Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Having a problem with eset not able to delete a trojan


  • This topic is locked This topic is locked
9 replies to this topic

#1 alanstrange5

alanstrange5

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:21 PM

Posted 12 December 2013 - 10:05 AM

ESET keeps coming up and telling me it has found a trojan when trying to run:

 

C:\User\AppData\Roaming\version.dll

 

aparently a variant of Generik.FOUEWZZ trojan

 

there seems to be an error when trying to delete

 

Event occured during an attempt to run file by the application:

C:\Windows\twunk_32.exe.

 

I am honestly stuck on what to do and would appreciate some help with it.

Attached Files



BC AdBot (Login to Remove)

 


#2 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:21 PM

Posted 12 December 2013 - 11:41 AM

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

 

 

 

Scan with DDS

Download DDS and save it to your desktop from here or here or
here.

Disable any script blocker, and then double click dds.scr to run the tool.

When done, DDS will open two (2) logs

DDS.txt: save to your desktop then post its contents in your topic
Attach.txt: save to your desktop then attach it to your next reply

 

 

 

Scan with TDSS-Killer

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.zip and extract to your desktop

  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • If Malicious objects are found, do NOT select Copy to quarantine. Change the action to Skip, and save the log.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt


Please post the contents of that log in your next reply.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#3 alanstrange5

alanstrange5
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:21 PM

Posted 13 December 2013 - 01:12 AM

JUst to let you know I have no longer recieveed any messages from ESET about the trojan/malware since my Laptop has been off and turned back on. I do know that it doesn't mean that the trojan is not still there. I just thought I should let you know
TDSS-Killer didn't find anything when it scanned my computer.
These are the resultsof my scans with DDS:
 
 
 
DDS (Ver_2012-11-20.01) - NTFS_x86 
Internet Explorer: 11.0.9600.16428  BrowserJavaVersion: 10.21.2
Run by User at 12:27:50 on 2013-12-13
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.1.1033.18.3060.1574 [GMT 7:00]
.
AV: ESET Smart Security 4.0 *Enabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}
SP: ESET Smart Security 4.0 *Enabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personal firewall *Enabled* {F3340042-195E-BB41-42D1-CDB495BB46DE}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files\Smartfren Modem\C+WEject.exe
C:\Program Files\Launch Manager\dsiwmis.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Launch Manager\LMutilps32.exe
C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe
C:\Windows\system32\PnkBstrA.exe
C:\Windows\system32\PnkBstrB.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files\Launch Manager\LMworker.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\USB Disk Security\USBGuard.exe
C:\Program Files\USB Disk Security\USBGuard.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\System32\StikyNot.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k secsvcs
.
============== Pseudo HJT Report ===============
.
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office14\GROOVEEX.DLL
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - c:\program files\windows live\companion\companioncore.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
uRun: [WebcamMaxAutoRun] "c:\program files\webcammax\WebcamMax.exe" -a
uRun: [Google Update] "c:\users\user\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [RESTART_STICKY_NOTES] c:\windows\system32\StikyNot.exe
uRun: [Facebook Update] "c:\users\user\appdata\local\facebook\update\FacebookUpdate.exe" /c /nocrashserver
mRun: [GfxServiceInstall] c:\windows\system32\GfxCUIServiceInstall.vbs
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [LManager] c:\program files\launch manager\LManager.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [egui] "c:\program files\eset\eset smart security\egui.exe" /hide /waitservice
mRun: [BCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [USB Security] c:\program files\usb disk security\USBGuard.exe
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\mif5ba~1\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\mif5ba~1\office14\ONBttnIE.dll/105
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{831DFA2E-D63F-46FC-8E78-9EDD552C3B78} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{831DFA2E-D63F-46FC-8E78-9EDD552C3B78}\75142574F444 : DHCPNameServer = 8.8.8.8 8.8.4.4
TCP: Interfaces\{831DFA2E-D63F-46FC-8E78-9EDD552C3B78}\771627F656E6760276F65626F656B6 : DHCPNameServer = 202.134.0.155
TCP: Interfaces\{831DFA2E-D63F-46FC-8E78-9EDD552C3B78}\84F64756C602058657F6E67602E416D60213 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{831DFA2E-D63F-46FC-8E78-9EDD552C3B78}\94E444F4D4142554450205F494E445 : DHCPNameServer = 192.168.2.254
TCP: Interfaces\{831DFA2E-D63F-46FC-8E78-9EDD552C3B78}\94E444F4D4142554450205F494E4450234F4C4F4D424F4 : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: igfxcui - igfxdev.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office14\GROOVEEX.DLL
LSA: Notification Packages =  scecli c:\program files\widcomm\bluetooth software\BtwProximityCP.dll
.
============= SERVICES / DRIVERS ===============
.
R2 epfwwfp;epfwwfp;c:\windows\system32\drivers\epfwwfp.sys [2009-2-6 38240]
R3 igddim32;igddim32;c:\windows\system32\drivers\igddim32.sys [2012-2-12 1336320]
R3 igdkmd32;igdkmd32;c:\windows\system32\drivers\igdkmd32.sys [2012-2-12 417280]
R3 IntcDAud;Intel® Display Audio;c:\windows\system32\drivers\IntcDAud.sys [2012-2-12 278528]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\drivers\RtsPStor.sys [2012-2-12 254056]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2012-2-12 490088]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys [2012-2-12 525352]
S3 BTWDPAN;Bluetooth Personal Area Network;c:\windows\system32\drivers\btwdpan.sys [2012-2-12 76328]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2012-2-12 33832]
S3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 62464]
S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2012-2-12 39272]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-21 15872]
.
=============== Created Last 30 ================
.
2013-12-12 18:22:51 4243968 ----a-w- c:\windows\system32\jscript9.dll
2013-12-12 10:51:32 355257 ----a-w- c:\programdata\microsoft\bingdesktop\bingcore\temp\tmp2B0.exe
2013-12-12 09:23:49 62576 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{ff820165-a7dd-4bb1-8177-08f76fec21a3}\offreg.dll
2013-12-11 20:02:10 12625408 ----a-w- c:\windows\system32\wmploc.DLL
2013-12-11 20:02:07 164864 ----a-w- c:\program files\windows media player\wmplayer.exe
2013-12-11 12:43:30 301568 ----a-w- c:\windows\system32\msieftp.dll
2013-12-11 12:38:23 159232 ----a-w- c:\windows\system32\imagehlp.dll
2013-12-11 12:38:21 141824 ----a-w- c:\windows\system32\wscript.exe
2013-12-11 12:38:21 121856 ----a-w- c:\windows\system32\wshom.ocx
2013-12-11 12:38:20 163840 ----a-w- c:\windows\system32\scrrun.dll
2013-12-11 12:38:20 126976 ----a-w- c:\windows\system32\cscript.exe
2013-12-11 12:38:17 417792 ----a-w- c:\windows\system32\WMPhoto.dll
2013-12-11 12:38:06 2048 ----a-w- c:\windows\system32\tzres.dll
2013-12-11 12:37:54 2349056 ----a-w- c:\windows\system32\win32k.sys
2013-12-11 12:37:52 177152 ----a-w- c:\windows\system32\drivers\portcls.sys
2013-12-11 12:37:51 81408 ----a-w- c:\windows\system32\drivers\drmk.sys
2013-12-11 12:20:49 7772552 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{ff820165-a7dd-4bb1-8177-08f76fec21a3}\mpengine.dll
2013-12-10 06:58:30 -------- d-----w- c:\program files\quarkcoin
2013-12-10 06:55:27 -------- d-----w- c:\users\user\appdata\roaming\Quarkcoin
2013-12-01 09:59:31 -------- d-----w- c:\users\user\appdata\roaming\EVDO_ZTE
2013-12-01 09:59:23 30080 ----a-w- c:\windows\system32\drivers\USB_WinMux_T.sys
2013-12-01 09:59:22 38400 ----a-w- c:\windows\system32\drivers\USB_BusEnum_T.sys
2013-12-01 09:59:22 21504 ----a-w- c:\windows\system32\drivers\USB_MODEM_T.sys
2013-12-01 09:59:22 16128 ----a-w- c:\windows\system32\drivers\USB_ETS_T.sys
2013-12-01 09:59:15 -------- d-----w- c:\program files\Smartfren Modem
2013-11-30 07:55:15 -------- d-----w- c:\users\user\appdata\roaming\MultiBit
2013-11-30 07:54:53 -------- d-----w- c:\program files\MultiBit-0.5.15
2013-11-29 06:59:25 280064 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\hpzppw71.dll
2013-11-26 12:13:49 -------- d-----w- c:\users\user\appdata\roaming\Litecoin
2013-11-26 11:26:12 -------- d-----w- c:\program files\Litecoin
2013-11-26 10:04:04 -------- d-----w- c:\users\user\appdata\roaming\TrueCrypt
2013-11-25 11:12:41 -------- d-----w- c:\users\user\appdata\roaming\PPCoin
2013-11-25 11:05:44 -------- d-----w- c:\program files\PPCoin
2013-11-25 10:28:43 231760 ----a-w- c:\windows\system32\drivers\truecrypt.sys
2013-11-25 10:27:52 -------- d-----w- c:\program files\TrueCrypt
2013-11-23 05:42:45 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-11-18 04:04:45 -------- d-----w- c:\program files\iPod
2013-11-18 04:04:43 -------- d-----w- c:\program files\iTunes
2013-11-15 13:06:04 247808 ----a-w- c:\windows\system32\schannel.dll
2013-11-15 13:06:03 67520 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2013-11-15 13:06:03 369848 ----a-w- c:\windows\system32\drivers\cng.sys
2013-11-15 13:06:03 136640 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2013-11-15 13:06:02 99840 ----a-w- c:\windows\system32\sspicli.dll
2013-11-15 13:06:02 220160 ----a-w- c:\windows\system32\ncrypt.dll
2013-11-15 13:06:02 1038848 ----a-w- c:\windows\system32\lsasrv.dll
2013-11-15 13:06:01 22016 ----a-w- c:\windows\system32\secur32.dll
2013-11-15 13:06:01 22016 ----a-w- c:\windows\system32\lsass.exe
2013-11-15 13:06:01 15872 ----a-w- c:\windows\system32\sspisrv.dll
2013-11-15 13:05:48 1796096 ----a-w- c:\windows\system32\authui.dll
2013-11-15 13:05:47 168960 ----a-w- c:\windows\system32\credui.dll
2013-11-15 13:05:47 152576 ----a-w- c:\windows\system32\SmartcardCredentialProvider.dll
2013-11-15 13:05:33 305152 ----a-w- c:\windows\system32\gdi32.dll
2013-11-15 13:04:55 679424 ----a-w- c:\windows\system32\IKEEXT.DLL
2013-11-15 13:04:54 656896 ----a-w- c:\windows\system32\nshwfp.dll
2013-11-15 13:04:54 216576 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2013-11-15 13:04:46 1168384 ----a-w- c:\windows\system32\crypt32.dll
2013-11-13 14:32:22 1498112 ----a-w- c:\programdata\microsoft\bingdesktop\bingcore\BingDesktopCore.dll
.
==================== Find3M  ====================
.
2013-11-26 09:23:02 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2013-11-26 09:22:11 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2013-11-26 08:53:56 61952 ----a-w- c:\windows\system32\iesetup.dll
2013-11-26 08:52:26 51200 ----a-w- c:\windows\system32\ieetwproxystub.dll
2013-11-26 08:29:55 112128 ----a-w- c:\windows\system32\ieUnatt.exe
2013-11-26 08:29:52 108032 ----a-w- c:\windows\system32\ieetwcollector.exe
2013-11-26 08:28:16 553472 ----a-w- c:\windows\system32\jscript9diag.dll
2013-11-26 07:32:06 1928192 ----a-w- c:\windows\system32\inetcpl.cpl
2013-11-26 06:33:33 1820160 ----a-w- c:\windows\system32\wininet.dll
2013-11-10 22:50:18 230048 ------w- c:\windows\system32\MpSigStub.exe
2013-09-25 04:02:15 74074 ----a-w- c:\program files\Uninstall.exe
.
============= FINISH: 12:29:47.72 ===============
 
 
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Ultimate 
Boot Device: \Device\HarddiskVolume1
Install Date: 12/2/2012 2:44:44 PM
System Uptime: 13/12/2013 10:55:34 AM (2 hours ago)
.
Motherboard: Acer |  | JE01_CT 
Processor: Intel® Atom™ CPU N2800   @ 1.86GHz | CPU | 1862/533mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 99 GiB total, 44.628 GiB free.
D: is FIXED (NTFS) - 199 GiB total, 29.224 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP150: 4/12/2013 1:52:32 PM - Windows Update
RP151: 6/12/2013 6:24:16 PM - Windows Update
RP152: 11/12/2013 7:19:44 PM - Windows Update
RP153: 12/12/2013 3:00:18 AM - Windows Update
RP154: 13/12/2013 1:22:21 AM - Windows Update
.
==== Installed Programs ======================
.
ACDSee Pro 3
Acrobat.com
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Reader 9
AIMP2
Apple Application Support
Apple Mobile Device Support
Apple Software Update
AviSynth 2.5
Bonjour
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
ESET Smart Security
Facebook Video Calling 1.2.0.287
GOM Player
Google Chrome
Google Talk Plugin
Grand Theft Auto III 1.1
Intel® Graphics Media Accelerator Driver
iTunes
Java 7 Update 21
Java Auto Updater
Junk Mail filter update
Launch Manager
Litecoin
Mesh Runtime
Messenger Companion
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Mp3/Tag Studio 3.5 (beta 22)
MSVCRT
MultiBit 0.5.15
MusicBrainz Picard
NEF to JPG
NVIDIA PhysX
PDF-Viewer
PokerStars
PPCoin
PunkBuster Services
Realtek PCIE Card Reader
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Skype™ 6.11
Smartfren Connex AC782 UI
Synaptics Pointing Device Driver
The KMPlayer (remove only)
TrueCrypt
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition
USB Disk Security
VLC media player 2.0.4
VobSub v2.23 (Remove Only)
Vuze
WebcamMax
WIDCOMM Bluetooth Software
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinRAR archiver
XviD MPEG4 Video Codec (remove only)
.
==== Event Viewer Messages From Past Week ========
.
13/12/2013 12:05:39 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
13/12/2013 10:19:37 AM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  cdrom
12/12/2013 9:17:17 PM, Error: Microsoft-Windows-DistributedCOM [10016]  - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID  {9BA05972-F6A8-11CF-A442-00A0C90A8F39}  and APPID  {9BA05972-F6A8-11CF-A442-00A0C90A8F39}  to the user User-PC\User SID (S-1-5-21-2538144182-971022265-1314190516-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
12/12/2013 12:30:56 AM, Error: Service Control Manager [7001]  - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:  The dependency service or group failed to start.
12/12/2013 12:30:48 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
12/12/2013 12:30:48 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
12/12/2013 12:30:47 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
12/12/2013 12:30:47 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
12/12/2013 12:30:44 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
12/12/2013 12:30:38 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
12/12/2013 12:30:26 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001]  - The computer has rebooted from a bugcheck.  The bugcheck was: 0x00000050 (0xbad0b114, 0x00000000, 0x820627b4, 0x00000002). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 121213-21512-01.
12/12/2013 12:30:20 AM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  AFD cdrom CSC DfsC discache ehdrv NetBIOS NetBT nsiproxy Psched rdbss spldr tdx truecrypt vwififlt Wanarpv6 WfpLwf
12/12/2013 12:30:19 AM, Error: Service Control Manager [7001]  - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.
12/12/2013 12:30:19 AM, Error: Service Control Manager [7001]  - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error:  A device attached to the system is not functioning.
12/12/2013 12:30:19 AM, Error: Service Control Manager [7001]  - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error:  A device attached to the system is not functioning.
12/12/2013 12:30:19 AM, Error: Service Control Manager [7001]  - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error:  The dependency service or group failed to start.
12/12/2013 12:30:19 AM, Error: Service Control Manager [7001]  - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error:  The dependency service or group failed to start.
12/12/2013 12:30:19 AM, Error: Service Control Manager [7001]  - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error:  A device attached to the system is not functioning.
12/12/2013 12:30:19 AM, Error: Service Control Manager [7001]  - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.
12/12/2013 12:30:19 AM, Error: Service Control Manager [7001]  - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.
12/12/2013 12:30:19 AM, Error: Service Control Manager [7001]  - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error:  A device attached to the system is not functioning.
12/12/2013 12:30:19 AM, Error: Service Control Manager [7001]  - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error:  A device attached to the system is not functioning.
11/12/2013 12:25:57 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the btwdins service.
10/12/2013 6:15:26 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
.
==== End Of File ===========================
 

 

Thanks



#4 alanstrange5

alanstrange5
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:21 PM

Posted 13 December 2013 - 01:25 AM

This the results of the TDSS-Killer scan:

 

 

13:05:25.0190 0x17fc  TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
13:05:31.0753 0x17fc  ============================================================
13:05:31.0754 0x17fc  Current date / time: 2013/12/13 13:05:31.0753
13:05:31.0754 0x17fc  SystemInfo:
13:05:31.0755 0x17fc  
13:05:31.0755 0x17fc  OS Version: 6.1.7601 ServicePack: 1.0
13:05:31.0755 0x17fc  Product type: Workstation
13:05:31.0755 0x17fc  ComputerName: USER-PC
13:05:31.0756 0x17fc  UserName: User
13:05:31.0756 0x17fc  Windows directory: C:\Windows
13:05:31.0756 0x17fc  System windows directory: C:\Windows
13:05:31.0757 0x17fc  Processor architecture: Intel x86
13:05:31.0757 0x17fc  Number of processors: 4
13:05:31.0757 0x17fc  Page size: 0x1000
13:05:31.0757 0x17fc  Boot type: Normal boot
13:05:31.0757 0x17fc  ============================================================
13:05:35.0062 0x17fc  KLMD registered as C:\Windows\system32\drivers\09482567.sys
13:05:36.0123 0x17fc  System UUID: {0DF07E37-B0AA-345F-548C-13E5CDB96336}
13:05:38.0322 0x17fc  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
13:05:38.0326 0x17fc  ============================================================
13:05:38.0326 0x17fc  \Device\Harddisk0\DR0:
13:05:38.0327 0x17fc  MBR partitions:
13:05:38.0327 0x17fc  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x8E000
13:05:38.0327 0x17fc  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x8E800, BlocksNum 0xC586800
13:05:38.0327 0x17fc  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xC615000, BlocksNum 0x18E19000
13:05:38.0327 0x17fc  ============================================================
13:05:38.0362 0x17fc  C: <-> \Device\Harddisk0\DR0\Partition2
13:05:38.0403 0x17fc  D: <-> \Device\Harddisk0\DR0\Partition3
13:05:38.0404 0x17fc  ============================================================
13:05:38.0404 0x17fc  Initialize success
13:05:38.0405 0x17fc  ============================================================
13:06:47.0738 0x0e50  ============================================================
13:06:47.0739 0x0e50  Scan started
13:06:47.0739 0x0e50  Mode: Manual; 
13:06:47.0739 0x0e50  ============================================================
13:06:47.0739 0x0e50  KSN ping started
13:06:53.0354 0x0e50  KSN ping finished: true
13:06:54.0378 0x0e50  ================ Scan system memory ========================
13:06:54.0379 0x0e50  System memory - ok
13:06:54.0390 0x0e50  ================ Scan services =============================
13:06:54.0721 0x0e50  [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
13:06:54.0838 0x0e50  1394ohci - ok
13:06:54.0973 0x0e50  [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI            C:\Windows\system32\drivers\ACPI.sys
13:06:55.0027 0x0e50  ACPI - ok
13:06:55.0073 0x0e50  [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
13:06:55.0160 0x0e50  AcpiPmi - ok
13:06:55.0251 0x0e50  [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
13:06:55.0471 0x0e50  adp94xx - ok
13:06:55.0552 0x0e50  [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci         C:\Windows\system32\drivers\adpahci.sys
13:06:55.0697 0x0e50  adpahci - ok
13:06:55.0744 0x0e50  [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320         C:\Windows\system32\drivers\adpu320.sys
13:06:55.0851 0x0e50  adpu320 - ok
13:06:55.0924 0x0e50  [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
13:06:55.0933 0x0e50  AeLookupSvc - ok
13:06:56.0031 0x0e50  [ F81BB7E487EDCEAB630A7EE66CF23913, 7D1638FD7E388EF670FA0A421762E0413351058A20DDF0F9988A383F05395A68 ] AFD             C:\Windows\system32\drivers\afd.sys
13:06:56.0084 0x0e50  AFD - ok
13:06:56.0119 0x0e50  [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\Windows\system32\drivers\agp440.sys
13:06:56.0211 0x0e50  agp440 - ok
13:06:56.0260 0x0e50  [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
13:06:56.0355 0x0e50  aic78xx - ok
13:06:56.0422 0x0e50  [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG             C:\Windows\System32\alg.exe
13:06:56.0470 0x0e50  ALG - ok
13:06:56.0643 0x0e50  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide          C:\Windows\system32\drivers\aliide.sys
13:06:56.0728 0x0e50  aliide - ok
13:06:56.0766 0x0e50  [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
13:06:56.0872 0x0e50  amdagp - ok
13:06:56.0894 0x0e50  [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide          C:\Windows\system32\drivers\amdide.sys
13:06:56.0985 0x0e50  amdide - ok
13:06:57.0063 0x0e50  [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
13:06:57.0166 0x0e50  AmdK8 - ok
13:06:57.0194 0x0e50  [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
13:06:57.0328 0x0e50  AmdPPM - ok
13:06:57.0393 0x0e50  [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
13:06:57.0463 0x0e50  amdsata - ok
13:06:57.0518 0x0e50  [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
13:06:57.0606 0x0e50  amdsbs - ok
13:06:57.0632 0x0e50  [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
13:06:57.0698 0x0e50  amdxata - ok
13:06:57.0746 0x0e50  [ AEA177F783E20150ACE5383EE368DA19, 8FA9EE27AA1F22E8B8FE33A21028CA1E0062BAA95CB132C20D55B98C03B4254F ] AppID           C:\Windows\system32\drivers\appid.sys
13:06:57.0882 0x0e50  AppID - ok
13:06:57.0939 0x0e50  [ 62A9C86CB6085E20DB4823E4E97826F5, E0F840B49710022C4FB437002AD06F64B0F6B5D628B32D00F2B66765E6B97E4B ] AppIDSvc        C:\Windows\System32\appidsvc.dll
13:06:57.0952 0x0e50  AppIDSvc - ok
13:06:57.0997 0x0e50  [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo         C:\Windows\System32\appinfo.dll
13:06:58.0009 0x0e50  Appinfo - ok
13:06:58.0145 0x0e50  [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:06:58.0159 0x0e50  Apple Mobile Device - ok
13:06:58.0220 0x0e50  [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt         C:\Windows\System32\appmgmts.dll
13:06:58.0244 0x0e50  AppMgmt - ok
13:06:58.0294 0x0e50  [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc             C:\Windows\system32\drivers\arc.sys
13:06:58.0396 0x0e50  arc - ok
13:06:58.0431 0x0e50  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas          C:\Windows\system32\drivers\arcsas.sys
13:06:58.0511 0x0e50  arcsas - ok
13:06:58.0555 0x0e50  [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
13:06:58.0628 0x0e50  AsyncMac - ok
13:06:58.0664 0x0e50  [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi           C:\Windows\system32\drivers\atapi.sys
13:06:58.0667 0x0e50  atapi - ok
13:06:58.0764 0x0e50  [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:06:58.0824 0x0e50  AudioEndpointBuilder - ok
13:06:58.0888 0x0e50  [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] Audiosrv        C:\Windows\System32\Audiosrv.dll
13:06:58.0926 0x0e50  Audiosrv - ok
13:06:58.0967 0x0e50  [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV        C:\Windows\System32\AxInstSV.dll
13:06:58.0983 0x0e50  AxInstSV - ok
13:06:59.0070 0x0e50  [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv         C:\Windows\system32\drivers\bxvbdx.sys
13:06:59.0123 0x0e50  b06bdrv - ok
13:06:59.0173 0x0e50  [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
13:06:59.0382 0x0e50  b57nd60x - ok
13:06:59.0916 0x0e50  [ FC2698F7F72D72B98F0A029E1526AD20, 6E1924A4F1BA7E904EA17DD0A3660364129AE639FD42B7C3BA1CE5CD38CB9D8E ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl6.sys
13:07:00.0413 0x0e50  BCM43XX - ok
13:07:00.0505 0x0e50  [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC          C:\Windows\System32\bdesvc.dll
13:07:00.0515 0x0e50  BDESVC - ok
13:07:00.0540 0x0e50  [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep            C:\Windows\system32\drivers\Beep.sys
13:07:00.0595 0x0e50  Beep - ok
13:07:00.0665 0x0e50  [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE             C:\Windows\System32\bfe.dll
13:07:00.0732 0x0e50  BFE - ok
13:07:00.0806 0x0e50  [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS            C:\Windows\System32\qmgr.dll
13:07:00.0864 0x0e50  BITS - ok
13:07:00.0893 0x0e50  [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
13:07:00.0948 0x0e50  blbdrive - ok
13:07:01.0036 0x0e50  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:07:01.0087 0x0e50  Bonjour Service - ok
13:07:01.0149 0x0e50  [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
13:07:01.0206 0x0e50  bowser - ok
13:07:01.0230 0x0e50  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
13:07:01.0238 0x0e50  BrFiltLo - ok
13:07:01.0267 0x0e50  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
13:07:01.0273 0x0e50  BrFiltUp - ok
13:07:01.0313 0x0e50  [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser         C:\Windows\System32\browser.dll
13:07:01.0330 0x0e50  Browser - ok
13:07:01.0391 0x0e50  [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
13:07:01.0430 0x0e50  Brserid - ok
13:07:01.0458 0x0e50  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
13:07:01.0471 0x0e50  BrSerWdm - ok
13:07:01.0503 0x0e50  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
13:07:01.0511 0x0e50  BrUsbMdm - ok
13:07:01.0542 0x0e50  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
13:07:01.0549 0x0e50  BrUsbSer - ok
13:07:01.0605 0x0e50  [ 2865A5C8E98C70C605F417908CEBB3A4, B1C5AC228BD7072AF8668C009C6CDC13EE9FCB9481F57524300F37C40BF1E935 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
13:07:01.0662 0x0e50  BthEnum - ok
13:07:01.0695 0x0e50  [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
13:07:01.0753 0x0e50  BTHMODEM - ok
13:07:01.0799 0x0e50  [ AD1872E5829E8A2C3B5B4B641C3EAB0E, 8C2DBCAC08DDB41E2B44E257C55FA2D0272959B308EFF9EAF5FF9AE1E4A0AA39 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
13:07:01.0862 0x0e50  BthPan - ok
13:07:01.0944 0x0e50  [ 195C41CC67E9E1CEDD960CCB74925920, 28F6032E75D24A01A0E9932618CC50D14716DDF2954EB1112F10AEC904FB4E39 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
13:07:01.0990 0x0e50  BTHPORT - ok
13:07:02.0041 0x0e50  [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv         C:\Windows\system32\bthserv.dll
13:07:02.0053 0x0e50  bthserv - ok
13:07:02.0079 0x0e50  [ 43B3206DD654E783AA7E4EAD340A43B8, 34D3B4F7FA872F1071F0CB8B4DCC00F1779AEBA74583D21FA7502A165D9209F5 ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
13:07:02.0138 0x0e50  BTHUSB - ok
13:07:02.0219 0x0e50  [ 3B782CB1E97E5735DE008A5B4DB3D541, EE68856C086D5E5CF85258F3C792058FF19E7590BD905ED8C9F46FE4CF448DC3 ] btwampfl        C:\Windows\system32\drivers\btwampfl.sys
13:07:02.0319 0x0e50  btwampfl - ok
13:07:02.0364 0x0e50  [ 3061375777DDEEA15F971FF2AD76616C, 49D0EA46641D0E6EFF5AE810553BF38BD9AD37B54495DC21C497793E9744795D ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
13:07:02.0461 0x0e50  btwaudio - ok
13:07:02.0512 0x0e50  [ 9A56B7B15ACE85B6E711445D19773A20, DE996792B5D0A37B6F7BD293F6A5D95064C9720C8CA7367E0DF6E35E73AE016C ] btwavdt         C:\Windows\system32\drivers\btwavdt.sys
13:07:02.0573 0x0e50  btwavdt - ok
13:07:02.0687 0x0e50  [ 48F40BA8A81B557A13983DFBC2E4B86C, 19F97DF2CE048D5FBA58EC184A7853A4A1A0382CCF55EADC7C9FE0C741773BAE ] btwdins         C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
13:07:02.0744 0x0e50  btwdins - ok
13:07:02.0790 0x0e50  [ 4C0B3D7ED5B6057FD14895355E6F3F26, A2F9A66FE27EECDE483EAFA4870285694422EBB2E6902DC4B8D4E9C9F10DED58 ] BTWDPAN         C:\Windows\system32\DRIVERS\btwdpan.sys
13:07:02.0888 0x0e50  BTWDPAN - ok
13:07:02.0924 0x0e50  [ 53F0EDC6FAF9CE6C5E53EE7EF8D411C0, D78EE860E3BD20C60448C6231CD723BB450DD7493AD9C188D49D7EF574504DCA ] btwl2cap        C:\Windows\system32\DRIVERS\btwl2cap.sys
13:07:03.0017 0x0e50  btwl2cap - ok
13:07:03.0040 0x0e50  [ 56E6441AD2BE1BA9EF6E3757A4A71C82, 9DD37CB34D2027CCDE18F859063C8E1F8128A64328E2A484D5123C99342ED9CD ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys
13:07:03.0052 0x0e50  btwrchid - ok
13:07:03.0112 0x0e50  [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
13:07:03.0204 0x0e50  cdfs - ok
13:07:03.0263 0x0e50  [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
13:07:03.0440 0x0e50  cdrom - ok
13:07:03.0519 0x0e50  [ DD9D8A273D7ED18E249F9903641FFCAA, CBF476030B6EFDFA3DB4984A7F51400A36E09189FDDB7E41E09B22DEF38F1534 ] CDROM_Eject_Z   C:\Program Files\Smartfren Modem\C+WEject.exe
13:07:03.0586 0x0e50  CDROM_Eject_Z - ok
13:07:03.0666 0x0e50  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc     C:\Windows\System32\certprop.dll
13:07:03.0684 0x0e50  CertPropSvc - ok
13:07:03.0725 0x0e50  [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass        C:\Windows\system32\drivers\circlass.sys
13:07:03.0740 0x0e50  circlass - ok
13:07:03.0802 0x0e50  [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS            C:\Windows\system32\CLFS.sys
13:07:03.0848 0x0e50  CLFS - ok
13:07:03.0955 0x0e50  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:07:03.0976 0x0e50  clr_optimization_v2.0.50727_32 - ok
13:07:04.0072 0x0e50  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:07:04.0091 0x0e50  clr_optimization_v4.0.30319_32 - ok
13:07:04.0134 0x0e50  [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
13:07:04.0200 0x0e50  CmBatt - ok
13:07:04.0244 0x0e50  [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
13:07:04.0309 0x0e50  cmdide - ok
13:07:04.0382 0x0e50  [ 85449EEBE8F8EBD6481EFBF0F352B4EB, E6FF04970C5A5BFDE7297A86C1C7B9BFE2E0F976A1A1AFB874CEB488DC6151CC ] CNG             C:\Windows\system32\Drivers\cng.sys
13:07:04.0462 0x0e50  CNG - ok
13:07:04.0500 0x0e50  [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
13:07:04.0568 0x0e50  Compbatt - ok
13:07:04.0612 0x0e50  [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
13:07:04.0623 0x0e50  CompositeBus - ok
13:07:04.0650 0x0e50  COMSysApp - ok
13:07:04.0669 0x0e50  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
13:07:04.0743 0x0e50  crcdisk - ok
13:07:04.0816 0x0e50  [ 7CA1BECEA5DE2643ADDAD32670E7A4C9, E3AB4CC52A97E3855D7EAB87363F807FDD2162ED8C76A036CD71549ED64E7797 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
13:07:04.0861 0x0e50  CryptSvc - ok
13:07:04.0943 0x0e50  [ 3C2177A897B4CA2788C6FB0C3FD81D4B, 98575CBD0664586E6211D02E71BDD52CBAA149A1658573550E29E74E5F7B1553 ] CSC             C:\Windows\system32\drivers\csc.sys
13:07:05.0052 0x0e50  CSC - ok
13:07:05.0127 0x0e50  [ 15F93B37F6801943360D9EB42485D5D3, DD6838C6496CB15F8BB57A6596F6A64ADD9C36B09F062295699131232712B558 ] CscService      C:\Windows\System32\cscsvc.dll
13:07:05.0198 0x0e50  CscService - ok
13:07:05.0293 0x0e50  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch      C:\Windows\system32\rpcss.dll
13:07:05.0351 0x0e50  DcomLaunch - ok
13:07:05.0428 0x0e50  [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc       C:\Windows\System32\defragsvc.dll
13:07:05.0468 0x0e50  defragsvc - ok
13:07:05.0513 0x0e50  [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
13:07:05.0606 0x0e50  DfsC - ok
13:07:05.0681 0x0e50  [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
13:07:05.0749 0x0e50  Dhcp - ok
13:07:05.0779 0x0e50  [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache        C:\Windows\system32\drivers\discache.sys
13:07:05.0785 0x0e50  discache - ok
13:07:05.0839 0x0e50  [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk            C:\Windows\system32\drivers\disk.sys
13:07:05.0847 0x0e50  Disk - ok
13:07:05.0880 0x0e50  [ 2A958EF85DB1B61FFCA65044FA4BCE9E, C83511685EE1CE85A5ADF9B5BE96C375A521601F66024BDC3EE044C0B6E85D69 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
13:07:06.0044 0x0e50  dmvsc - ok
13:07:06.0106 0x0e50  [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache        C:\Windows\System32\dnsrslvr.dll
13:07:06.0135 0x0e50  Dnscache - ok
13:07:06.0196 0x0e50  [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc         C:\Windows\System32\dot3svc.dll
13:07:06.0236 0x0e50  dot3svc - ok
13:07:06.0298 0x0e50  [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS             C:\Windows\system32\dps.dll
13:07:06.0343 0x0e50  DPS - ok
13:07:06.0418 0x0e50  [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
13:07:06.0502 0x0e50  drmkaud - ok
13:07:06.0608 0x0e50  [ 9DD3A22F804697606C2B7FF9E912FF6B, BBE2FC0D554030BA9E3A96CC4A360D61DBCCAA1D81BD7547809F29A3AF0B3A25 ] DsiWMIService   C:\Program Files\Launch Manager\dsiwmis.exe
13:07:06.0676 0x0e50  DsiWMIService - ok
13:07:06.0802 0x0e50  [ 71BC35067CABC02C9453AEAA42B2E43E, 713B19F2C08EA5E4C087F7A74A8856932CF33E19D63384823DD4E02ED8798619 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
13:07:07.0463 0x0e50  DXGKrnl - ok
13:07:07.0584 0x0e50  [ 59D9E5DBCFEF1E0E3DBAC1B55C718F2D, 9F089B4627B627944F7913D2A6915E5545179EBCAE4E45D69DF247BC433AE956 ] eamon           C:\Windows\system32\DRIVERS\eamon.sys
13:07:07.0606 0x0e50  eamon - ok
13:07:07.0764 0x0e50  [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost         C:\Windows\System32\eapsvc.dll
13:07:07.0786 0x0e50  EapHost - ok
13:07:08.0181 0x0e50  [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv           C:\Windows\system32\drivers\evbdx.sys
13:07:08.0634 0x0e50  ebdrv - ok
13:07:08.0699 0x0e50  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] EFS             C:\Windows\System32\lsass.exe
13:07:08.0751 0x0e50  EFS - ok
13:07:08.0799 0x0e50  [ 3BD67A869964BF57266CBBD1DCA38C6A, 398912212ED568EA152C94EE16B7E1C9328CC600A9CDBCFF50C8C4B6DFA843E9 ] ehdrv           C:\Windows\system32\DRIVERS\ehdrv.sys
13:07:08.0876 0x0e50  ehdrv - ok
13:07:08.0985 0x0e50  [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
13:07:09.0057 0x0e50  ehRecvr - ok
13:07:09.0084 0x0e50  [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched         C:\Windows\ehome\ehsched.exe
13:07:09.0104 0x0e50  ehSched - ok
13:07:09.0141 0x0e50  [ 96FC9AD2C1B008424093F5367CA1AE3E, 3D64FE8248CD63A4A0276BBC084F232240F845D32AFD8559F62EC4BEB4BE3E5E ] EhttpSrv        C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
13:07:09.0153 0x0e50  EhttpSrv - ok
13:07:09.0277 0x0e50  [ D543E7E8BCAE3F5D256335EEE809ADF5, 91F9549C271D7C351814DB1ABDD6CC6B43DB2981D114F9CBFC28133E99209BF6 ] ekrn            C:\Program Files\ESET\ESET Smart Security\ekrn.exe
13:07:09.0395 0x0e50  ekrn - ok
13:07:09.0502 0x0e50  [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
13:07:09.0668 0x0e50  elxstor - ok
13:07:09.0703 0x0e50  [ 1A7384D0684ADC204178F593994194B1, E54436969191FA0CBE12F7FC488C6BEA64220E9C1AB0E1537BA3567291C683D4 ] epfw            C:\Windows\system32\DRIVERS\epfw.sys
13:07:09.0724 0x0e50  epfw - ok
13:07:09.0764 0x0e50  [ 82CCB9D92DD674F3A4758F4A6A18FC1C, 223B8B68FA0606F72FE454CDAD0DA8CD847FE069DDE929A3D3CC9C0A37962FBF ] Epfwndis        C:\Windows\system32\DRIVERS\Epfwndis.sys
13:07:09.0887 0x0e50  Epfwndis - ok
13:07:09.0924 0x0e50  [ A42D685FBA0055386871C8F0A9BB40A5, 468902FE2151A34C136E47292294C0FE14F35627D472D4EC51AE87E459ABB844 ] epfwwfp         C:\Windows\system32\DRIVERS\epfwwfp.sys
13:07:09.0936 0x0e50  epfwwfp - ok
13:07:09.0958 0x0e50  [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
13:07:10.0022 0x0e50  ErrDev - ok
13:07:10.0098 0x0e50  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem     C:\Windows\system32\es.dll
13:07:10.0144 0x0e50  EventSystem - ok
13:07:10.0194 0x0e50  [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat           C:\Windows\system32\drivers\exfat.sys
13:07:10.0270 0x0e50  exfat - ok
13:07:10.0293 0x0e50  [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
13:07:10.0368 0x0e50  fastfat - ok
13:07:10.0460 0x0e50  [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax             C:\Windows\system32\fxssvc.exe
13:07:10.0566 0x0e50  Fax - ok
13:07:10.0592 0x0e50  [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc             C:\Windows\system32\drivers\fdc.sys
13:07:10.0693 0x0e50  fdc - ok
13:07:10.0714 0x0e50  [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost         C:\Windows\system32\fdPHost.dll
13:07:10.0725 0x0e50  fdPHost - ok
13:07:10.0756 0x0e50  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub        C:\Windows\system32\fdrespub.dll
13:07:10.0768 0x0e50  FDResPub - ok
13:07:10.0792 0x0e50  [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
13:07:10.0848 0x0e50  FileInfo - ok
13:07:10.0867 0x0e50  [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
13:07:10.0922 0x0e50  Filetrace - ok
13:07:10.0946 0x0e50  [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
13:07:10.0996 0x0e50  flpydisk - ok
13:07:11.0043 0x0e50  [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
13:07:11.0123 0x0e50  FltMgr - ok
13:07:11.0244 0x0e50  [ E12C4928B32ACE04610259647F072635, B71B9C2DF45F33C4DAC88435129B08B0BCDBBE82E8C3AD0A95F00137CC8B619F ] FontCache       C:\Windows\system32\FntCache.dll
13:07:11.0332 0x0e50  FontCache - ok
13:07:11.0419 0x0e50  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
13:07:11.0429 0x0e50  FontCache3.0.0.0 - ok
13:07:11.0496 0x0e50  [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
13:07:11.0570 0x0e50  FsDepends - ok
13:07:11.0630 0x0e50  [ D909075FA72C090F27AA926C32CB4612, F8610C20C4DD499D5B4ACEBD7107E52E25B6449AEED58D1A203F7D654B55C4DF ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
13:07:11.0729 0x0e50  fssfltr - ok
13:07:11.0880 0x0e50  [ 4CE9DAC1518FF7E77BD213E6394B9D77, D7D0D29DF93AC7DC5F85E385EEB45306C7BD87ACA7AAC5A8D47893D120C32C03 ] fsssvc          C:\Program Files\Windows Live\Family Safety\fsssvc.exe
13:07:12.0043 0x0e50  fsssvc - ok
13:07:12.0091 0x0e50  [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
13:07:12.0138 0x0e50  Fs_Rec - ok
13:07:12.0204 0x0e50  [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
13:07:12.0217 0x0e50  fvevol - ok
13:07:12.0261 0x0e50  [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
13:07:12.0319 0x0e50  gagp30kx - ok
13:07:12.0360 0x0e50  [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:07:12.0369 0x0e50  GEARAspiWDM - ok
13:07:12.0445 0x0e50  [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc           C:\Windows\System32\gpsvc.dll
13:07:12.0509 0x0e50  gpsvc - ok
13:07:12.0539 0x0e50  [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
13:07:12.0577 0x0e50  hcw85cir - ok
13:07:12.0653 0x0e50  [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:07:12.0797 0x0e50  HdAudAddService - ok
13:07:12.0842 0x0e50  [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
13:07:12.0852 0x0e50  HDAudBus - ok
13:07:12.0872 0x0e50  [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
13:07:12.0908 0x0e50  HidBatt - ok
13:07:12.0953 0x0e50  [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth          C:\Windows\system32\drivers\hidbth.sys
13:07:12.0996 0x0e50  HidBth - ok
13:07:13.0040 0x0e50  [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr           C:\Windows\system32\drivers\hidir.sys
13:07:13.0084 0x0e50  HidIr - ok
13:07:13.0124 0x0e50  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv         C:\Windows\system32\hidserv.dll
13:07:13.0134 0x0e50  hidserv - ok
13:07:13.0162 0x0e50  [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
13:07:13.0200 0x0e50  HidUsb - ok
13:07:13.0221 0x0e50  [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc          C:\Windows\system32\kmsvc.dll
13:07:13.0232 0x0e50  hkmsvc - ok
13:07:13.0262 0x0e50  [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:07:13.0286 0x0e50  HomeGroupListener - ok
13:07:13.0330 0x0e50  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:07:13.0346 0x0e50  HomeGroupProvider - ok
13:07:13.0382 0x0e50  [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
13:07:13.0453 0x0e50  HpSAMD - ok
13:07:13.0514 0x0e50  [ 871917B07A141BFF43D76D8844D48106, 30C702008D0EE57D63F74864967DD19A55A268E77E42B5B3CC73037AD51D2987 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
13:07:13.0558 0x0e50  HTTP - ok
13:07:13.0582 0x0e50  [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
13:07:13.0584 0x0e50  hwpolicy - ok
13:07:13.0624 0x0e50  [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
13:07:13.0665 0x0e50  i8042prt - ok
13:07:13.0724 0x0e50  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
13:07:13.0790 0x0e50  iaStorV - ok
13:07:13.0943 0x0e50  [ 0DFFBA5AE3D2E1C076BD8E6F52C4FDFB, 327D366A8A1D7E4202404300DA9DE00010BA985C26DADA7D48E1F77B7A58168E ] IconMan_R       C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe
13:07:14.0161 0x0e50  IconMan_R - ok
13:07:14.0369 0x0e50  [ C521D7EB6497BB1AF6AFA89E322FB43C, BDDCFCBB5B76A9295669B5AC9F732D6127199ED5C300770B554C4E4794F66BB7 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:07:14.0491 0x0e50  idsvc - ok
13:07:14.0549 0x0e50  IEEtwCollectorService - ok
13:07:14.0789 0x0e50  [ 72A75B01371384ECBCFC6AD2AF6B9389, 8B716014C1F9EDB2A134CCF29F21B31E23C2585C708BAFFFFD767C92C8AE2960 ] igddim32        C:\Windows\system32\DRIVERS\igddim32.sys
13:07:14.0993 0x0e50  igddim32 - ok
13:07:15.0092 0x0e50  [ 6B78789287D43615E7908CA31C0D5D6D, 776C6BEBDE6BCA4D5AB943F1DFC5B22CF7FE8113052995FBEAE0FB24D15614DF ] igdkmd32        C:\Windows\system32\DRIVERS\igdkmd32.sys
13:07:15.0206 0x0e50  igdkmd32 - ok
13:07:15.0265 0x0e50  [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp           C:\Windows\system32\drivers\iirsp.sys
13:07:15.0339 0x0e50  iirsp - ok
13:07:15.0463 0x0e50  [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT          C:\Windows\System32\ikeext.dll
13:07:15.0549 0x0e50  IKEEXT - ok
13:07:15.0637 0x0e50  [ 8F4D251F1EA15FA97E8399128A72CC83, 210F724C2586DA4EA847439EDAAA7ABA170435A88698C077ED31D057C0997164 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
13:07:15.0680 0x0e50  IntcDAud - ok
13:07:15.0725 0x0e50  [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide        C:\Windows\system32\drivers\intelide.sys
13:07:15.0793 0x0e50  intelide - ok
13:07:15.0839 0x0e50  [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
13:07:15.0910 0x0e50  intelppm - ok
13:07:15.0985 0x0e50  [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
13:07:16.0055 0x0e50  IPBusEnum - ok
13:07:16.0104 0x0e50  [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:07:16.0187 0x0e50  IpFilterDriver - ok
13:07:16.0290 0x0e50  [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
13:07:16.0363 0x0e50  iphlpsvc - ok
13:07:16.0402 0x0e50  [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
13:07:16.0471 0x0e50  IPMIDRV - ok
13:07:16.0516 0x0e50  [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
13:07:16.0652 0x0e50  IPNAT - ok
13:07:16.0806 0x0e50  [ 066F2BBE2EEC9A42B065B552BF356B4E, AE86DB5BFD4748C54C0C224E7FBEA3C032F1071A39303DF35AA04869D3950B7A ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
13:07:16.0880 0x0e50  iPod Service - ok
13:07:16.0936 0x0e50  [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
13:07:16.0988 0x0e50  IRENUM - ok
13:07:17.0035 0x0e50  [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
13:07:17.0136 0x0e50  isapnp - ok
13:07:17.0187 0x0e50  [ CB7A9ABB12B8415BCE5D74994C7BA3AE, 464BFF3F5EEE985BE075E23E1813F5CB82A9A0771A92C6D889B13B867BCDF647 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
13:07:17.0277 0x0e50  iScsiPrt - ok
13:07:17.0317 0x0e50  [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
13:07:17.0372 0x0e50  kbdclass - ok
13:07:17.0405 0x0e50  [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
13:07:17.0469 0x0e50  kbdhid - ok
13:07:17.0516 0x0e50  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] KeyIso          C:\Windows\system32\lsass.exe
13:07:17.0524 0x0e50  KeyIso - ok
13:07:17.0593 0x0e50  [ F286830298323272260332D6ABC905C1, FF4CD182A95CA53119B228690D682EE9214BE131A0DBCB09B6189FBEBBFF902C ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
13:07:17.0608 0x0e50  KSecDD - ok
13:07:17.0653 0x0e50  [ D7C760D57B1656DD748B9E4AB6CB5A51, F8AE4185A6A9F7005DEFF1FDC03F395C6189825B482B8C650637FD29DE93AB68 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
13:07:17.0669 0x0e50  KSecPkg - ok
13:07:17.0742 0x0e50  [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm           C:\Windows\system32\msdtckrm.dll
13:07:17.0792 0x0e50  KtmRm - ok
13:07:17.0938 0x0e50  [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer    C:\Windows\system32\srvsvc.dll
13:07:17.0977 0x0e50  LanmanServer - ok
13:07:18.0035 0x0e50  [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:07:18.0066 0x0e50  LanmanWorkstation - ok
13:07:18.0183 0x0e50  [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
13:07:18.0231 0x0e50  lltdio - ok
13:07:18.0307 0x0e50  [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
13:07:18.0337 0x0e50  lltdsvc - ok
13:07:18.0383 0x0e50  [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts         C:\Windows\System32\lmhsvc.dll
13:07:18.0394 0x0e50  lmhosts - ok
13:07:18.0452 0x0e50  [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
13:07:18.0497 0x0e50  LSI_FC - ok
13:07:18.0548 0x0e50  [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
13:07:18.0605 0x0e50  LSI_SAS - ok
13:07:18.0628 0x0e50  [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
13:07:18.0724 0x0e50  LSI_SAS2 - ok
13:07:18.0776 0x0e50  [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
13:07:18.0859 0x0e50  LSI_SCSI - ok
13:07:18.0903 0x0e50  [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv           C:\Windows\system32\drivers\luafv.sys
13:07:18.0980 0x0e50  luafv - ok
13:07:19.0028 0x0e50  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
13:07:19.0045 0x0e50  Mcx2Svc - ok
13:07:19.0080 0x0e50  [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas         C:\Windows\system32\drivers\megasas.sys
13:07:19.0155 0x0e50  megasas - ok
13:07:19.0198 0x0e50  [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
13:07:19.0268 0x0e50  MegaSR - ok
13:07:19.0330 0x0e50  Microsoft SharePoint Workspace Audit Service - ok
13:07:19.0419 0x0e50  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS           C:\Windows\system32\mmcss.dll
13:07:19.0426 0x0e50  MMCSS - ok
13:07:19.0438 0x0e50  [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem           C:\Windows\system32\drivers\modem.sys
13:07:19.0487 0x0e50  Modem - ok
13:07:19.0541 0x0e50  [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
13:07:19.0613 0x0e50  monitor - ok
13:07:19.0663 0x0e50  [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
13:07:19.0702 0x0e50  mouclass - ok
13:07:19.0731 0x0e50  [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
13:07:19.0771 0x0e50  mouhid - ok
13:07:19.0821 0x0e50  [ FC8771F45ECCCFD89684E38842539B9B, 806DDF2B4830CA866582FE74A521BB7DF26CA0E19013DAF584D3677FB48CC77A ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
13:07:19.0865 0x0e50  mountmgr - ok
13:07:19.0890 0x0e50  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio            C:\Windows\system32\drivers\mpio.sys
13:07:19.0965 0x0e50  mpio - ok
13:07:20.0011 0x0e50  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
13:07:20.0056 0x0e50  mpsdrv - ok
13:07:20.0121 0x0e50  [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc          C:\Windows\system32\mpssvc.dll
13:07:20.0167 0x0e50  MpsSvc - ok
13:07:20.0221 0x0e50  [ 21F4B24ACFC79A483515BD986DD9043F, 22681907E02E0B723ABE2CEF0602D36C8EF862E7E2B62A9B40A5EF582E58D7BA ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
13:07:20.0267 0x0e50  MRxDAV - ok
13:07:20.0301 0x0e50  [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
13:07:20.0342 0x0e50  mrxsmb - ok
13:07:20.0381 0x0e50  [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:07:20.0455 0x0e50  mrxsmb10 - ok
13:07:20.0536 0x0e50  [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:07:20.0617 0x0e50  mrxsmb20 - ok
13:07:20.0667 0x0e50  [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci          C:\Windows\system32\drivers\msahci.sys
13:07:20.0671 0x0e50  msahci - ok
13:07:20.0722 0x0e50  [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
13:07:20.0773 0x0e50  msdsm - ok
13:07:20.0802 0x0e50  [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC           C:\Windows\System32\msdtc.exe
13:07:20.0837 0x0e50  MSDTC - ok
13:07:20.0892 0x0e50  [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs            C:\Windows\system32\drivers\Msfs.sys
13:07:20.0954 0x0e50  Msfs - ok
13:07:20.0974 0x0e50  [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
13:07:21.0010 0x0e50  mshidkmdf - ok
13:07:21.0037 0x0e50  [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
13:07:21.0086 0x0e50  msisadrv - ok
13:07:21.0165 0x0e50  [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
13:07:21.0180 0x0e50  MSiSCSI - ok
13:07:21.0194 0x0e50  msiserver - ok
13:07:21.0280 0x0e50  [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
13:07:21.0288 0x0e50  MSKSSRV - ok
13:07:21.0337 0x0e50  [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
13:07:21.0397 0x0e50  MSPCLOCK - ok
13:07:21.0470 0x0e50  [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
13:07:21.0477 0x0e50  MSPQM - ok
13:07:21.0511 0x0e50  [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
13:07:21.0554 0x0e50  MsRPC - ok
13:07:21.0593 0x0e50  [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
13:07:21.0655 0x0e50  mssmbios - ok
13:07:21.0717 0x0e50  [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
13:07:21.0766 0x0e50  MSTEE - ok
13:07:21.0850 0x0e50  [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
13:07:21.0923 0x0e50  MTConfig - ok
13:07:21.0977 0x0e50  [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup             C:\Windows\system32\Drivers\mup.sys
13:07:21.0996 0x0e50  Mup - ok
13:07:22.0105 0x0e50  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent        C:\Windows\system32\qagentRT.dll
13:07:22.0157 0x0e50  napagent - ok
13:07:22.0244 0x0e50  [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
13:07:22.0307 0x0e50  NativeWifiP - ok
13:07:22.0404 0x0e50  [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS            C:\Windows\system32\drivers\ndis.sys
13:07:22.0478 0x0e50  NDIS - ok
13:07:22.0537 0x0e50  [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
13:07:22.0579 0x0e50  NdisCap - ok
13:07:22.0612 0x0e50  [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
13:07:22.0618 0x0e50  NdisTapi - ok
13:07:22.0654 0x0e50  [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
13:07:22.0706 0x0e50  Ndisuio - ok
13:07:22.0743 0x0e50  [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
13:07:22.0808 0x0e50  NdisWan - ok
13:07:22.0882 0x0e50  [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
13:07:23.0006 0x0e50  NDProxy - ok
13:07:23.0056 0x0e50  [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
13:07:23.0146 0x0e50  NetBIOS - ok
13:07:23.0177 0x0e50  [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
13:07:23.0233 0x0e50  NetBT - ok
13:07:23.0262 0x0e50  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] Netlogon        C:\Windows\system32\lsass.exe
13:07:23.0268 0x0e50  Netlogon - ok
13:07:23.0318 0x0e50  [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman          C:\Windows\System32\netman.dll
13:07:23.0356 0x0e50  Netman - ok
13:07:23.0454 0x0e50  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm        C:\Windows\System32\netprofm.dll
13:07:23.0489 0x0e50  netprofm - ok
13:07:23.0524 0x0e50  [ F476EC40033CDB91EFBE73EB99B8362D, B17535037BC070F9AE1F6B381C2DBEE27658A8FDE15FB0E061F485EA7C7CBE59 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:07:23.0544 0x0e50  NetTcpPortSharing - ok
13:07:23.0599 0x0e50  [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
13:07:23.0659 0x0e50  nfrd960 - ok
13:07:23.0713 0x0e50  [ 374071043F9E4231EE43BE2BB48DD36D, C4FA3FC40CC49DBBB91901D14210A55D3831FAC9F9B3FF45FCA7F5CF242C9E92 ] NlaSvc          C:\Windows\System32\nlasvc.dll
13:07:23.0773 0x0e50  NlaSvc - ok
13:07:23.0815 0x0e50  [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
13:07:23.0867 0x0e50  Npfs - ok
13:07:23.0893 0x0e50  [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi             C:\Windows\system32\nsisvc.dll
13:07:23.0909 0x0e50  nsi - ok
13:07:23.0932 0x0e50  [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
13:07:23.0936 0x0e50  nsiproxy - ok
13:07:24.0059 0x0e50  [ 5E43D2B0EE64123D4880DFA6626DEFDE, 164413A22DE58B19EA2B4120034B46D6BE1F424B80C3421E10BE5C81153D049F ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
13:07:24.0192 0x0e50  Ntfs - ok
13:07:24.0222 0x0e50  [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null            C:\Windows\system32\drivers\Null.sys
13:07:24.0263 0x0e50  Null - ok
13:07:24.0313 0x0e50  [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
13:07:24.0363 0x0e50  nvraid - ok
13:07:24.0392 0x0e50  [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
13:07:24.0477 0x0e50  nvstor - ok
13:07:24.0521 0x0e50  [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
13:07:24.0563 0x0e50  nv_agp - ok
13:07:24.0591 0x0e50  [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
13:07:24.0601 0x0e50  ohci1394 - ok
13:07:24.0670 0x0e50  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:07:24.0702 0x0e50  ose - ok
13:07:25.0046 0x0e50  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7, F342100E2E9001F11FDF93F856B50FA43F9B85D2C6B5706EC0433E77206498DA ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
13:07:25.0386 0x0e50  osppsvc - ok
13:07:25.0833 0x0e50  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
13:07:25.0922 0x0e50  p2pimsvc - ok
13:07:25.0999 0x0e50  [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc          C:\Windows\system32\p2psvc.dll
13:07:26.0032 0x0e50  p2psvc - ok
13:07:26.0080 0x0e50  [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport         C:\Windows\system32\drivers\parport.sys
13:07:26.0134 0x0e50  Parport - ok
13:07:26.0259 0x0e50  [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
13:07:26.0344 0x0e50  partmgr - ok
13:07:26.0380 0x0e50  [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
13:07:26.0439 0x0e50  Parvdm - ok
13:07:26.0506 0x0e50  [ 358AB7956D3160000726574083DFC8A6, 6CAFD4D1B8AB8C1D167ADC018985DDAB5AC2CBFFB3434FE6390F14AF50C19025 ] PcaSvc          C:\Windows\System32\pcasvc.dll
13:07:26.0674 0x0e50  PcaSvc - ok
13:07:26.0811 0x0e50  [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci             C:\Windows\system32\drivers\pci.sys
13:07:26.0968 0x0e50  pci - ok
13:07:27.0026 0x0e50  [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide          C:\Windows\system32\drivers\pciide.sys
13:07:27.0078 0x0e50  pciide - ok
13:07:27.0137 0x0e50  [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
13:07:27.0200 0x0e50  pcmcia - ok
13:07:27.0229 0x0e50  [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw             C:\Windows\system32\drivers\pcw.sys
13:07:27.0288 0x0e50  pcw - ok
13:07:27.0379 0x0e50  [ 9E0104BA49F4E6973749A02BF41344ED, B32F39F38DB48D77FBA884DEE34112BAB81CCEF5DD2EAAA12D9589D73D2BB116 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
13:07:27.0457 0x0e50  PEAUTH - ok
13:07:27.0572 0x0e50  [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
13:07:27.0675 0x0e50  PeerDistSvc - ok
13:07:27.0913 0x0e50  [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla             C:\Windows\system32\pla.dll
13:07:28.0038 0x0e50  pla - ok
13:07:28.0103 0x0e50  [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
13:07:28.0141 0x0e50  PlugPlay - ok
13:07:28.0226 0x0e50  [ 681DA309716AEB98BC901D7A0458D931, 01B456C265E8813306C6994DC1393C1E2E0423E31B223C87B6FFF91179D4F32B ] PnkBstrA        C:\Windows\system32\PnkBstrA.exe
13:07:28.0244 0x0e50  PnkBstrA - ok
13:07:28.0311 0x0e50  [ 27F1BE4A53441C9F1F48B9ADC145B0A5, 8E2A136C508FE5C602BB9140462541A3882E751983DA56498B5EFA3777E68D99 ] PnkBstrB        C:\Windows\system32\PnkBstrB.exe
13:07:28.0754 0x0e50  PnkBstrB - ok
13:07:28.0781 0x0e50  [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
13:07:28.0799 0x0e50  PNRPAutoReg - ok
13:07:28.0882 0x0e50  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
13:07:28.0908 0x0e50  PNRPsvc - ok
13:07:29.0007 0x0e50  [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
13:07:29.0080 0x0e50  PolicyAgent - ok
13:07:29.0146 0x0e50  [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power           C:\Windows\system32\umpo.dll
13:07:29.0161 0x0e50  Power - ok
13:07:29.0250 0x0e50  [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
13:07:29.0338 0x0e50  PptpMiniport - ok
13:07:29.0407 0x0e50  [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor       C:\Windows\system32\drivers\processr.sys
13:07:29.0470 0x0e50  Processor - ok
13:07:29.0559 0x0e50  [ CADEFAC453040E370A1BDFF3973BE00D, 2E3DD8DA702468D8AB0F3CE27188B1991D4CB015FB36BAE4C6E7996B61CF49B8 ] ProfSvc         C:\Windows\system32\profsvc.dll
13:07:29.0667 0x0e50  ProfSvc - ok
13:07:29.0718 0x0e50  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] ProtectedStorage C:\Windows\system32\lsass.exe
13:07:29.0726 0x0e50  ProtectedStorage - ok
13:07:29.0776 0x0e50  [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
13:07:29.0784 0x0e50  Psched - ok
13:07:29.0941 0x0e50  [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300          C:\Windows\system32\drivers\ql2300.sys
13:07:30.0126 0x0e50  ql2300 - ok
13:07:30.0192 0x0e50  [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
13:07:30.0261 0x0e50  ql40xx - ok
13:07:30.0326 0x0e50  [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE           C:\Windows\system32\qwave.dll
13:07:30.0377 0x0e50  QWAVE - ok
13:07:30.0406 0x0e50  [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
13:07:30.0453 0x0e50  QWAVEdrv - ok
13:07:30.0487 0x0e50  [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
13:07:30.0534 0x0e50  RasAcd - ok
13:07:30.0588 0x0e50  [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
13:07:30.0631 0x0e50  RasAgileVpn - ok
13:07:30.0668 0x0e50  [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto         C:\Windows\System32\rasauto.dll
13:07:30.0692 0x0e50  RasAuto - ok
13:07:30.0736 0x0e50  [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
13:07:30.0783 0x0e50  Rasl2tp - ok
13:07:30.0824 0x0e50  [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan          C:\Windows\System32\rasmans.dll
13:07:30.0870 0x0e50  RasMan - ok
13:07:30.0892 0x0e50  [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
13:07:30.0941 0x0e50  RasPppoe - ok
13:07:30.0984 0x0e50  [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
13:07:31.0030 0x0e50  RasSstp - ok
13:07:31.0066 0x0e50  [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
13:07:31.0170 0x0e50  rdbss - ok
13:07:31.0216 0x0e50  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
13:07:31.0259 0x0e50  rdpbus - ok
13:07:31.0287 0x0e50  [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
13:07:31.0289 0x0e50  RDPCDD - ok
13:07:31.0343 0x0e50  [ B973FCFC50DC1434E1970A146F7E3885, BE797E5F5AE34D37F8DA1134CE94DD14DBE36D2BC405B97E992E2257848B7CA9 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
13:07:31.0355 0x0e50  RDPDR - ok
13:07:31.0413 0x0e50  [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
13:07:31.0415 0x0e50  RDPENCDD - ok
13:07:31.0463 0x0e50  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
13:07:31.0466 0x0e50  RDPREFMP - ok
13:07:31.0562 0x0e50  [ 68A0387F58E226DEEE23D9715955572A, F95BB1D2BB3E79AF47B1C715BB5E3003EEF888AAA963F46F4A2FE8AFBD4F37A4 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
13:07:31.0603 0x0e50  RdpVideoMiniport - ok
13:07:31.0663 0x0e50  [ F031683E6D1FEA157ABB2FF260B51E61, 83B552819A5964152882C527E1421DBCEAACC74DEB897E3C4B53F52F1467FED3 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
13:07:31.0729 0x0e50  RDPWD - ok
13:07:31.0778 0x0e50  [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
13:07:31.0824 0x0e50  rdyboost - ok
13:07:31.0858 0x0e50  [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess    C:\Windows\System32\mprdim.dll
13:07:31.0871 0x0e50  RemoteAccess - ok
13:07:31.0906 0x0e50  [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry  C:\Windows\system32\regsvc.dll
13:07:31.0924 0x0e50  RemoteRegistry - ok
13:07:31.0974 0x0e50  [ CB928D9E6DAF51879DD6BA8D02F01321, DFD263B67DDF98AE09AF6D6986CBC7BE3206BCE8403AAC51BCF9459E78233D12 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
13:07:32.0016 0x0e50  RFCOMM - ok
13:07:32.0077 0x0e50  [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
13:07:32.0089 0x0e50  RpcEptMapper - ok
13:07:32.0119 0x0e50  [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator      C:\Windows\system32\locator.exe
13:07:32.0129 0x0e50  RpcLocator - ok
13:07:32.0180 0x0e50  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs           C:\Windows\system32\rpcss.dll
13:07:32.0204 0x0e50  RpcSs - ok
13:07:32.0248 0x0e50  [ 683B328B077D21F06E18C426DBAC0616, 977E9DE417C859488DCB071E98BCD1F363644768DCAD28A40307B0CC4DC9138F ] RSPCIESTOR      C:\Windows\system32\DRIVERS\RtsPStor.sys
13:07:32.0336 0x0e50  RSPCIESTOR - ok
13:07:32.0368 0x0e50  [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
13:07:32.0441 0x0e50  rspndr - ok
13:07:32.0508 0x0e50  [ 6A2586DCB5B04A52404699EB325DF1DB, 07EA046410E23C3CCBCA20EBD187D4B5C1E1480359654FEB756EDFAAA8FFEAFD ] RTL8167         C:\Windows\system32\DRIVERS\Rt86win7.sys
13:07:32.0569 0x0e50  RTL8167 - ok
13:07:32.0596 0x0e50  [ 7FA7F2E249A5DCBB7970630E15E1F482, 9633B193F3FDA67BC551C6DCA4788AB83E9F45F77763EE579D02FE5D6B80DEDF ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
13:07:32.0632 0x0e50  s3cap - ok
13:07:32.0649 0x0e50  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] SamSs           C:\Windows\system32\lsass.exe
13:07:32.0656 0x0e50  SamSs - ok
13:07:32.0683 0x0e50  [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
13:07:32.0727 0x0e50  sbp2port - ok
13:07:32.0765 0x0e50  [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
13:07:32.0790 0x0e50  SCardSvr - ok
13:07:32.0813 0x0e50  [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
13:07:32.0819 0x0e50  scfilter - ok
13:07:32.0896 0x0e50  [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule        C:\Windows\system32\schedsvc.dll
13:07:32.0954 0x0e50  Schedule - ok
13:07:32.0982 0x0e50  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc     C:\Windows\System32\certprop.dll
13:07:32.0987 0x0e50  SCPolicySvc - ok
13:07:33.0006 0x0e50  [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
13:07:33.0022 0x0e50  SDRSVC - ok
13:07:33.0062 0x0e50  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
13:07:33.0099 0x0e50  secdrv - ok
13:07:33.0114 0x0e50  [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon        C:\Windows\system32\seclogon.dll
13:07:33.0126 0x0e50  seclogon - ok
13:07:33.0147 0x0e50  [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS            C:\Windows\System32\sens.dll
13:07:33.0160 0x0e50  SENS - ok
13:07:33.0198 0x0e50  [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
13:07:33.0210 0x0e50  SensrSvc - ok
13:07:33.0239 0x0e50  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum         C:\Windows\system32\drivers\serenum.sys
13:07:33.0277 0x0e50  Serenum - ok
13:07:33.0305 0x0e50  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial          C:\Windows\system32\drivers\serial.sys
13:07:33.0345 0x0e50  Serial - ok
13:07:33.0415 0x0e50  [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse        C:\Windows\system32\drivers\sermouse.sys
13:07:33.0456 0x0e50  sermouse - ok
13:07:33.0526 0x0e50  [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv      C:\Windows\system32\sessenv.dll
13:07:33.0541 0x0e50  SessionEnv - ok
13:07:33.0586 0x0e50  [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
13:07:33.0622 0x0e50  sffdisk - ok
13:07:33.0657 0x0e50  [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
13:07:33.0704 0x0e50  sffp_mmc - ok
13:07:33.0721 0x0e50  [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
13:07:33.0758 0x0e50  sffp_sd - ok
13:07:33.0787 0x0e50  [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
13:07:33.0824 0x0e50  sfloppy - ok
13:07:33.0892 0x0e50  [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
13:07:33.0928 0x0e50  SharedAccess - ok
13:07:33.0965 0x0e50  [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:07:34.0006 0x0e50  ShellHWDetection - ok
13:07:34.0031 0x0e50  [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp          C:\Windows\system32\drivers\sisagp.sys
13:07:34.0071 0x0e50  sisagp - ok
13:07:34.0107 0x0e50  [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
13:07:34.0179 0x0e50  SiSRaid2 - ok
13:07:34.0201 0x0e50  [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
13:07:34.0272 0x0e50  SiSRaid4 - ok
13:07:34.0351 0x0e50  [ F5BBEDF602C310B00036EB2DBF4348A5, AC2712E639F0C54BCF00EB4E90E805335871EA27AE8A45DFC53EDF28822318C4 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
13:07:34.0453 0x0e50  SkypeUpdate - ok
13:07:34.0523 0x0e50  [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
13:07:34.0618 0x0e50  Smb - ok
13:07:34.0726 0x0e50  [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
13:07:34.0753 0x0e50  SNMPTRAP - ok
13:07:34.0795 0x0e50  [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr           C:\Windows\system32\drivers\spldr.sys
13:07:34.0808 0x0e50  spldr - ok
13:07:34.0903 0x0e50  [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler         C:\Windows\System32\spoolsv.exe
13:07:34.0983 0x0e50  Spooler - ok
13:07:35.0399 0x0e50  [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc          C:\Windows\system32\sppsvc.exe
13:07:35.0744 0x0e50  sppsvc - ok
13:07:35.0793 0x0e50  [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify     C:\Windows\system32\sppuinotify.dll
13:07:35.0816 0x0e50  sppuinotify - ok
13:07:35.0888 0x0e50  [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv             C:\Windows\system32\DRIVERS\srv.sys
13:07:35.0999 0x0e50  srv - ok
13:07:36.0048 0x0e50  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
13:07:36.0149 0x0e50  srv2 - ok
13:07:36.0197 0x0e50  [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
13:07:36.0330 0x0e50  srvnet - ok
13:07:36.0375 0x0e50  [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
13:07:36.0409 0x0e50  SSDPSRV - ok
13:07:36.0478 0x0e50  [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
13:07:36.0502 0x0e50  SstpSvc - ok
13:07:36.0536 0x0e50  [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor        C:\Windows\system32\drivers\stexstor.sys
13:07:36.0602 0x0e50  stexstor - ok
13:07:36.0917 0x0e50  [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc          C:\Windows\System32\wiaservc.dll
13:07:37.0001 0x0e50  StiSvc - ok
13:07:37.0110 0x0e50  [ 472AF0311073DCECEAA8FA18BA2BDF89, 089414057EB2047E42C96C1ACE79D509967461DC5A4D2836F63C04268637A3FC ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
13:07:37.0206 0x0e50  storflt - ok
13:07:37.0248 0x0e50  [ DCAFFD62259E0BDB433DD67B5BB37619, CBD12FF9BBF33D18B0F3D322B12EC62E7DF3BF45C6AD43D2E91FF4C4762E05D0 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
13:07:37.0335 0x0e50  storvsc - ok
13:07:37.0363 0x0e50  [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
13:07:37.0373 0x0e50  swenum - ok
13:07:37.0473 0x0e50  [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv           C:\Windows\System32\swprv.dll
13:07:37.0546 0x0e50  swprv - ok
13:07:37.0598 0x0e50  [ F2AD8960812FD111E20E84659EF19D43, FAC91E940D3735738908447E58792C32E6F86427612114A624041B7213831105 ] Synth3dVsc      C:\Windows\system32\drivers\synth3dvsc.sys
13:07:37.0668 0x0e50  Synth3dVsc - ok
13:07:37.0851 0x0e50  [ 31B6B2D25FCFF1B71AE225000D656CD0, D4096648E6AB6240DFD4667F704C1A8772C92ABAFA9213EE4653DA714D38485E ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
13:07:38.0000 0x0e50  SynTP - ok
13:07:38.0138 0x0e50  [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain         C:\Windows\system32\sysmain.dll
13:07:38.0279 0x0e50  SysMain - ok
13:07:38.0322 0x0e50  [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
13:07:38.0348 0x0e50  TabletInputService - ok
13:07:38.0390 0x0e50  [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv         C:\Windows\System32\tapisrv.dll
13:07:38.0430 0x0e50  TapiSrv - ok
13:07:38.0487 0x0e50  [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS             C:\Windows\System32\tbssvc.dll
13:07:38.0526 0x0e50  TBS - ok
13:07:38.0695 0x0e50  [ CA59F7C570AF70BC174F477CFE2D9EE3, F09E4E14207A2AC6957D2C0AC8707D0E356A9087FA6DC703373242D8EEB026BD ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
13:07:38.0935 0x0e50  Tcpip - ok
13:07:39.0094 0x0e50  [ CA59F7C570AF70BC174F477CFE2D9EE3, F09E4E14207A2AC6957D2C0AC8707D0E356A9087FA6DC703373242D8EEB026BD ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
13:07:39.0181 0x0e50  TCPIP6 - ok
13:07:39.0243 0x0e50  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
13:07:39.0357 0x0e50  tcpipreg - ok
13:07:39.0426 0x0e50  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
13:07:39.0480 0x0e50  TDPIPE - ok
13:07:39.0546 0x0e50  [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
13:07:39.0609 0x0e50  TDTCP - ok
13:07:39.0656 0x0e50  [ B459575348C20E8121D6039DA063C704, 1B4328A9EA39FF5A57F258E02254D04B73455F1DF7C997C13702A8B2F12D0347 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
13:07:39.0740 0x0e50  tdx - ok
13:07:39.0767 0x0e50  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
13:07:39.0822 0x0e50  TermDD - ok
13:07:39.0861 0x0e50  [ 052306FD76793D5D5AB5D9891FD1ADBB, A590F01A42EC979664044B811E7C98F58D6A23AA025B5A1DD0E5F63BF70B2649 ] terminpt        C:\Windows\system32\drivers\terminpt.sys
13:07:39.0947 0x0e50  terminpt - ok
13:07:40.0029 0x0e50  [ 382C804C92811BE57829D8E550A900E2, 5F52C2E7902024CF1C9CC0069F411C3F19CCA3DB209F437FA0F3932D4898EB50 ] TermService     C:\Windows\System32\termsrv.dll
13:07:40.0092 0x0e50  TermService - ok
13:07:40.0120 0x0e50  [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes          C:\Windows\system32\themeservice.dll
13:07:40.0133 0x0e50  Themes - ok
13:07:40.0152 0x0e50  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER     C:\Windows\system32\mmcss.dll
13:07:40.0160 0x0e50  THREADORDER - ok
13:07:40.0217 0x0e50  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks          C:\Windows\System32\trkwks.dll
13:07:40.0260 0x0e50  TrkWks - ok
13:07:40.0371 0x0e50  [ ED5E4CE36C54F55E7698642E94D32EC7, 07BD324083D1784F8F716C528D530003369E6D87EFC7B79BCAA1767F80DA4FDC ] truecrypt       C:\Windows\system32\drivers\truecrypt.sys
13:07:40.0499 0x0e50  truecrypt - ok
13:07:40.0727 0x0e50  [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:07:40.0775 0x0e50  TrustedInstaller - ok
13:07:40.0893 0x0e50  [ B37B08F2E5EEB1A37E448E09BACE1101, 32CC9E06B88BAB6FAB4696B744548DFCE9199A7FD2BA8B019F269CA75895852C ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
13:07:41.0168 0x0e50  tssecsrv - ok
13:07:41.0242 0x0e50  [ FD1D6C73E6333BE727CBCC6054247654, 6F7B9AE1A5986204DB3348D13B303F30FC17624939DA74D6BD114FAEED0FB30E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
13:07:41.0377 0x0e50  TsUsbFlt - ok
13:07:41.0495 0x0e50  [ 01246F0BAAD7B68EC0F472AA41E33282, 51F975AF029AD015576FFFA3E88F5DBB8B40C7CD30ECDEDE8AFABCB08C954199 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
13:07:41.0507 0x0e50  TsUsbGD - ok
13:07:41.0672 0x0e50  [ 045ACB987C650D8186C6B4A692223860, C1CDDF7DABAE531C53290C7C70F35DD65751B399D269711865AD65F9E4E43B0B ] tsusbhub        C:\Windows\system32\drivers\tsusbhub.sys
13:07:41.0766 0x0e50  tsusbhub - ok
13:07:41.0961 0x0e50  [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
13:07:42.0056 0x0e50  tunnel - ok
13:07:42.0120 0x0e50  [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
13:07:42.0170 0x0e50  uagp35 - ok
13:07:42.0313 0x0e50  [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
13:07:42.0445 0x0e50  udfs - ok
13:07:42.0522 0x0e50  [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect       C:\Windows\system32\UI0Detect.exe
13:07:42.0556 0x0e50  UI0Detect - ok
13:07:42.0641 0x0e50  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
13:07:42.0688 0x0e50  uliagpkx - ok
13:07:42.0732 0x0e50  [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
13:07:42.0777 0x0e50  umbus - ok
13:07:42.0815 0x0e50  [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass          C:\Windows\system32\drivers\umpass.sys
13:07:42.0863 0x0e50  UmPass - ok
13:07:42.0955 0x0e50  [ 409994A8EACEEE4E328749C0353527A0, FFC57B647147DE2957A7DE4B330CC534DE7AC892A2FCE3BB164F7A516CAB1B56 ] UmRdpService    C:\Windows\System32\umrdp.dll
13:07:42.0978 0x0e50  UmRdpService - ok
13:07:43.0055 0x0e50  [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost        C:\Windows\System32\upnphost.dll
13:07:43.0098 0x0e50  upnphost - ok
13:07:43.0219 0x0e50  [ 6E421CCC57059B0186C6259CA3B6DFC9, E348BF23CCD6C14FD10C1689BBDC77E125245331F97BFE60D4C8FD9A8711CB59 ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
13:07:43.0320 0x0e50  USBAAPL - ok
13:07:43.0363 0x0e50  [ 71D97F1A3CC47A56728F7A400A3F8295, ED3FDB73D8A98D9BAF702C0F5C7AD79D525D19DCE1487D442536913BEA5C7F15 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
13:07:43.0454 0x0e50  usbccgp - ok
13:07:43.0506 0x0e50  [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir          C:\Windows\system32\drivers\usbcir.sys
13:07:43.0561 0x0e50  usbcir - ok
13:07:43.0585 0x0e50  [ C4FB8E7ADEA9B5CEEA885A1B504B7E40, 3E0AE5D236890452F2EA33504309A7E5FE49C567FF6F68A83A5987F05ED01BF0 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
13:07:43.0630 0x0e50  usbehci - ok
13:07:43.0674 0x0e50  [ 86AA95ACB611001E26CD2C0145F2225A, 584D26E8C9407A4E717DCBF2D3819DB441C2D455B5FDA6654FBA3794E19B4D51 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
13:07:43.0740 0x0e50  usbhub - ok
13:07:43.0797 0x0e50  [ 7D05B21E15F3278B2AA9AC58409764AC, 38153A0D9567CF0922C73BF6B3F8FBECECAE1359B4B8272A33BEB6779A8D400B ] UsbModemDriver  C:\Windows\system32\DRIVERS\USB_MODEM_T.sys
13:07:43.0840 0x0e50  UsbModemDriver - ok
13:07:43.0867 0x0e50  [ DCDF9855145A14DFCA0AB32308871961, 9A21013AD032195D54CE655DE5363E78BB74CC55C40B889520B478892F4BA40A ] usbohci         C:\Windows\system32\drivers\usbohci.sys
13:07:43.0908 0x0e50  usbohci - ok
13:07:43.0950 0x0e50  [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
13:07:43.0997 0x0e50  usbprint - ok
13:07:44.0040 0x0e50  [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:07:44.0086 0x0e50  USBSTOR - ok
13:07:44.0104 0x0e50  [ 8E51D04175BAA14C4F79AA5F6D248770, 6CE2E45E272734A5D1D0C4CE2BD7B61C61C7538903E87203E376495D198EFBD0 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
13:07:44.0144 0x0e50  usbuhci - ok
13:07:44.0248 0x0e50  [ DE014425522610BEDCA3821BB8C0F1D5, D6FEA0DF07F89834AEEE8C02CC7FD41068D758B6CCECE2EEE5CF4B9DB646FA1E ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
13:07:44.0288 0x0e50  usbvideo - ok
13:07:44.0351 0x0e50  [ 6A8E8DFF9309F02F9C6EE4293262F3C3, 524591443A08D8923990BDD6840635BDA15B7F69267CD1A93C0D47A58F06633D ] USB_BusEnum_T   C:\Windows\system32\DRIVERS\USB_BusEnum_T.sys
13:07:44.0370 0x0e50  USB_BusEnum_T - ok
13:07:44.0416 0x0e50  [ B3E1ADDF9EBACDF37F398FADB0378BE6, 809FF76F38E0BDE03C89F77EEEE42FF681B7C41DD2B1FD75F3B2E45117158B2E ] USB_ETS_T       C:\Windows\system32\DRIVERS\USB_ETS_T.sys
13:07:44.0512 0x0e50  USB_ETS_T - ok
13:07:44.0560 0x0e50  [ 305CF68E9E4EC875B73879F85557F667, F462C3C303F36041D1378F5296B90CBB11DAEE08CE6CAD610EE0D7F1876BEB26 ] USB_WinMux_T    C:\Windows\system32\DRIVERS\USB_WinMux_T.sys
13:07:44.0585 0x0e50  USB_WinMux_T - ok
13:07:44.0638 0x0e50  [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms           C:\Windows\System32\uxsms.dll
13:07:44.0670 0x0e50  UxSms - ok
13:07:44.0707 0x0e50  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] VaultSvc        C:\Windows\system32\lsass.exe
13:07:44.0722 0x0e50  VaultSvc - ok
13:07:44.0773 0x0e50  [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
13:07:44.0882 0x0e50  vdrvroot - ok
13:07:44.0983 0x0e50  [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds             C:\Windows\System32\vds.exe
13:07:45.0091 0x0e50  vds - ok
13:07:45.0150 0x0e50  [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
13:07:45.0254 0x0e50  vga - ok
13:07:45.0293 0x0e50  [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave         C:\Windows\System32\drivers\vga.sys
13:07:45.0511 0x0e50  VgaSave - ok
13:07:45.0535 0x0e50  VGPU - ok
13:07:45.0639 0x0e50  [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
13:07:45.0764 0x0e50  vhdmp - ok
13:07:45.0818 0x0e50  [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
13:07:45.0916 0x0e50  viaagp - ok
13:07:45.0973 0x0e50  [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
13:07:46.0066 0x0e50  ViaC7 - ok
13:07:46.0118 0x0e50  [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide          C:\Windows\system32\drivers\viaide.sys
13:07:46.0126 0x0e50  viaide - ok
13:07:46.0205 0x0e50  [ C2F2911156FDC7817C52829C86DA494E, FE499F189B5016FCE0018AA3DE3970B72275B7B15F3D4D608117F6DDEC6B90DC ] vmbus           C:\Windows\system32\drivers\vmbus.sys
13:07:46.0233 0x0e50  vmbus - ok
13:07:46.0273 0x0e50  [ D4D77455211E204F370D08F4963063CE, 2018B2A84C73E0834200A594C02A9D28C74906F126DAD3CCDDFC9CD9A61669E2 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
13:07:46.0288 0x0e50  VMBusHID - ok
13:07:46.0321 0x0e50  [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
13:07:46.0448 0x0e50  volmgr - ok
13:07:46.0503 0x0e50  [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
13:07:46.0539 0x0e50  volmgrx - ok
13:07:46.0596 0x0e50  [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
13:07:46.0627 0x0e50  volsnap - ok
13:07:46.0683 0x0e50  [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
13:07:46.0781 0x0e50  vsmraid - ok
13:07:46.0921 0x0e50  [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS             C:\Windows\system32\vssvc.exe
13:07:47.0040 0x0e50  VSS - ok
13:07:47.0089 0x0e50  [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
13:07:47.0164 0x0e50  vwifibus - ok
13:07:47.0206 0x0e50  [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
13:07:47.0323 0x0e50  vwififlt - ok
13:07:47.0363 0x0e50  [ A3F04CBEA6C2A10E6CB01F8B47611882, 32AFE18B07FECA30BC95831A5DC94C784E543784DF16165334A777DC84E91EF3 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
13:07:47.0423 0x0e50  vwifimp - ok
13:07:47.0497 0x0e50  [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time         C:\Windows\system32\w32time.dll
13:07:47.0531 0x0e50  W32Time - ok
13:07:47.0597 0x0e50  [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
13:07:47.0655 0x0e50  WacomPen - ok
13:07:47.0708 0x0e50  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
13:07:47.0769 0x0e50  WANARP - ok
13:07:47.0787 0x0e50  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
13:07:47.0794 0x0e50  Wanarpv6 - ok
13:07:47.0949 0x0e50  [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
13:07:48.0051 0x0e50  WatAdminSvc - ok
13:07:48.0164 0x0e50  [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine        C:\Windows\system32\wbengine.exe
13:07:48.0272 0x0e50  wbengine - ok
13:07:48.0317 0x0e50  [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
13:07:48.0353 0x0e50  WbioSrvc - ok
13:07:48.0449 0x0e50  [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc         C:\Windows\System32\wcncsvc.dll
13:07:48.0511 0x0e50  wcncsvc - ok
13:07:48.0554 0x0e50  [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:07:48.0578 0x0e50  WcsPlugInService - ok
13:07:48.0678 0x0e50  [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd              C:\Windows\system32\drivers\wd.sys
13:07:48.0725 0x0e50  Wd - ok
13:07:48.0808 0x0e50  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
13:07:48.0901 0x0e50  Wdf01000 - ok
13:07:48.0938 0x0e50  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost  C:\Windows\system32\wdi.dll
13:07:48.0957 0x0e50  WdiServiceHost - ok
13:07:48.0972 0x0e50  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost   C:\Windows\system32\wdi.dll
13:07:48.0987 0x0e50  WdiSystemHost - ok
13:07:49.0051 0x0e50  [ 75E8EBD7040CE238684333F97014762A, 2CA0B267FBAEB303D1F8B639D733DC0DE17BA1276CC9096035B4F2BBBED3EF7F ] WebClient       C:\Windows\System32\webclnt.dll
13:07:49.0122 0x0e50  WebClient - ok
13:07:49.0223 0x0e50  [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc          C:\Windows\system32\wecsvc.dll
13:07:49.0251 0x0e50  Wecsvc - ok
13:07:49.0382 0x0e50  [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
13:07:49.0399 0x0e50  wercplsupport - ok
13:07:49.0574 0x0e50  [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc          C:\Windows\System32\WerSvc.dll
13:07:49.0589 0x0e50  WerSvc - ok
13:07:49.0730 0x0e50  [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
13:07:49.0769 0x0e50  WfpLwf - ok
13:07:49.0798 0x0e50  [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
13:07:49.0912 0x0e50  WIMMount - ok
13:07:50.0088 0x0e50  [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
13:07:50.0213 0x0e50  WinDefend - ok
13:07:50.0285 0x0e50  WinHttpAutoProxySvc - ok
13:07:50.0391 0x0e50  [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
13:07:50.0450 0x0e50  Winmgmt - ok
13:07:50.0658 0x0e50  [ 1B91CD34EA3A90AB6A4EF0550174F4CC, 5B6618615EBFBA594C945AD35F5C68DA8C6053892B6D12D626BB6120910D80DC ] WinRM           C:\Windows\system32\WsmSvc.dll
13:07:50.0809 0x0e50  WinRM - ok
13:07:50.0909 0x0e50  [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
13:07:50.0924 0x0e50  WinUsb - ok
13:07:51.0054 0x0e50  [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc         C:\Windows\System32\wlansvc.dll
13:07:51.0169 0x0e50  Wlansvc - ok
13:07:51.0248 0x0e50  [ 6067ACEF367E79914AF628FA1E9B5330, 491A705267B48C103E00B26BBD21FA8829DB03A88343CBC27264CEE5DE8C8DEF ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
13:07:51.0267 0x0e50  wlcrasvc - ok
13:07:51.0521 0x0e50  [ 0A70F4022EC2E14C159EFC4F69AA2477, FF248136576F9803762C54DE5439D3411B52DCBC95B93176A5DAB857967D9AC4 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:07:51.0684 0x0e50  wlidsvc - ok
13:07:51.0737 0x0e50  [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
13:07:51.0799 0x0e50  WmiAcpi - ok
13:07:51.0867 0x0e50  [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
13:07:51.0901 0x0e50  wmiApSrv - ok
13:07:52.0057 0x0e50  [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
13:07:52.0171 0x0e50  WMPNetworkSvc - ok
13:07:52.0215 0x0e50  [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
13:07:52.0233 0x0e50  WPCSvc - ok
13:07:52.0274 0x0e50  [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
13:07:52.0297 0x0e50  WPDBusEnum - ok
13:07:52.0339 0x0e50  [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
13:07:52.0393 0x0e50  ws2ifsl - ok
13:07:52.0430 0x0e50  [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc          C:\Windows\System32\wscsvc.dll
13:07:52.0454 0x0e50  wscsvc - ok
13:07:52.0489 0x0e50  WSearch - ok
13:07:52.0694 0x0e50  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll
13:07:52.0850 0x0e50  wuauserv - ok
13:07:52.0911 0x0e50  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
13:07:52.0924 0x0e50  WudfPf - ok
13:07:52.0990 0x0e50  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
13:07:53.0009 0x0e50  WUDFRd - ok
13:07:53.0071 0x0e50  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
13:07:53.0097 0x0e50  wudfsvc - ok
13:07:53.0155 0x0e50  [ 3C5E51C05BE9B56EAFF4E388C3AB25E4, 10D9FDEDAB1FB2E76D54661AFA5C1A6B1B0980525F38F5D061537077841C6AEE ] WwanSvc         C:\Windows\System32\wwansvc.dll
13:07:53.0322 0x0e50  WwanSvc - ok
13:07:53.0580 0x0e50  ================ Scan global ===============================
13:07:53.0748 0x0e50  [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll
13:07:53.0810 0x0e50  [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
13:07:53.0898 0x0e50  [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
13:07:53.0945 0x0e50  [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
13:07:54.0026 0x0e50  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\Windows\system32\services.exe
13:07:54.0118 0x0e50  [ Global ] - ok
13:07:54.0121 0x0e50  ================ Scan MBR ==================================
13:07:54.0150 0x0e50  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:07:56.0276 0x0e50  \Device\Harddisk0\DR0 - ok
13:07:56.0278 0x0e50  ================ Scan VBR ==================================
13:07:56.0287 0x0e50  [ 22700ED21C3FEDAE94AA6B33BA878BC7 ] \Device\Harddisk0\DR0\Partition1
13:07:56.0293 0x0e50  \Device\Harddisk0\DR0\Partition1 - ok
13:07:56.0323 0x0e50  [ FF4FE22ABF82A89F45791B378229288C ] \Device\Harddisk0\DR0\Partition2
13:07:56.0328 0x0e50  \Device\Harddisk0\DR0\Partition2 - ok
13:07:56.0355 0x0e50  [ 34ACFBC2AE1A8B6E104C282D52646810 ] \Device\Harddisk0\DR0\Partition3
13:07:56.0359 0x0e50  \Device\Harddisk0\DR0\Partition3 - ok
13:07:56.0362 0x0e50  Waiting for KSN requests completion. In queue: 73
13:07:57.0362 0x0e50  Waiting for KSN requests completion. In queue: 73
13:07:58.0362 0x0e50  Waiting for KSN requests completion. In queue: 73
13:07:59.0362 0x0e50  Waiting for KSN requests completion. In queue: 73
13:08:00.0362 0x0e50  Waiting for KSN requests completion. In queue: 73
13:08:01.0453 0x0e50  AV detected via SS2: ESET Smart Security 4.0, C:\Program Files\ESET\ESET Smart Security\ecmd.exe ( 4.0.314.0 ), 0x41000 ( enabled : updated )
13:08:01.0462 0x0e50  FW detected via SS2: ESET Personal firewall, C:\Program Files\ESET\ESET Smart Security\ecmd.exe ( 4.0.314.0 ), 0x41010 ( enabled )
13:08:15.0062 0x0e50  ============================================================
13:08:15.0062 0x0e50  Scan finished
13:08:15.0062 0x0e50  ============================================================
13:08:15.0072 0x01a0  Detected object count: 0
13:08:15.0072 0x01a0  Actual detected object count: 0


#5 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:21 PM

Posted 14 December 2013 - 10:12 AM

Full System Scan with Malwarebytes Antimalware

  • If not existing, please download Malwarebytes' Anti-Malware to your desktop.
  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.


If the program is already installed:
  • Run Malwarebytes Antimalware
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform fullscan, place a checkmark on all hard drives, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad. Please save it to a convenient location.
  • The log can also be found here:
    C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
  • Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt
  • Post that log back here.

 

 

 

Scan with ESET Online Scan

Please go to here to run the online scannner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings and ensure these options are ticked:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click Scan
  • Wait for the scan to finish
  • If any threats were found, click the 'List of found threats' , then click Export to text file....
  • Save it to your desktop, then please copy and paste that log as a reply to this topic.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#6 alanstrange5

alanstrange5
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:21 PM

Posted 16 December 2013 - 05:48 AM

My Malware scan:

 

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org
 
Database version: v2013.12.16.03
 
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 11.0.9600.16476
User :: USER-PC [administrator]
 
Protection: Enabled
 
16/12/2013 1:06:36 PM
mbam-log-2013-12-16 (13-06-36).txt
 
Scan type: Full scan (C:\|D:\|I:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | 
 
Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 343529
Time elapsed: 2 hour(s), 10 minute(s), 27 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 1
C:\Users\User\AppData\Local\Temp\ct2504091 (PUP.Optional.Conduit.A) -> Quarantined and deleted 
 
successfully.
 
Files Detected: 6
c:\program files\google\desktop\install\{f3a80dd5-32fe-646a-0ad9-4823359992e9}\   \...\‮ﯹ๛
 
\{f3a80dd5-32fe-646a-0ad9-4823359992e9}\u\80000000.@ (Trojan.0Access) -> Quarantined and 
 
deleted successfully.
C:\Program Files\Vuze\.install4j\user\mism.exe (PUP.Optional.Conduit.A) -> Quarantined and 
 
deleted successfully.
C:\ProgramData\Microsoft\BingDesktop\BingCore\temp\tmp2B0.exe (PUP.BitCoinMiner) -> 
 
Quarantined and deleted successfully.
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\File System\001\t\00\00000000 
 
(PUP.Optional.OneClickDownloader.A) -> Quarantined and deleted successfully.
C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0NS0QBOQ
 
\ism[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\User\AppData\Local\Temp\ct2504091\ism.exe (PUP.Optional.Conduit.A) -> Quarantined and 
 
deleted successfully.
 
(end)
 
AND
 
my ESET online scan:
 
C:\Program Files\Vuze\.install4j\i4j_extf_27_5p83tu.dll a variant of Win32/Bunndle application
 
 
Thanks 
 
Alan


#7 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:21 PM

Posted 16 December 2013 - 05:05 PM

Then we can do the cleanup - if you are facing any issues, report that immediately.

Delete junk with adwCleaner


Please download AdwCleaner to your desktop.


  • Run adwcleaner.exe
  • Hit Scan and wait for the scan to finish.
  • Confirm the message but don´t uncheck anything.
  • Hit Clean
  • When the run is finished, it will open up a text file
  • Please post its contents within your next reply
  • You´ll find the log file at C:\AdwCleaner[S1].txt also


SecurityCheck

Please download SecurityCheck: LINK1 LINK2

  • Save it to your desktop, start it and follow the instructions in the window.
  • After the scan finished the (checkup.txt) will open. Copy its content to your thread.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#8 alanstrange5

alanstrange5
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:21 PM

Posted 20 December 2013 - 05:29 AM

From adwcleaner:
 
# AdwCleaner v3.015 - Report created 20/12/2013 at 17:16:22
# Updated 10/12/2013 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (32 bits)
# Username : User - USER-PC
# Running from : C:\Users\User\Downloads\adwcleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\Program Files\MyPC Backup
Folder Deleted : C:\Program Files\Vuze
File Deleted : C:\Program Files\Uninstall.exe
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKLM\Software\Trymedia Systems
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-
 
18\Components\08121C32A9C319F4CB0C11FF059552A4
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16428
 
 
-\\ Google Chrome v
 
[ File : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [1749 octets] - [20/12/2013 17:14:03]
AdwCleaner[S0].txt - [1706 octets] - [20/12/2013 17:16:22]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1766 octets] #########
 
From Security Check:
 

 Results of screen317's Security Check version 0.99.77  
 Windows 7 Service Pack 1 x86 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Disabled!  
ESET Smart Security 4.0   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Malwarebytes Anti-Malware version 1.75.0.1300  
 Java 7 Update 21  
 Java version out of Date! 
 Adobe Reader 9 Adobe Reader out of Date! 
 Google Chrome 31.0.1650.57  
 Google Chrome 31.0.1650.63  
````````Process Check: objlist.exe by Laurent````````  
 ESET NOD32 Antivirus egui.exe  
 ESET NOD32 Antivirus ekrn.exe  
 Malwarebytes' Anti-Malware mbamscheduler.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 3% 
````````````````````End of Log`````````````````````` 
 
 
Thanks
 
Alan


#9 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:21 PM

Posted 22 December 2013 - 02:31 PM

Your system is clean! :)

 

 

Adobe Reader out of date

Your Adobe Reader is outdated. We will fix this.


  • Get the actual software from here. Important: Uncheck any optional software (for example Google Chrome, etc.) offered.
  • Run setup and follow the instructions.
  • Click upon Start-->control panel-->add/remove programs.
  • Search for and remove any older reader versions.

 

 

 

Java runtime Environment out of date

Your Java runtime environment is outdated. We will fix this.

  • Get the actual JRE from here
  • Save jxpiinstall.exe to your desktop
  • Close all running programs, especially your browser(s)
  • Run jxpiinstall.exe. This will download the newest JRE installer and install the software
  • when finished, go to
    Start-->control panel-->add/remove programs and remove all older Java versions. (if existing)
  • When finished, reboot your computer.

After the reboot
  • Open control panel again and click the java symbol.
  • Click Settings under Temporary Internet Files.
    The Temporary Files Settings dialog box appears.
  • Click Delete Files.
    The Delete Temporary Files dialog box appears
  • Click OK on Delete Temporary Files window.
  • Click OK again.

 

 

 

Uninstall our tools using delfix

Please follow these steps in order:

  • In the case we used Defogger to turn off your CD emulation software. You can start it again and use the Enable button.
  • In the case we used Combofix. Deactivate your antivirus software once more, then rename the combofix.exe to uninstall.exe and run it one last time. You shall be noted that Combofix has been removed.
  • In any case please download delfix to your desktop.
    • Close all other programms and start delfix.
    • Please check all the boxes and run the tool.
    • delfix will now delete all found traces of our removal process
  • If there is still something left please delete it manualy.

 

 

 

Recommendations: How to protect yourself

  • System Updates
    Please ensure to have automatic updates activated in your control panel.
    For further information and a tutorial, see this Microsoft Support article.
  • Protection
    What you need is one (not more) virus scanner with background protection. Additionally I recommend a special malware scanner to run on demand weekly.
    Personally I am using avast! Antivirus Free Edition and Malwarebytes Anti-Malware. They offer good protection for free.
    • To keep your browser free of advertising, you may install the Adblock Plus browser extension.
      It will filter unwanted advertising out of the website´s content.
    • To protect yourself from accidentally visiting malicious web sites, install the Web of Trust (WOT) browser extension.
      It will display a green (safe), yellow (unknown) or red (potentially dangerous) icon for a visited website within your browser.
      In addition, before accessing a dangerous classified web site, a warning screen is displayed.

  • Up to date Software
    Keep your Windows and your third party software up to date. The easiest way to get infected is an outdated windows, followed by: browser(s) (including add-ons and plug-ins), Adobe Flash Player and Adobe Reader, Java Runtime Environment, your antivirus program and so on. These links may help you to check:

  • Backup
    Hardware issues, malware, fire, lightning strike: There is a long list of different ways to loose all your data. Back up your files regularly. Use the windows internal backup function or a third party tool and save your data onto an external hard drive, cloud storage, optical media like CDs or DVDs or (if available) a professional network backup system.
  • Behaviour
    The commonest error when using a computer is "error 80" - what means that the error is located about 80cm in front of the monitor. This is a common joke between IT support technicians but it shows that all the safety mechanisms won´t help you if aren´t careful enough.
    • While surfing the internet, don´t click on anything you don´t know. In the worst case, it infects your system with malware.
    • Watch your step in social networks! Many cyber criminals use them to spread malware, mine personal pata (to be sold to advertising companies, for example) or simply do damage to other users. Even if a received hyperlink within a message seems to be coming from one of your friends, have a closer look. In addition, don´t click everything.
    • When installing software, have a look to each of the setup windows and uncheck any additional toolbars or free programs that may be offered additionally. Most of today´s setup procedures contain potentially unwanted programs so keep them off your system.
    • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
      They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#10 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:21 PM

Posted 10 February 2014 - 08:45 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users