Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Avast blocks malicious urls (taskhost.exe)


  • This topic is locked This topic is locked
17 replies to this topic

#1 Juanmik

Juanmik

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:01:25 PM

Posted 13 January 2014 - 12:49 AM

Hello,

 

I came here because user Yerer had a similar problem to the one my computer has.I have read the preparation guide and Yerer's posts. Followinf instructions in this I haven't executed any log creating programs or removal tools and come here for help.

 

My computer runs Windows 7. 

 

My Avast continually blocks urls, Url:Mal originating from taskhost.exe. I did a scan of the computer which did not solve the problem. I do not know if maybe a new antivirus would help.

 

Patiently waiting and thanks for reading,

 

Juanmik



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,906 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:25 PM

Posted 13 January 2014 - 09:29 PM

Hello juanmik
Did that Avast scan find and remove thins?

Let's review these scan logs.

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
.
.
.
ADW Cleaner

Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished...
    <-insert any special instructions here for what to uncheck OR remove this line if there are none->
  • This time click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • .
    .
    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.
    .
    .
    .
    .
    • Last run ESET.
      • Hold down Control and click on this link to open ESET OnlineScan in a new window.
      • Click the esetonlinebtn.png button.
      • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
      • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
      • Double click on the esetsmartinstaller_enu.png icon on your desktop.
      • Check "YES, I accept the Terms of Use."
      • Click the Start button.
      • Accept any security warnings from your browser.
      • Under scan settings, check "Scan Archives" and "Remove found threats"
      • Click Advanced settings and select the following:
      • Scan potentially unwanted applications
      • Scan for potentially unsafe applications
      • Enable Anti-Stealth technology
      • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
      • When the scan completes, click List Threats
      • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
      • Click the Back button.
      • Click the Finish button.
      • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Juanmik

Juanmik
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:01:25 PM

Posted 15 January 2014 - 12:14 PM

Hello boopme,

 

Thanks for the reply, do i post in this thread?

 

(Parts of the log are in spanish)

 

MiniToolBox by Farbar  Version: 18-12-2013
Ran by Doris (administrator) on 15-01-2014 at 11:04:36
Running from "D:\Users\Doris\Downloads"
Microsoft Windows 7 Ultimate  Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Configuraci¢n IP de Windows
 
Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
 
 
127.0.0.1       activate.adobe.com
127.0.0.1       activate-sjc0.adobe.com
127.0.0.1       activate-sea.adobe.com
127.0.0.1       adobeereg.com
127.0.0.1       www.adobeereg.com
127.0.0.1       activate-sea.adobe.com
127.0.0.1       wwis-dubc1-vip60.adobe.com
127.0.0.1       activate.adobe.com
127.0.0.1       activate-sjc0.adobe.com
127.0.0.1       activate-sea.adobe.com
127.0.0.1       adobeereg.com
127.0.0.1       www.adobeereg.com
127.0.0.1       activate-sea.adobe.com
127.0.0.1       wwis-dubc1-vip60.adobe.com
127.0.0.1       activate.adobe.com
127.0.0.1       activate-sjc0.adobe.com
127.0.0.1       activate-sea.adobe.com
127.0.0.1       adobeereg.com
127.0.0.1       www.adobeereg.com
 
There are 78 more lines starting with "127.0.0.1"
 
========================= IP Configuration: ================================
 
Atheros AR8152 PCI-E Fast Ethernet Controller (NDIS 6.20) = Conexión de área local (Connected)
 
 
# ----------------------------------
# Configuraci¢n de IPv4
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
add address name="ethernet_11" address=192.168.56.1 mask=255.255.255.0
 
 
popd
# Fin de la configuraci¢n de IPv4
 
 
 
Configuraci¢n IP de Windows
 
   Nombre de host. . . . . . . . . : Doris-PC
   Sufijo DNS principal  . . . . . : 
   Tipo de nodo. . . . . . . . . . : h¡brido
   Enrutamiento IP habilitado. . . : no
   Proxy WINS habilitado . . . . . : no
 
Adaptador de Ethernet Conexi¢n de  rea local:
 
   Sufijo DNS espec¡fico para la conexi¢n. . : 
   Descripci¢n . . . . . . . . . . . . . . . : Atheros AR8152 PCI-E Fast Ethernet Controller (NDIS 6.20)
   Direcci¢n f¡sica. . . . . . . . . . . . . : 00-25-22-E2-4D-2D
   DHCP habilitado . . . . . . . . . . . . . : s¡
   Configuraci¢n autom tica habilitada . . . : s¡
   V¡nculo: direcci¢n IPv6 local. . . : fe80::75e0:b7d7:5e81:6dc%10(Preferido) 
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.3(Preferido) 
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Concesi¢n obtenida. . . . . . . . . . . . : mi‚rcoles, 15 de enero de 2014 9:40:24
   La concesi¢n expira . . . . . . . . . . . : jueves, 16 de enero de 2014 9:40:24
   Puerta de enlace predeterminada . . . . . : 192.168.1.1
   Servidor DHCP . . . . . . . . . . . . . . : 192.168.1.1
   IAID DHCPv6 . . . . . . . . . . . . . . . : 234890530
   DUID de cliente DHCPv6. . . . . . . . . . : 00-01-00-01-16-38-FF-5E-00-25-22-E2-4D-2D
   Servidores DNS. . . . . . . . . . . . . . : 200.91.75.6
                                       8.8.8.8
   NetBIOS sobre TCP/IP. . . . . . . . . . . : habilitado
 
Adaptador de t£nel isatap.{F59A3707-D191-4FE7-A96D-AC2EAA0FD84B}:
 
   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 
   Descripci¢n . . . . . . . . . . . . . . . : Adaptador ISATAP de Microsoft
   Direcci¢n f¡sica. . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP habilitado . . . . . . . . . . . . . : no
   Configuraci¢n autom tica habilitada . . . : s¡
 
Adaptador de t£nel Conexi¢n de  rea local* 14:
 
   Sufijo DNS espec¡fico para la conexi¢n. . : 
   Descripci¢n . . . . . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Direcci¢n f¡sica. . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP habilitado . . . . . . . . . . . . . : no
   Configuraci¢n autom tica habilitada . . . : s¡
   Direcci¢n IPv6 . . . . . . . . . . : 2001:0:9d38:90d7:3498:3f35:3f57:fefc(Preferido) 
   V¡nculo: direcci¢n IPv6 local. . . : fe80::3498:3f35:3f57:fefc%19(Preferido) 
   Puerta de enlace predeterminada . . . . . : ::
   NetBIOS sobre TCP/IP. . . . . . . . . . . : deshabilitado
Servidor:  sjodns3.ice.co.cr
Address:  200.91.75.6
 
Nombre:  google.com
Addresses:  2607:f8b0:4008:806::1008
 201.191.202.183
 201.191.202.168
 201.191.202.163
 201.191.202.173
 201.191.202.158
 201.191.202.167
 201.191.202.182
 201.191.202.187
 201.191.202.153
 201.191.202.177
 201.191.202.148
 201.191.202.157
 201.191.202.162
 201.191.202.172
 201.191.202.152
 201.191.202.178
 
 
Haciendo ping a google.com [173.194.37.2] con 32 bytes de datos:
Respuesta desde 173.194.37.2: bytes=32 tiempo=88ms TTL=52
Respuesta desde 173.194.37.2: bytes=32 tiempo=88ms TTL=52
 
Estad¡sticas de ping para 173.194.37.2:
    Paquetes: enviados = 2, recibidos = 2, perdidos = 0
    (0% perdidos),
Tiempos aproximados de ida y vuelta en milisegundos:
    M¡nimo = 88ms, M ximo = 88ms, Media = 88ms
Servidor:  sjodns3.ice.co.cr
Address:  200.91.75.6
 
Nombre:  yahoo.com
Addresses:  98.139.183.24
 98.138.253.109
 206.190.36.45
 
 
Haciendo ping a yahoo.com [206.190.36.45] con 32 bytes de datos:
Respuesta desde 206.190.36.45: bytes=32 tiempo=161ms TTL=49
Respuesta desde 206.190.36.45: bytes=32 tiempo=238ms TTL=49
 
Estad¡sticas de ping para 206.190.36.45:
    Paquetes: enviados = 2, recibidos = 2, perdidos = 0
    (0% perdidos),
Tiempos aproximados de ida y vuelta en milisegundos:
    M¡nimo = 161ms, M ximo = 238ms, Media = 199ms
 
Haciendo ping a 127.0.0.1 con 32 bytes de datos:
Respuesta desde 127.0.0.1: bytes=32 tiempo<1m TTL=128
Respuesta desde 127.0.0.1: bytes=32 tiempo<1m TTL=128
 
Estad¡sticas de ping para 127.0.0.1:
    Paquetes: enviados = 2, recibidos = 2, perdidos = 0
    (0% perdidos),
Tiempos aproximados de ida y vuelta en milisegundos:
    M¡nimo = 0ms, M ximo = 0ms, Media = 0ms
===========================================================================
ILista de interfaces
 10...00 25 22 e2 4d 2d ......Atheros AR8152 PCI-E Fast Ethernet Controller (NDIS 6.20)
  1...........................Software Loopback Interface 1
 12...00 00 00 00 00 00 00 e0 Adaptador ISATAP de Microsoft
 19...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
 
IPv4 Tabla de enrutamiento
===========================================================================
Rutas activas:
Destino de red        M scara de red   Puerta de enlace   Interfaz  M‚trica
          0.0.0.0          0.0.0.0      192.168.1.1      192.168.1.3     20
        127.0.0.0        255.0.0.0      En v¡nculo         127.0.0.1    306
        127.0.0.1  255.255.255.255      En v¡nculo         127.0.0.1    306
  127.255.255.255  255.255.255.255      En v¡nculo         127.0.0.1    306
      192.168.1.0    255.255.255.0      En v¡nculo       192.168.1.3    276
      192.168.1.3  255.255.255.255      En v¡nculo       192.168.1.3    276
    192.168.1.255  255.255.255.255      En v¡nculo       192.168.1.3    276
        224.0.0.0        240.0.0.0      En v¡nculo         127.0.0.1    306
        224.0.0.0        240.0.0.0      En v¡nculo       192.168.1.3    276
  255.255.255.255  255.255.255.255      En v¡nculo         127.0.0.1    306
  255.255.255.255  255.255.255.255      En v¡nculo       192.168.1.3    276
===========================================================================
Rutas persistentes:
  Ninguno
 
IPv6 Tabla de enrutamiento
===========================================================================
Rutas activas:
 Cuando destino de red m‚trica      Puerta de enlace
 19     58 ::/0                     En v¡nculo
  1    306 ::1/128                  En v¡nculo
 19     58 2001::/32                En v¡nculo
 19    306 2001:0:9d38:90d7:3498:3f35:3f57:fefc/128
                                    En v¡nculo
 10    276 fe80::/64                En v¡nculo
 19    306 fe80::/64                En v¡nculo
 19    306 fe80::3498:3f35:3f57:fefc/128
                                    En v¡nculo
 10    276 fe80::75e0:b7d7:5e81:6dc/128
                                    En v¡nculo
  1    306 ff00::/8                 En v¡nculo
 19    306 ff00::/8                 En v¡nculo
 10    276 ff00::/8                 En v¡nculo
===========================================================================
Rutas persistentes:
  Ninguno
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (01/13/2014 10:38:32 PM) (Source: MsiInstaller) (User: Doris-PC)
Description: Product: Facebook Video Calling 1.2.0.287 -- Error 1303. The installer has insufficient privileges to access this directory: C:\Config.Msi.  The installation cannot continue.  Log on as administrator or contact your system administrator.
 
Error: (01/11/2014 11:50:47 AM) (Source: ESENT) (User: )
Description: taskhost (2772) Al intentar abrir el archivo "C:\Users\Doris\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" para acceso de sólo lectura se produjo el error de sistema 32 (0x00000020): "El proceso no tiene acceso al archivo porque está siendo utilizado por otro proceso. ". La operación para abrir el archivo se cerrará con el error -1032 (0xfffffbf8).
 
Error: (01/11/2014 00:44:48 AM) (Source: VSS) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance. HR = 0x80070013, El medio está protegido contra escritura.
.
 
Error: (01/11/2014 00:44:48 AM) (Source: VSS) (User: )
Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x80070013, El medio está protegido contra escritura.
]
 
Error: (01/11/2014 00:44:48 AM) (Source: VSS) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance. HR = 0x80070013, El medio está protegido contra escritura.
.
 
Error: (01/11/2014 00:44:48 AM) (Source: VSS) (User: )
Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x80070013, El medio está protegido contra escritura.
]
 
Error: (01/09/2014 03:51:03 PM) (Source: Application Error) (User: )
Description: Nombre de la aplicación con errores: AvastUI.exe, versión: 9.0.2011.263, marca de tiempo: 0x52af800a
Nombre del módulo con errores: ole32.DLL, versión: 6.1.7601.17514, marca de tiempo: 0x4ce7b96f
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0002d7f1
Id. del proceso con errores: 0x1690
Hora de inicio de la aplicación con errores: 0xAvastUI.exe0
Ruta de acceso de la aplicación con errores: AvastUI.exe1
Ruta de acceso del módulo con errores: AvastUI.exe2
Id. del informe: AvastUI.exe3
 
Error: (01/09/2014 01:46:09 PM) (Source: Application Error) (User: )
Description: Nombre de la aplicación con errores: AvastUI.exe, versión: 9.0.2011.263, marca de tiempo: 0x52af800a
Nombre del módulo con errores: ole32.DLL, versión: 6.1.7601.17514, marca de tiempo: 0x4ce7b96f
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0002d7f1
Id. del proceso con errores: 0xa44
Hora de inicio de la aplicación con errores: 0xAvastUI.exe0
Ruta de acceso de la aplicación con errores: AvastUI.exe1
Ruta de acceso del módulo con errores: AvastUI.exe2
Id. del informe: AvastUI.exe3
 
Error: (01/08/2014 07:04:08 PM) (Source: VSS) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance. HR = 0x80070013, El medio está protegido contra escritura.
.
 
Error: (01/08/2014 07:04:08 PM) (Source: VSS) (User: )
Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x80070013, El medio está protegido contra escritura.
]
 
 
System errors:
=============
Error: (01/15/2014 09:43:03 AM) (Source: Service Control Manager) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Microsoft .NET Framework NGEN v4.0.30319_X86.
 
Error: (01/15/2014 09:40:28 AM) (Source: Service Control Manager) (User: )
Description: El servicio adfs no pudo iniciarse debido al siguiente error: 
%%2
 
Error: (01/15/2014 09:38:56 AM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: NT AUTHORITY)
Description: Se deshabilitaron algunas características de administración de energía en estado de rendimiento del procesador debido a un problema conocido de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
 
Error: (01/14/2014 02:25:12 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Error de instalación: error de Windows al instalar la siguiente actualización, error 0x80070643: Internet Explorer 11 para Windows 7.
 
Error: (01/14/2014 10:02:34 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Error de instalación: error de Windows al instalar la siguiente actualización, error 0x80070643: Definition Update for Windows Defender - KB915597 (Definition 1.165.1783.0).
 
Error: (01/14/2014 09:43:31 AM) (Source: Service Control Manager) (User: )
Description: El servicio Windows Update no respondió después de iniciar.
 
Error: (01/14/2014 09:37:29 AM) (Source: Service Control Manager) (User: )
Description: El servicio adfs no pudo iniciarse debido al siguiente error: 
%%2
 
Error: (01/14/2014 09:37:10 AM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: NT AUTHORITY)
Description: Se deshabilitaron algunas características de administración de energía en estado de rendimiento del procesador debido a un problema conocido de firmware. Consulte al fabricante del equipo si hay firmware actualizado.
 
Error: (01/14/2014 00:06:45 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Error de instalación: error de Windows al instalar la siguiente actualización, error 0x80070643: Internet Explorer 11 para Windows 7.
 
Error: (01/13/2014 09:54:44 PM) (Source: Service Control Manager) (User: )
Description: El servicio adfs no pudo iniciarse debido al siguiente error: 
%%2
 
 
Microsoft Office Sessions:
=========================
Error: (01/13/2014 10:38:32 PM) (Source: MsiInstaller)(User: Doris-PC)
Description: Product: Facebook Video Calling 1.2.0.287 -- Error 1303. The installer has insufficient privileges to access this directory: C:\Config.Msi.  The installation cannot continue.  Log on as administrator or contact your system administrator.(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (01/11/2014 11:50:47 AM) (Source: ESENT)(User: )
Description: taskhost2772C:\Users\Doris\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat-1032 (0xfffffbf8)32 (0x00000020)El proceso no tiene acceso al archivo porque está siendo utilizado por otro proceso.
 
Error: (01/11/2014 00:44:48 AM) (Source: VSS)(User: )
Description: CoCreateInstance0x80070013, El medio está protegido contra escritura.
 
Error: (01/11/2014 00:44:48 AM) (Source: VSS)(User: )
Description: {4e14fba2-2e22-11d1-9964-00c04fbbb345}CEventSystem0x80070013, El medio está protegido contra escritura.
 
Error: (01/11/2014 00:44:48 AM) (Source: VSS)(User: )
Description: CoCreateInstance0x80070013, El medio está protegido contra escritura.
 
Error: (01/11/2014 00:44:48 AM) (Source: VSS)(User: )
Description: {4e14fba2-2e22-11d1-9964-00c04fbbb345}CEventSystem0x80070013, El medio está protegido contra escritura.
 
Error: (01/09/2014 03:51:03 PM) (Source: Application Error)(User: )
Description: AvastUI.exe9.0.2011.26352af800aole32.DLL6.1.7601.175144ce7b96fc00000050002d7f1169001cf0d73a7754bafC:\Program Files\AVAST Software\Avast\AvastUI.exeC:\Windows\system32\ole32.DLL21f4ccd1-7978-11e3-a172-002522e24d2d
 
Error: (01/09/2014 01:46:09 PM) (Source: Application Error)(User: )
Description: AvastUI.exe9.0.2011.26352af800aole32.DLL6.1.7601.175144ce7b96fc00000050002d7f1a4401cf0d569897aba8C:\Program Files\AVAST Software\Avast\AvastUI.exeC:\Windows\system32\ole32.DLLaf64a494-7966-11e3-a172-002522e24d2d
 
Error: (01/08/2014 07:04:08 PM) (Source: VSS)(User: )
Description: CoCreateInstance0x80070013, El medio está protegido contra escritura.
 
Error: (01/08/2014 07:04:08 PM) (Source: VSS)(User: )
Description: {4e14fba2-2e22-11d1-9964-00c04fbbb345}CEventSystem0x80070013, El medio está protegido contra escritura.
 
 
=========================== Installed Programs ============================
 
Acoustica CD/DVD Label Maker
Adobe AIR (Version: 3.9.0.1030)
Adobe Digital Editions 2.0 (Version: 2.0)
Adobe Flash Player 11 ActiveX (Version: 11.9.900.170)
Adobe Flash Player 11 Plugin (Version: 11.9.900.170)
Adobe Media Player (Version: 0.0.0)
Adobe Media Player (Version: 1.1)
Adobe Reader XI (11.0.05) - Español (Version: 11.0.05)
Apple Software Update (Version: 2.1.3.127)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (Version: 1.0.0.35)
Autodesk Inventor Fusion 2012 (Version: 1.0.0.79)
Autodesk Inventor Fusion 2012 Language Pack (Version: 1.0.0.79)
Autodesk Inventor Fusion plug-in for AutoCAD 2012 (Version: 0.0.1.138)
Autodesk Inventor Fusion plug-in language pack for AutoCAD 2012 (Version: 0.0.1.138)
Autodesk Material Library 2012 (Version: 2.5.0.8)
Autodesk Material Library Base Resolution Image Library 2012 (Version: 2.5.0.8)
avast! Free Antivirus (Version: 9.0.2011)
Canon Utilities EOS Utility (Version: 2.13.0.0)
Canon Utilities PhotoStitch (Version: 3.1.23.47)
CCleaner (Version: 3.03)
CEP (Color Enable Package) v.9.2 (beta) (Version: 9.2 (beta))
Compatibilidad con Aplicaciones de Apple (Version: 2.3.4)
DAEMON Tools Lite (Version: 4.47.1.0335)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DVD Flick 1.3.0.7 (Version: 1.3.0.7)
Facebook Video Calling 1.2.0.287 (Version: 1.2.287)
Facebook Video Calling 2.0.0.447 (Version: 2.0.447)
FARO LS 1.1.406.58 (Version: 4.6.58.2)
FreeOCR v4.2
Google Chrome (Version: 32.0.1700.41)
Google Earth (Version: 7.1.2.2041)
Google SketchUp Pro 8 (Version: 3.0.3198)
Google Update Helper (Version: 1.3.22.3)
ImgBurn (Version: 2.5.8.0)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.1892)
Intel® TV Wizard
IrfanView (remove only) (Version: 4.36)
Java 7 Update 45 (Version: 7.0.450)
Java Auto Updater (Version: 2.1.9.8)
LightScribe System Software (Version: 1.18.6.1)
Los Sims 2
Los Sims 2 Abren Negocios
Los Sims 2 Universitarios
Los Sims 2: Noctámbulos
Los Sims™ 2 Bon Voyage
Los Sims™ 2 Cocina y Baño Diseño de Interiores Accesorios
Los Sims™ 2 Comparten Piso
Los Sims™ 2 H&M® Moda Accesorios
Los Sims™ 2 IKEA® Accesorios para el hogar
Los Sims™ 2 Mansiones y Jardines Accesorios
Los Sims™ 2 Todo Glamour Accesorios
Los Sims™ 2 y Las Cuatro Estaciones
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Office Access MUI (Spanish) 2010 (Version: 14.0.7015.1000)
Microsoft Office Excel MUI (Spanish) 2010 (Version: 14.0.7015.1000)
Microsoft Office Groove MUI (Spanish) 2010 (Version: 14.0.7015.1000)
Microsoft Office InfoPath MUI (Spanish) 2010 (Version: 14.0.7015.1000)
Microsoft Office OneNote MUI (Spanish) 2010 (Version: 14.0.7015.1000)
Microsoft Office Outlook MUI (Spanish) 2010 (Version: 14.0.7015.1000)
Microsoft Office PowerPoint MUI (Spanish) 2010 (Version: 14.0.7015.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (Basque) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (Catalan) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (Galician) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (Portuguese (Brazil)) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proofing (Spanish) 2010 (Version: 14.0.7015.1000)
Microsoft Office Publisher MUI (Spanish) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared MUI (Spanish) 2010 (Version: 14.0.7015.1000)
Microsoft Office Word MUI (Spanish) 2010 (Version: 14.0.7015.1000)
Microsoft Primary Interoperability Assemblies 2005 (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
MSVCRT Redists (Version: 1.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Nero ControlCenter (Version: 11.0.15600)
Nero ControlCenter Help (CHM) (Version: 12.0.12000)
Nero Core Components (Version: 11.0.20200)
Nero CoverDesigner (Version: 12.0.01500)
Nero CoverDesigner (Version: 12.0.10003)
Nero CoverDesigner Help (CHM) (Version: 12.0.2000)
Nero Update (Version: 11.0.11800.31.0)
Platform (Version: 1.36)
Prerequisite installer (Version: 12.0.0003)
QuickTime (Version: 7.74.80.86)
Search Protect (Version: 2.7.23.2)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
Sims2Pack Clean Installer
Skype™ 6.11 (Version: 6.11.102)
Software Version Updater (Version: 1.1.3.8)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition
VBA (2627.01) (Version: 6.03.00.9402)
VBA (2627.4) (Version: 6.03.00.9402)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
VIA Administrador de dispositivos de plataforma (Version: 1.36)
Video Player (Version: 1.1)
VLC media player 2.1.2 (Version: 2.1.2)
Webexp Enhanced (Version: 1.1)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
Windows Movie Maker 2.6 (Version: 2.6.4037.0)
WinRAR 5.00 beta 8 (32-bit) (Version: 5.00.8)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 92%
Total physical RAM: 893.09 MB
Available physical RAM: 70.62 MB
Total Pagefile: 2383.09 MB
Available Pagefile: 725.03 MB
Total Virtual: 2047.88 MB
Available Virtual: 1951.09 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:51.39 GB) (Free:1.78 GB) NTFS
2 Drive d: () (Fixed) (Total:97.65 GB) (Free:6.68 GB) NTFS
5 Drive i: (Sony_4GM) (Removable) (Total:3.63 GB) (Free:0.99 GB) FAT32
 
========================= Users: ========================================
 
Cuentas de usuario de \\DORIS-PC
 
Administrador            ANA                      Doris                    
Invitado                 JUAN                     
Se ha completado el comando correctamente.
 
 
**** End of log ****


#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,906 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:25 PM

Posted 15 January 2014 - 03:49 PM

Yes post them Here Do all the scans.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 Juanmik

Juanmik
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:01:25 PM

Posted 15 January 2014 - 07:20 PM

11:16:33.0379 0x1318  TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
11:16:38.0310 0x1318  ============================================================
11:16:38.0310 0x1318  Current date / time: 2014/01/15 11:16:38.0310
11:16:38.0310 0x1318  SystemInfo:
11:16:38.0310 0x1318  
11:16:38.0310 0x1318  OS Version: 6.1.7601 ServicePack: 1.0
11:16:38.0310 0x1318  Product type: Workstation
11:16:38.0310 0x1318  ComputerName: DORIS-PC
11:16:38.0312 0x1318  UserName: Doris
11:16:38.0312 0x1318  Windows directory: C:\Windows
11:16:38.0312 0x1318  System windows directory: C:\Windows
11:16:38.0312 0x1318  Processor architecture: Intel x86
11:16:38.0312 0x1318  Number of processors: 1
11:16:38.0312 0x1318  Page size: 0x1000
11:16:38.0312 0x1318  Boot type: Normal boot
11:16:38.0312 0x1318  ============================================================
11:16:41.0530 0x1318  KLMD registered as C:\Windows\system32\drivers\53638308.sys
11:16:42.0594 0x1318  System UUID: {864EC7D1-D79A-A9E9-AC03-79F57A8623B6}
11:16:44.0912 0x1318  Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
11:16:45.0277 0x1318  Drive \Device\Harddisk1\DR2 - Size: 0xE8800000 (3.63 Gb), SectorSize: 0x200, Cylinders: 0x1DA, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
11:16:45.0278 0x1318  ============================================================
11:16:45.0278 0x1318  \Device\Harddisk0\DR0:
11:16:45.0294 0x1318  MBR partitions:
11:16:45.0295 0x1318  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x66C58F5
11:16:45.0315 0x1318  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x66C5973, BlocksNum 0xC34F28D
11:16:45.0315 0x1318  \Device\Harddisk1\DR2:
11:16:45.0316 0x1318  MBR partitions:
11:16:45.0316 0x1318  \Device\Harddisk1\DR2\Partition1: MBR, Type 0xC, StartLBA 0x20, BlocksNum 0x743FDF
11:16:45.0316 0x1318  ============================================================
11:16:45.0501 0x1318  C: <-> \Device\Harddisk0\DR0\Partition1
11:16:45.0629 0x1318  D: <-> \Device\Harddisk0\DR0\Partition2
11:16:45.0881 0x1318  ============================================================
11:16:45.0882 0x1318  Initialize success
11:16:45.0882 0x1318  ============================================================
11:17:19.0145 0x168c  ============================================================
11:17:19.0145 0x168c  Scan started
11:17:19.0145 0x168c  Mode: Manual; 
11:17:19.0145 0x168c  ============================================================
11:17:19.0145 0x168c  KSN ping started
11:17:22.0359 0x168c  KSN ping finished: true
11:17:26.0048 0x168c  ================ Scan system memory ========================
11:17:26.0048 0x168c  System memory - ok
11:17:26.0049 0x168c  ================ Scan services =============================
11:17:26.0355 0x168c  [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
11:17:26.0412 0x168c  1394ohci - ok
11:17:26.0591 0x168c  [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI            C:\Windows\system32\drivers\ACPI.sys
11:17:26.0637 0x168c  ACPI - ok
11:17:26.0726 0x168c  [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
11:17:26.0729 0x168c  AcpiPmi - ok
11:17:26.0779 0x168c  adfs - ok
11:17:26.0985 0x168c  [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
11:17:27.0010 0x168c  AdobeARMservice - ok
11:17:27.0137 0x168c  [ 1BA1AB4141A92EB34DA99F1249CA2D4D, 43ADF35146E61E0DE58D2ACC2994538F6025135ECEB30073BEF05A804BB38107 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
11:17:27.0186 0x168c  AdobeFlashPlayerUpdateSvc - ok
11:17:27.0318 0x168c  [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
11:17:27.0377 0x168c  adp94xx - ok
11:17:27.0514 0x168c  [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
11:17:27.0624 0x168c  adpahci - ok
11:17:27.0705 0x168c  [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
11:17:27.0722 0x168c  adpu320 - ok
11:17:27.0773 0x168c  [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
11:17:27.0786 0x168c  AeLookupSvc - ok
11:17:27.0874 0x168c  [ F81BB7E487EDCEAB630A7EE66CF23913, 7D1638FD7E388EF670FA0A421762E0413351058A20DDF0F9988A383F05395A68 ] AFD             C:\Windows\system32\drivers\afd.sys
11:17:27.0925 0x168c  AFD - ok
11:17:27.0979 0x168c  [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\Windows\system32\drivers\agp440.sys
11:17:27.0988 0x168c  agp440 - ok
11:17:28.0095 0x168c  [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys
11:17:28.0138 0x168c  aic78xx - ok
11:17:28.0200 0x168c  [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG             C:\Windows\System32\alg.exe
11:17:28.0217 0x168c  ALG - ok
11:17:28.0272 0x168c  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide          C:\Windows\system32\drivers\aliide.sys
11:17:28.0310 0x168c  aliide - ok
11:17:28.0416 0x168c  [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
11:17:28.0522 0x168c  amdagp - ok
11:17:28.0575 0x168c  [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide          C:\Windows\system32\drivers\amdide.sys
11:17:28.0588 0x168c  amdide - ok
11:17:28.0647 0x168c  [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
11:17:28.0652 0x168c  AmdK8 - ok
11:17:28.0687 0x168c  [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
11:17:28.0693 0x168c  AmdPPM - ok
11:17:28.0763 0x168c  [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
11:17:28.0806 0x168c  amdsata - ok
11:17:28.0872 0x168c  [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
11:17:28.0883 0x168c  amdsbs - ok
11:17:28.0934 0x168c  [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
11:17:28.0937 0x168c  amdxata - ok
11:17:29.0046 0x168c  [ AEA177F783E20150ACE5383EE368DA19, 8FA9EE27AA1F22E8B8FE33A21028CA1E0062BAA95CB132C20D55B98C03B4254F ] AppID           C:\Windows\system32\drivers\appid.sys
11:17:29.0051 0x168c  AppID - ok
11:17:29.0091 0x168c  [ 62A9C86CB6085E20DB4823E4E97826F5, E0F840B49710022C4FB437002AD06F64B0F6B5D628B32D00F2B66765E6B97E4B ] AppIDSvc        C:\Windows\System32\appidsvc.dll
11:17:29.0095 0x168c  AppIDSvc - ok
11:17:29.0165 0x168c  [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo         C:\Windows\System32\appinfo.dll
11:17:29.0169 0x168c  Appinfo - ok
11:17:29.0219 0x168c  [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt         C:\Windows\System32\appmgmts.dll
11:17:29.0230 0x168c  AppMgmt - ok
11:17:29.0285 0x168c  [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc             C:\Windows\system32\DRIVERS\arc.sys
11:17:29.0302 0x168c  arc - ok
11:17:29.0344 0x168c  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
11:17:29.0373 0x168c  arcsas - ok
11:17:29.0495 0x168c  [ 776ACEFA0CA9DF0FAA51A5FB2F435705, 72DF7ED6B085BC468994F5B3189506FD726A9A17A9C42ACA1E420D787691361D ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
11:17:29.0587 0x168c  aspnet_state - ok
11:17:29.0672 0x168c  [ 6F1505608202BBD179095A6A150D103F, 0102548296B89A7036B55D13BE54A44F11C4C98E9B8F8E02C58138D47AF5951E ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
11:17:29.0698 0x168c  aswMonFlt - ok
11:17:29.0747 0x168c  [ 2206985EF126AB90F3D7F1A020589DC9, F9BAA1E5B087977A113B9F46C3F6C9E41D36D87DBCF5BA4632FE1BD6099E6424 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
11:17:29.0752 0x168c  aswRdr - ok
11:17:29.0838 0x168c  [ F385467DF95D0A73775CB3B076B8B969, D427A5F4FB4D1DAB04AFC29E7EC510844F907ABBA053538995E65747BAD37422 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
11:17:29.0859 0x168c  aswRvrt - ok
11:17:29.0990 0x168c  [ 0F639D0526820BA7872C963813E0EB8D, 2F0B04F09531AF34AF9B9C9746494D963EA58DEF96AB9FDDD86CF31EDB9E19CD ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
11:17:30.0114 0x168c  aswSnx - ok
11:17:30.0222 0x168c  [ 7BA7543EA7936A7ADA615F6DE7C95494, E28EF95A2C05A8303AF8464CCD664821B4B0441D9E30A98BACB53D4C3EE771CE ] aswSP           C:\Windows\system32\drivers\aswSP.sys
11:17:30.0282 0x168c  aswSP - ok
11:17:30.0352 0x168c  [ 37A6A39C1792BA961EE6172A0F3CA236, FA6CF264FC9FD9468EF3E3C4D6A743784D6379E9F285C4859E56C2E899D0DD82 ] aswStm          C:\Windows\system32\drivers\aswStm.sys
11:17:30.0358 0x168c  aswStm - ok
11:17:30.0437 0x168c  [ 1B0662514A68C3A42E60D240C5ABEF28, 71301759C135895C72CAED297A669BA58B3F73E0B7E46DB981F6559D5D5E2B89 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
11:17:30.0455 0x168c  aswVmm - ok
11:17:30.0496 0x168c  [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
11:17:30.0500 0x168c  AsyncMac - ok
11:17:30.0534 0x168c  [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi           C:\Windows\system32\drivers\atapi.sys
11:17:30.0536 0x168c  atapi - ok
11:17:30.0632 0x168c  [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:17:30.0708 0x168c  AudioEndpointBuilder - ok
11:17:30.0752 0x168c  [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] Audiosrv        C:\Windows\System32\Audiosrv.dll
11:17:30.0765 0x168c  Audiosrv - ok
11:17:30.0874 0x168c  [ D74884939D53612FD84AC82C59CCFE27, 07BFB34A3748E018C0A674A6253A03FFA522B31AE1942E84B3CC4DDDED9C16A9 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
11:17:30.0994 0x168c  avast! Antivirus - ok
11:17:31.0064 0x168c  [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV        C:\Windows\System32\AxInstSV.dll
11:17:31.0089 0x168c  AxInstSV - ok
11:17:31.0158 0x168c  [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
11:17:31.0209 0x168c  b06bdrv - ok
11:17:31.0328 0x168c  [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
11:17:31.0362 0x168c  b57nd60x - ok
11:17:31.0435 0x168c  [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC          C:\Windows\System32\bdesvc.dll
11:17:31.0441 0x168c  BDESVC - ok
11:17:31.0485 0x168c  [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep            C:\Windows\system32\drivers\Beep.sys
11:17:31.0488 0x168c  Beep - ok
11:17:31.0577 0x168c  [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE             C:\Windows\System32\bfe.dll
11:17:31.0608 0x168c  BFE - ok
11:17:31.0701 0x168c  [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS            C:\Windows\System32\qmgr.dll
11:17:31.0785 0x168c  BITS - ok
11:17:31.0847 0x168c  [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
11:17:31.0859 0x168c  blbdrive - ok
11:17:31.0916 0x168c  [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
11:17:31.0922 0x168c  bowser - ok
11:17:31.0960 0x168c  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
11:17:31.0963 0x168c  BrFiltLo - ok
11:17:31.0988 0x168c  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
11:17:31.0990 0x168c  BrFiltUp - ok
11:17:32.0042 0x168c  [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser         C:\Windows\System32\browser.dll
11:17:32.0050 0x168c  Browser - ok
11:17:32.0107 0x168c  [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
11:17:32.0151 0x168c  Brserid - ok
11:17:32.0186 0x168c  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
11:17:32.0191 0x168c  BrSerWdm - ok
11:17:32.0220 0x168c  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
11:17:32.0224 0x168c  BrUsbMdm - ok
11:17:32.0261 0x168c  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
11:17:32.0264 0x168c  BrUsbSer - ok
11:17:32.0354 0x168c  [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
11:17:32.0359 0x168c  BTHMODEM - ok
11:17:32.0422 0x168c  [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv         C:\Windows\system32\bthserv.dll
11:17:32.0439 0x168c  bthserv - ok
11:17:32.0477 0x168c  [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
11:17:32.0483 0x168c  cdfs - ok
11:17:32.0547 0x168c  [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
11:17:32.0582 0x168c  cdrom - ok
11:17:32.0643 0x168c  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc     C:\Windows\System32\certprop.dll
11:17:32.0676 0x168c  CertPropSvc - ok
11:17:32.0721 0x168c  [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
11:17:32.0726 0x168c  circlass - ok
11:17:32.0781 0x168c  [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS            C:\Windows\system32\CLFS.sys
11:17:32.0798 0x168c  CLFS - ok
11:17:32.0929 0x168c  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:17:33.0038 0x168c  clr_optimization_v2.0.50727_32 - ok
11:17:33.0103 0x168c  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:17:33.0399 0x168c  clr_optimization_v4.0.30319_32 - ok
11:17:33.0437 0x168c  [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
11:17:33.0440 0x168c  CmBatt - ok
11:17:33.0476 0x168c  [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
11:17:33.0480 0x168c  cmdide - ok
11:17:33.0561 0x168c  [ 85449EEBE8F8EBD6481EFBF0F352B4EB, E6FF04970C5A5BFDE7297A86C1C7B9BFE2E0F976A1A1AFB874CEB488DC6151CC ] CNG             C:\Windows\system32\Drivers\cng.sys
11:17:33.0618 0x168c  CNG - ok
11:17:33.0687 0x168c  [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
11:17:33.0691 0x168c  Compbatt - ok
11:17:33.0744 0x168c  [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
11:17:33.0760 0x168c  CompositeBus - ok
11:17:33.0792 0x168c  COMSysApp - ok
11:17:33.0837 0x168c  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
11:17:33.0841 0x168c  crcdisk - ok
11:17:33.0933 0x168c  [ 7CA1BECEA5DE2643ADDAD32670E7A4C9, E3AB4CC52A97E3855D7EAB87363F807FDD2162ED8C76A036CD71549ED64E7797 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
11:17:33.0951 0x168c  CryptSvc - ok
11:17:34.0073 0x168c  [ 3C2177A897B4CA2788C6FB0C3FD81D4B, 98575CBD0664586E6211D02E71BDD52CBAA149A1658573550E29E74E5F7B1553 ] CSC             C:\Windows\system32\drivers\csc.sys
11:17:34.0124 0x168c  CSC - ok
11:17:34.0206 0x168c  [ 15F93B37F6801943360D9EB42485D5D3, DD6838C6496CB15F8BB57A6596F6A64ADD9C36B09F062295699131232712B558 ] CscService      C:\Windows\System32\cscsvc.dll
11:17:34.0240 0x168c  CscService - ok
11:17:34.0329 0x168c  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch      C:\Windows\system32\rpcss.dll
11:17:34.0364 0x168c  DcomLaunch - ok
11:17:34.0465 0x168c  [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc       C:\Windows\System32\defragsvc.dll
11:17:34.0498 0x168c  defragsvc - ok
11:17:34.0556 0x168c  [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
11:17:34.0596 0x168c  DfsC - ok
11:17:34.0658 0x168c  [ 6CC6C4B9D7B906A151AA094CA087B9F0, 5D06DC2FCAF86C256792D541D5581AF5AFEDA247814E07C6017BEE92284CAA56 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
11:17:34.0750 0x168c  dg_ssudbus - ok
11:17:34.0948 0x168c  [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
11:17:34.0993 0x168c  Dhcp - ok
11:17:35.0082 0x168c  [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache        C:\Windows\system32\drivers\discache.sys
11:17:35.0140 0x168c  discache - ok
11:17:35.0225 0x168c  [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
11:17:35.0252 0x168c  Disk - ok
11:17:35.0340 0x168c  [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache        C:\Windows\System32\dnsrslvr.dll
11:17:35.0391 0x168c  Dnscache - ok
11:17:35.0522 0x168c  [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc         C:\Windows\System32\dot3svc.dll
11:17:35.0584 0x168c  dot3svc - ok
11:17:35.0722 0x168c  [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS             C:\Windows\system32\dps.dll
11:17:35.0737 0x168c  DPS - ok
11:17:35.0823 0x168c  [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
11:17:35.0890 0x168c  drmkaud - ok
11:17:36.0046 0x168c  [ E6B7D1B24E16FB24CE1FEA964E144EBC, 30F81E0A017163A1AB463FE3A13B5CC2905B973E782AEBC1EB63759BF2470658 ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
11:17:36.0158 0x168c  dtsoftbus01 - ok
11:17:36.0454 0x168c  [ 71BC35067CABC02C9453AEAA42B2E43E, 713B19F2C08EA5E4C087F7A74A8856932CF33E19D63384823DD4E02ED8798619 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
11:17:36.0550 0x168c  DXGKrnl - ok
11:17:36.0639 0x168c  [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost         C:\Windows\System32\eapsvc.dll
11:17:36.0666 0x168c  EapHost - ok
11:17:37.0866 0x168c  [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
11:17:38.0085 0x168c  ebdrv - ok
11:17:38.0178 0x168c  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] EFS             C:\Windows\System32\lsass.exe
11:17:38.0205 0x168c  EFS - ok
11:17:38.0655 0x168c  [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
11:17:38.0916 0x168c  ehRecvr - ok
11:17:39.0041 0x168c  [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched         C:\Windows\ehome\ehsched.exe
11:17:39.0117 0x168c  ehSched - ok
11:17:39.0359 0x168c  [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
11:17:39.0478 0x168c  elxstor - ok
11:17:39.0561 0x168c  [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
11:17:39.0611 0x168c  ErrDev - ok
11:17:39.0779 0x168c  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem     C:\Windows\system32\es.dll
11:17:39.0818 0x168c  EventSystem - ok
11:17:39.0972 0x168c  [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat           C:\Windows\system32\drivers\exfat.sys
11:17:40.0013 0x168c  exfat - ok
11:17:40.0070 0x168c  [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
11:17:40.0096 0x168c  fastfat - ok
11:17:40.0211 0x168c  [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax             C:\Windows\system32\fxssvc.exe
11:17:40.0287 0x168c  Fax - ok
11:17:40.0338 0x168c  [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
11:17:40.0365 0x168c  fdc - ok
11:17:40.0449 0x168c  [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost         C:\Windows\system32\fdPHost.dll
11:17:40.0469 0x168c  fdPHost - ok
11:17:40.0497 0x168c  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub        C:\Windows\system32\fdrespub.dll
11:17:40.0502 0x168c  FDResPub - ok
11:17:40.0534 0x168c  [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
11:17:40.0539 0x168c  FileInfo - ok
11:17:40.0581 0x168c  [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
11:17:40.0584 0x168c  Filetrace - ok
11:17:40.0809 0x168c  [ 73081CF28F0AE20A52CA4F67CEE6E6B0, 806C769F3638D25FF1892C7223E7250AA3B9F627DF3AD83BC5AE1FEF7016F86A ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
11:17:40.0918 0x168c  FLEXnet Licensing Service - ok
11:17:40.0958 0x168c  [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
11:17:40.0968 0x168c  flpydisk - ok
11:17:41.0014 0x168c  [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
11:17:41.0027 0x168c  FltMgr - ok
11:17:41.0234 0x168c  [ E12C4928B32ACE04610259647F072635, B71B9C2DF45F33C4DAC88435129B08B0BCDBBE82E8C3AD0A95F00137CC8B619F ] FontCache       C:\Windows\system32\FntCache.dll
11:17:41.0301 0x168c  FontCache - ok
11:17:41.0370 0x168c  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
11:17:41.0446 0x168c  FontCache3.0.0.0 - ok
11:17:41.0478 0x168c  [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
11:17:41.0483 0x168c  FsDepends - ok
11:17:41.0535 0x168c  [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
11:17:41.0538 0x168c  Fs_Rec - ok
11:17:41.0610 0x168c  [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
11:17:41.0662 0x168c  fvevol - ok
11:17:41.0716 0x168c  [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
11:17:41.0721 0x168c  gagp30kx - ok
11:17:41.0802 0x168c  [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc           C:\Windows\System32\gpsvc.dll
11:17:41.0851 0x168c  gpsvc - ok
11:17:41.0998 0x168c  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
11:17:42.0040 0x168c  gupdate - ok
11:17:42.0088 0x168c  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
11:17:42.0093 0x168c  gupdatem - ok
11:17:42.0130 0x168c  [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
11:17:42.0134 0x168c  hcw85cir - ok
11:17:42.0230 0x168c  [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:17:42.0282 0x168c  HdAudAddService - ok
11:17:42.0331 0x168c  [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
11:17:42.0339 0x168c  HDAudBus - ok
11:17:42.0379 0x168c  [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
11:17:42.0383 0x168c  HidBatt - ok
11:17:42.0450 0x168c  [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
11:17:42.0458 0x168c  HidBth - ok
11:17:42.0506 0x168c  [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
11:17:42.0511 0x168c  HidIr - ok
11:17:42.0552 0x168c  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv         C:\Windows\system32\hidserv.dll
11:17:42.0561 0x168c  hidserv - ok
11:17:42.0634 0x168c  [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
11:17:42.0638 0x168c  HidUsb - ok
11:17:42.0697 0x168c  [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc          C:\Windows\system32\kmsvc.dll
11:17:42.0739 0x168c  hkmsvc - ok
11:17:42.0794 0x168c  [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:17:42.0845 0x168c  HomeGroupListener - ok
11:17:42.0907 0x168c  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:17:42.0930 0x168c  HomeGroupProvider - ok
11:17:42.0997 0x168c  [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
11:17:43.0002 0x168c  HpSAMD - ok
11:17:43.0082 0x168c  [ 871917B07A141BFF43D76D8844D48106, 30C702008D0EE57D63F74864967DD19A55A268E77E42B5B3CC73037AD51D2987 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
11:17:43.0150 0x168c  HTTP - ok
11:17:43.0206 0x168c  [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
11:17:43.0208 0x168c  hwpolicy - ok
11:17:43.0280 0x168c  [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
11:17:43.0314 0x168c  i8042prt - ok
11:17:43.0445 0x168c  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
11:17:43.0493 0x168c  iaStorV - ok
11:17:43.0559 0x168c  [ 7FC796D62DBDF6D33F4792A3674DA4C9, 6BD8CE560C22E4DBB6E299D66CBB835F493AB82A66F8389F36B32AB0FF0AD06E ] IDMWFP          C:\Windows\system32\DRIVERS\idmwfp.sys
11:17:43.0601 0x168c  IDMWFP - ok
11:17:43.0806 0x168c  [ C521D7EB6497BB1AF6AFA89E322FB43C, BDDCFCBB5B76A9295669B5AC9F732D6127199ED5C300770B554C4E4794F66BB7 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:17:43.0903 0x168c  idsvc - ok
11:17:44.0706 0x168c  [ DCE0B53570703CCE580D066F89EF58CD, C5C2C4F51F2DB2BB6E7F1218472AEAAD996514AB99EA84946A473CB7A64D9E15 ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
11:17:45.0326 0x168c  igfx - ok
11:17:45.0421 0x168c  [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
11:17:45.0426 0x168c  iirsp - ok
11:17:45.0515 0x168c  [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT          C:\Windows\System32\ikeext.dll
11:17:45.0561 0x168c  IKEEXT - ok
11:17:45.0621 0x168c  [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide        C:\Windows\system32\drivers\intelide.sys
11:17:45.0624 0x168c  intelide - ok
11:17:45.0673 0x168c  [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
11:17:45.0679 0x168c  intelppm - ok
11:17:45.0717 0x168c  [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
11:17:45.0735 0x168c  IPBusEnum - ok
11:17:45.0775 0x168c  [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:17:45.0781 0x168c  IpFilterDriver - ok
11:17:45.0862 0x168c  [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
11:17:45.0898 0x168c  iphlpsvc - ok
11:17:45.0956 0x168c  [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
11:17:45.0996 0x168c  IPMIDRV - ok
11:17:46.0026 0x168c  [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
11:17:46.0034 0x168c  IPNAT - ok
11:17:46.0072 0x168c  [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
11:17:46.0075 0x168c  IRENUM - ok
11:17:46.0126 0x168c  [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
11:17:46.0131 0x168c  isapnp - ok
11:17:46.0193 0x168c  [ CB7A9ABB12B8415BCE5D74994C7BA3AE, 464BFF3F5EEE985BE075E23E1813F5CB82A9A0771A92C6D889B13B867BCDF647 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
11:17:46.0235 0x168c  iScsiPrt - ok
11:17:46.0275 0x168c  [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
11:17:46.0292 0x168c  kbdclass - ok
11:17:46.0350 0x168c  [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
11:17:46.0354 0x168c  kbdhid - ok
11:17:46.0386 0x168c  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] KeyIso          C:\Windows\system32\lsass.exe
11:17:46.0392 0x168c  KeyIso - ok
11:17:46.0445 0x168c  [ F286830298323272260332D6ABC905C1, FF4CD182A95CA53119B228690D682EE9214BE131A0DBCB09B6189FBEBBFF902C ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
11:17:46.0457 0x168c  KSecDD - ok
11:17:46.0487 0x168c  [ D7C760D57B1656DD748B9E4AB6CB5A51, F8AE4185A6A9F7005DEFF1FDC03F395C6189825B482B8C650637FD29DE93AB68 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
11:17:46.0499 0x168c  KSecPkg - ok
11:17:46.0551 0x168c  [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm           C:\Windows\system32\msdtckrm.dll
11:17:46.0585 0x168c  KtmRm - ok
11:17:46.0644 0x168c  [ 1A91EAAD2D73758140B3B7B6AD736573, 5D2B355B01E4A01BEE32E219960ED701AE419581ACC2E792E36E5C53F7ED88CA ] L1C             C:\Windows\system32\DRIVERS\L1C62x86.sys
11:17:46.0678 0x168c  L1C - ok
11:17:46.0763 0x168c  [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer    C:\Windows\system32\srvsvc.dll
11:17:46.0796 0x168c  LanmanServer - ok
11:17:46.0861 0x168c  [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:17:46.0892 0x168c  LanmanWorkstation - ok
11:17:46.0961 0x168c  [ 83D8BE94E1CBCBE2EA8372DB1A95A159, 28D18C7B93EFB6C83023D39A54489DDE98DE578AFCC06DD0712D00DE7CD48968 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
11:17:46.0996 0x168c  LightScribeService - ok
11:17:47.0043 0x168c  [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
11:17:47.0050 0x168c  lltdio - ok
11:17:47.0090 0x168c  [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
11:17:47.0106 0x168c  lltdsvc - ok
11:17:47.0142 0x168c  [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts         C:\Windows\System32\lmhsvc.dll
11:17:47.0151 0x168c  lmhosts - ok
11:17:47.0216 0x168c  [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
11:17:47.0230 0x168c  LSI_FC - ok
11:17:47.0267 0x168c  [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
11:17:47.0275 0x168c  LSI_SAS - ok
11:17:47.0342 0x168c  [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
11:17:47.0348 0x168c  LSI_SAS2 - ok
11:17:47.0375 0x168c  [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
11:17:47.0384 0x168c  LSI_SCSI - ok
11:17:47.0428 0x168c  [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv           C:\Windows\system32\drivers\luafv.sys
11:17:47.0436 0x168c  luafv - ok
11:17:47.0529 0x168c  [ 0DB7527DB188C7D967A37BB51BBF3963, 3812E26626EC49BE61B0B8DA5FE6E838C0FEF8A08363C239F64E6CCA0BA949D5 ] MBAMSwissArmy   C:\Windows\system32\drivers\mbamswissarmy.sys
11:17:47.0554 0x168c  MBAMSwissArmy - ok
11:17:47.0610 0x168c  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
11:17:47.0652 0x168c  Mcx2Svc - ok
11:17:47.0693 0x168c  [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
11:17:47.0697 0x168c  megasas - ok
11:17:47.0755 0x168c  [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
11:17:47.0772 0x168c  MegaSR - ok
11:17:47.0840 0x168c  Microsoft SharePoint Workspace Audit Service - ok
11:17:47.0890 0x168c  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS           C:\Windows\system32\mmcss.dll
11:17:47.0898 0x168c  MMCSS - ok
11:17:47.0926 0x168c  [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem           C:\Windows\system32\drivers\modem.sys
11:17:47.0930 0x168c  Modem - ok
11:17:47.0986 0x168c  [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
11:17:48.0002 0x168c  monitor - ok
11:17:48.0043 0x168c  [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass        C:\Windows\system32\drivers\mouclass.sys
11:17:48.0047 0x168c  mouclass - ok
11:17:48.0104 0x168c  [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
11:17:48.0118 0x168c  mouhid - ok
11:17:48.0169 0x168c  [ FC8771F45ECCCFD89684E38842539B9B, 806DDF2B4830CA866582FE74A521BB7DF26CA0E19013DAF584D3677FB48CC77A ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
11:17:48.0204 0x168c  mountmgr - ok
11:17:48.0261 0x168c  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio            C:\Windows\system32\drivers\mpio.sys
11:17:48.0295 0x168c  mpio - ok
11:17:48.0344 0x168c  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
11:17:48.0352 0x168c  mpsdrv - ok
11:17:48.0437 0x168c  [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc          C:\Windows\system32\mpssvc.dll
11:17:48.0482 0x168c  MpsSvc - ok
11:17:48.0539 0x168c  [ 21F4B24ACFC79A483515BD986DD9043F, 22681907E02E0B723ABE2CEF0602D36C8EF862E7E2B62A9B40A5EF582E58D7BA ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
11:17:48.0573 0x168c  MRxDAV - ok
11:17:48.0625 0x168c  [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
11:17:48.0633 0x168c  mrxsmb - ok
11:17:48.0673 0x168c  [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:17:48.0688 0x168c  mrxsmb10 - ok
11:17:48.0744 0x168c  [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:17:48.0777 0x168c  mrxsmb20 - ok
11:17:48.0826 0x168c  [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci          C:\Windows\system32\drivers\msahci.sys
11:17:48.0859 0x168c  msahci - ok
11:17:48.0914 0x168c  [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
11:17:48.0934 0x168c  msdsm - ok
11:17:48.0988 0x168c  [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC           C:\Windows\System32\msdtc.exe
11:17:49.0000 0x168c  MSDTC - ok
11:17:49.0069 0x168c  [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs            C:\Windows\system32\drivers\Msfs.sys
11:17:49.0072 0x168c  Msfs - ok
11:17:49.0109 0x168c  [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
11:17:49.0111 0x168c  mshidkmdf - ok
11:17:49.0163 0x168c  [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
11:17:49.0166 0x168c  msisadrv - ok
11:17:49.0222 0x168c  [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
11:17:49.0240 0x168c  MSiSCSI - ok
11:17:49.0259 0x168c  msiserver - ok
11:17:49.0307 0x168c  [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
11:17:49.0310 0x168c  MSKSSRV - ok
11:17:49.0342 0x168c  [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
11:17:49.0357 0x168c  MSPCLOCK - ok
11:17:49.0399 0x168c  [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
11:17:49.0416 0x168c  MSPQM - ok
11:17:49.0468 0x168c  [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
11:17:49.0495 0x168c  MsRPC - ok
11:17:49.0551 0x168c  [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
11:17:49.0555 0x168c  mssmbios - ok
11:17:49.0588 0x168c  [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
11:17:49.0591 0x168c  MSTEE - ok
11:17:49.0621 0x168c  [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
11:17:49.0625 0x168c  MTConfig - ok
11:17:49.0664 0x168c  [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup             C:\Windows\system32\Drivers\mup.sys
11:17:49.0668 0x168c  Mup - ok
11:17:49.0736 0x168c  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent        C:\Windows\system32\qagentRT.dll
11:17:49.0768 0x168c  napagent - ok
11:17:49.0834 0x168c  [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
11:17:49.0884 0x168c  NativeWifiP - ok
11:17:50.0034 0x168c  [ E0E4A1F81A7D69C595A8A9DDAD084C19, 8F55F3637AE8BFFB0ACE37AFC5122026525137E0B2923899B779C1BD08DF0E22 ] NAUpdate        C:\Program Files\Nero\Update\NASvc.exe
11:17:50.0143 0x168c  NAUpdate - ok
11:17:50.0311 0x168c  [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS            C:\Windows\system32\drivers\ndis.sys
11:17:50.0408 0x168c  NDIS - ok
11:17:50.0468 0x168c  [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
11:17:50.0473 0x168c  NdisCap - ok
11:17:50.0540 0x168c  [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
11:17:50.0543 0x168c  NdisTapi - ok
11:17:50.0601 0x168c  [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
11:17:50.0606 0x168c  Ndisuio - ok
11:17:50.0670 0x168c  [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
11:17:50.0705 0x168c  NdisWan - ok
11:17:50.0760 0x168c  [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
11:17:50.0765 0x168c  NDProxy - ok
11:17:50.0818 0x168c  [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
11:17:50.0823 0x168c  NetBIOS - ok
11:17:50.0895 0x168c  [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
11:17:50.0909 0x168c  NetBT - ok
11:17:50.0949 0x168c  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] Netlogon        C:\Windows\system32\lsass.exe
11:17:50.0955 0x168c  Netlogon - ok
11:17:51.0021 0x168c  [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman          C:\Windows\System32\netman.dll
11:17:51.0055 0x168c  Netman - ok
11:17:51.0123 0x168c  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:17:51.0207 0x168c  NetMsmqActivator - ok
11:17:51.0240 0x168c  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:17:51.0246 0x168c  NetPipeActivator - ok
11:17:51.0309 0x168c  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm        C:\Windows\System32\netprofm.dll
11:17:51.0350 0x168c  netprofm - ok
11:17:51.0389 0x168c  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:17:51.0393 0x168c  NetTcpActivator - ok
11:17:51.0420 0x168c  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:17:51.0426 0x168c  NetTcpPortSharing - ok
11:17:51.0474 0x168c  [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
11:17:51.0494 0x168c  nfrd960 - ok
11:17:51.0556 0x168c  [ 374071043F9E4231EE43BE2BB48DD36D, C4FA3FC40CC49DBBB91901D14210A55D3831FAC9F9B3FF45FCA7F5CF242C9E92 ] NlaSvc          C:\Windows\System32\nlasvc.dll
11:17:51.0576 0x168c  NlaSvc - ok
11:17:51.0618 0x168c  [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
11:17:51.0622 0x168c  Npfs - ok
11:17:51.0665 0x168c  [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi             C:\Windows\system32\nsisvc.dll
11:17:51.0673 0x168c  nsi - ok
11:17:51.0701 0x168c  [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
11:17:51.0706 0x168c  nsiproxy - ok
11:17:51.0846 0x168c  [ 5E43D2B0EE64123D4880DFA6626DEFDE, 164413A22DE58B19EA2B4120034B46D6BE1F424B80C3421E10BE5C81153D049F ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
11:17:51.0951 0x168c  Ntfs - ok
11:17:52.0005 0x168c  [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null            C:\Windows\system32\drivers\Null.sys
11:17:52.0007 0x168c  Null - ok
11:17:52.0063 0x168c  [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
11:17:52.0096 0x168c  nvraid - ok
11:17:52.0153 0x168c  [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
11:17:52.0186 0x168c  nvstor - ok
11:17:52.0247 0x168c  [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
11:17:52.0280 0x168c  nv_agp - ok
11:17:52.0334 0x168c  [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
11:17:52.0360 0x168c  ohci1394 - ok
11:17:52.0426 0x168c  [ 2B8E4C792BED0E5882702720BC528AE5, 6D7CB027BC6014CB268C49B46049CDFF3BA94D07102A65BD053335A28E83D125 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:17:52.0460 0x168c  ose - ok
11:17:52.0860 0x168c  [ EE5756BDA5BE5891270E0CC6CEC44096, EA18073EEE0F461B14C539D49A7DD91D33AB0C503236F67F70A000835FAAC890 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:17:53.0183 0x168c  osppsvc - ok
11:17:53.0285 0x168c  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
11:17:53.0306 0x168c  p2pimsvc - ok
11:17:53.0368 0x168c  [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc          C:\Windows\system32\p2psvc.dll
11:17:53.0402 0x168c  p2psvc - ok
11:17:53.0456 0x168c  [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport         C:\Windows\system32\DRIVERS\parport.sys
11:17:53.0477 0x168c  Parport - ok
11:17:53.0529 0x168c  [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
11:17:53.0535 0x168c  partmgr - ok
11:17:53.0582 0x168c  [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
11:17:53.0598 0x168c  Parvdm - ok
11:17:53.0649 0x168c  [ 358AB7956D3160000726574083DFC8A6, 6CAFD4D1B8AB8C1D167ADC018985DDAB5AC2CBFFB3434FE6390F14AF50C19025 ] PcaSvc          C:\Windows\System32\pcasvc.dll
11:17:53.0673 0x168c  PcaSvc - ok
11:17:53.0730 0x168c  [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci             C:\Windows\system32\drivers\pci.sys
11:17:53.0772 0x168c  pci - ok
11:17:53.0825 0x168c  [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide          C:\Windows\system32\drivers\pciide.sys
11:17:53.0829 0x168c  pciide - ok
11:17:53.0866 0x168c  [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
11:17:53.0891 0x168c  pcmcia - ok
11:17:53.0922 0x168c  [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw             C:\Windows\system32\drivers\pcw.sys
11:17:53.0926 0x168c  pcw - ok
11:17:53.0996 0x168c  [ 9E0104BA49F4E6973749A02BF41344ED, B32F39F38DB48D77FBA884DEE34112BAB81CCEF5DD2EAAA12D9589D73D2BB116 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
11:17:54.0030 0x168c  PEAUTH - ok
11:17:54.0140 0x168c  [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
11:17:54.0258 0x168c  PeerDistSvc - ok
11:17:54.0444 0x168c  [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla             C:\Windows\system32\pla.dll
11:17:54.0581 0x168c  pla - ok
11:17:54.0662 0x168c  [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
11:17:54.0687 0x168c  PlugPlay - ok
11:17:54.0732 0x168c  [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
11:17:54.0750 0x168c  PNRPAutoReg - ok
11:17:54.0791 0x168c  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
11:17:54.0804 0x168c  PNRPsvc - ok
11:17:54.0892 0x168c  [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
11:17:54.0932 0x168c  PolicyAgent - ok
11:17:55.0001 0x168c  [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power           C:\Windows\system32\umpo.dll
11:17:55.0018 0x168c  Power - ok
11:17:55.0071 0x168c  [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
11:17:55.0077 0x168c  PptpMiniport - ok
11:17:55.0118 0x168c  [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
11:17:55.0135 0x168c  Processor - ok
11:17:55.0192 0x168c  [ CADEFAC453040E370A1BDFF3973BE00D, 2E3DD8DA702468D8AB0F3CE27188B1991D4CB015FB36BAE4C6E7996B61CF49B8 ] ProfSvc         C:\Windows\system32\profsvc.dll
11:17:55.0216 0x168c  ProfSvc - ok
11:17:55.0252 0x168c  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:17:55.0262 0x168c  ProtectedStorage - ok
11:17:55.0314 0x168c  [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
11:17:55.0322 0x168c  Psched - ok
11:17:55.0485 0x168c  [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
11:17:55.0590 0x168c  ql2300 - ok
11:17:55.0637 0x168c  [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
11:17:55.0646 0x168c  ql40xx - ok
11:17:55.0698 0x168c  [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE           C:\Windows\system32\qwave.dll
11:17:55.0738 0x168c  QWAVE - ok
11:17:55.0767 0x168c  [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
11:17:55.0771 0x168c  QWAVEdrv - ok
11:17:55.0796 0x168c  [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
11:17:55.0799 0x168c  RasAcd - ok
11:17:55.0850 0x168c  [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
11:17:55.0855 0x168c  RasAgileVpn - ok
11:17:55.0894 0x168c  [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto         C:\Windows\System32\rasauto.dll
11:17:55.0912 0x168c  RasAuto - ok
11:17:55.0965 0x168c  [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
11:17:55.0985 0x168c  Rasl2tp - ok
11:17:56.0050 0x168c  [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan          C:\Windows\System32\rasmans.dll
11:17:56.0101 0x168c  RasMan - ok
11:17:56.0143 0x168c  [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
11:17:56.0151 0x168c  RasPppoe - ok
11:17:56.0190 0x168c  [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
11:17:56.0196 0x168c  RasSstp - ok
11:17:56.0258 0x168c  [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
11:17:56.0309 0x168c  rdbss - ok
11:17:56.0356 0x168c  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
11:17:56.0360 0x168c  rdpbus - ok
11:17:56.0416 0x168c  [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
11:17:56.0436 0x168c  RDPCDD - ok
11:17:56.0504 0x168c  [ B973FCFC50DC1434E1970A146F7E3885, BE797E5F5AE34D37F8DA1134CE94DD14DBE36D2BC405B97E992E2257848B7CA9 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
11:17:56.0514 0x168c  RDPDR - ok
11:17:56.0558 0x168c  [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
11:17:56.0562 0x168c  RDPENCDD - ok
11:17:56.0596 0x168c  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
11:17:56.0599 0x168c  RDPREFMP - ok
11:17:56.0682 0x168c  [ 68A0387F58E226DEEE23D9715955572A, F95BB1D2BB3E79AF47B1C715BB5E3003EEF888AAA963F46F4A2FE8AFBD4F37A4 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
11:17:56.0685 0x168c  RdpVideoMiniport - ok
11:17:56.0741 0x168c  [ F031683E6D1FEA157ABB2FF260B51E61, 83B552819A5964152882C527E1421DBCEAACC74DEB897E3C4B53F52F1467FED3 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
11:17:56.0752 0x168c  RDPWD - ok
11:17:56.0823 0x168c  [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
11:17:56.0834 0x168c  rdyboost - ok
11:17:56.0880 0x168c  [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess    C:\Windows\System32\mprdim.dll
11:17:56.0906 0x168c  RemoteAccess - ok
11:17:56.0945 0x168c  [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry  C:\Windows\system32\regsvc.dll
11:17:56.0958 0x168c  RemoteRegistry - ok
11:17:57.0000 0x168c  [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
11:17:57.0016 0x168c  RpcEptMapper - ok
11:17:57.0048 0x168c  [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator      C:\Windows\system32\locator.exe
11:17:57.0057 0x168c  RpcLocator - ok
11:17:57.0108 0x168c  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs           C:\Windows\system32\rpcss.dll
11:17:57.0125 0x168c  RpcSs - ok
11:17:57.0177 0x168c  [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
11:17:57.0195 0x168c  rspndr - ok
11:17:57.0245 0x168c  [ 7FA7F2E249A5DCBB7970630E15E1F482, 9633B193F3FDA67BC551C6DCA4788AB83E9F45F77763EE579D02FE5D6B80DEDF ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
11:17:57.0248 0x168c  s3cap - ok
11:17:57.0285 0x168c  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] SamSs           C:\Windows\system32\lsass.exe
11:17:57.0292 0x168c  SamSs - ok
11:17:57.0355 0x168c  [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
11:17:57.0381 0x168c  sbp2port - ok
11:17:57.0425 0x168c  [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
11:17:57.0451 0x168c  SCardSvr - ok
11:17:57.0507 0x168c  [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
11:17:57.0511 0x168c  scfilter - ok
11:17:57.0617 0x168c  [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule        C:\Windows\system32\schedsvc.dll
11:17:57.0667 0x168c  Schedule - ok
11:17:57.0703 0x168c  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc     C:\Windows\System32\certprop.dll
11:17:57.0707 0x168c  SCPolicySvc - ok
11:17:57.0772 0x168c  [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
11:17:57.0816 0x168c  SDRSVC - ok
11:17:57.0855 0x168c  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
11:17:57.0859 0x168c  secdrv - ok
11:17:57.0893 0x168c  [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon        C:\Windows\system32\seclogon.dll
11:17:57.0910 0x168c  seclogon - ok
11:17:57.0944 0x168c  [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS            C:\Windows\System32\sens.dll
11:17:57.0961 0x168c  SENS - ok
11:17:58.0000 0x168c  [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
11:17:58.0017 0x168c  SensrSvc - ok
11:17:58.0065 0x168c  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
11:17:58.0083 0x168c  Serenum - ok
11:17:58.0120 0x168c  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial          C:\Windows\system32\DRIVERS\serial.sys
11:17:58.0126 0x168c  Serial - ok
11:17:58.0175 0x168c  [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
11:17:58.0179 0x168c  sermouse - ok
11:17:58.0274 0x168c  [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv      C:\Windows\system32\sessenv.dll
11:17:58.0317 0x168c  SessionEnv - ok
11:17:58.0359 0x168c  [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
11:17:58.0363 0x168c  sffdisk - ok
11:17:58.0411 0x168c  [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
11:17:58.0415 0x168c  sffp_mmc - ok
11:17:58.0461 0x168c  [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
11:17:58.0465 0x168c  sffp_sd - ok
11:17:58.0509 0x168c  [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
11:17:58.0512 0x168c  sfloppy - ok
11:17:58.0573 0x168c  [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
11:17:58.0596 0x168c  SharedAccess - ok
11:17:58.0672 0x168c  [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:17:58.0707 0x168c  ShellHWDetection - ok
11:17:58.0762 0x168c  [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp          C:\Windows\system32\drivers\sisagp.sys
11:17:58.0795 0x168c  sisagp - ok
11:17:58.0876 0x168c  [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:17:58.0897 0x168c  SiSRaid2 - ok
11:17:58.0924 0x168c  [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
11:17:58.0931 0x168c  SiSRaid4 - ok
11:17:59.0040 0x168c  [ F5BBEDF602C310B00036EB2DBF4348A5, AC2712E639F0C54BCF00EB4E90E805335871EA27AE8A45DFC53EDF28822318C4 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
11:17:59.0077 0x168c  SkypeUpdate - ok
11:17:59.0129 0x168c  [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
11:17:59.0148 0x168c  Smb - ok
11:17:59.0215 0x168c  [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
11:17:59.0230 0x168c  SNMPTRAP - ok
11:17:59.0279 0x168c  [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr           C:\Windows\system32\drivers\spldr.sys
11:17:59.0291 0x168c  spldr - ok
11:17:59.0368 0x168c  [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler         C:\Windows\System32\spoolsv.exe
11:17:59.0407 0x168c  Spooler - ok
11:17:59.0651 0x168c  [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc          C:\Windows\system32\sppsvc.exe
11:17:59.0881 0x168c  sppsvc - ok
11:17:59.0938 0x168c  [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify     C:\Windows\system32\sppuinotify.dll
11:17:59.0971 0x168c  sppuinotify - ok
11:18:00.0077 0x168c  [ 68103A2B441BBF3908EBB587F0704D6C, 0EE921D3D3D88AD0380923429E82B58078F53D7A9D53458AA33FEDF376EF1212 ] sptd            C:\Windows\System32\Drivers\sptd.sys
11:18:00.0136 0x168c  sptd - ok
11:18:00.0200 0x168c  [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv             C:\Windows\system32\DRIVERS\srv.sys
11:18:00.0249 0x168c  srv - ok
11:18:00.0322 0x168c  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
11:18:00.0373 0x168c  srv2 - ok
11:18:00.0419 0x168c  [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
11:18:00.0429 0x168c  srvnet - ok
11:18:00.0476 0x168c  [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
11:18:00.0502 0x168c  SSDPSRV - ok
11:18:00.0544 0x168c  [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
11:18:00.0559 0x168c  SstpSvc - ok
11:18:00.0593 0x168c  [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
11:18:00.0598 0x168c  stexstor - ok
11:18:00.0686 0x168c  [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc          C:\Windows\System32\wiaservc.dll
11:18:00.0760 0x168c  StiSvc - ok
11:18:00.0810 0x168c  [ 472AF0311073DCECEAA8FA18BA2BDF89, 089414057EB2047E42C96C1ACE79D509967461DC5A4D2836F63C04268637A3FC ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
11:18:00.0819 0x168c  storflt - ok
11:18:00.0870 0x168c  [ DCAFFD62259E0BDB433DD67B5BB37619, CBD12FF9BBF33D18B0F3D322B12EC62E7DF3BF45C6AD43D2E91FF4C4762E05D0 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
11:18:00.0875 0x168c  storvsc - ok
11:18:00.0924 0x168c  [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum          C:\Windows\system32\drivers\swenum.sys
11:18:00.0928 0x168c  swenum - ok
11:18:00.0998 0x168c  [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv           C:\Windows\System32\swprv.dll
11:18:01.0031 0x168c  swprv - ok
11:18:01.0052 0x168c  Synth3dVsc - ok
11:18:01.0168 0x168c  [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain         C:\Windows\system32\sysmain.dll
11:18:01.0259 0x168c  SysMain - ok
11:18:01.0315 0x168c  [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
11:18:01.0357 0x168c  TabletInputService - ok
11:18:01.0416 0x168c  [ DEB7FA72F982C4881E633507C5265A3C, D8D75013A4F572600E3540986F873D19197619A63568068AF0C2274E4302F832 ] taphss6         C:\Windows\system32\DRIVERS\taphss6.sys
11:18:01.0420 0x168c  taphss6 - ok
11:18:01.0481 0x168c  [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv         C:\Windows\System32\tapisrv.dll
11:18:01.0531 0x168c  TapiSrv - ok
11:18:01.0575 0x168c  [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS             C:\Windows\System32\tbssvc.dll
11:18:01.0609 0x168c  TBS - ok
11:18:01.0751 0x168c  [ CA59F7C570AF70BC174F477CFE2D9EE3, F09E4E14207A2AC6957D2C0AC8707D0E356A9087FA6DC703373242D8EEB026BD ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
11:18:01.0859 0x168c  Tcpip - ok
11:18:01.0972 0x168c  [ CA59F7C570AF70BC174F477CFE2D9EE3, F09E4E14207A2AC6957D2C0AC8707D0E356A9087FA6DC703373242D8EEB026BD ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
11:18:02.0045 0x168c  TCPIP6 - ok
11:18:02.0108 0x168c  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
11:18:02.0113 0x168c  tcpipreg - ok
11:18:02.0174 0x168c  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
11:18:02.0199 0x168c  TDPIPE - ok
11:18:02.0249 0x168c  [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
11:18:02.0252 0x168c  TDTCP - ok
11:18:02.0315 0x168c  [ B459575348C20E8121D6039DA063C704, 1B4328A9EA39FF5A57F258E02254D04B73455F1DF7C997C13702A8B2F12D0347 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
11:18:02.0349 0x168c  tdx - ok
11:18:02.0398 0x168c  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD          C:\Windows\system32\drivers\termdd.sys
11:18:02.0423 0x168c  TermDD - ok
11:18:02.0511 0x168c  [ 382C804C92811BE57829D8E550A900E2, 5F52C2E7902024CF1C9CC0069F411C3F19CCA3DB209F437FA0F3932D4898EB50 ] TermService     C:\Windows\System32\termsrv.dll
11:18:02.0574 0x168c  TermService - ok
11:18:02.0621 0x168c  [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes          C:\Windows\system32\themeservice.dll
11:18:02.0637 0x168c  Themes - ok
11:18:02.0667 0x168c  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER     C:\Windows\system32\mmcss.dll
11:18:02.0675 0x168c  THREADORDER - ok
11:18:02.0716 0x168c  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks          C:\Windows\System32\trkwks.dll
11:18:02.0729 0x168c  TrkWks - ok
11:18:02.0816 0x168c  [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:18:02.0888 0x168c  TrustedInstaller - ok
11:18:02.0951 0x168c  [ B37B08F2E5EEB1A37E448E09BACE1101, 32CC9E06B88BAB6FAB4696B744548DFCE9199A7FD2BA8B019F269CA75895852C ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
11:18:02.0976 0x168c  tssecsrv - ok
11:18:03.0027 0x168c  [ FD1D6C73E6333BE727CBCC6054247654, 6F7B9AE1A5986204DB3348D13B303F30FC17624939DA74D6BD114FAEED0FB30E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
11:18:03.0033 0x168c  TsUsbFlt - ok
11:18:03.0052 0x168c  tsusbhub - ok
11:18:03.0127 0x168c  [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
11:18:03.0136 0x168c  tunnel - ok
11:18:03.0178 0x168c  [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
11:18:03.0184 0x168c  uagp35 - ok
11:18:03.0250 0x168c  [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
11:18:03.0294 0x168c  udfs - ok
11:18:03.0363 0x168c  [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect       C:\Windows\system32\UI0Detect.exe
11:18:03.0388 0x168c  UI0Detect - ok
11:18:03.0438 0x168c  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
11:18:03.0463 0x168c  uliagpkx - ok
11:18:03.0531 0x168c  [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus           C:\Windows\system32\drivers\umbus.sys
11:18:03.0536 0x168c  umbus - ok
11:18:03.0580 0x168c  [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
11:18:03.0583 0x168c  UmPass - ok
11:18:03.0640 0x168c  [ 409994A8EACEEE4E328749C0353527A0, FFC57B647147DE2957A7DE4B330CC534DE7AC892A2FCE3BB164F7A516CAB1B56 ] UmRdpService    C:\Windows\System32\umrdp.dll
11:18:03.0682 0x168c  UmRdpService - ok
11:18:03.0734 0x168c  [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost        C:\Windows\System32\upnphost.dll
11:18:03.0758 0x168c  upnphost - ok
11:18:03.0836 0x168c  [ A1977C315BF5691DA99235AA4A6907AF, 34B52FBA83F0E1C6B001D0AD1808B00152F731D18AAECC3C53B9918AA89BACEC ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
11:18:03.0844 0x168c  usbaudio - ok
11:18:03.0901 0x168c  [ BD9C55D7023C5DE374507ACC7A14E2AC, 1DBAFF733DE5C1A6A2374B15BD94512A22D9C0F4DF91F997801340828333AF3C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
11:18:03.0908 0x168c  usbccgp - ok
11:18:03.0962 0x168c  [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir          C:\Windows\system32\drivers\usbcir.sys
11:18:04.0003 0x168c  usbcir - ok
11:18:04.0057 0x168c  [ F92DE757E4B7CE9C07C5E65423F3AE3B, B3FDEE4A8F1C7EC12405D99ACABC3E633FA4ED08D2A2AA871526ED7927A35A91 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
11:18:04.0083 0x168c  usbehci - ok
11:18:04.0152 0x168c  [ 8DC94AEC6A7E644A06135AE7506DC2E9, 3ACB621D57BC8691DBBCDEF27563AA6390370362F21AFA6E7BA35BC429E14590 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
11:18:04.0203 0x168c  usbhub - ok
11:18:04.0251 0x168c  [ E185D44FAC515A18D9DEDDC23C2CDF44, EF69D0253CC8F1D29929FD5E74F18737ECF5D238874B6E1505E2EAEE66D9D987 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
11:18:04.0256 0x168c  usbohci - ok
11:18:04.0300 0x168c  [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
11:18:04.0304 0x168c  usbprint - ok
11:18:04.0379 0x168c  [ FC6B21DB4B5B398AB93DBE59CBF11036, A94094C208F376405C07822A6143001EF1B12AE93205CD8002E87F6EB45F6374 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
11:18:04.0384 0x168c  usbscan - ok
11:18:04.0441 0x168c  [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:18:04.0449 0x168c  USBSTOR - ok
11:18:04.0484 0x168c  [ 68DF884CF41CDADA664BEB01DAF67E3D, 142781FE2FF93B269D8FA11D4C3F60967552A867E94533D94EF1C2D777A67872 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
11:18:04.0488 0x168c  usbuhci - ok
11:18:04.0560 0x168c  [ DE014425522610BEDCA3821BB8C0F1D5, D6FEA0DF07F89834AEEE8C02CC7FD41068D758B6CCECE2EEE5CF4B9DB646FA1E ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
11:18:04.0602 0x168c  usbvideo - ok
11:18:04.0645 0x168c  [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms           C:\Windows\System32\uxsms.dll
11:18:04.0662 0x168c  UxSms - ok
11:18:04.0685 0x168c  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] VaultSvc        C:\Windows\system32\lsass.exe
11:18:04.0694 0x168c  VaultSvc - ok
11:18:04.0753 0x168c  [ 2A29B5D722D6B7F688507393E5D4166B, 6FA1265CA39F546F7AF33DC8F3064CD1EB2AC0AD4C4994B0E309C547B8EA3E0E ] VBoxNetAdp      C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
11:18:04.0763 0x168c  VBoxNetAdp - ok
11:18:04.0784 0x168c  VBoxNetFlt - ok
11:18:04.0860 0x168c  [ 03C452203034FD48091DDC935EF68BEB, C282D815FD76A271C58852CF939D291EE6FBFFC7A1E186C899D9137288A7F505 ] VBoxUSB         C:\Windows\system32\Drivers\VBoxUSB.sys
11:18:04.0885 0x168c  VBoxUSB - ok
11:18:04.0926 0x168c  [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
11:18:04.0930 0x168c  vdrvroot - ok
11:18:05.0011 0x168c  [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds             C:\Windows\System32\vds.exe
11:18:05.0074 0x168c  vds - ok
11:18:05.0131 0x168c  [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
11:18:05.0149 0x168c  vga - ok
11:18:05.0190 0x168c  [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave         C:\Windows\System32\drivers\vga.sys
11:18:05.0194 0x168c  VgaSave - ok
11:18:05.0223 0x168c  VGPU - ok
11:18:05.0292 0x168c  [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
11:18:05.0309 0x168c  vhdmp - ok
11:18:05.0374 0x168c  [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
11:18:05.0380 0x168c  viaagp - ok
11:18:05.0424 0x168c  [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys
11:18:05.0430 0x168c  ViaC7 - ok
11:18:05.0587 0x168c  [ F2ABB8BC8A9F807EDDB639672695A9BC, 17C3C3D94A08D8AFB68404FA9FE951E892D833F69C2C8ABAE12519175D3D4E06 ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
11:18:05.0717 0x168c  VIAHdAudAddService - ok
11:18:05.0802 0x168c  [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide          C:\Windows\system32\drivers\viaide.sys
11:18:05.0806 0x168c  viaide - ok
11:18:05.0913 0x168c  [ A713C6BBA47D14B81FED1995DBE8C0AD, 7AE3FF139C03B81F6EC54855146808BD45060690C98A253A79E4EBC82AB04F90 ] VIAKaraokeService C:\Windows\system32\viakaraokesrv.exe
11:18:05.0923 0x168c  VIAKaraokeService - ok
11:18:05.0979 0x168c  [ C2F2911156FDC7817C52829C86DA494E, FE499F189B5016FCE0018AA3DE3970B72275B7B15F3D4D608117F6DDEC6B90DC ] vmbus           C:\Windows\system32\drivers\vmbus.sys
11:18:05.0992 0x168c  vmbus - ok
11:18:06.0038 0x168c  [ D4D77455211E204F370D08F4963063CE, 2018B2A84C73E0834200A594C02A9D28C74906F126DAD3CCDDFC9CD9A61669E2 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
11:18:06.0062 0x168c  VMBusHID - ok
11:18:06.0092 0x168c  [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
11:18:06.0097 0x168c  volmgr - ok
11:18:06.0163 0x168c  [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
11:18:06.0182 0x168c  volmgrx - ok
11:18:06.0260 0x168c  [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
11:18:06.0279 0x168c  volsnap - ok
11:18:06.0354 0x168c  [ B26536ADD1D748CDA104D856C979AE79, C88FBCD63DB3607232616FAB989F0FD7FB00ED542E6AC1BC76076A7C13A6FB22 ] vpcbus          C:\Windows\system32\DRIVERS\vpchbus.sys
11:18:06.0396 0x168c  vpcbus - ok
11:18:06.0483 0x168c  [ A0F7E923A6261760130F22B85DF9040E, E70ED14497262C75CC2D4B67B046BB43D8F47A4B8487D258694891E9B4C6DA44 ] vpcnfltr        C:\Windows\system32\DRIVERS\vpcnfltr.sys
11:18:06.0488 0x168c  vpcnfltr - ok
11:18:06.0562 0x168c  [ 5F4B55E91CE7E2523C9E1E0ECE858869, 3C395198C1845A15C4E39888383587A5E481E2761B885DBB5FC2C17C7075E6B4 ] vpcusb          C:\Windows\system32\DRIVERS\vpcusb.sys
11:18:06.0596 0x168c  vpcusb - ok
11:18:06.0675 0x168c  [ B487191FE18D6863381A1AC55482469A, 77A6C87E833E90FFD2FF51C6B28041D8AE9C6CE293DA4166E65470C18C017971 ] vpcvmm          C:\Windows\system32\drivers\vpcvmm.sys
11:18:06.0717 0x168c  vpcvmm - ok
11:18:06.0786 0x168c  [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
11:18:06.0796 0x168c  vsmraid - ok
11:18:06.0916 0x168c  [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS             C:\Windows\system32\vssvc.exe
11:18:06.0992 0x168c  VSS - ok
11:18:07.0032 0x168c  [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
11:18:07.0036 0x168c  vwifibus - ok
11:18:07.0083 0x168c  [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time         C:\Windows\system32\w32time.dll
11:18:07.0129 0x168c  W32Time - ok
11:18:07.0171 0x168c  [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
11:18:07.0175 0x168c  WacomPen - ok
11:18:07.0239 0x168c  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
11:18:07.0245 0x168c  WANARP - ok
11:18:07.0280 0x168c  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
11:18:07.0285 0x168c  Wanarpv6 - ok
11:18:07.0422 0x168c  [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
11:18:07.0539 0x168c  WatAdminSvc - ok
11:18:07.0665 0x168c  [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine        C:\Windows\system32\wbengine.exe
11:18:07.0750 0x168c  wbengine - ok
11:18:07.0804 0x168c  [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
11:18:08.0063 0x168c  WbioSrvc - ok
11:18:08.0431 0x168c  [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc         C:\Windows\System32\wcncsvc.dll
11:18:08.0555 0x168c  wcncsvc - ok
11:18:08.0740 0x168c  [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:18:08.0820 0x168c  WcsPlugInService - ok
11:18:09.0070 0x168c  [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
11:18:09.0167 0x168c  Wd - ok
11:18:09.0641 0x168c  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
11:18:09.0695 0x168c  Wdf01000 - ok
11:18:09.0760 0x168c  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost  C:\Windows\system32\wdi.dll
11:18:09.0775 0x168c  WdiServiceHost - ok
11:18:09.0799 0x168c  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost   C:\Windows\system32\wdi.dll
11:18:09.0810 0x168c  WdiSystemHost - ok
11:18:09.0876 0x168c  [ 75E8EBD7040CE238684333F97014762A, 2CA0B267FBAEB303D1F8B639D733DC0DE17BA1276CC9096035B4F2BBBED3EF7F ] WebClient       C:\Windows\System32\webclnt.dll
11:18:09.0927 0x168c  WebClient - ok
11:18:09.0967 0x168c  [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc          C:\Windows\system32\wecsvc.dll
11:18:09.0994 0x168c  Wecsvc - ok
11:18:10.0041 0x168c  [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
11:18:10.0060 0x168c  wercplsupport - ok
11:18:10.0107 0x168c  [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc          C:\Windows\System32\WerSvc.dll
11:18:10.0125 0x168c  WerSvc - ok
11:18:10.0170 0x168c  [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
11:18:10.0174 0x168c  WfpLwf - ok
11:18:10.0210 0x168c  [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
11:18:10.0214 0x168c  WIMMount - ok
11:18:10.0324 0x168c  [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
11:18:10.0370 0x168c  WinDefend - ok
11:18:10.0422 0x168c  WinHttpAutoProxySvc - ok
11:18:10.0487 0x168c  [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
11:18:10.0519 0x168c  Winmgmt - ok
11:18:10.0637 0x168c  [ 1B91CD34EA3A90AB6A4EF0550174F4CC, 5B6618615EBFBA594C945AD35F5C68DA8C6053892B6D12D626BB6120910D80DC ] WinRM           C:\Windows\system32\WsmSvc.dll
11:18:10.0745 0x168c  WinRM - ok
11:18:10.0855 0x168c  [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
11:18:10.0860 0x168c  WinUsb - ok
11:18:10.0955 0x168c  [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc         C:\Windows\System32\wlansvc.dll
11:18:11.0038 0x168c  Wlansvc - ok
11:18:11.0093 0x168c  [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
11:18:11.0096 0x168c  WmiAcpi - ok
11:18:11.0177 0x168c  [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
11:18:11.0244 0x168c  wmiApSrv - ok
11:18:11.0549 0x168c  [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
11:18:11.0626 0x168c  WMPNetworkSvc - ok
11:18:11.0663 0x168c  [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
11:18:11.0954 0x168c  WPCSvc - ok
11:18:11.0996 0x168c  [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
11:18:12.0022 0x168c  WPDBusEnum - ok
11:18:12.0066 0x168c  [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
11:18:12.0072 0x168c  ws2ifsl - ok
11:18:12.0112 0x168c  [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc          C:\Windows\System32\wscsvc.dll
11:18:12.0125 0x168c  wscsvc - ok
11:18:12.0147 0x168c  WSearch - ok
11:18:12.0378 0x168c  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll
11:18:12.0551 0x168c  wuauserv - ok
11:18:12.0615 0x168c  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
11:18:12.0649 0x168c  WudfPf - ok
11:18:12.0732 0x168c  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
11:18:12.0744 0x168c  WUDFRd - ok
11:18:12.0823 0x168c  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
11:18:12.0836 0x168c  wudfsvc - ok
11:18:12.0893 0x168c  [ 3C5E51C05BE9B56EAFF4E388C3AB25E4, 10D9FDEDAB1FB2E76D54661AFA5C1A6B1B0980525F38F5D061537077841C6AEE ] WwanSvc         C:\Windows\System32\wwansvc.dll
11:18:12.0944 0x168c  WwanSvc - ok
11:18:13.0015 0x168c  ================ Scan global ===============================
11:18:13.0061 0x168c  [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll
11:18:13.0134 0x168c  [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
11:18:13.0184 0x168c  [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
11:18:13.0229 0x168c  [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
11:18:13.0286 0x168c  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\Windows\system32\services.exe
11:18:13.0311 0x168c  [ Global ] - ok
11:18:13.0317 0x168c  ================ Scan MBR ==================================
11:18:13.0336 0x168c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:18:14.0182 0x168c  \Device\Harddisk0\DR0 - ok
11:18:14.0202 0x168c  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR2
11:18:14.0207 0x168c  \Device\Harddisk1\DR2 - ok
11:18:14.0215 0x168c  ================ Scan VBR ==================================
11:18:14.0236 0x168c  [ 78AC93E00B5A0232F0AA01007082B14D ] \Device\Harddisk0\DR0\Partition1
11:18:14.0239 0x168c  \Device\Harddisk0\DR0\Partition1 - ok
11:18:14.0264 0x168c  [ 8C044F120D91854ED9C82C3FD8D3AD92 ] \Device\Harddisk0\DR0\Partition2
11:18:14.0266 0x168c  \Device\Harddisk0\DR0\Partition2 - ok
11:18:14.0291 0x168c  [ 96325F028F73EFF9EBA13FB83D038C7E ] \Device\Harddisk1\DR2\Partition1
11:18:14.0292 0x168c  \Device\Harddisk1\DR2\Partition1 - ok
11:18:14.0302 0x168c  Waiting for KSN requests completion. In queue: 54
11:18:15.0302 0x168c  Waiting for KSN requests completion. In queue: 54
11:18:16.0302 0x168c  Waiting for KSN requests completion. In queue: 54
11:18:17.0302 0x168c  Waiting for KSN requests completion. In queue: 54
11:18:19.0069 0x168c  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2011.263 ), 0x41000 ( enabled : updated )
11:18:19.0427 0x168c  Win FW state via NFP2: enabled
11:18:22.0643 0x168c  ============================================================
11:18:22.0643 0x168c  Scan finished
11:18:22.0643 0x168c  ============================================================
11:18:22.0668 0x0bd4  Detected object count: 0
11:18:22.0668 0x0bd4  Actual detected object count: 0
 
 
 
 
 
# AdwCleaner v3.017 - Reporte Creado 15/01/2014 en 12:05:02
# Actualizado 12/01/2014 por Xplode
# Sistema Operativo : Windows 7 Ultimate Service Pack 1 (32 bits)
# Nombre de usuario : Doris - DORIS-PC
# Ejecutado desde : D:\Users\Doris\Downloads\AdwCleaner.exe
# Opción : Limpiar
 
***** [ Servicios ] *****
 
 
***** [ Archivos / Carpetas ] *****
 
Carpeta Borrar : C:\ProgramData\Babylon
Carpeta Borrar : C:\ProgramData\boost_interprocess
Carpeta Borrar : C:\ProgramData\NCH Software
Carpeta Borrar : C:\Program Files\Searchprotect
Carpeta Borrar : C:\Windows\system32\Searchprotect
Carpeta Borrar : C:\Users\Doris\AppData\Local\Searchprotect
Carpeta Borrar : C:\Users\Doris\AppData\Local\SwvUpdater
Carpeta Borrar : C:\Users\Doris\AppData\Local\thinstall
Carpeta Borrar : C:\Users\Doris\AppData\LocalLow\Conduit
Carpeta Borrar : C:\Users\Doris\AppData\LocalLow\Toolbar4
Carpeta Borrar : C:\Users\Doris\AppData\Roaming\Babylon
Carpeta Borrar : C:\Users\Doris\AppData\Roaming\NCH Software
Carpeta Borrar : C:\Users\Doris\AppData\Roaming\OpenCandy
Carpeta Borrar : C:\Users\Doris\AppData\Roaming\thinstall
Carpeta Borrar : C:\Users\Doris\AppData\Roaming\yourfiledownloader
Carpeta Borrar : C:\Users\ANA\AppData\Local\Searchprotect
Carpeta Borrar : C:\Users\ANA\AppData\Roaming\Iminent
Carpeta Borrar : C:\Users\JUAN\AppData\Local\Searchprotect
Carpeta Borrar : C:\Users\JUAN\AppData\Local\thinstall
Carpeta Borrar : C:\Users\JUAN\AppData\LocalLow\AskToolbar
Carpeta Borrar : C:\Users\JUAN\AppData\LocalLow\Toolbar4
Carpeta Borrar : C:\Users\JUAN\AppData\Roaming\Iminent
Carpeta Borrar : C:\Users\JUAN\AppData\Roaming\thinstall
Archivo Borrar : C:\Users\Doris\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage-journal
Archivo Borrar : C:\Windows\Tasks\AmiUpdXp.job
Archivo Borrar : C:\Windows\System32\Tasks\AmiUpdXp
Archivo Borrar : C:\Windows\System32\Tasks\NCH Software
Archivo Borrar : C:\Windows\System32\Tasks\Your File Updater
 
***** [ Accesos directos ] *****
 
 
***** [ Registry ] *****
 
Valor Borrar : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [xz123@ya456.com]
Clave Borrar : HKLM\SOFTWARE\Google\Chrome\Extensions\dedmngkbaffkenlfdcbganndoghblmap
[#] Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AADB1ABC-414A-4E4E-954B-4C54CE8DE3F6}
[#] Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AADB1ABC-414A-4E4E-954B-4C54CE8DE3F6}
[#] Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{281E358E-A4D2-4BAD-BE57-F1D058BDF100}
[#] Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{281E358E-A4D2-4BAD-BE57-F1D058BDF100}
Clave Borrar : HKLM\SOFTWARE\Classes\AmiBs.Installer
Clave Borrar : HKLM\SOFTWARE\Classes\AmiBs.Installer.1
Clave Borrar : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Clave Borrar : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Clave Borrar : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Clave Borrar : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Clave Borrar : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Clave Borrar : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Clave Borrar : HKLM\SOFTWARE\Classes\Prod.cap
Clave Borrar : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Clave Borrar : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasapi32
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasmancs
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\sweetpacksupdatemanager_rasapi32
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\YourFile_RASAPI32
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\YourFile_RASMANCS
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\YourFileUpdater_RASAPI32
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\YourFileUpdater_RASMANCS
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_5-days-a-stranger_RASAPI32
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_5-days-a-stranger_RASMANCS
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_subtitle-workshop_RASAPI32
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_subtitle-workshop_RASMANCS
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_the-art-of-theft_RASAPI32
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_the-art-of-theft_RASMANCS
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_universal-theme-patcher_RASAPI32
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_universal-theme-patcher_RASMANCS
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_virtualbox_RASAPI32
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_virtualbox_RASMANCS
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_windows-movie-maker_RASAPI32
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_windows-movie-maker_RASMANCS
Clave Borrar : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Clave Borrar : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Clave Borrar : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Clave Borrar : HKLM\SOFTWARE\Classes\TypeLib\{1C1356DA-1E98-4810-A9F6-18D89BD1C0C0}
Clave Borrar : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Clave Borrar : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Clave Borrar : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Clave Borrar : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Clave Borrar : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Clave Borrar : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7854F00C-DC77-477E-A10E-603F48442D3B}
Clave Borrar : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Clave Borrar : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2}
Clave Borrar : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Clave Borrar : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Clave Borrar : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Clave Borrar : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Clave Borrar : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Clave Borrar : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}
Valor Borrar : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Valor Borrar : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{977AE9CC-AF83-45E8-9E03-E2798216E2D5}]
Valor Borrar : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Valor Borrar : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Clave Borrar : HKCU\Software\anchorfree
Clave Borrar : HKCU\Software\Conduit
Clave Borrar : HKCU\Software\IM
Clave Borrar : HKCU\Software\ImInstaller
Clave Borrar : HKCU\Software\NCH Software
Clave Borrar : HKCU\Software\Softonic
Clave Borrar : HKCU\Software\YourFileDownloader
Clave Borrar : HKCU\Software\AppDataLow\Software\Conduit
Clave Borrar : HKCU\Software\AppDataLow\Software\SmartBar
Clave Borrar : HKLM\Software\Babylon
Clave Borrar : HKLM\Software\BetterSurf
Clave Borrar : HKLM\Software\Conduit
Clave Borrar : HKLM\Software\Iminent
Clave Borrar : HKLM\Software\SearchProtect
Clave Borrar : HKLM\Software\YourFileDownloader
Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
 
***** [ Navegadores ] *****
 
-\\ Internet Explorer v10.0.9200.16750
 
Ajustes Restaurar : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
 
-\\ Google Chrome v32.0.1700.41
 
[ Archivo : C:\Users\Doris\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ Archivo : C:\Users\ANA\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ Archivo : C:\Users\JUAN\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [17055 octets] - [15/01/2014 11:33:15]
AdwCleaner[S0].txt - [16110 octets] - [15/01/2014 12:05:02]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [16171 octets] ##########
 


#6 Juanmik

Juanmik
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:01:25 PM

Posted 15 January 2014 - 07:23 PM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Ultimate x86
Ran by Doris on 15/01/2014 at 12:32:34,24
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
~~~ Services
 
 
~~~ Registry Values
 
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1167016168-3567840934-799961921-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\dmwu_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\dmwu_rasmancs
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{4579610B-0D42-446B-9879-9C080C75A6A2}
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\Users\Doris\appdata\local\cre"
 
 
~~~ Event Viewer Logs were cleared
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 15/01/2014 at 12:40:21,43
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
ESET
 
C:\Users\All Users\Microsoft\BingDesktop\BingCore\temp\tmp670B.exe a variant of Win32/Injector.AVKB trojan
C:\Users\All Users\Microsoft\BingDesktop\BingCore\temp\tmpFBF6.exe probably a variant of Win32/TrojanDropper.Agent.QLR trojan
C:\AdwCleaner\Quarantine\C\Users\Doris\AppData\Local\SwvUpdater\Updater.exe.vir a variant of Win32/Amonetize.I application cleaned by deleting - quarantined
C:\Program Files\uTorrent\uTorrent.exe a variant of Win32/Bunndle application cleaned by deleting - quarantined
C:\Program Files\VideoPlayerV3\VideoPlayerV3beta358\uninstall.exe a variant of Win32/Amonetize.X application cleaned by deleting - quarantined
C:\Program Files\VideoPlayerV3\VideoPlayerV3beta358\ie\VideoPlayerV3beta358.dll a variant of Win32/AdWare.BetterSurf.C application cleaned by deleting - quarantined
C:\ProgramData\Microsoft\BingDesktop\BingCore\temp\tmp670B.exe a variant of Win32/Injector.AVKB trojan cleaned by deleting - quarantined
C:\ProgramData\Microsoft\BingDesktop\BingCore\temp\tmpFBF6.exe probably a variant of Win32/TrojanDropper.Agent.QLR trojan cleaned by deleting - quarantined
C:\Users\ANA\Downloads\utorrent.exe a variant of Win32/Bunndle application cleaned by deleting - quarantined
C:\Users\Doris\AppData\Local\Google\Chrome\User Data\Default\adlcjgijhmhjdmooahbiaanophfmbljp\1.0.7\background.js Win32/Boaxxe.BE trojan cleaned by deleting - quarantined
C:\Users\Doris\AppData\Local\Temp\pbrzanvk.exe a variant of Win32/Injector.AVKB trojan cleaned by deleting - quarantined
C:\Users\Doris\AppData\Local\Temp\Setup1.exe multiple threats cleaned by deleting - quarantined
C:\Users\Doris\AppData\Roaming\verison.dll Win32/Redyms.AF trojan cleaned by deleting - quarantined
C:\Users\JUAN\AppData\Roaming\Adobe\crsscmgr\crsscmgr.exe probably a variant of Win32/TrojanDropper.Agent.QLR trojan cleaned by deleting - quarantined
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7XXL2TT0\SkywalkerSetup[1].exe Win32/SweetIM.G application cleaned by deleting - quarantined
D:\Users\Doris\Downloads\Programas y otros\DuplicateCleaner_setup.exe Win32/OpenCandy application cleaned by deleting - quarantined
D:\Users\Doris\Videos\Sims 2\Objects\solucion2012.rar Win32/Keygen.BL application deleted - quarantined
D:\Users\JUAN\Downloads\Downloads\Programas\SoftonicDownloader_para_subtitle-workshop.exe Win32/SoftonicDownloader.C application cleaned by deleting - quarantined
D:\Users\JUAN\Downloads\Downloads\Programas\SoftonicDownloader_para_windows-movie-maker.exe Win32/SoftonicDownloader application cleaned by deleting - quarantined
D:\Users\JUAN\Downloads\Downloads\Sims 2\sIMS 2 oBJECTS\solucion2012.rar Win32/Keygen.BL application deleted - quarantined
 


#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,906 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:25 PM

Posted 15 January 2014 - 10:43 PM

Hello you installed a key generator or cracked software that has allowed nasty infections on here.
 
Win32/Injector
When installed into the system, it connects to remote Command and Control center (C&C) every few minutes and receives additional instructions. It can be a command to download new malicious applications or various requests about stealing particular data from the infected computer.
 
Trojan:Win32/Boaxxe.E is a trojan that drops other malware,
 
 
Do you do banking on here?
 
 
Please download Malwarebytes Anti-Malware and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
  • Double-click on the renamed file to install, then follow these instructions
  • for doing a Quick Scan in normal mode.
  • Don't forget to check for database definition updates through the program's interface (preferable method) before scanning.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • After completing the scan, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab .
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

-- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, use Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 Juanmik

Juanmik
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:01:25 PM

Posted 16 January 2014 - 12:33 AM

No internet banking, only shopping from time to time. It seems only legit software from now on. 

 

It mentions something about Malwarebytes Chameleon. How do I know which of the two install? 



#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,906 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:25 PM

Posted 16 January 2014 - 12:18 PM

Use the first.. The chameleon is in case the malware stops the first install..
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 Juanmik

Juanmik
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:01:25 PM

Posted 16 January 2014 - 01:17 PM

In the end ran the chameleon version of it... hope it doesn't affect.

 

Found more trojans, a PUP and vplayer: (in quarantine and all succesfully deleted)

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
 
Versión de la Base de Datos: v2014.01.16.03
 
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 10.0.9200.16750
Doris :: DORIS-PC [administrador]
 
16/01/2014 10:05:41
mbam-log-2014-01-16 (10-05-41).txt
 
Tipos de Análisis: Análisis Rápido
Opciones de análisis activado: Memoria | Inicio | Registro | Sistema de archivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
Opciones de análisis desactivados: P2P
Objetos examinados: 250893
Tiempo transcurrido: 36 minuto(s), 14 segundo(s)
 
Procesos en Memoria Detectados: 0
(No se han detectado elementos maliciosos)
 
Módulos de Memoria Detectados: 0
(No se han detectado elementos maliciosos)
 
Claves del Registro Detectados: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Webexp Enhanced (PUP.Optional.Webexp) -> En cuarentena y eliminado con éxito.
 
Valores del Registro Detectados: 0
(No se han detectado elementos maliciosos)
 
Elementos de Datos del Registro Detectados: 0
(No se han detectado elementos maliciosos)
 
Carpetas Detectadas: 18
C:\Users\JUAN\AppData\Roaming\Adobe\crsscmgr (Trojan.Bitminer) -> En cuarentena y eliminado con éxito.
C:\Program Files\WebexpEnhancedV1 (PUP.Optional.Webexp) -> En cuarentena y eliminado con éxito.
C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha934 (PUP.Optional.Webexp) -> En cuarentena y eliminado con éxito.
C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha934\ch (PUP.Optional.Webexp) -> En cuarentena y eliminado con éxito.
C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha934\ff (PUP.Optional.Webexp) -> En cuarentena y eliminado con éxito.
C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha934\ff\chrome (PUP.Optional.Webexp) -> En cuarentena y eliminado con éxito.
C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha934\ff\chrome\content (PUP.Optional.Webexp) -> En cuarentena y eliminado con éxito.
C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha934\ff\chrome\content\icons (PUP.Optional.Webexp) -> En cuarentena y eliminado con éxito.
C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha934\ff\chrome\content\icons\default (PUP.Optional.Webexp) -> En cuarentena y eliminado con éxito.
C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha934\ie (PUP.Optional.Webexp) -> En cuarentena y eliminado con éxito.
C:\Program Files\VideoPlayerV3\VideoPlayerV3beta358 (Adware.VPlayer) -> En cuarentena y eliminado con éxito.
C:\Program Files\VideoPlayerV3\VideoPlayerV3beta358\ch (Adware.VPlayer) -> En cuarentena y eliminado con éxito.
C:\Program Files\VideoPlayerV3\VideoPlayerV3beta358\ff (Adware.VPlayer) -> En cuarentena y eliminado con éxito.
C:\Program Files\VideoPlayerV3\VideoPlayerV3beta358\ff\chrome (Adware.VPlayer) -> En cuarentena y eliminado con éxito.
C:\Program Files\VideoPlayerV3\VideoPlayerV3beta358\ff\chrome\content (Adware.VPlayer) -> En cuarentena y eliminado con éxito.
C:\Program Files\VideoPlayerV3\VideoPlayerV3beta358\ff\chrome\content\icons (Adware.VPlayer) -> En cuarentena y eliminado con éxito.
C:\Program Files\VideoPlayerV3\VideoPlayerV3beta358\ff\chrome\content\icons\default (Adware.VPlayer) -> En cuarentena y eliminado con éxito.
C:\Program Files\VideoPlayerV3\VideoPlayerV3beta358\ie (Adware.VPlayer) -> En cuarentena y eliminado con éxito.
 
Archivos Detectados: 20
C:\Users\JUAN\AppData\Roaming\Adobe\crsscmgr\libcurl-4.dll (Trojan.Bitminer) -> En cuarentena y eliminado con éxito.
C:\Users\JUAN\AppData\Roaming\Adobe\crsscmgr\pthreadGC2.dll (Trojan.Bitminer) -> En cuarentena y eliminado con éxito.
C:\Users\JUAN\AppData\Roaming\Adobe\crsscmgr\service.exe (Trojan.Bitminer) -> En cuarentena y eliminado con éxito.
C:\Users\JUAN\AppData\Roaming\Adobe\crsscmgr\zlib1.dll (Trojan.Bitminer) -> En cuarentena y eliminado con éxito.
C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha934\ch\WebexpEnhancedV1alpha934.crx (PUP.Optional.Webexp) -> En cuarentena y eliminado con éxito.
C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha934\ff\chrome.manifest (PUP.Optional.Webexp) -> En cuarentena y eliminado con éxito.
C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha934\ff\install.rdf (PUP.Optional.Webexp) -> En cuarentena y eliminado con éxito.
C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha934\ff\chrome\content\ffWebexpEnhancedV1alpha934.js (PUP.Optional.Webexp) -> En cuarentena y eliminado con éxito.
C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha934\ff\chrome\content\ffWebexpEnhancedV1alpha934ffaction.js (PUP.Optional.Webexp) -> En cuarentena y eliminado con éxito.
C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha934\ff\chrome\content\overlay.xul (PUP.Optional.Webexp) -> En cuarentena y eliminado con éxito.
C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha934\ff\chrome\content\icons\Thumbs.db (PUP.Optional.Webexp) -> En cuarentena y eliminado con éxito.
C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha934\ff\chrome\content\icons\default\WebexpEnhancedV1alpha934_32.png (PUP.Optional.Webexp) -> En cuarentena y eliminado con éxito.
C:\Program Files\VideoPlayerV3\VideoPlayerV3beta358\ch\VideoPlayerV3beta358.crx (Adware.VPlayer) -> En cuarentena y eliminado con éxito.
C:\Program Files\VideoPlayerV3\VideoPlayerV3beta358\ff\chrome.manifest (Adware.VPlayer) -> En cuarentena y eliminado con éxito.
C:\Program Files\VideoPlayerV3\VideoPlayerV3beta358\ff\install.rdf (Adware.VPlayer) -> En cuarentena y eliminado con éxito.
C:\Program Files\VideoPlayerV3\VideoPlayerV3beta358\ff\chrome\content\ffVideoPlayerV3beta358.js (Adware.VPlayer) -> En cuarentena y eliminado con éxito.
C:\Program Files\VideoPlayerV3\VideoPlayerV3beta358\ff\chrome\content\ffVideoPlayerV3beta358ffaction.js (Adware.VPlayer) -> En cuarentena y eliminado con éxito.
C:\Program Files\VideoPlayerV3\VideoPlayerV3beta358\ff\chrome\content\overlay.xul (Adware.VPlayer) -> En cuarentena y eliminado con éxito.
C:\Program Files\VideoPlayerV3\VideoPlayerV3beta358\ff\chrome\content\icons\Thumbs.db (Adware.VPlayer) -> En cuarentena y eliminado con éxito.
C:\Program Files\VideoPlayerV3\VideoPlayerV3beta358\ff\chrome\content\icons\default\VideoPlayerV3beta358_32.png (Adware.VPlayer) -> En cuarentena y eliminado con éxito.
 
fin)


#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,906 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:25 PM

Posted 16 January 2014 - 02:23 PM

Looks like we removed it all.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#12 Juanmik

Juanmik
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:01:25 PM

Posted 16 January 2014 - 08:18 PM

Thank you!

 

I shouldn't be worried over email accounts and passwords?



#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,906 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:25 PM

Posted 16 January 2014 - 09:42 PM

Sorry, correct they should all be changed due to the Injector malwares.

Empty your temp folders using TFC (Temporary File Cleaner)
  • Please download TFC by Old Timer and save it to your desktop.
    alternate download link
  • Save any unsaved work. (TFC will close ALL open programs including your browser!)
  • Double-click on TFC.exe to run it. (If you are using Vista, right-click on the file and choose "Run As Administrator".)
  • Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
  • Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway allowing Windows to load normally (not into Safe Mode) to ensure a complete clean.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#14 Juanmik

Juanmik
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:01:25 PM

Posted 16 January 2014 - 11:45 PM

Everything was running smothly and then Avast  blocks another Url:mal originating from taskhost.exe! 

 

Proceeding with TFC (hadn't done it yet). 



#15 Juanmik

Juanmik
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:01:25 PM

Posted 17 January 2014 - 10:31 AM

TFC
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 140716457 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 21061571 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 749 bytes
 
Emptying RecycleBin. Do not interrupt.
 
RecycleBin emptied: 0 bytes
Process complete!
 
Total Files Cleaned = 627,00 mb





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users