7D1B19375FB5B8AB8E2E925FDC68D709109FEE4E5CDD785E666AB653AC ] vmbus           C:\Windows\system32\drivers\vmbus.sys
11:12:28.0047 0x06c8  vmbus - ok
11:12:28.0050 0x06c8  [ FA7B57977E55B60409FD9E36FC57395C, 380EA7ED9FDCE6CF3E134391A87685FB92DD8A468BDEEF22A4E3E7EF694A5820 ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
11:12:28.0051 0x06c8  VMBusHID - ok
11:12:28.0087 0x06c8  [ 57AE02EE534B4BF0E09462C6C2665D55, 3A74EA800A69D9B6F67114287022F50FC027EDB0DB64D39DC8D8A9597DB309E8 ] vmicheartbeat   C:\Windows\System32\ICSvc.dll
11:12:28.0092 0x06c8  vmicheartbeat - ok
11:12:28.0101 0x06c8  [ 57AE02EE534B4BF0E09462C6C2665D55, 3A74EA800A69D9B6F67114287022F50FC027EDB0DB64D39DC8D8A9597DB309E8 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
11:12:28.0106 0x06c8  vmickvpexchange - ok
11:12:28.0142 0x06c8  [ 57AE02EE534B4BF0E09462C6C2665D55, 3A74EA800A69D9B6F67114287022F50FC027EDB0DB64D39DC8D8A9597DB309E8 ] vmicrdv         C:\Windows\System32\ICSvc.dll
11:12:28.0148 0x06c8  vmicrdv - ok
11:12:28.0157 0x06c8  [ 57AE02EE534B4BF0E09462C6C2665D55, 3A74EA800A69D9B6F67114287022F50FC027EDB0DB64D39DC8D8A9597DB309E8 ] vmicshutdown    C:\Windows\System32\ICSvc.dll
11:12:28.0162 0x06c8  vmicshutdown - ok
11:12:28.0170 0x06c8  [ 57AE02EE534B4BF0E09462C6C2665D55, 3A74EA800A69D9B6F67114287022F50FC027EDB0DB64D39DC8D8A9597DB309E8 ] vmictimesync    C:\Windows\System32\ICSvc.dll
11:12:28.0176 0x06c8  vmictimesync - ok
11:12:28.0185 0x06c8  [ 57AE02EE534B4BF0E09462C6C2665D55, 3A74EA800A69D9B6F67114287022F50FC027EDB0DB64D39DC8D8A9597DB309E8 ] vmicvss         C:\Windows\System32\ICSvc.dll
11:12:28.0191 0x06c8  vmicvss - ok
11:12:28.0196 0x06c8  [ 7E8BCEEA56197925D944CA7D230596F7, 6259BBFCF75C407650181C8260F9AB7E0A2F2DFD0BAEBEC9D56B9731268D6A25 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
11:12:28.0198 0x06c8  volmgr - ok
11:12:28.0208 0x06c8  [ 9C21037D3983D9B93190D2AA16570395, DEA24368100F610BBDD320AE86E220928B228DD66A0836FB83193ABE2F7991F7 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
11:12:28.0213 0x06c8  volmgrx - ok
11:12:28.0223 0x06c8  [ 8E15C3D58A8ADE841060661DBA6E7A9B, DEA2026BDC07203DAC4101949167F6FA7DC255F25F7D3349168B8A141A89B103 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
11:12:28.0228 0x06c8  volsnap - ok
11:12:28.0235 0x06c8  [ C5B79DA9C82C01EEFAABA713A858649E, 1C1F88224C537EF6FC3BC5A52C7B53492CF10A9A79EBF603CA073961462DB6FD ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
11:12:28.0239 0x06c8  vsmraid - ok
11:12:28.0268 0x06c8  [ 700F5256DFCF1E65837F740EE0889F0F, 491BA23FB51BA32897101F1E97C9635F720961BA2115D2FD336112F9BC802248 ] VSS             C:\Windows\system32\vssvc.exe
11:12:28.0290 0x06c8  VSS - ok
11:12:28.0313 0x06c8  [ AB5F5CC034E31E496606E666657F3CC2, 0730FEB03820C1B63BB7B1C3F72E67CAC199683C770ED70F077335F7360C6BAC ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
11:12:28.0318 0x06c8  VSTXRAID - ok
11:12:28.0323 0x06c8  [ 23044877230094EE20D057BC63ED19F0, 60AE16156335720B4204A8AA3ED48633A803B7B76AB2185FBF8A429DA5A6CD00 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
11:12:28.0324 0x06c8  vwifibus - ok
11:12:28.0333 0x06c8  [ 56A40C6DFB12E33B88887C4F9D5917FF, 1701ACF3C2F71C2BCC211EA0F110F85383E09C5554836FC57FFAF76C1ADA7244 ] W32Time         C:\Windows\system32\w32time.dll
11:12:28.0341 0x06c8  W32Time - ok
11:12:28.0355 0x06c8  [ B4254668F5806AAA051A320FE88146F6, 12C6C79DF6D385F7A1E827B54AF42D7005379B8C5420A62CAC64CA181BDB2CD2 ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
11:12:28.0356 0x06c8  WacomPen - ok
11:12:28.0360 0x06c8  [ 1B4CFB8C5D6C6E9D27453C6E535B28D8, C8D22D48218AA1D793B62E27BD33332E4DDFA8B6B428B0D9C3B4D0CEBA4A3C66 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
11:12:28.0362 0x06c8  Wanarp - ok
11:12:28.0365 0x06c8  [ 1B4CFB8C5D6C6E9D27453C6E535B28D8, C8D22D48218AA1D793B62E27BD33332E4DDFA8B6B428B0D9C3B4D0CEBA4A3C66 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
11:12:28.0367 0x06c8  Wanarpv6 - ok
11:12:28.0417 0x06c8  [ 09EA8F80C26FEAAE7D34AC82A871A909, 92F040B3313F2C7866FFDDF9E810D4C4B74FED2124B9C13D5143F69061A0CBE2 ] wbengine        C:\Windows\system32\wbengine.exe
11:12:28.0442 0x06c8  wbengine - ok
11:12:28.0451 0x06c8  [ D7AB5A0119A208B53784863DF403C2F2, BD94564BC57BB2762043A7312A7474480BF6E94B4B025F45FB36FF3B2C1F6F5B ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
11:12:28.0457 0x06c8  WbioSrvc - ok
11:12:28.0473 0x06c8  [ AB66316B4ED378A2CBEA61D6C5844A98, 4BA2F5C3CF9C67C4C118808499463D2ABA1E337F4EAE4CBE08BA8A62C78B1F5D ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
11:12:28.0478 0x06c8  Wcmsvc - ok
11:12:28.0497 0x06c8  [ 5DEE9734EAB11C82C31CE530DEEB0979, BE30DFF6882E67C1B8289F8C5936A5E6A4B26BE28BF2FC7E1162B04EE6E68113 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
11:12:28.0505 0x06c8  wcncsvc - ok
11:12:28.0520 0x06c8  [ 1B0A5043CC13F7DEB9873CC464FB11C7, F80C52F5D41884B7583C455D3B4FE3B2AC5133D7BEB973FDC127A75209051EAB ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:12:28.0522 0x06c8  WcsPlugInService - ok
11:12:28.0525 0x06c8  [ 9BF0CE1E215789664EB563A52EC0B83B, DD593BB20B6C691964FED6E5D6021FF20044D1D41D147226B3824F417531EAC8 ] Wd              C:\Windows\system32\drivers\wd.sys
11:12:28.0526 0x06c8  Wd - ok
11:12:28.0529 0x06c8  [ B73E9524D0034A1BC7CE10CED727A116, 17F57B7AD850F153391EBE3592B2CB660E12654B51F6D79E013F08B70BED83C8 ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
11:12:28.0530 0x06c8  WdBoot - ok
11:12:28.0545 0x06c8  [ A840213F1ACDCC175B4D1D5AAEAC0D7A, B20F7CAEEA790290072BC170EBEEADB4C19E1C40DB0B3FE0D4A640D0D82300D6 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
11:12:28.0555 0x06c8  Wdf01000 - ok
11:12:28.0564 0x06c8  [ 357EA02565E599297D3729340FE0F961, CAAC0E60E84EF1749BAEC54257562A777D705A10A0F04ADC4A13E9AD15755460 ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
11:12:28.0568 0x06c8  WdFilter - ok
11:12:28.0573 0x06c8  [ 2FC34E39DD120AB985DF1F63B10A4B4D, 5EBF98440B36F8A2FB8537F116E8E382746DB8C08E353A200875F8C6E0343345 ] WdiServiceHost  C:\Windows\system32\wdi.dll
11:12:28.0576 0x06c8  WdiServiceHost - ok
11:12:28.0580 0x06c8  [ 2FC34E39DD120AB985DF1F63B10A4B4D, 5EBF98440B36F8A2FB8537F116E8E382746DB8C08E353A200875F8C6E0343345 ] WdiSystemHost   C:\Windows\system32\wdi.dll
11:12:28.0584 0x06c8  WdiSystemHost - ok
11:12:28.0591 0x06c8  [ FD800739494EE57DC7849BD64BDA1EEC, 7FBE02DF2612BDDAF1D9A7B08CFA777492D2B62A838303C30FFB368732D5222A ] WebClient       C:\Windows\System32\webclnt.dll
11:12:28.0596 0x06c8  WebClient - ok
11:12:28.0603 0x06c8  [ 476746404FC104242EE8F049F2A6FA4A, 85C71C0C6D234EE71788C36545A30E8AF061EDDFAA20791563FE4D4F3B327F7B ] Wecsvc          C:\Windows\system32\wecsvc.dll
11:12:28.0608 0x06c8  Wecsvc - ok
11:12:28.0612 0x06c8  [ B8A6C4812FD65EF95EB0F723A48C2462, 81A27AEEF8FE04A438DB87FAEC0F4DEFBE6786CA0ED04CF459EFBC6A5BCC6279 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
11:12:28.0615 0x06c8  wercplsupport - ok
11:12:28.0624 0x06c8  [ 4A1A99EB9B85679C0F97255E72A6DC85, ECD4B5BD0E52D6CADBB74D3B485C4D260EBED1B401404A396DE132DB6F05BAEC ] WerSvc          C:\Windows\System32\WerSvc.dll
11:12:28.0627 0x06c8  WerSvc - ok
11:12:28.0631 0x06c8  [ B7ADB3799F1B6D8172DFDCE1DA8937F5, D54E8EA700315D5AE4CE7CF0DCC41C748E1EA7E07B3DDD297FB534669690A68E ] WFPLWFS         C:\Windows\system32\DRIVERS\wfplwfs.sys
11:12:28.0632 0x06c8  WFPLWFS - ok
11:12:28.0642 0x06c8  [ 1764AA30CDF8AF8995D4A3CEADF6AB0D, C2876EEBF059222B74D85C2F7C5BC11F1B1A69A4103BF60D02DD0DE8630979DF ] WiaRpc          C:\Windows\System32\wiarpc.dll
11:12:28.0645 0x06c8  WiaRpc - ok
11:12:28.0648 0x06c8  [ 8B7BBA41B67E92B73BAFEBDF570B3703, 02B278E591C0FA8600D8B0A46EA63D45A8C28788B1DF7202E0B9C62C18292B52 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
11:12:28.0649 0x06c8  WIMMount - ok
11:12:28.0685 0x06c8  [ 36A695E1683671009C2FEA38B5EB4CD4, 3542673E2E8EB310AA55D973DA5923F65F6AD4311DEA2FEA8E50ABC757659ED2 ] WinDefend       C:\Program Files\Windows Defender\MsMpEng.exe
11:12:28.0685 0x06c8  WinDefend - ok
11:12:28.0709 0x06c8  [ 80C91C7CAC9DC9FFE2E6B8427CE06D9A, 8B4D30684341B0EF472DD83E30715321A16017246302C1C53B9E5F11BB6B4FFD ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
11:12:28.0720 0x06c8  WinHttpAutoProxySvc - ok
11:12:28.0761 0x06c8  [ 62B866B25BA8A3FCAEC457738DDA726E, F8112C6FC2A08F0E3E79CF8AB113147DEBFEBFFD79AFB4E412452146DB5F0AE7 ] winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
11:12:28.0765 0x06c8  winmgmt - ok
11:12:28.0837 0x06c8  [ EE08CA40473062F2962F1ED25C85306C, AED6BC65C0A710274CEC9ED811543419184CF36B9351FCB6626B53A5CC73F53D ] WinRM           C:\Windows\system32\WsmSvc.dll
11:12:28.0875 0x06c8  WinRM - ok
11:12:28.0922 0x06c8  [ EA8492A75CB6B192C87305159A1B44AF, 01DF7154D73984A483FF0CE14B562E30565E370D6A48FBD3C7A6B5D9D7541024 ] WlanSvc         C:\Windows\System32\wlansvc.dll
11:12:28.0945 0x06c8  WlanSvc - ok
11:12:28.0995 0x06c8  [ DE73279C9AA9F07D010D39A925046D93, 71829B0F73752A23810FF41F30C83C5EF1F0007E8FB2655E6324488EBF8E5066 ] wlidsvc         C:\Windows\system32\wlidsvc.dll
11:12:29.0024 0x06c8  wlidsvc - ok
11:12:29.0038 0x06c8  [ F8A31500A1B7EFDB95E5103A7C7275C1, 5D265CCD4F30603FBCF53BA60BCFF2A8B0801215B63FA6837AE6D401BFD1D416 ] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys
11:12:29.0039 0x06c8  WmiAcpi - ok
11:12:29.0068 0x06c8  [ 8899BED47FE375EE665AD1821598E471, 5E30CF5B49B675A5158300CACFCFA496D8D0060F8633BC22B40BE7D9D248C05A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
11:12:29.0071 0x06c8  wmiApSrv - ok
11:12:29.0121 0x06c8  [ C8D9BB66227B6309D1E394C7E02D40F2, 313C272D2BF598C5EC37E16108DC570AD08B9E5027022C7E5CA1BD08EC539371 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
11:12:29.0139 0x06c8  WMPNetworkSvc - ok
11:12:29.0145 0x06c8  [ 9C3F5C7B716247756575235A3218FD38, 45F7814D706844E241FFEC5B45D4AD1A7B897992862FEEB12F944D733DE90B21 ] wpcfltr         C:\Windows\system32\DRIVERS\wpcfltr.sys
11:12:29.0147 0x06c8  wpcfltr - ok
11:12:29.0154 0x06c8  [ 32B4145D0513E913C13A73C3E640C931, 63381DDC0DB272C661F57085C0911173BB3D76F788F7038767102D2A259E7AC0 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
11:12:29.0156 0x06c8  WPCSvc - ok
11:12:29.0171 0x06c8  [ 9BB009547532C1F2DF14455CE1102A33, 86924D0C9F4ED6E29B5BCD98A43D6565D88AF4B125E138F9FB1960A1AEFCB639 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
11:12:29.0174 0x06c8  WPDBusEnum - ok
11:12:29.0179 0x06c8  [ E5DCECD5A6A21AE48E94F6C9DC0E093C, C478397D77AA457A7A94724A653273BF95F84D6CA89F6C8BF34FBD987E3B8326 ] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys
11:12:29.0179 0x06c8  WpdUpFltr - ok
11:12:29.0195 0x06c8  [ D646A22FA57F29BB06018CB7C6E0CD6A, BA0992E297D554C2C69EE4CEAFD11D957276663221A245797C55FC669394F6BE ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
11:12:29.0196 0x06c8  ws2ifsl - ok
11:12:29.0214 0x06c8  [ 005950A4A8B36C551F25AF947CFA749D, 71F58827E97BE786C845B15215DF16520B7BA20360974C1CF39174F68F539B54 ] wscsvc          C:\Windows\System32\wscsvc.dll
11:12:29.0217 0x06c8  wscsvc - ok
11:12:29.0254 0x06c8  [ 4759B8765D7759F896D1D2385F923AFC, 89D0F4504B16429147518E195C64A83A9BA9C50F156847A01D61513D12925C86 ] WSDPrintDevice  C:\Windows\System32\drivers\WSDPrint.sys
11:12:29.0255 0x06c8  WSDPrintDevice - ok
11:12:29.0258 0x06c8  WSearch - ok
11:12:29.0324 0x06c8  [ FF4BE7A21D3188ADC840B9E5B18D964E, B9598ADA77F77863FD143BB070AACBE3D2197E50903762002E5278022FF1A23C ] WSService       C:\Windows\System32\WSService.dll
11:12:29.0364 0x06c8  WSService - ok
11:12:29.0449 0x06c8  [ 1DB46028D06FA2A8E4F81A83B8138057, 2E2042497C5078401E98C8DF6F4C2A685D85B88FAFB3EEDCABFBD9BB1646C0E7 ] wuauserv        C:\Windows\system32\wuaueng.dll
11:12:29.0499 0x06c8  wuauserv - ok
11:12:29.0507 0x06c8  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
11:12:29.0509 0x06c8  WudfPf - ok
11:12:29.0515 0x06c8  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys
11:12:29.0518 0x06c8  WUDFRd - ok
11:12:29.0525 0x06c8  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFSensorLP    C:\Windows\system32\DRIVERS\WUDFRd.sys
11:12:29.0528 0x06c8  WUDFSensorLP - ok
11:12:29.0532 0x06c8  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
11:12:29.0535 0x06c8  wudfsvc - ok
11:12:29.0550 0x06c8  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFWpdFs       C:\Windows\system32\DRIVERS\WUDFRd.sys
11:12:29.0554 0x06c8  WUDFWpdFs - ok
11:12:29.0566 0x06c8  [ 618AA3476AB6F3B3ED140323369705B1, 5FC9CCF673AF6A6E1ABB72807A12AE24739A57F30B7660239358DB24C2C0C7CD ] WwanSvc         C:\Windows\System32\wwansvc.dll
11:12:29.0574 0x06c8  WwanSvc - ok
11:12:29.0621 0x06c8  [ 74EC37B9EAF9FCA015B933A526825C7A, E75D73422B4383210F912B424377D5F2DBBF0E9418A2F450636B689572B1B9F6 ] {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC} C:\Program Files\CyberLink\PowerDVD10\NavFilter\000.fcl
11:12:29.0622 0x06c8  {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC} - ok
11:12:29.0625 0x06c8  ================ Scan global ===============================
11:12:29.0643 0x06c8  [ 8D41654D0A9E15635ACF5E18FF470AB1, A85D1F6C3D63D7991E9B29B8A21C68776B7AEB617EFA45836E0686649A03CD55 ] C:\Windows\system32\basesrv.dll
11:12:29.0663 0x06c8  [ 02B34ED781B4710F23E544CC6CFEB809, D808A9731095B8005D9DFB89DF74797FB1C44F9DC0AAA3B4FB6E45612B4D8E4F ] C:\Windows\system32\winsrv.dll
11:12:29.0677 0x06c8  [ 78A87B9D36AAD6AFD6A24915389E1221, 06CE868DABC517646EB6A8D1DBD27BD4DEF4F047D2517516FECFF460D88DD860 ] C:\Windows\system32\sxssrv.dll
11:12:29.0701 0x06c8  [ 575FB4211BB07DB7D2179B1B05FE7EFD, C6EB6B013CC291EE055D3B7C0401A373827B0ED7607EAD749BBC1B639C57EDA0 ] C:\Windows\system32\services.exe
11:12:29.0709 0x06c8  [ Global ] - ok
11:12:29.0709 0x06c8  ================ Scan MBR ==================================
11:12:29.0715 0x06c8  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:12:29.0905 0x06c8  \Device\Harddisk0\DR0 - ok
11:12:29.0906 0x06c8  ================ Scan VBR ==================================
11:12:29.0908 0x06c8  [ 47068D0A953BBCB1E9052F23AB0C7075 ] \Device\Harddisk0\DR0\Partition1
11:12:29.0909 0x06c8  \Device\Harddisk0\DR0\Partition1 - ok
11:12:29.0916 0x06c8  [ 2E4F1AB2541A48B394D0CF05589E6144 ] \Device\Harddisk0\DR0\Partition2
11:12:29.0919 0x06c8  \Device\Harddisk0\DR0\Partition2 - ok
11:12:29.0936 0x06c8  [ 4E0196A597B5EC7267F3A5421CA0186C ] \Device\Harddisk0\DR0\Partition3
11:12:29.0937 0x06c8  \Device\Harddisk0\DR0\Partition3 - ok
11:12:29.0938 0x06c8  Waiting for KSN requests completion. In queue: 272
11:12:30.0938 0x06c8  Waiting for KSN requests completion. In queue: 272
11:12:31.0938 0x06c8  Waiting for KSN requests completion. In queue: 272
11:12:32.0938 0x06c8  Waiting for KSN requests completion. In queue: 272
11:12:33.0941 0x06c8  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.0.9200.16384 ), 0x60100 ( disabled : updated )
11:12:33.0941 0x06c8  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2006.159 ), 0x40010 ( disabled : outofdate )
11:12:33.0943 0x06c8  Win FW state via NFP2: enabled
11:12:36.0616 0x06c8  ============================================================
11:12:36.0616 0x06c8  Scan finished
11:12:36.0616 0x06c8  ============================================================
11:12:36.0622 0x0430  Detected object count: 0
11:12:36.0622 0x0430  Actual detected object count: 0
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.7 (10.15.2013:3)
OS: Windows 8 Pro with Media Center x86
Ran by GozStar on 23/10/2013 at 11:09:21,25
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ Chrome
 
Successfully deleted: [Folder] C:\Users\GozStar\appdata\local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 23/10/2013 at 11:10:17,47
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 


#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:34 AM

Posted 23 October 2013 - 12:48 PM

OK, lets see what ESET shows if anything. I see you have several antimalware but NO Antivirus.

About Spyware Keyloggers . The spyware then sends the logs directly to a remote user or a sever that is collecting this information. The collected information typically includes the infected user's hostname, IP address, and GUID, along with various login names, passwords and other keystrokes.

 

This being said if you do banking or Credit card purchases on here there is a great probability those numbers were taken.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 gozstar

gozstar
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:03:34 AM

Posted 23 October 2013 - 01:06 PM

ESET Online

 

C:\Windows\AutoKMS\AutoKMS.exe MSIL/HackKMS.A application cleaned by deleting - quarantined


#6 gozstar

gozstar
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:03:34 AM

Posted 23 October 2013 - 01:22 PM

 
Centrix hijaker search .....
spyware.nsKeyLogger also ...
 
I need help!!!


#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:34 AM

Posted 23 October 2013 - 01:37 PM

Hello,with these infections we need to get a deeper look. Please follow this Preparation Guide, do steps 6,7 and 8 and post in a new topic.
Let me know if all went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,962 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:02:34 AM

Posted 24 October 2013 - 03:45 PM

Hello,

 

I  merged one of the two "attach" topics to the topic with the main log and have deleted the extra "attach" topic.  You can find the merged topic here: http://www.bleepingcomputer.com/forums/t/511785/infected-centrixsearch-hijaker-spywarenskeylogger/

Now that you have posted a log, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a MRT Team member, nor should you ask for help elsewhere. Doing so can result in system changes which may not show in the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the MRT Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the MRT Team members are EXTREMELY busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the MRT Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRT Team member is already assisting you and not open the thread to respond.

Please be patient. It may take several days to get a response but your log will be reviewed and answered as soon as possibleI advise checking your topic once a day for responses as the e-mail notification system is unreliable.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

To avoid confusion, I am closing this topic.  Good luck with your log.

Orange Blossom :cherry:


Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users