Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Persistent Conduit search bar, browser hijacking issues on Win7ult64


  • Please log in to reply
10 replies to this topic

#1 WannabePolyHistor

WannabePolyHistor

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:05:49 PM

Posted 21 November 2013 - 10:01 PM

Hi,

 

I am running Windows 7 Ultimate 64 bit (w7u64) and am having problems removing the Conduit search tool and it's apparently related malware(SweetTunes1, QuickShare, Linkury & Smartbar).   From coldboot everything loads as it should, username and password are recognised and the system is stable.   When I open Firefox for the first time my DuckDuckGo (DDG) homepage loads as it should.   If I create a new private session DDG also loads as it should.   However if I enter a search term like "boats" in the DDG search box the next screen has all the livery of a Conduit page and uses Bing rather than DDG as my default search engine.

 

The list of things I've done to date is below:

 

I thought I'd removed most of the etries from registry manually by looking for various search strings based on your tutorials but to no avail.   I've also searched ProgramsAndFeatures in ConrolPanel, searched for folders and files using a batch file (attrib and find) from cmd.exe, reviewed browser extensions, plugins, apps and BHO in my browsers [firefox, chrome and (shudder) IE10], checked startups and services in msconfig and updated and run my antimalware software one at a time (AVG2014 free, SpybotSD162 and MBAM.   When I have been doing these tests I am disconnected from the net except to update antimalware software and then I'm only on as briefly as possible.   I have an external hard drive (HDx) that is also connected at this time.

 

 

I would be most grateful for any assistance you could provide.   I will be online for the next 5 hours but will check back each day at 12 noon (NZ time) after that.

 

Many thanks for your excellent site,

Wannabe PolyHistor



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,565 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:49 PM

Posted 21 November 2013 - 10:20 PM

Hello WP, lets also do these and see how it is.


Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



    Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .
    ADW Cleaner

    Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished...
    <-insert any special instructions here for what to uncheck OR remove this line if there are none->
  • This time click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • .
    .
    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • .
    .
    .
    .
  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 WannabePolyHistor

WannabePolyHistor
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:05:49 PM

Posted 21 November 2013 - 11:23 PM

Hi,

 

Thanks TIAB :-)

 

The logs are listed below in order.   One other thing I didn't think about.  My first on-board ethernet controller (eth0) failed so I purchased another card

(eth1).   Eth0 wasn't running before this fix so it will be interesting to see if it runs after the fixes go through.

 

 

 

#########################################################################

[1] MiniToolBox Log

#########################################################################

 

MiniToolBox by Farbar  Version: 13-07-2013
Ran by Grant (administrator) on 22-11-2013 at 16:37:39
Running from "C:\Users\Grant\Desktop"
Microsoft Windows 7 Ultimate  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek PCI GBE Family Controller = Local Area Connection 2 (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : CustomPC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection 2:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek PCI GBE Family Controller
   Physical Address. . . . . . . . . : 00-11-6B-99-C0-7C
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::312b:7a59:2314:2909%9(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.2(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Friday, 22 November 2013 12:38:57 p.m.
   Lease Expires . . . . . . . . . . : Friday, 22 November 2013 5:08:57 p.m.
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 301994347
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1A-1C-CA-6B-00-11-6B-99-C0-7C
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{7AF21072-4CE4-4E7D-8D82-B8713676BFD2}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:104f:1774:3f57:fefd(Preferred)
   Link-local IPv6 Address . . . . . : fe80::104f:1774:3f57:fefd%11(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  mygateway1.ar7
Address:  192.168.1.1

Name:    google.com
Addresses:  2404:6800:4006:805::1009
      74.125.237.174
      74.125.237.165
      74.125.237.164
      74.125.237.163
      74.125.237.167
      74.125.237.161
      74.125.237.166
      74.125.237.168
      74.125.237.162
      74.125.237.160
      74.125.237.169


Pinging google.com [74.125.237.174] with 32 bytes of data:
Reply from 74.125.237.174: bytes=32 time=55ms TTL=49
Reply from 74.125.237.174: bytes=32 time=55ms TTL=50

Ping statistics for 74.125.237.174:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 55ms, Maximum = 55ms, Average = 55ms
Server:  mygateway1.ar7
Address:  192.168.1.1

Name:    yahoo.com
Addresses:  206.190.36.45
      98.139.183.24
      98.138.253.109


Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=192ms TTL=43
Reply from 206.190.36.45: bytes=32 time=179ms TTL=43

Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 179ms, Maximum = 192ms, Average = 185ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
  9...00 11 6b 99 c0 7c ......Realtek PCI GBE Family Controller
  1...........................Software Loopback Interface 1
 10...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 11...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1      192.168.1.2     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link       192.168.1.2    276
      192.168.1.2  255.255.255.255         On-link       192.168.1.2    276
    192.168.1.255  255.255.255.255         On-link       192.168.1.2    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.1.2    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.1.2    276
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 11     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 11     58 2001::/32                On-link
 11    306 2001:0:9d38:6ab8:104f:1774:3f57:fefd/128
                                    On-link
  9    276 fe80::/64                On-link
 11    306 fe80::/64                On-link
 11    306 fe80::104f:1774:3f57:fefd/128
                                    On-link
  9    276 fe80::312b:7a59:2314:2909/128
                                    On-link
  1    306 ff00::/8                 On-link
 11    306 ff00::/8                 On-link
  9    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/21/2013 03:48:54 PM) (Source: Application Hang) (User: )
Description: The program Explorer.EXE version 6.1.7601.17514 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: fbc

Start Time: 01cee6257689dcea

Termination Time: 75

Application Path: C:\Windows\Explorer.EXE

Report Id: 7144b9a9-5257-11e3-923c-00116b99c07c

Error: (11/21/2013 08:30:14 AM) (Source: Application Error) (User: )
Description: Faulting application name: firefox.exe, version: 25.0.1.5064, time stamp: 0x5282f204
Faulting module name: xul.dll, version: 25.0.1.5064, time stamp: 0x5282f10e
Exception code: 0xc0000005
Fault offset: 0x00118f87
Faulting process id: 0xa88
Faulting application start time: 0xfirefox.exe0
Faulting application path: firefox.exe1
Faulting module path: firefox.exe2
Report Id: firefox.exe3

Error: (11/20/2013 08:41:39 AM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 4.0.30319.1008 - There was a failure initializing profiling API attach infrastructure.  This process will not allow a profiler to attach.  HRESULT: 0x80004005.  Process ID (decimal): 2692.  Message ID: [0x2509].

Error: (11/18/2013 01:40:35 PM) (Source: Application Hang) (User: )
Description: The program Everything.exe version 1.2.1.371 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 7a4

Start Time: 01cee3f685baf963

Termination Time: 16

Application Path: C:\Program Files (x86)\Everything\Everything.exe

Report Id: fe9b4e12-4fe9-11e3-9eff-00116b99c07c

Error: (11/17/2013 00:34:01 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (11/17/2013 00:34:00 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (11/17/2013 00:33:59 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (11/17/2013 00:33:57 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (11/17/2013 00:33:36 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (11/17/2013 00:33:27 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.


System errors:
=============
Error: (11/22/2013 00:38:54 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 12:37:13 PM on ?11/?22/?2013 was unexpected.

Error: (11/22/2013 00:37:46 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avgwd service.

Error: (11/22/2013 00:37:16 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avgwd service.

Error: (11/22/2013 09:13:44 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avgwd service.

Error: (11/19/2013 08:26:15 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069

Error: (11/19/2013 08:26:15 PM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
%%1330

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (11/19/2013 07:40:53 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069

Error: (11/19/2013 07:40:53 PM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
%%1330

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (11/19/2013 09:23:13 AM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069

Error: (11/19/2013 09:23:13 AM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
%%1330

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).


Microsoft Office Sessions:
=========================
Error: (11/21/2013 03:48:54 PM) (Source: Application Hang)(User: )
Description: Explorer.EXE6.1.7601.17514fbc01cee6257689dcea75C:\Windows\Explorer.EXE7144b9a9-5257-11e3-923c-00116b99c07c

Error: (11/21/2013 08:30:14 AM) (Source: Application Error)(User: )
Description: firefox.exe25.0.1.50645282f204xul.dll25.0.1.50645282f10ec000000500118f87a8801cee625a1952aebC:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Program Files (x86)\Mozilla Firefox\xul.dll2d6534a6-521a-11e3-923c-00116b99c07c

Error: (11/20/2013 08:41:39 AM) (Source: .NET Runtime)(User: )
Description: .NET Runtime version 4.0.30319.1008 - There was a failure initializing profiling API attach infrastructure.  This process will not allow a profiler to attach.  HRESULT: 0x80004005.  Process ID (decimal): 2692.  Message ID: [0x2509].

Error: (11/18/2013 01:40:35 PM) (Source: Application Hang)(User: )
Description: Everything.exe1.2.1.3717a401cee3f685baf96316C:\Program Files (x86)\Everything\Everything.exefe9b4e12-4fe9-11e3-9eff-00116b99c07c

Error: (11/17/2013 00:34:01 AM) (Source: SideBySide)(User: )
Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8

Error: (11/17/2013 00:34:00 AM) (Source: SideBySide)(User: )
Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8

Error: (11/17/2013 00:33:59 AM) (Source: SideBySide)(User: )
Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8

Error: (11/17/2013 00:33:57 AM) (Source: SideBySide)(User: )
Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\delzip179.dllc:\program files (x86)\spybot - search & destroy\delzip179.dll8

Error: (11/17/2013 00:33:36 AM) (Source: SideBySide)(User: )
Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8

Error: (11/17/2013 00:33:27 AM) (Source: SideBySide)(User: )
Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8


CodeIntegrity Errors:
===================================
  Date: 2013-11-13 02:16:37.070
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Grant\00-LoadAtBoot\Security\SysInternals\SysinternalsSuite\PORTMSYS.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-11-13 02:16:36.993
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Grant\00-LoadAtBoot\Security\SysInternals\SysinternalsSuite\PORTMSYS.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-10-28 10:40:55.532
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Grant\00-LoadAtBoot\Security\SysInternals\SysinternalsSuite\PORTMSYS.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-10-28 10:40:55.462
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Grant\00-LoadAtBoot\Security\SysInternals\SysinternalsSuite\PORTMSYS.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-08-09 01:11:06.196
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codecp.acm because the set of per-page image hashes could not be found on the system.

  Date: 2013-08-09 01:11:06.124
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

  Date: 2013-08-09 01:06:20.723
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codecp.acm because the set of per-page image hashes could not be found on the system.

  Date: 2013-08-09 01:06:20.648
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

  Date: 2013-08-08 18:09:46.857
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codecp.acm because the set of per-page image hashes could not be found on the system.

  Date: 2013-08-08 18:09:46.782
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
ActivePerl 5.14.2 Build 1402 (64-bit) (Version: 5.14.1402)
Adobe Flash Player 11 Plugin (Version: 11.9.900.152)
Adobe Reader XI (11.0.05) (Version: 11.0.05)
Apple Application Support (Version: 2.3.4)
Apple Software Update (Version: 2.1.3.127)
Astroburn Lite (Version: 1.7.0.0175)
Audacity 2.0.3 (Version: 2.0.3)
Autodesk Design Review 2013 (Version: 13.0.0.82)
Autodesk Download Manager (Version: 2.0.2.0)
Autodesk Inventor 2013 Quick Uninstaller (Version: 17.0.13800.0000)
Autodesk Inventor Content Center Libraries 2013 (Desktop Content) (Version: 17.0.13800.0000)
Autodesk Inventor Fusion 2013 (Version: 2.0.0.206)
Autodesk Inventor Fusion for Inventor 2013 Add-in (Version: 1.0.0.111)
Autodesk Inventor Professional 2013 (Version: 17.0.13800.0000)
Autodesk Inventor Professional 2013 English (Version: 17.0.13800.0000)
Autodesk Inventor Professional 2013 English Language Pack (Version: 17.0.13800.0000)
Autodesk Material Library 2013 (Version: 3.0.14)
Autodesk Material Library Base Resolution Image Library 2013 (Version: 3.0.14)
Autodesk Material Library Low Resolution Image Library 2013 (Version: 3.0.13)
Autodesk Sync (Version: 3.5.24.0)
Autodesk Vault Basic 2013 (Client) (Version: 17.0.61.0)
Autodesk Vault Basic 2013 (Client) English Language Pack (Version: 17.0.61.0)
AVG 2014 (Version: 14.0.3629)
AVG 2014 (Version: 14.0.4259)
AVG 2014 (Version: 2014.0.4259)
AVG Security Toolbar (Version: 17.1.2.1)
CamStudio Lossless Codec v1.5 (Version: 1.5)
CCleaner (Version: 4.07)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
ConvertHelper 2.2
Csharp for Sharp Kids (Version: 1.0.0)
DiDaPro v5.60a (Free Trial Version)
DriverCD
DWG TrueView 2013 (Version: 19.0.55.0)
EasyBCD 2.2 (Version: 2.2)
Eco Materials Adviser for Autodesk Inventor 2013 (Version: 3.9.12.0)
Everything 1.2.1.371
FFmpeg v0.6.2 for Audacity
Gigabyte Raid Configurer (Version: 1.00.0000)
GIMP 2.8.4 (Version: 2.8.4)
GNU Privacy Guard (Version: 1.4.9)
Google Chrome (Version: 31.0.1650.57)
Google Earth (Version: 7.1.1.1888)
Google Update Helper (Version: 1.3.21.165)
HijackThis 2.0.2 (Version: 2.0.2)
Java 7 Update 45 (Version: 7.0.450)
Java Auto Updater (Version: 2.1.9.8)
K-Lite Codec Pack 9.7.5 (64-bit) (Version: 9.7.5)
LAME v3.99.3 (for Windows)
LizardTech ExpressView Browser Plug-in (Version: 6.5.1)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Age of Empires II
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office XP Professional (Version: 10.0.6626.0)
Microsoft Publisher 2002 (Version: 10.0.6626.0)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2008 R2 (64-bit)
Microsoft SQL Server 2008 R2 Native Client (Version: 10.51.2500.0)
Microsoft SQL Server 2008 R2 RsFx Driver (Version: 10.51.2500.0)
Microsoft SQL Server 2008 R2 Setup (English) (Version: 10.51.2500.0)
Microsoft SQL Server 2008 Setup Support Files  (Version: 10.1.2731.0)
Microsoft SQL Server Browser (Version: 10.51.2500.0)
Microsoft SQL Server VSS Writer (Version: 10.51.2500.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Motorola Device Manager (Version: 2.3.9)
Motorola Device Software Update (Version: 13.02.1402)
Motorola Mobile Drivers Installation 6.0.0 (Version: 6.0.0)
MozBackup 1.5.1
Mozilla Firefox 25.0.1 (x86 en-US) (Version: 25.0.1)
Mozilla Maintenance Service (Version: 24.1.1)
Mozilla Thunderbird 24.1.1 (x86 en-US) (Version: 24.1.1)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
NVIDIA 3D Vision Driver 331.65 (Version: 331.65)
NVIDIA Control Panel 331.65 (Version: 331.65)
NVIDIA Graphics Driver 331.65 (Version: 331.65)
NVIDIA Install Application (Version: 2.1002.133.889)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.3165)
NVIDIA Update 1.15.2 (Version: 1.15.2)
NVIDIA Update Components (Version: 1.15.2)
NZMapConv (Version: 1.0.8)
OpenOffice.org 3.4.1 (Version: 3.41.9593)
Overseer (Ulti) (Version: 1.0.0)
OVERSEER nutrient budgets v 5.4.3 (Version: Copyright © 2009 AgResearch Ltd)
PC care (Version: 1.5.3)
PDF Creator
PDFCreator (Version: 1.2.0)
PSTViewer Pro (Version: 4.8.0.2667)
Quantum GIS Copiapo 1.6.0 (Version: 1.6.0-r14615-1)
Quantum GIS Lisboa 1.8.0 Lisboa
QuickTime (Version: 7.74.80.86)
SeaTools for Windows (Version: 1.2.0.7)
Service Pack 1 for SQL Server 2008 R2 (KB2528583) (64-bit) (Version: 10.51.2500.0)
Skype Click to Call (Version: 6.13.13771)
Skype™ 6.7 (Version: 6.7.102)
SNAP (Version: 1.2.18)
Spybot - Search & Destroy (Version: 1.6.2)
SQL Server 2008 R2 SP1 Common Files (Version: 10.51.2500.0)
SQL Server 2008 R2 SP1 Database Engine Services (Version: 10.51.2500.0)
SQL Server 2008 R2 SP1 Database Engine Shared (Version: 10.51.2500.0)
Sql Server Customer Experience Improvement Program (Version: 10.50.1600.1)
Texas Instruments TUSB3410 drivers. (Version: 1.08.0000)
Tumonz 5
TUSB3410 (Version: 1.08.0000)
UltiDev Web Server Pro (Version: 2.0.18)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (Version: 3)
VBA (2627.01) (Version: 6.03.00.9402)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)
Visual Studio 2012 x64 Redistributables (Version: 14.0.0.1)
Visual Studio 2012 x86 Redistributables (Version: 14.0.0.1)
VLC media player 2.0.8 (Version: 2.0.8)
Windows Driver Package - Exar Corporation (xrusbser) Ports  (08/17/2011 1.7.0.0) (Version: 08/17/2011 1.7.0.0)
Windows XP Mode (Version: 1.3.7600.16423)

========================= Memory info: ===================================

Percentage of memory in use: 39%
Total physical RAM: 8190.49 MB
Available physical RAM: 4989.31 MB
Total Pagefile: 16379.16 MB
Available Pagefile: 13739.28 MB
Total Virtual: 4095.88 MB
Available Virtual: 3955.93 MB

========================= Partitions: =====================================

2 Drive c: (OpSys) (Fixed) (Total:167.19 GB) (Free:40.23 GB) NTFS
4 Drive e: (MTEK32GB) (Removable) (Total:29.81 GB) (Free:1.8 GB) FAT32
5 Drive f: (Kollate) (Fixed) (Total:1863.01 GB) (Free:676.48 GB) NTFS
7 Drive h: (hdx1TB_Touro) (Fixed) (Total:931.51 GB) (Free:11.67 GB) NTFS
8 Drive j: (J_SE_NTFS) (Fixed) (Total:383.02 GB) (Free:382.91 GB) NTFS
9 Drive k: (email_NTFS) (Fixed) (Total:560.75 GB) (Free:56.61 GB) NTFS
10 Drive l: (hdx2TB_subst) (Fixed) (Total:465.75 GB) (Free:448.74 GB) NTFS

========================= Users: ========================================

User accounts for \\CUSTOMPC

Administrator            Grant                    Guest                    
UpdatusUser              


**** End of log ****
 

 

 

 

 

 

 

#########################################################################

[2]  TDSSKiller.3.0.0.19_22.11.2013_16.40.49_log.txt

#########################################################################

 

16:40:49.0626 0x1324  TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
16:40:59.0321 0x1324  ============================================================
16:40:59.0321 0x1324  Current date / time: 2013/11/22 16:40:59.0321
16:40:59.0321 0x1324  SystemInfo:
16:40:59.0321 0x1324  
16:40:59.0321 0x1324  OS Version: 6.1.7601 ServicePack: 1.0
16:40:59.0321 0x1324  Product type: Workstation
16:40:59.0321 0x1324  ComputerName: CUSTOMPC
16:40:59.0321 0x1324  UserName: Grant
16:40:59.0321 0x1324  Windows directory: C:\Windows
16:40:59.0321 0x1324  System windows directory: C:\Windows
16:40:59.0321 0x1324  Running under WOW64
16:40:59.0321 0x1324  Processor architecture: Intel x64
16:40:59.0321 0x1324  Number of processors: 2
16:40:59.0321 0x1324  Page size: 0x1000
16:40:59.0321 0x1324  Boot type: Normal boot
16:40:59.0321 0x1324  ============================================================
16:40:59.0425 0x1324  KLMD registered as C:\Windows\system32\drivers\00720567.sys
16:40:59.0476 0x1324  System UUID: {9BA3863D-480C-2425-BD33-F36823AC3FE5}
16:40:59.0762 0x1324  Drive \Device\Harddisk0\DR0 - Size: 0x29EB7FDE00 (167.68 Gb), SectorSize: 0x200, Cylinders: 0x5581, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:40:59.0786 0x1324  Drive \Device\Harddisk1\DR1 - Size: 0x1D1C100DE00 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:40:59.0796 0x1324  Drive \Device\Harddisk2\DR2 - Size: 0x1D1C100DE00 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:40:59.0818 0x1324  Drive \Device\Harddisk3\DR3 - Size: 0xE8E0CADE00 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:40:59.0833 0x1324  Drive \Device\Harddisk8\DR8 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
16:41:02.0248 0x1324  Drive \Device\Harddisk9\DR9 - Size: 0x775000000 (29.83 Gb), SectorSize: 0x200, Cylinders: 0xF35, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
16:41:02.0250 0x1324  ============================================================
16:41:02.0250 0x1324  \Device\Harddisk0\DR0:
16:41:02.0250 0x1324  MBR partitions:
16:41:02.0250 0x1324  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x6, StartLBA 0x3F, BlocksNum 0xFB001
16:41:02.0250 0x1324  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xFB800, BlocksNum 0x14E5F800
16:41:02.0250 0x1324  \Device\Harddisk1\DR1:
16:41:02.0251 0x1324  MBR partitions:
16:41:02.0251 0x1324  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x2FE09F50, BlocksNum 0x2FE09F50
16:41:02.0251 0x1324  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0xA2C88410, BlocksNum 0x4617F0B1
16:41:02.0251 0x1324  \Device\Harddisk2\DR2:
16:41:02.0251 0x1324  MBR partitions:
16:41:02.0251 0x1324  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xE8E07482
16:41:02.0251 0x1324  \Device\Harddisk3\DR3:
16:41:02.0251 0x1324  MBR partitions:
16:41:02.0251 0x1324  \Device\Harddisk3\DR3\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A380D41
16:41:02.0251 0x1324  \Device\Harddisk8\DR8:
16:41:02.0252 0x1324  MBR partitions:
16:41:02.0252 0x1324  \Device\Harddisk8\DR8\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
16:41:02.0252 0x1324  \Device\Harddisk9\DR9:
16:41:02.0252 0x1324  MBR partitions:
16:41:02.0252 0x1324  \Device\Harddisk9\DR9\Partition1: MBR, Type 0xC, StartLBA 0x1F80, BlocksNum 0x3BA6080
16:41:02.0252 0x1324  ============================================================
16:41:02.0254 0x1324  C: <-> \Device\Harddisk0\DR0\Partition2
16:41:02.0276 0x1324  F: <-> \Device\Harddisk2\DR2\Partition1
16:41:02.0296 0x1324  H: <-> \Device\Harddisk8\DR8\Partition1
16:41:02.0317 0x1324  J: <-> \Device\Harddisk1\DR1\Partition1
16:41:02.0348 0x1324  K: <-> \Device\Harddisk1\DR1\Partition2
16:41:02.0376 0x1324  L: <-> \Device\Harddisk3\DR3\Partition1
16:41:02.0377 0x1324  ============================================================
16:41:02.0377 0x1324  Initialize success
16:41:02.0377 0x1324  ============================================================
16:41:09.0286 0x10a4  ============================================================
16:41:09.0286 0x10a4  Scan started
16:41:09.0286 0x10a4  Mode: Manual;
16:41:09.0286 0x10a4  ============================================================
16:41:09.0286 0x10a4  KSN ping started
16:41:12.0645 0x10a4  KSN ping finished: true
16:41:12.0934 0x10a4  ================ Scan system memory ========================
16:41:12.0934 0x10a4  System memory - ok
16:41:12.0935 0x10a4  ================ Scan services =============================
16:41:12.0972 0x10a4  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
16:41:12.0977 0x10a4  1394ohci - ok
16:41:12.0996 0x10a4  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
16:41:13.0003 0x10a4  ACPI - ok
16:41:13.0007 0x10a4  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
16:41:13.0008 0x10a4  AcpiPmi - ok
16:41:13.0014 0x10a4  [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:41:13.0016 0x10a4  AdobeARMservice - ok
16:41:13.0028 0x10a4  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
16:41:13.0037 0x10a4  adp94xx - ok
16:41:13.0049 0x10a4  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
16:41:13.0056 0x10a4  adpahci - ok
16:41:13.0062 0x10a4  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
16:41:13.0067 0x10a4  adpu320 - ok
16:41:13.0072 0x10a4  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
16:41:13.0074 0x10a4  AeLookupSvc - ok
16:41:13.0087 0x10a4  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\Windows\system32\drivers\afd.sys
16:41:13.0097 0x10a4  AFD - ok
16:41:13.0102 0x10a4  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
16:41:13.0104 0x10a4  agp440 - ok
16:41:13.0108 0x10a4  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
16:41:13.0112 0x10a4  ALG - ok
16:41:13.0116 0x10a4  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
16:41:13.0117 0x10a4  aliide - ok
16:41:13.0120 0x10a4  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
16:41:13.0121 0x10a4  amdide - ok
16:41:13.0125 0x10a4  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
16:41:13.0127 0x10a4  AmdK8 - ok
16:41:13.0131 0x10a4  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
16:41:13.0133 0x10a4  AmdPPM - ok
16:41:13.0138 0x10a4  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
16:41:13.0141 0x10a4  amdsata - ok
16:41:13.0148 0x10a4  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
16:41:13.0152 0x10a4  amdsbs - ok
16:41:13.0156 0x10a4  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
16:41:13.0157 0x10a4  amdxata - ok
16:41:13.0161 0x10a4  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
16:41:13.0163 0x10a4  AppID - ok
16:41:13.0167 0x10a4  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
16:41:13.0168 0x10a4  AppIDSvc - ok
16:41:13.0174 0x10a4  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
16:41:13.0176 0x10a4  Appinfo - ok
16:41:13.0183 0x10a4  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
16:41:13.0188 0x10a4  AppMgmt - ok
16:41:13.0192 0x10a4  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
16:41:13.0195 0x10a4  arc - ok
16:41:13.0199 0x10a4  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
16:41:13.0202 0x10a4  arcsas - ok
16:41:13.0212 0x10a4  [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:41:13.0214 0x10a4  aspnet_state - ok
16:41:13.0216 0x10a4  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
16:41:13.0218 0x10a4  AsyncMac - ok
16:41:13.0220 0x10a4  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
16:41:13.0221 0x10a4  atapi - ok
16:41:13.0236 0x10a4  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:41:13.0251 0x10a4  AudioEndpointBuilder - ok
16:41:13.0266 0x10a4  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
16:41:13.0276 0x10a4  AudioSrv - ok
16:41:13.0282 0x10a4  [ 27CA53E91543B800E16129BCEC3247AD, D13DAF369EDEC383377A7FCE4AA997F8EA6740D18819BBEBAEC0C09C41F700B8 ] Avgdiska        C:\Windows\system32\DRIVERS\avgdiska.sys
16:41:13.0286 0x10a4  Avgdiska - ok
16:41:13.0356 0x10a4  [ F89B2DACE0FBE54CF65D12B7081C19C3, 64BBA5A29948ABFADB8865CE0D7D0259AB291B8DA04786AB351055D57B49D439 ] AVGIDSAgent     C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
16:41:13.0422 0x10a4  AVGIDSAgent - ok
16:41:13.0439 0x10a4  [ 57250DDDE2523115D0927DBBA745F9FA, 0560733DBECC074016532ABCF2B2428DBA689A9B930993E7544A2D50B0DCAFA9 ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdrivera.sys
16:41:13.0444 0x10a4  AVGIDSDriver - ok
16:41:13.0452 0x10a4  [ 19AD820FC44AA71EDD1BC70B6E3F36B0, 997CA09273476881E4F824803B769BF3B67CC5ADAE8B99EBBD7A72C2205C3153 ] AVGIDSHA        C:\Windows\system32\DRIVERS\avgidsha.sys
16:41:13.0456 0x10a4  AVGIDSHA - ok
16:41:13.0463 0x10a4  [ 4BE8BB177B4C2BC3564845EF6D1073F1, 4ACA54EA54F5ABA96A73BD83C0C5A83C37090FEB7CBE67AE94E9CD3E364931C8 ] Avgldx64        C:\Windows\system32\DRIVERS\avgldx64.sys
16:41:13.0468 0x10a4  Avgldx64 - ok
16:41:13.0476 0x10a4  [ D3772CC086FB81F76B5A82C85E1C7C8E, B1BEFD7AC658F28AECEF5468F5815504BDDC8A4203207B6F0CA53C5B216F782D ] Avgloga         C:\Windows\system32\DRIVERS\avgloga.sys
16:41:13.0483 0x10a4  Avgloga - ok
16:41:13.0490 0x10a4  [ A0BCE5DC2C1F1EE5C1CA19A33375AC23, 517663AEDD7A45607E17910DE60B2847E521472F9C0AB56034617BE2F351DE8D ] Avgmfx64        C:\Windows\system32\DRIVERS\avgmfx64.sys
16:41:13.0493 0x10a4  Avgmfx64 - ok
16:41:13.0498 0x10a4  [ 12FAAF366975B2BF2E93F1866C0E480D, 559480A1434E6805CF4F3DB5352E98387053194BB7B0DB18099B53D306D9951D ] Avgrkx64        C:\Windows\system32\DRIVERS\avgrkx64.sys
16:41:13.0499 0x10a4  Avgrkx64 - ok
16:41:13.0508 0x10a4  [ 4E364FABBD147F59E5D524C9EA86D772, 5D2B1E35EDBF68C23C5BF38B8B7AC484E3430219E0072C4831F58A9E8386A5FD ] Avgtdia         C:\Windows\system32\DRIVERS\avgtdia.sys
16:41:13.0514 0x10a4  Avgtdia - ok
16:41:13.0518 0x10a4  [ A1F53D2A00E64679A1D81B61D2333D06, 41D4F252693A2382A1C1FB85A49DF5AAB5B21620DC09A0E1A7F66A437E3A0B3B ] avgtp           C:\Windows\system32\drivers\avgtpx64.sys
16:41:13.0520 0x10a4  avgtp - ok
16:41:13.0530 0x10a4  [ B747B6BB015E552F49C634BB19540F3D, 5000AD41BD101BC06D595484B6E58DEEBB962939ACF4B24DE515771D1C4AE3ED ] avgwd           C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
16:41:13.0537 0x10a4  avgwd - ok
16:41:13.0543 0x10a4  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
16:41:13.0547 0x10a4  AxInstSV - ok
16:41:13.0560 0x10a4  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
16:41:13.0569 0x10a4  b06bdrv - ok
16:41:13.0578 0x10a4  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
16:41:13.0584 0x10a4  b57nd60a - ok
16:41:13.0591 0x10a4  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
16:41:13.0594 0x10a4  BDESVC - ok
16:41:13.0598 0x10a4  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
16:41:13.0599 0x10a4  Beep - ok
16:41:13.0615 0x10a4  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
16:41:13.0629 0x10a4  BFE - ok
16:41:13.0649 0x10a4  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
16:41:13.0669 0x10a4  BITS - ok
16:41:13.0674 0x10a4  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
16:41:13.0676 0x10a4  blbdrive - ok
16:41:13.0681 0x10a4  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
16:41:13.0684 0x10a4  bowser - ok
16:41:13.0687 0x10a4  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:41:13.0688 0x10a4  BrFiltLo - ok
16:41:13.0692 0x10a4  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:41:13.0693 0x10a4  BrFiltUp - ok
16:41:13.0702 0x10a4  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
16:41:13.0705 0x10a4  Browser - ok
16:41:13.0714 0x10a4  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
16:41:13.0721 0x10a4  Brserid - ok
16:41:13.0725 0x10a4  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
16:41:13.0727 0x10a4  BrSerWdm - ok
16:41:13.0731 0x10a4  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
16:41:13.0733 0x10a4  BrUsbMdm - ok
16:41:13.0736 0x10a4  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
16:41:13.0737 0x10a4  BrUsbSer - ok
16:41:13.0742 0x10a4  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
16:41:13.0745 0x10a4  BTHMODEM - ok
16:41:13.0751 0x10a4  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
16:41:13.0753 0x10a4  bthserv - ok
16:41:13.0758 0x10a4  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
16:41:13.0761 0x10a4  cdfs - ok
16:41:13.0768 0x10a4  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
16:41:13.0771 0x10a4  cdrom - ok
16:41:13.0776 0x10a4  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
16:41:13.0778 0x10a4  CertPropSvc - ok
16:41:13.0783 0x10a4  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
16:41:13.0786 0x10a4  circlass - ok
16:41:13.0796 0x10a4  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
16:41:13.0804 0x10a4  CLFS - ok
16:41:13.0810 0x10a4  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:41:13.0812 0x10a4  clr_optimization_v2.0.50727_32 - ok
16:41:13.0818 0x10a4  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:41:13.0821 0x10a4  clr_optimization_v2.0.50727_64 - ok
16:41:13.0831 0x10a4  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:41:13.0835 0x10a4  clr_optimization_v4.0.30319_32 - ok
16:41:13.0840 0x10a4  [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:41:13.0845 0x10a4  clr_optimization_v4.0.30319_64 - ok
16:41:13.0848 0x10a4  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
16:41:13.0850 0x10a4  CmBatt - ok
16:41:13.0855 0x10a4  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
16:41:13.0856 0x10a4  cmdide - ok
16:41:13.0868 0x10a4  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
16:41:13.0877 0x10a4  CNG - ok
16:41:13.0881 0x10a4  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
16:41:13.0882 0x10a4  Compbatt - ok
16:41:13.0886 0x10a4  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
16:41:13.0889 0x10a4  CompositeBus - ok
16:41:13.0892 0x10a4  COMSysApp - ok
16:41:13.0896 0x10a4  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
16:41:13.0897 0x10a4  crcdisk - ok
16:41:13.0905 0x10a4  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
16:41:13.0910 0x10a4  CryptSvc - ok
16:41:13.0923 0x10a4  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
16:41:13.0934 0x10a4  CSC - ok
16:41:13.0951 0x10a4  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
16:41:13.0965 0x10a4  CscService - ok
16:41:13.0979 0x10a4  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
16:41:13.0991 0x10a4  DcomLaunch - ok
16:41:14.0000 0x10a4  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
16:41:14.0006 0x10a4  defragsvc - ok
16:41:14.0011 0x10a4  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
16:41:14.0014 0x10a4  DfsC - ok
16:41:14.0023 0x10a4  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
16:41:14.0030 0x10a4  Dhcp - ok
16:41:14.0035 0x10a4  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
16:41:14.0036 0x10a4  discache - ok
16:41:14.0040 0x10a4  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
16:41:14.0043 0x10a4  Disk - ok
16:41:14.0049 0x10a4  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
16:41:14.0053 0x10a4  Dnscache - ok
16:41:14.0062 0x10a4  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
16:41:14.0068 0x10a4  dot3svc - ok
16:41:14.0074 0x10a4  [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] dot4            C:\Windows\system32\DRIVERS\Dot4.sys
16:41:14.0078 0x10a4  dot4 - ok
16:41:14.0082 0x10a4  [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print       C:\Windows\system32\drivers\Dot4Prt.sys
16:41:14.0083 0x10a4  Dot4Print - ok
16:41:14.0087 0x10a4  [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
16:41:14.0089 0x10a4  dot4usb - ok
16:41:14.0095 0x10a4  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
16:41:14.0098 0x10a4  DPS - ok
16:41:14.0102 0x10a4  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
16:41:14.0103 0x10a4  drmkaud - ok
16:41:14.0125 0x10a4  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
16:41:14.0144 0x10a4  DXGKrnl - ok
16:41:14.0151 0x10a4  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
16:41:14.0154 0x10a4  EapHost - ok
16:41:14.0221 0x10a4  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
16:41:14.0283 0x10a4  ebdrv - ok
16:41:14.0293 0x10a4  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS             C:\Windows\System32\lsass.exe
16:41:14.0295 0x10a4  EFS - ok
16:41:14.0312 0x10a4  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
16:41:14.0325 0x10a4  ehRecvr - ok
16:41:14.0332 0x10a4  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
16:41:14.0335 0x10a4  ehSched - ok
16:41:14.0349 0x10a4  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
16:41:14.0360 0x10a4  elxstor - ok
16:41:14.0365 0x10a4  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
16:41:14.0366 0x10a4  ErrDev - ok
16:41:14.0380 0x10a4  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
16:41:14.0388 0x10a4  EventSystem - ok
16:41:14.0395 0x10a4  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
16:41:14.0400 0x10a4  exfat - ok
16:41:14.0407 0x10a4  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
16:41:14.0412 0x10a4  fastfat - ok
16:41:14.0428 0x10a4  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
16:41:14.0442 0x10a4  Fax - ok
16:41:14.0449 0x10a4  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
16:41:14.0450 0x10a4  fdc - ok
16:41:14.0454 0x10a4  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
16:41:14.0455 0x10a4  fdPHost - ok
16:41:14.0460 0x10a4  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
16:41:14.0462 0x10a4  FDResPub - ok
16:41:14.0467 0x10a4  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
16:41:14.0469 0x10a4  FileInfo - ok
16:41:14.0473 0x10a4  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
16:41:14.0475 0x10a4  Filetrace - ok
16:41:14.0507 0x10a4  [ 64AB6F28047744B9B19C97459C2AB31B, B1F3FEE6DF1E72003DEAC8712C3E29D82DF67A095C4AC16A379BCD995C2F3833 ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
16:41:14.0534 0x10a4  FLEXnet Licensing Service 64 - ok
16:41:14.0540 0x10a4  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
16:41:14.0541 0x10a4  flpydisk - ok
16:41:14.0550 0x10a4  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
16:41:14.0556 0x10a4  FltMgr - ok
16:41:14.0581 0x10a4  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
16:41:14.0605 0x10a4  FontCache - ok
16:41:14.0611 0x10a4  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:41:14.0613 0x10a4  FontCache3.0.0.0 - ok
16:41:14.0617 0x10a4  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
16:41:14.0619 0x10a4  FsDepends - ok
16:41:14.0622 0x10a4  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
16:41:14.0624 0x10a4  Fs_Rec - ok
16:41:14.0631 0x10a4  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
16:41:14.0636 0x10a4  fvevol - ok
16:41:14.0640 0x10a4  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
16:41:14.0642 0x10a4  gagp30kx - ok
16:41:14.0645 0x10a4  [ F51FB25E1328FA14F446A8B24AC52709, 36EB4D32D4677E70A4BEA318476C0B711B40FB83E68CE8035FDB6A4AD30FADCB ] gdrv            C:\Windows\gdrv.sys
16:41:14.0646 0x10a4  gdrv - ok
16:41:14.0663 0x10a4  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
16:41:14.0679 0x10a4  gpsvc - ok
16:41:14.0687 0x10a4  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:41:14.0689 0x10a4  gupdate - ok
16:41:14.0693 0x10a4  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:41:14.0695 0x10a4  gupdatem - ok
16:41:14.0699 0x10a4  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
16:41:14.0701 0x10a4  hcw85cir - ok
16:41:14.0710 0x10a4  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:41:14.0718 0x10a4  HdAudAddService - ok
16:41:14.0724 0x10a4  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
16:41:14.0727 0x10a4  HDAudBus - ok
16:41:14.0732 0x10a4  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
16:41:14.0733 0x10a4  HidBatt - ok
16:41:14.0738 0x10a4  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
16:41:14.0741 0x10a4  HidBth - ok
16:41:14.0744 0x10a4  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
16:41:14.0746 0x10a4  HidIr - ok
16:41:14.0751 0x10a4  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
16:41:14.0753 0x10a4  hidserv - ok
16:41:14.0757 0x10a4  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
16:41:14.0758 0x10a4  HidUsb - ok
16:41:14.0763 0x10a4  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
16:41:14.0767 0x10a4  hkmsvc - ok
16:41:14.0774 0x10a4  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:41:14.0780 0x10a4  HomeGroupListener - ok
16:41:14.0787 0x10a4  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:41:14.0792 0x10a4  HomeGroupProvider - ok
16:41:14.0798 0x10a4  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
16:41:14.0800 0x10a4  HpSAMD - ok
16:41:14.0817 0x10a4  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
16:41:14.0832 0x10a4  HTTP - ok
16:41:14.0837 0x10a4  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
16:41:14.0838 0x10a4  hwpolicy - ok
16:41:14.0843 0x10a4  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
16:41:14.0846 0x10a4  i8042prt - ok
16:41:14.0857 0x10a4  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
16:41:14.0865 0x10a4  iaStorV - ok
16:41:14.0885 0x10a4  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:41:14.0902 0x10a4  idsvc - ok
16:41:14.0907 0x10a4  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
16:41:14.0909 0x10a4  iirsp - ok
16:41:14.0927 0x10a4  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
16:41:14.0945 0x10a4  IKEEXT - ok
16:41:14.0953 0x10a4  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
16:41:14.0955 0x10a4  intelide - ok
16:41:14.0960 0x10a4  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
16:41:14.0962 0x10a4  intelppm - ok
16:41:14.0968 0x10a4  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
16:41:14.0971 0x10a4  IPBusEnum - ok
16:41:14.0975 0x10a4  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:41:14.0978 0x10a4  IpFilterDriver - ok
16:41:14.0991 0x10a4  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
16:41:15.0003 0x10a4  iphlpsvc - ok
16:41:15.0008 0x10a4  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
16:41:15.0011 0x10a4  IPMIDRV - ok
16:41:15.0016 0x10a4  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
16:41:15.0019 0x10a4  IPNAT - ok
16:41:15.0022 0x10a4  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
16:41:15.0024 0x10a4  IRENUM - ok
16:41:15.0028 0x10a4  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
16:41:15.0029 0x10a4  isapnp - ok
16:41:15.0038 0x10a4  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
16:41:15.0044 0x10a4  iScsiPrt - ok
16:41:15.0049 0x10a4  [ DB85FE8D6CBAA2047CB4DA1B2C193D76, 9F9A6B4446ED0EC2EDFD2F1554E83EB381A7CC16CD0D0159B043402B630CAF01 ] JRAID           C:\Windows\system32\DRIVERS\jraid.sys
16:41:15.0052 0x10a4  JRAID - ok
16:41:15.0057 0x10a4  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
16:41:15.0058 0x10a4  kbdclass - ok
16:41:15.0062 0x10a4  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
16:41:15.0064 0x10a4  kbdhid - ok
16:41:15.0068 0x10a4  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso          C:\Windows\system32\lsass.exe
16:41:15.0069 0x10a4  KeyIso - ok
16:41:15.0075 0x10a4  [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
16:41:15.0077 0x10a4  KSecDD - ok
16:41:15.0083 0x10a4  [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
16:41:15.0087 0x10a4  KSecPkg - ok
16:41:15.0090 0x10a4  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
16:41:15.0092 0x10a4  ksthunk - ok
16:41:15.0101 0x10a4  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
16:41:15.0110 0x10a4  KtmRm - ok
16:41:15.0118 0x10a4  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
16:41:15.0125 0x10a4  LanmanServer - ok
16:41:15.0131 0x10a4  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:41:15.0136 0x10a4  LanmanWorkstation - ok
16:41:15.0141 0x10a4  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
16:41:15.0143 0x10a4  lltdio - ok
16:41:15.0153 0x10a4  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
16:41:15.0159 0x10a4  lltdsvc - ok
16:41:15.0163 0x10a4  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
16:41:15.0166 0x10a4  lmhosts - ok
16:41:15.0172 0x10a4  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
16:41:15.0174 0x10a4  LSI_FC - ok
16:41:15.0179 0x10a4  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
16:41:15.0183 0x10a4  LSI_SAS - ok
16:41:15.0189 0x10a4  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:41:15.0191 0x10a4  LSI_SAS2 - ok
16:41:15.0196 0x10a4  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:41:15.0199 0x10a4  LSI_SCSI - ok
16:41:15.0204 0x10a4  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
16:41:15.0207 0x10a4  luafv - ok
16:41:15.0212 0x10a4  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
16:41:15.0215 0x10a4  Mcx2Svc - ok
16:41:15.0224 0x10a4  [ 11F714F85530A2BD134074DC30E99FCA, BDB5FD3B2DF4ADD19B31965B3E789768B59E872B3EA85912B1FFB32B2AF9D5D8 ] MDM             C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe
16:41:15.0230 0x10a4  MDM - ok
16:41:15.0235 0x10a4  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
16:41:15.0237 0x10a4  megasas - ok
16:41:15.0245 0x10a4  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
16:41:15.0251 0x10a4  MegaSR - ok
16:41:15.0263 0x10a4  [ 551A5E070F5DF69A64463852E93009DD, D226F4D198AD8A1A0CB399BA5299332995BF75615952DF6D3610B95EB7D180BB ] mitsijm2013     C:\Program Files\Autodesk\Inventor 2013\Moldflow\bin\mitsijm.exe
16:41:15.0279 0x10a4  mitsijm2013 - ok
16:41:15.0284 0x10a4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
16:41:15.0287 0x10a4  MMCSS - ok
16:41:15.0291 0x10a4  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
16:41:15.0293 0x10a4  Modem - ok
16:41:15.0296 0x10a4  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
16:41:15.0298 0x10a4  monitor - ok
16:41:15.0302 0x10a4  [ D69F1E9A944A5F46A494AF901ED41118, 162F7EFA30BF687585A2F4CB612CFAA24F5B7B8BEAF1A9FB9FE3E4988682228D ] motandroidusb   C:\Windows\system32\Drivers\motoandroid.sys
16:41:15.0312 0x10a4  motandroidusb - ok
16:41:15.0318 0x10a4  [ FDF0D78147DA8B2A93FE42D9A14C1B0B, F5855E691938BBFAC4A16BFAC8029BD20E1FA5A260ECD256BE2CBC0E24CDC2CD ] Motorola Device Manager C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
16:41:15.0321 0x10a4  Motorola Device Manager - ok
16:41:15.0325 0x10a4  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\drivers\mouclass.sys
16:41:15.0327 0x10a4  mouclass - ok
16:41:15.0332 0x10a4  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
16:41:15.0333 0x10a4  mouhid - ok
16:41:15.0338 0x10a4  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
16:41:15.0340 0x10a4  mountmgr - ok
16:41:15.0345 0x10a4  [ 5E0686615A80A6279B2314E13CD23F6E, 659931AB2DD395FAA2E5036D02BC6AAE8A7E4C9FF1A902B1FF9C15E878C89E77 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:41:15.0347 0x10a4  MozillaMaintenance - ok
16:41:15.0353 0x10a4  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
16:41:15.0357 0x10a4  mpio - ok
16:41:15.0362 0x10a4  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
16:41:15.0365 0x10a4  mpsdrv - ok
16:41:15.0383 0x10a4  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
16:41:15.0400 0x10a4  MpsSvc - ok
16:41:15.0407 0x10a4  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
16:41:15.0411 0x10a4  MRxDAV - ok
16:41:15.0419 0x10a4  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
16:41:15.0423 0x10a4  mrxsmb - ok
16:41:15.0432 0x10a4  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:41:15.0438 0x10a4  mrxsmb10 - ok
16:41:15.0444 0x10a4  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:41:15.0447 0x10a4  mrxsmb20 - ok
16:41:15.0451 0x10a4  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
16:41:15.0454 0x10a4  msahci - ok
16:41:15.0459 0x10a4  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
16:41:15.0462 0x10a4  msdsm - ok
16:41:15.0469 0x10a4  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
16:41:15.0473 0x10a4  MSDTC - ok
16:41:15.0480 0x10a4  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
16:41:15.0481 0x10a4  Msfs - ok
16:41:15.0484 0x10a4  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
16:41:15.0486 0x10a4  mshidkmdf - ok
16:41:15.0490 0x10a4  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
16:41:15.0491 0x10a4  msisadrv - ok
16:41:15.0497 0x10a4  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
16:41:15.0502 0x10a4  MSiSCSI - ok
16:41:15.0507 0x10a4  msiserver - ok
16:41:15.0510 0x10a4  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
16:41:15.0512 0x10a4  MSKSSRV - ok
16:41:15.0514 0x10a4  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
16:41:15.0517 0x10a4  MSPCLOCK - ok
16:41:15.0520 0x10a4  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
16:41:15.0521 0x10a4  MSPQM - ok
16:41:15.0532 0x10a4  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
16:41:15.0540 0x10a4  MsRPC - ok
16:41:15.0549 0x10a4  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
16:41:15.0550 0x10a4  mssmbios - ok
16:41:15.0554 0x10a4  MSSQL$SQLEXPRESS - ok
16:41:15.0560 0x10a4  [ 04EF36EAF5C4DBCE424D81B76F1E9231, ABA97C3004903852357264291613649D823F5BB24806E6CF9952AB3AA0E97C15 ] MSSQLServerADHelper100 C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
16:41:15.0562 0x10a4  MSSQLServerADHelper100 - ok
16:41:15.0566 0x10a4  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
16:41:15.0567 0x10a4  MSTEE - ok
16:41:15.0571 0x10a4  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
16:41:15.0572 0x10a4  MTConfig - ok
16:41:15.0576 0x10a4  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
16:41:15.0578 0x10a4  Mup - ok
16:41:15.0590 0x10a4  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
16:41:15.0600 0x10a4  napagent - ok
16:41:15.0609 0x10a4  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
16:41:15.0616 0x10a4  NativeWifiP - ok
16:41:15.0637 0x10a4  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
16:41:15.0656 0x10a4  NDIS - ok
16:41:15.0662 0x10a4  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
16:41:15.0664 0x10a4  NdisCap - ok
16:41:15.0669 0x10a4  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
16:41:15.0670 0x10a4  NdisTapi - ok
16:41:15.0676 0x10a4  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
16:41:15.0678 0x10a4  Ndisuio - ok
16:41:15.0684 0x10a4  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
16:41:15.0688 0x10a4  NdisWan - ok
16:41:15.0692 0x10a4  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
16:41:15.0694 0x10a4  NDProxy - ok
16:41:15.0700 0x10a4  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
16:41:15.0702 0x10a4  NetBIOS - ok
16:41:15.0710 0x10a4  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
16:41:15.0716 0x10a4  NetBT - ok
16:41:15.0721 0x10a4  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon        C:\Windows\system32\lsass.exe
16:41:15.0722 0x10a4  Netlogon - ok
16:41:15.0732 0x10a4  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
16:41:15.0740 0x10a4  Netman - ok
16:41:15.0745 0x10a4  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:41:15.0749 0x10a4  NetMsmqActivator - ok
16:41:15.0755 0x10a4  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:41:15.0758 0x10a4  NetPipeActivator - ok
16:41:15.0770 0x10a4  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
16:41:15.0780 0x10a4  netprofm - ok
16:41:15.0785 0x10a4  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:41:15.0787 0x10a4  NetTcpActivator - ok
16:41:15.0792 0x10a4  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:41:15.0794 0x10a4  NetTcpPortSharing - ok
16:41:15.0798 0x10a4  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
16:41:15.0800 0x10a4  nfrd960 - ok
16:41:15.0809 0x10a4  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
16:41:15.0816 0x10a4  NlaSvc - ok
16:41:15.0821 0x10a4  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
16:41:15.0824 0x10a4  Npfs - ok
16:41:15.0827 0x10a4  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
16:41:15.0829 0x10a4  nsi - ok
16:41:15.0835 0x10a4  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
16:41:15.0836 0x10a4  nsiproxy - ok
16:41:15.0872 0x10a4  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
16:41:15.0904 0x10a4  Ntfs - ok
16:41:15.0910 0x10a4  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
16:41:15.0911 0x10a4  Null - ok
16:41:16.0161 0x10a4  [ E71E299FF15390E585BACF2C18F55078, 7A51D989DA55349B1761839DEAFD593B6E6F88C433B132E7B027467E050FBA67 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:41:16.0398 0x10a4  nvlddmkm - ok
16:41:16.0428 0x10a4  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
16:41:16.0432 0x10a4  nvraid - ok
16:41:16.0438 0x10a4  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
16:41:16.0442 0x10a4  nvstor - ok
16:41:16.0462 0x10a4  [ 415695F5A54E91E869EEBFEA261361A6, 1829C15E07D902686171C8A66EB03040A037CAC1E00E24BF598030D9DA795CEC ] nvsvc           C:\Windows\system32\nvvsvc.exe
16:41:16.0480 0x10a4  nvsvc - ok
16:41:16.0511 0x10a4  [ AA130938A27BB80A8B6438EF83232275, 7C5A4863CD22413723C9F7658855E34088A2F89DF740531ED7986F67A30935E0 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
16:41:16.0536 0x10a4  nvUpdatusService - ok
16:41:16.0544 0x10a4  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
16:41:16.0547 0x10a4  nv_agp - ok
16:41:16.0553 0x10a4  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
16:41:16.0555 0x10a4  ohci1394 - ok
16:41:16.0565 0x10a4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
16:41:16.0573 0x10a4  p2pimsvc - ok
16:41:16.0584 0x10a4  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
16:41:16.0594 0x10a4  p2psvc - ok
16:41:16.0599 0x10a4  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
16:41:16.0602 0x10a4  Parport - ok
16:41:16.0607 0x10a4  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
16:41:16.0609 0x10a4  partmgr - ok
16:41:16.0617 0x10a4  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
16:41:16.0622 0x10a4  PcaSvc - ok
16:41:16.0629 0x10a4  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
16:41:16.0633 0x10a4  pci - ok
16:41:16.0637 0x10a4  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
16:41:16.0638 0x10a4  pciide - ok
16:41:16.0645 0x10a4  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
16:41:16.0650 0x10a4  pcmcia - ok
16:41:16.0654 0x10a4  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
16:41:16.0656 0x10a4  pcw - ok
16:41:16.0670 0x10a4  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
16:41:16.0683 0x10a4  PEAUTH - ok
16:41:16.0712 0x10a4  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
16:41:16.0739 0x10a4  PeerDistSvc - ok
16:41:16.0761 0x10a4  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
16:41:16.0763 0x10a4  PerfHost - ok
16:41:16.0796 0x10a4  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
16:41:16.0824 0x10a4  pla - ok
16:41:16.0837 0x10a4  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
16:41:16.0845 0x10a4  PlugPlay - ok
16:41:16.0849 0x10a4  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
16:41:16.0852 0x10a4  PNRPAutoReg - ok
16:41:16.0861 0x10a4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
16:41:16.0866 0x10a4  PNRPsvc - ok
16:41:16.0879 0x10a4  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
16:41:16.0890 0x10a4  PolicyAgent - ok
16:41:16.0898 0x10a4  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
16:41:16.0903 0x10a4  Power - ok
16:41:16.0908 0x10a4  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
16:41:16.0911 0x10a4  PptpMiniport - ok
16:41:16.0915 0x10a4  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
16:41:16.0917 0x10a4  Processor - ok
16:41:16.0924 0x10a4  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
16:41:16.0929 0x10a4  ProfSvc - ok
16:41:16.0932 0x10a4  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
16:41:16.0933 0x10a4  ProtectedStorage - ok
16:41:16.0939 0x10a4  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
16:41:16.0943 0x10a4  Psched - ok
16:41:16.0947 0x10a4  [ EA735BF6DF13A857A83C99BF27A422AD, 026A57155FB9E01CFAFD8613980CDF0F3D744ABBBC66EFDC6C20B89980FB45CF ] PST Service     C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
16:41:16.0956 0x10a4  PST Service - ok
16:41:16.0987 0x10a4  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
16:41:17.0016 0x10a4  ql2300 - ok
16:41:17.0024 0x10a4  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
16:41:17.0027 0x10a4  ql40xx - ok
16:41:17.0034 0x10a4  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
16:41:17.0040 0x10a4  QWAVE - ok
16:41:17.0044 0x10a4  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
16:41:17.0046 0x10a4  QWAVEdrv - ok
16:41:17.0049 0x10a4  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
16:41:17.0053 0x10a4  RasAcd - ok
16:41:17.0057 0x10a4  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
16:41:17.0059 0x10a4  RasAgileVpn - ok
16:41:17.0064 0x10a4  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
16:41:17.0067 0x10a4  RasAuto - ok
16:41:17.0073 0x10a4  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
16:41:17.0076 0x10a4  Rasl2tp - ok
16:41:17.0085 0x10a4  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
16:41:17.0094 0x10a4  RasMan - ok
16:41:17.0099 0x10a4  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
16:41:17.0102 0x10a4  RasPppoe - ok
16:41:17.0106 0x10a4  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
16:41:17.0108 0x10a4  RasSstp - ok
16:41:17.0117 0x10a4  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
16:41:17.0123 0x10a4  rdbss - ok
16:41:17.0127 0x10a4  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
16:41:17.0129 0x10a4  rdpbus - ok
16:41:17.0131 0x10a4  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
16:41:17.0134 0x10a4  RDPCDD - ok
16:41:17.0141 0x10a4  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
16:41:17.0146 0x10a4  RDPDR - ok
16:41:17.0148 0x10a4  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
16:41:17.0150 0x10a4  RDPENCDD - ok
16:41:17.0154 0x10a4  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
16:41:17.0155 0x10a4  RDPREFMP - ok
16:41:17.0161 0x10a4  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
16:41:17.0163 0x10a4  RdpVideoMiniport - ok
16:41:17.0171 0x10a4  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
16:41:17.0176 0x10a4  RDPWD - ok
16:41:17.0183 0x10a4  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
16:41:17.0188 0x10a4  rdyboost - ok
16:41:17.0193 0x10a4  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
16:41:17.0196 0x10a4  RemoteAccess - ok
16:41:17.0203 0x10a4  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
16:41:17.0208 0x10a4  RemoteRegistry - ok
16:41:17.0212 0x10a4  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
16:41:17.0215 0x10a4  RpcEptMapper - ok
16:41:17.0219 0x10a4  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
16:41:17.0220 0x10a4  RpcLocator - ok
16:41:17.0232 0x10a4  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
16:41:17.0241 0x10a4  RpcSs - ok
16:41:17.0250 0x10a4  [ C606C5F712A3761896CEFFA4AF6B1268, 8E6411B0E818DF621B7E1AB271684712CAF741C38B57C0609D6978FA0198523C ] RsFx0151        C:\Windows\system32\DRIVERS\RsFx0151.sys
16:41:17.0256 0x10a4  RsFx0151 - ok
16:41:17.0261 0x10a4  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
16:41:17.0263 0x10a4  rspndr - ok
16:41:17.0279 0x10a4  [ 7F4F11527AF5A7E4526CB6A146B3E40C, 705177014374AB2F12AF4558344C35C206C2820BD1A16770173EA10D094D182B ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
16:41:17.0292 0x10a4  RTL8167 - ok
16:41:17.0297 0x10a4  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
16:41:17.0301 0x10a4  s3cap - ok
16:41:17.0305 0x10a4  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs           C:\Windows\system32\lsass.exe
16:41:17.0307 0x10a4  SamSs - ok
16:41:17.0311 0x10a4  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
16:41:17.0314 0x10a4  sbp2port - ok
16:41:17.0339 0x10a4  [ 794D4B48DFB6E999537C7C3947863463, 93DA8AA20D6B02A3360E7F56150F126E75266E9372E6409D42B89DA588EF49C3 ] SBSDWSCService  C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
16:41:17.0356 0x10a4  SBSDWSCService - ok
16:41:17.0365 0x10a4  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
16:41:17.0370 0x10a4  SCardSvr - ok
16:41:17.0374 0x10a4  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
16:41:17.0376 0x10a4  scfilter - ok
16:41:17.0398 0x10a4  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
16:41:17.0421 0x10a4  Schedule - ok
16:41:17.0428 0x10a4  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
16:41:17.0430 0x10a4  SCPolicySvc - ok
16:41:17.0436 0x10a4  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
16:41:17.0442 0x10a4  SDRSVC - ok
16:41:17.0445 0x10a4  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
16:41:17.0447 0x10a4  secdrv - ok
16:41:17.0452 0x10a4  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
16:41:17.0454 0x10a4  seclogon - ok
16:41:17.0459 0x10a4  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
16:41:17.0461 0x10a4  SENS - ok
16:41:17.0465 0x10a4  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
16:41:17.0467 0x10a4  SensrSvc - ok
16:41:17.0471 0x10a4  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
16:41:17.0472 0x10a4  Serenum - ok
16:41:17.0476 0x10a4  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
16:41:17.0479 0x10a4  Serial - ok
16:41:17.0483 0x10a4  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
16:41:17.0484 0x10a4  sermouse - ok
16:41:17.0493 0x10a4  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
16:41:17.0497 0x10a4  SessionEnv - ok
16:41:17.0501 0x10a4  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
16:41:17.0505 0x10a4  sffdisk - ok
16:41:17.0509 0x10a4  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
16:41:17.0510 0x10a4  sffp_mmc - ok
16:41:17.0514 0x10a4  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
16:41:17.0516 0x10a4  sffp_sd - ok
16:41:17.0521 0x10a4  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
16:41:17.0523 0x10a4  sfloppy - ok
16:41:17.0533 0x10a4  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
16:41:17.0541 0x10a4  SharedAccess - ok
16:41:17.0551 0x10a4  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:41:17.0560 0x10a4  ShellHWDetection - ok
16:41:17.0566 0x10a4  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:41:17.0567 0x10a4  SiSRaid2 - ok
16:41:17.0572 0x10a4  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
16:41:17.0574 0x10a4  SiSRaid4 - ok
16:41:17.0641 0x10a4  [ 9F712B26EE3B0242DE997A42FD302E2C, 12663EB108F158282A965EE70980627C2F2332BA7944D7DE03B78E18BEB87D26 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
16:41:17.0702 0x10a4  Skype C2C Service - ok
16:41:17.0714 0x10a4  [ 5E065268F31F5CBEFE37FE24D7A3ABF0, E226B9F32124C67B88F637A31C0AE120E86D8B1A5826D5F046ADBD0DDC5151C5 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
16:41:17.0717 0x10a4  SkypeUpdate - ok
16:41:17.0722 0x10a4  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
16:41:17.0725 0x10a4  Smb - ok
16:41:17.0731 0x10a4  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
16:41:17.0733 0x10a4  SNMPTRAP - ok
16:41:17.0737 0x10a4  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
16:41:17.0738 0x10a4  spldr - ok
16:41:17.0751 0x10a4  [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler         C:\Windows\System32\spoolsv.exe
16:41:17.0764 0x10a4  Spooler - ok
16:41:17.0839 0x10a4  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
16:41:17.0905 0x10a4  sppsvc - ok
16:41:17.0916 0x10a4  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
16:41:17.0919 0x10a4  sppuinotify - ok
16:41:17.0938 0x10a4  [ 602884696850C86434530790B110E8EB, C9B734F070E55732B274C70381EA28AB574EF6AD3F606D3DC9B9B0038F3EDEEA ] sptd            C:\Windows\system32\Drivers\sptd.sys
16:41:17.0947 0x10a4  Suspicious file ( NoAccess ): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850C86434530790B110E8EB, sha256: C9B734F070E55732B274C70381EA28AB574EF6AD3F606D3DC9B9B0038F3EDEEA
16:41:17.0948 0x10a4  sptd - detected LockedFile.Multi.Generic ( 1 )
16:41:21.0172 0x10a4  Detect skipped due to KSN trusted
16:41:21.0172 0x10a4  sptd - ok
16:41:21.0183 0x10a4  [ 3420E0482AD95120B471B7328A8D7D08, D3D8C45EC601B59ACBE7FE76B7C8478256DD29ADBF9A22938BFD4098E593B682 ] SQLAgent$SQLEXPRESS C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
16:41:21.0192 0x10a4  SQLAgent$SQLEXPRESS - ok
16:41:21.0201 0x10a4  [ 7D67C07C63796775CC5492BCFEAFF125, BAEFF806F656FA252D1DBC1E21603CF5F7D54C5AFB3FC91F2723729A7740DF8A ] SQLBrowser      C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
16:41:21.0207 0x10a4  SQLBrowser - ok
16:41:21.0212 0x10a4  [ F98DDFBFE0EE66D4C4B00693512B9527, 322FF75D1CA460368FD72ADCD93273F1D5AA5CF2C4DF65A94BF9ABAA2E695150 ] SQLWriter       C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
16:41:21.0216 0x10a4  SQLWriter - ok
16:41:21.0228 0x10a4  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
16:41:21.0237 0x10a4  srv - ok
16:41:21.0248 0x10a4  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
16:41:21.0256 0x10a4  srv2 - ok
16:41:21.0263 0x10a4  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
16:41:21.0267 0x10a4  srvnet - ok
16:41:21.0274 0x10a4  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
16:41:21.0279 0x10a4  SSDPSRV - ok
16:41:21.0284 0x10a4  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
16:41:21.0287 0x10a4  SstpSvc - ok
16:41:21.0298 0x10a4  [ A9D26626BEADF5A0641BF6B5095EF309, EABC711466FECA20058D7E24CA2593059E1F113B38A2E7574822E48BFBBF4146 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
16:41:21.0306 0x10a4  Stereo Service - ok
16:41:21.0309 0x10a4  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
16:41:21.0311 0x10a4  stexstor - ok
16:41:21.0325 0x10a4  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
16:41:21.0337 0x10a4  stisvc - ok
16:41:21.0344 0x10a4  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
16:41:21.0345 0x10a4  storflt - ok
16:41:21.0349 0x10a4  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
16:41:21.0350 0x10a4  storvsc - ok
16:41:21.0354 0x10a4  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
16:41:21.0355 0x10a4  swenum - ok
16:41:21.0368 0x10a4  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
16:41:21.0379 0x10a4  swprv - ok
16:41:21.0382 0x10a4  Synth3dVsc - ok
16:41:21.0418 0x10a4  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
16:41:21.0452 0x10a4  SysMain - ok
16:41:21.0461 0x10a4  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:41:21.0465 0x10a4  TabletInputService - ok
16:41:21.0473 0x10a4  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
16:41:21.0481 0x10a4  TapiSrv - ok
16:41:21.0485 0x10a4  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
16:41:21.0490 0x10a4  TBS - ok
16:41:21.0529 0x10a4  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
16:41:21.0565 0x10a4  Tcpip - ok
16:41:21.0607 0x10a4  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
16:41:21.0633 0x10a4  TCPIP6 - ok
16:41:21.0642 0x10a4  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
16:41:21.0644 0x10a4  tcpipreg - ok
16:41:21.0650 0x10a4  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
16:41:21.0652 0x10a4  TDPIPE - ok
16:41:21.0657 0x10a4  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
16:41:21.0658 0x10a4  TDTCP - ok
16:41:21.0663 0x10a4  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
16:41:21.0666 0x10a4  tdx - ok
16:41:21.0672 0x10a4  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
16:41:21.0674 0x10a4  TermDD - ok
16:41:21.0689 0x10a4  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
16:41:21.0704 0x10a4  TermService - ok
16:41:21.0708 0x10a4  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
16:41:21.0711 0x10a4  Themes - ok
16:41:21.0715 0x10a4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
16:41:21.0717 0x10a4  THREADORDER - ok
16:41:21.0723 0x10a4  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
16:41:21.0727 0x10a4  TrkWks - ok
16:41:21.0734 0x10a4  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:41:21.0738 0x10a4  TrustedInstaller - ok
16:41:21.0743 0x10a4  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
16:41:21.0745 0x10a4  tssecsrv - ok
16:41:21.0750 0x10a4  [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
16:41:21.0752 0x10a4  TsUsbFlt - ok
16:41:21.0757 0x10a4  tsusbhub - ok
16:41:21.0762 0x10a4  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
16:41:21.0766 0x10a4  tunnel - ok
16:41:21.0772 0x10a4  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
16:41:21.0774 0x10a4  uagp35 - ok
16:41:21.0783 0x10a4  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
16:41:21.0790 0x10a4  udfs - ok
16:41:21.0798 0x10a4  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
16:41:21.0801 0x10a4  UI0Detect - ok
16:41:21.0806 0x10a4  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
16:41:21.0808 0x10a4  uliagpkx - ok
16:41:21.0814 0x10a4  [ EC09A845824753175151E8FF0B5CE40D, 1D8F3F9E326F5BC58453393DDAFAA8D5BB1E00DA3B09391072F7BE90DC41E6FB ] UltiDev Web Server Pro C:\Program Files (x86)\UltiDev\Web Server\UltiDev.WebServer.Monitor.exe
16:41:21.0939 0x10a4  UltiDev Web Server Pro - ok
16:41:21.0944 0x10a4  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys
16:41:21.0946 0x10a4  umbus - ok
16:41:21.0951 0x10a4  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
16:41:21.0952 0x10a4  UmPass - ok
16:41:21.0959 0x10a4  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
16:41:21.0965 0x10a4  UmRdpService - ok
16:41:21.0975 0x10a4  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
16:41:21.0983 0x10a4  upnphost - ok
16:41:21.0989 0x10a4  [ ACCEA6BC68D0C9A78EB97EE159028B4E, 132F7A543C1DA9456FBABA50552B37E3162ACA612A8567BB3FF0F7DA84231419 ] usbccgp         C:\Windows\system32\drivers\usbccgp.sys
16:41:21.0992 0x10a4  usbccgp - ok
16:41:21.0997 0x10a4  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
16:41:21.0999 0x10a4  usbcir - ok
16:41:22.0004 0x10a4  [ 311C1DD1088E55BEAE15954D17F50646, A663344ABD1414D570617F59CC00020640F31DB34265142EFCA8817328DB842A ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
16:41:22.0006 0x10a4  usbehci - ok
16:41:22.0016 0x10a4  [ 280E90CBF4B2DDD169F0728CB44D726F, 2B39666C022A4F7338BDDB4CB0D7B4D0CC6B398298D29E38826F27FADF4C29DD ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
16:41:22.0023 0x10a4  usbhub - ok
16:41:22.0027 0x10a4  [ 9406D801042FAF859CF81B2C886413DC, D16536EC05260D7A2902314E1AA5E5F73533483B9967739C381FD41B6192B92F ] usbohci         C:\Windows\system32\drivers\usbohci.sys
16:41:22.0028 0x10a4  usbohci - ok
16:41:22.0032 0x10a4  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
16:41:22.0033 0x10a4  usbprint - ok
16:41:22.0039 0x10a4  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\drivers\USBSTOR.SYS
16:41:22.0041 0x10a4  USBSTOR - ok
16:41:22.0045 0x10a4  [ A83D0EC9AE4C31704442099D40BA2471, A29D714FCDF10DF7A2A17D54B131AEFDA61AED988CF8B99C7B30728C50130DCE ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
16:41:22.0047 0x10a4  usbuhci - ok
16:41:22.0052 0x10a4  [ B52B2632CC2E197A48F3E1F6EEEB1059, E3E3369746F4F58640847C43FDF973651DC7115B004A71AE2E6836BECAEBA717 ] UWS HiPriv Services C:\Program Files (x86)\UltiDev\Web Server\UWS.HighPrivilegeUtilities.exe
16:41:22.0181 0x10a4  UWS HiPriv Services - ok
16:41:22.0185 0x10a4  [ E61819F560CCB4F215669CFFF03E3842, EC8CCB880FEEDF2B1E13BFC900C1531919D860E32AC01437C61313CE2BF32622 ] UWS LoPriv Services C:\Program Files (x86)\UltiDev\Web Server\UWS.LowPrivilegeUtilities.exe
16:41:22.0315 0x10a4  UWS LoPriv Services - ok
16:41:22.0319 0x10a4  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
16:41:22.0322 0x10a4  UxSms - ok
16:41:22.0325 0x10a4  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc        C:\Windows\system32\lsass.exe
16:41:22.0326 0x10a4  VaultSvc - ok
16:41:22.0330 0x10a4  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
16:41:22.0332 0x10a4  vdrvroot - ok
16:41:22.0344 0x10a4  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
16:41:22.0356 0x10a4  vds - ok
16:41:22.0361 0x10a4  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
16:41:22.0363 0x10a4  vga - ok
16:41:22.0366 0x10a4  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
16:41:22.0367 0x10a4  VgaSave - ok
16:41:22.0370 0x10a4  VGPU - ok
16:41:22.0379 0x10a4  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
16:41:22.0384 0x10a4  vhdmp - ok
16:41:22.0388 0x10a4  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
16:41:22.0389 0x10a4  viaide - ok
16:41:22.0396 0x10a4  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
16:41:22.0400 0x10a4  vmbus - ok
16:41:22.0406 0x10a4  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
16:41:22.0407 0x10a4  VMBusHID - ok
16:41:22.0412 0x10a4  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
16:41:22.0414 0x10a4  volmgr - ok
16:41:22.0424 0x10a4  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
16:41:22.0431 0x10a4  volmgrx - ok
16:41:22.0440 0x10a4  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
16:41:22.0446 0x10a4  volsnap - ok
16:41:22.0456 0x10a4  [ ABD9B4A7E2D0AE51A3B8DF1AF3152D61, 1EAA4D8D35008E4D5C4AEA91C3ABD3D5BB5F8DF2D95D35792B3F3BB31EABB7CF ] vpcbus          C:\Windows\system32\DRIVERS\vpchbus.sys
16:41:22.0460 0x10a4  vpcbus - ok
16:41:22.0465 0x10a4  [ 8ACDA395841538CE9713A67FE8B2A3EB, D74D6AF8059C1CD59A5DDB03095BC46FF7808DA358FB64D71B53940DEE6356D9 ] vpcnfltr        C:\Windows\system32\DRIVERS\vpcnfltr.sys
16:41:22.0467 0x10a4  vpcnfltr - ok
16:41:22.0473 0x10a4  [ 31924E31BC315773E6D149B157DB46D5, 8E2A8785D2D7327F9DE046E6245F233280395AA42D5BAD1048021109628840C2 ] vpcusb          C:\Windows\system32\DRIVERS\vpcusb.sys
16:41:22.0475 0x10a4  vpcusb - ok
16:41:22.0485 0x10a4  [ C5B651E52540E6F46DA66574C74B4898, 4292E1D574FB0AF1D61F17F88D82A1A77738A3F7ECECB49FF20997FEC99078B2 ] vpcvmm          C:\Windows\system32\drivers\vpcvmm.sys
16:41:22.0492 0x10a4  vpcvmm - ok
16:41:22.0499 0x10a4  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
16:41:22.0503 0x10a4  vsmraid - ok
16:41:22.0537 0x10a4  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
16:41:22.0567 0x10a4  VSS - ok
16:41:22.0605 0x10a4  [ D6BFF86F1946B0E473BAE244FB1BB07F, 999FAD22E6238DA418F1D489CC5FB5815EA879156AD5FF7280C664468B443B8F ] vToolbarUpdater17.1.2 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\ToolbarUpdater.exe
16:41:22.0639 0x10a4  vToolbarUpdater17.1.2 - ok
16:41:22.0646 0x10a4  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
16:41:22.0648 0x10a4  vwifibus - ok
16:41:22.0658 0x10a4  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
16:41:22.0667 0x10a4  W32Time - ok
16:41:22.0673 0x10a4  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
16:41:22.0674 0x10a4  WacomPen - ok
16:41:22.0681 0x10a4  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
16:41:22.0684 0x10a4  WANARP - ok
16:41:22.0689 0x10a4  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
16:41:22.0690 0x10a4  Wanarpv6 - ok
16:41:22.0717 0x10a4  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
16:41:22.0741 0x10a4  WatAdminSvc - ok
16:41:22.0775 0x10a4  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
16:41:22.0805 0x10a4  wbengine - ok
16:41:22.0814 0x10a4  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
16:41:22.0820 0x10a4  WbioSrvc - ok
16:41:22.0831 0x10a4  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
16:41:22.0839 0x10a4  wcncsvc - ok
16:41:22.0843 0x10a4  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:41:22.0846 0x10a4  WcsPlugInService - ok
16:41:22.0851 0x10a4  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
16:41:22.0852 0x10a4  Wd - ok
16:41:22.0871 0x10a4  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
16:41:22.0886 0x10a4  Wdf01000 - ok
16:41:22.0893 0x10a4  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
16:41:22.0896 0x10a4  WdiServiceHost - ok
16:41:22.0900 0x10a4  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
16:41:22.0903 0x10a4  WdiSystemHost - ok
16:41:22.0912 0x10a4  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
16:41:22.0918 0x10a4  WebClient - ok
16:41:22.0927 0x10a4  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
16:41:22.0933 0x10a4  Wecsvc - ok
16:41:22.0939 0x10a4  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
16:41:22.0942 0x10a4  wercplsupport - ok
16:41:22.0947 0x10a4  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
16:41:22.0950 0x10a4  WerSvc - ok
16:41:22.0954 0x10a4  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
16:41:22.0956 0x10a4  WfpLwf - ok
16:41:22.0960 0x10a4  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
16:41:22.0961 0x10a4  WIMMount - ok
16:41:22.0963 0x10a4  WinDefend - ok
16:41:22.0969 0x10a4  WinHttpAutoProxySvc - ok
16:41:22.0980 0x10a4  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
16:41:22.0986 0x10a4  Winmgmt - ok
16:41:23.0028 0x10a4  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
16:41:23.0068 0x10a4  WinRM - ok
16:41:23.0097 0x10a4  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
16:41:23.0116 0x10a4  Wlansvc - ok
16:41:23.0120 0x10a4  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
16:41:23.0122 0x10a4  WmiAcpi - ok
16:41:23.0130 0x10a4  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
16:41:23.0135 0x10a4  wmiApSrv - ok
16:41:23.0138 0x10a4  WMPNetworkSvc - ok
16:41:23.0142 0x10a4  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
16:41:23.0144 0x10a4  WPCSvc - ok
16:41:23.0150 0x10a4  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
16:41:23.0154 0x10a4  WPDBusEnum - ok
16:41:23.0158 0x10a4  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
16:41:23.0159 0x10a4  ws2ifsl - ok
16:41:23.0164 0x10a4  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
16:41:23.0167 0x10a4  wscsvc - ok
16:41:23.0170 0x10a4  WSearch - ok
16:41:23.0222 0x10a4  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
16:41:23.0268 0x10a4  wuauserv - ok
16:41:23.0277 0x10a4  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
16:41:23.0280 0x10a4  WudfPf - ok
16:41:23.0288 0x10a4  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
16:41:23.0293 0x10a4  WUDFRd - ok
16:41:23.0298 0x10a4  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
16:41:23.0302 0x10a4  wudfsvc - ok
16:41:23.0310 0x10a4  [ FE90B750AB808FB9DD8FBB428B5FF83B, 3F8F592EC813BE292D305A87C5BA852F8BC3D7CE610612D9871F209A17326AA8 ] WwanSvc         C:\Windows\System32\wwansvc.dll
16:41:23.0317 0x10a4  WwanSvc - ok
16:41:23.0325 0x10a4  ================ Scan global ===============================
16:41:23.0329 0x10a4  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
16:41:23.0336 0x10a4  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
16:41:23.0348 0x10a4  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
16:41:23.0355 0x10a4  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
16:41:23.0365 0x10a4  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
16:41:23.0372 0x10a4  [ Global ] - ok
16:41:23.0373 0x10a4  ================ Scan MBR ==================================
16:41:23.0375 0x10a4  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:41:23.0441 0x10a4  \Device\Harddisk0\DR0 - ok
16:41:23.0465 0x10a4  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
16:41:23.0469 0x10a4  \Device\Harddisk1\DR1 - ok
16:41:23.0485 0x10a4  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk2\DR2
16:41:23.0490 0x10a4  \Device\Harddisk2\DR2 - ok
16:41:23.0507 0x10a4  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk3\DR3
16:41:23.0511 0x10a4  \Device\Harddisk3\DR3 - ok
16:41:23.0514 0x10a4  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk8\DR8
16:41:23.0520 0x10a4  \Device\Harddisk8\DR8 - ok
16:41:23.0524 0x10a4  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk9\DR9
16:41:23.0529 0x10a4  \Device\Harddisk9\DR9 - ok
16:41:23.0529 0x10a4  ================ Scan VBR ==================================
16:41:23.0531 0x10a4  [ 7BD46E3D650FBF69C32826C0EA70F0A9 ] \Device\Harddisk0\DR0\Partition1
16:41:23.0531 0x10a4  \Device\Harddisk0\DR0\Partition1 - ok
16:41:23.0533 0x10a4  [ 0999AEE07D047AE65C254709A57A7F09 ] \Device\Harddisk0\DR0\Partition2
16:41:23.0534 0x10a4  \Device\Harddisk0\DR0\Partition2 - ok
16:41:23.0536 0x10a4  [ 0824343340C33652BFAAB4600855B364 ] \Device\Harddisk1\DR1\Partition1
16:41:23.0537 0x10a4  \Device\Harddisk1\DR1\Partition1 - ok
16:41:23.0539 0x10a4  [ 7D39D9E251FE82D5AB4466FEADCA80BF ] \Device\Harddisk1\DR1\Partition2
16:41:23.0540 0x10a4  \Device\Harddisk1\DR1\Partition2 - ok
16:41:23.0544 0x10a4  [ 35A6E67B613060B6D0480C63945A6151 ] \Device\Harddisk2\DR2\Partition1
16:41:23.0546 0x10a4  \Device\Harddisk2\DR2\Partition1 - ok
16:41:23.0548 0x10a4  [ 88DFAD5D173F3982486B5F282715ED59 ] \Device\Harddisk3\DR3\Partition1
16:41:23.0550 0x10a4  \Device\Harddisk3\DR3\Partition1 - ok
16:41:23.0553 0x10a4  [ 5F426E4603517FD7E5DDCB74BB32613A ] \Device\Harddisk8\DR8\Partition1
16:41:23.0555 0x10a4  \Device\Harddisk8\DR8\Partition1 - ok
16:41:23.0558 0x10a4  [ B6B70F0A5D92B3418BB08148751CE18E ] \Device\Harddisk9\DR9\Partition1
16:41:23.0559 0x10a4  \Device\Harddisk9\DR9\Partition1 - ok
16:41:23.0559 0x10a4  Waiting for KSN requests completion. In queue: 197
16:41:24.0559 0x10a4  Waiting for KSN requests completion. In queue: 105
16:41:25.0559 0x10a4  Waiting for KSN requests completion. In queue: 105
16:41:26.0559 0x10a4  Waiting for KSN requests completion. In queue: 105
16:41:27.0572 0x10a4  AV detected via SS2: AVG AntiVirus Free Edition 2014, C:\Program Files (x86)\AVG\AVG2014\avgwsc.exe ( 14.0.0.4110 ), 0x41000 ( enabled : updated )
16:41:27.0576 0x10a4  Win FW state via NFP2: enabled
16:41:31.0087 0x10a4  ============================================================
16:41:31.0087 0x10a4  Scan finished
16:41:31.0087 0x10a4  ============================================================
16:41:31.0093 0x0ee8  Detected object count: 0
16:41:31.0093 0x0ee8  Actual detected object count: 0
16:44:02.0518 0x0b74  Deinitialize success
 

 

 

 

#########################################################################

[3]  AdwCleaner log [AdwCleaner[S0].txt]

#########################################################################

 

# AdwCleaner v3.012 - Report created 22/11/2013 at 16:52:33
# Updated 11/11/2013 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Grant - CUSTOMPC
# Running from : C:\Users\Grant\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\Searchprotect
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Users\Grant\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Grant\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\speedupmypc
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\14919ea49a8f3b4aa3cf1058d9a64cec
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\InstallIQ
Key Deleted : HKLM\Software\SearchProtect
Key Deleted : HKLM\Software\Uniblue
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16736


-\\ Mozilla Firefox v25.0.1 (en-US)

[ File : C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\2soechxk.default\prefs.js ]

Line Deleted : user_pref("CT3282698.FF19Solved", "true");
Line Deleted : user_pref("CT3282698.UserID", "UN12656938551577158");
Line Deleted : user_pref("CT3282698.browser.search.defaultthis.engineName", "true");
Line Deleted : user_pref("CT3282698.fullUserID", "UN12656938551577158.IN.20131114131514");
Line Deleted : user_pref("CT3282698.installDate", "14/11/2013 13:15:15");
Line Deleted : user_pref("CT3282698.installSessionId", "{B03E2E07-482B-4376-B1DD-64EC6527A2AB}");
Line Deleted : user_pref("CT3282698.installSp", "TRUE");
Line Deleted : user_pref("CT3282698.installerVersion", "1.7.1.7");
Line Deleted : user_pref("CT3282698.keyword", "true");
Line Deleted : user_pref("CT3282698.originalHomepage", "hxxp://duckduckgo.com");
Line Deleted : user_pref("CT3282698.originalSearchAddressUrl", "hxxp://duckduckgo.com");
Line Deleted : user_pref("CT3282698.originalSearchEngine", "Yahoo");
Line Deleted : user_pref("CT3282698.originalSearchEngineName", "Yahoo");
Line Deleted : user_pref("CT3282698.searchRevert", "false");
Line Deleted : user_pref("CT3282698.searchUserMode", "2");
Line Deleted : user_pref("CT3282698.smartbar.homepage", "true");
Line Deleted : user_pref("CT3282698.versionFromInstaller", "10.22.3.18");
Line Deleted : user_pref("CT3282698.xpeMode", "0");
Line Deleted : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3315039&octid=CT3315039&SearchSource=55&CUI=SB_CUI&UM=2&UP=SP4B3461BD-2D6E-4A8B-9A7B-DB216A193E0E");
Line Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://duckduckgo.com");
Line Deleted : user_pref("avg.install.installDirPath", "C:\\ProgramData\\AVG Secure Search\\FireFoxExt\\17.1.2.1");
Line Deleted : user_pref("avg.userPreferences.URLBarFocus.whiteList", "bing\\.com|google\\.\\w+|yahoo\\.\\w+|gmail\\.\\w+|hotmail\\.\\w+|live\\.\\w+|isearch\\.avg\\.com|mysearch\\.avg\\.com");
Line Deleted : user_pref("browser.newtab.url", "hxxp://search.conduit.com/Results.aspx?ctid=CT3315039&searchsource=69&UM=2&");
Line Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Line Deleted : user_pref("browser.search.defaultthis.engineName", "SweetTunes1 Customized Web Search");
Line Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3282698&CUI=UN12656938551577158&UM=2&SearchSource=3&q={searchTerms}");
Line Deleted : user_pref("browser.search.selectedEngine", "AVG Secure Search");
Line Deleted : user_pref("extensions.helperbar.DockingPositionDown", false);
Line Deleted : user_pref("extensions.helperbar.SmartbarDisabled", false);
Line Deleted : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
Line Deleted : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3282698&SearchSource=2&CUI=UN12656938551577158&UM=2&q=");
Line Deleted : user_pref("smartbar.addressBarOwnerCTID", "CT3282698");
Line Deleted : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3282698&CUI=UN12656938551577158&UM=2&SearchSource=13,hxxp://search.conduit.com/Results.aspx?ctid=CT3315039&searchsource=55&[...]
Line Deleted : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3282698&SearchSource=2&CUI=UN12656938551577158&UM=2&q=");
Line Deleted : user_pref("smartbar.defaultSearchOwnerCTID", "CT3282698");
Line Deleted : user_pref("smartbar.homePageOwnerCTID", "CT3282698");
Line Deleted : user_pref("smartbar.machineId", "+PRGZEK2SYJ9KTLRWXM+V927ZSV8WCGLC9OUA46Y5QLLC3D7MD4PWZ9YKZCMTK8KHE3L6VD9KOILMPUQ4NVMEW");
Line Deleted : user_pref("smartbar.originalHomepage", "hxxp://search.conduit.com/Results.aspx?ctid=CT3315039&searchsource=55&UM=2&&UP=SP4B3461BD-2D6E-4A8B-9A7B-DB216A193E0E");

-\\ Google Chrome v31.0.1650.57

[ File : C:\Users\Grant\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [10841 octets] - [22/11/2013 16:45:57]
AdwCleaner[S0].txt - [10832 octets] - [22/11/2013 16:52:33]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [10893 octets] ##########

 

 

 

 

#########################################################################

[4]  AdwCleaner log [AdwCleaner[S0].txt]

#########################################################################

 

I need to disconnect from the net and shut down protection so will post this now and resume

after I've completed the last two tasks.   BTW I see I missed a ton of BHO's and other nasties

in my manual efforts.

 

 

Many thanks and talk to you soon.

Wannabe PolyHistor

 

 

 

 



#4 WannabePolyHistor

WannabePolyHistor
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:05:49 PM

Posted 22 November 2013 - 05:14 AM

Update from different computer:  

 

I've got 1 TB of OpSys disk, 5 TB of data and another 2 TB of archives.   ESET online has been running for 2.5 hours and is 25% of the way through.   It's going to be another 7.5 to 10 hous before this finishes as I want to weed out any nasties that might be hiding elsewhere on the system.  System restore is off.

 

I'll provide an update at 12 noon tomorrow NZ time when I should be able to post the remaining log files.  Many thanks TIAB for your efforts on my behalf.

 

Kind regards,

Wannabe PolyHistor



#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,565 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:49 PM

Posted 22 November 2013 - 10:53 AM

OK, that's fine ,let it complete. Looks good so far..
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 WannabePolyHistor

WannabePolyHistor
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:05:49 PM

Posted 22 November 2013 - 07:29 PM

Hi,

 

Thanks for your patience - JRT and ESET scans follow.   ESET took longer to run than anticipated.    In the incredibly stupid category, I note that I didn't find the "enable anti-stealth" tick box so that part of the scan wasn't done.  Duh <slaps forehead>.  Logs follow:

 

 

#########################################################################

[4]  JRT Log

#########################################################################

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Ultimate x64
Ran by Grant on Fri 22/11/2013 at 17:45:48.60
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\dt soft\daemon tools toolbar



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Grant\appdata\local\cre"



~~~ FireFox

Emptied folder: C:\Users\Grant\AppData\Roaming\mozilla\firefox\profiles\2soechxk.default\minidumps [169 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 22/11/2013 at 17:50:24.91
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 

 

 

#########################################################################

[5]  ESET Log

#########################################################################

 

F:\Kollate\0000\Holding\Tools\spectorsoft_com60setup.exe    probably a variant of Win32/Urlbot.NAM trojan    cleaned by deleting - quarantined
F:\Kollate\0Archive\_OS_WXPp_\DATA\0Archive\WXPp32 - ICHY01\spectorsoft_com60setup.exe    probably a variant of Win32/Urlbot.NAM trojan    cleaned by deleting - quarantined
F:\Kollate\0Archive\_OS_WXPp_\DATA\0Archive\WXPp32 - ICHY01\Security\Specialist Stuff\spectorsoft_com60setup.exe    probably a variant of Win32/Urlbot.NAM trojan    cleaned by deleting - quarantined
F:\Kollate\0Archive\_OS_WXPp_\DATA\0Archive\WXPp32 - ICHY01\WXPpro\spectorsoft_com60setup.exe    probably a variant of Win32/Urlbot.NAM trojan    cleaned by deleting - quarantined
F:\Kollate\0Archive\_OS_WXPp_\DATA\0Archive\WXPp32 - ICHY01\WXPpro\Security\Specialist Stuff\spectorsoft_com60setup.exe    probably a variant of Win32/Urlbot.NAM trojan    cleaned by deleting - quarantined
F:\Kollate\0Archive\_OS_WXPp_\DATA\0Archive\WXPpro\spectorsoft_com60setup.exe    probably a variant of Win32/Urlbot.NAM trojan    cleaned by deleting - quarantined
F:\Kollate\0Archive\_OS_WXPp_\DATA\0Archive\WXPpro\Security\Specialist Stuff\spectorsoft_com60setup.exe    probably a variant of Win32/Urlbot.NAM trojan    cleaned by deleting - quarantined
F:\Kollate\0Archive\_OS_WXPp_\Users\Grant_adm\Desktop\20120517-impendingsysdskfailure\_FILE_THIS\TrackingUsers\32bit\TechnicalStuff\spectorsoft_com60setup.exe    probably a variant of Win32/Urlbot.NAM trojan    cleaned by deleting - quarantined
F:\Kollate\Resources\Holding\Tools\spectorsoft_com60setup.exe    probably a variant of Win32/Urlbot.NAM trojan    cleaned by deleting - quarantined
F:\Kollate\Resources\tidy\t\Unknown.html    HTML/ScrInject.B.Gen virus    deleted - quarantined
F:\Kollate\tidy\t\Unknown.html    HTML/ScrInject.B.Gen virus    deleted - quarantined
F:\Kollate\WIN311\SYSTEM\TRUMPING.EX_    Win16/Flooder.ICMP.ICMPBomb.A trojan    deleted - quarantined
F:\Kollate\_ms32GB_TempDump\DVD_MSDOS622\WIN311\SYSTEM\TRUMPING.EX_    Win16/Flooder.ICMP.ICMPBomb.A trojan    deleted - quarantined
 

 

######

NOTES

######

 

The SpectorSoft60 files above are some security software installers for software loaded to locate and stop a 33 year old guy grooming

my then 14 year old daughter - no longer required so it can go as it was purchased in about 2005.

 

Should I try to locate the correct anti-Stealth technology settings and re-run ESET with the proper settings ?

 

 

 

 

Thanks again

Wannabe PolyHistor



#7 WannabePolyHistor

WannabePolyHistor
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:05:49 PM

Posted 22 November 2013 - 07:34 PM

Hi TIAB,

 

I rechecked the ESET settings and found that "Enable Anti-Stealth-Technology" is teicked by default.

I believe therefore that the scan was run with this enabled.   Old eyes, I'm afraid <sigh> ....

 

Kind regards,

Wannabe PolyHistor



#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,565 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:49 PM

Posted 22 November 2013 - 09:14 PM

Ok yes this is a good scan.. OK I am glad you know about those Urbot as they were coming up as key loggers in some places.

Looks clean to me. Your Nvidia  auto updater is not updating. It may have been damaged by malware.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 WannabePolyHistor

WannabePolyHistor
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:05:49 PM

Posted 22 November 2013 - 11:03 PM

Many Thanks TIAB.   I'll reboot to check (paranoia cutting in again) and send a final Ok once that's fine.

 

Kind regards,

Wannabe OolyHistor

PS I tried to send you a chocolate fish by email as a thanksgiving token but got the error

message "Packet too small" ..... darn !!!



#10 WannabePolyHistor

WannabePolyHistor
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:05:49 PM

Posted 23 November 2013 - 03:09 AM

Gidday TIAB (love the moniker) .... multiple shutdowns and restarts indicate no problems found.    There is one minor problem though in that when I explicitly press "Shutdown" my computer shuts down nd then restarts as if I'd told it to "Restart" ..... puzzling.   I multiboot so I'll have a look at the MBR containing the boot record and partition table.   I'll need to check I have NTDETECT.COM, ntldr and boot.ini and then view boot.ini.

 

Does BlleepingComputer advise on this sort of stuff ?   ...... (just when you thought you were safe <grin>)

Otherwise I think we're sorted here - many thanks to all the volunteers and staff at Bleeping Computer for your kindness and help.

 

Many thanks,

Wanabe PolyHistor



#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,565 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:49 PM

Posted 25 November 2013 - 01:38 PM

Great and Happy Thanksgiving.. Yes, but better that in the Operating System forums up top as they know that better than I.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users