Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

The cat goes away.. And who knows how many rats come out 2 play... On my Laptop?


  • Please log in to reply
11 replies to this topic

#1 Smoke&mirrors

Smoke&mirrors

  • Members
  • 6 posts
  • OFFLINE
  •  

Posted 13 January 2014 - 09:39 AM

I hope in 1 way.. Im not going to sound like the character in "A beautiful mind" and the other part of me hopes that it is just .. Paranoia !

Im 98% sure.. That there is something inside my laptop.. That is .. Arghh i don't even know how to explain whats happening. I believe that.. Someone has (and they have had access to my laptop!?) installed some crazy stuff.. Things go missing.. Things get changed... It also feels like .. When I'm online.. Searching the corners of the internet.. That chrome/google/ rats.. Control what google is showing me.. I have come across.. Photo files.. Jpg,. Png.. That are either.. Hiding as a jacket to hide another photo.. Or.. Text inside them.. At first glance.. Most say.. Its just.. Computer garble.. But .. Ive stayed up late.. Many nights.. Looking at these files.. And i can get a bit of an idea.. Of words they are using.. Hmm I know I'm being a bit vague .. And i guess i am.. I have even downloaded programs to help with my quest.. That i believe the (rats) led me to that program.. Or.. They somehow alter the program before i use it. I also believe.. Im not seeing all of my laptop.. ( i am computer dumb ) but can be guided.. There is all sorts of users with different permissions, but as far as i was aware.. I am the only user.. I also think.. There may be other windows installed .. (Like on the sly) and from what i can.. Also.. Remote access.. I believe even though ive un ticked the box.. I reckon they might be using a different part of my computer. ( my mum came to visit.. With her new laptop.. And before she left.. She was complaining about all sorts of strange things happening on hers.. That was not before! Pps. I am living in a foreign country.. And.. Lets say.. Who knows.. But i do want to feel secure and safe.. When I'm using my laptop.. If anyone thinks they may be able to help me.. Please... Please guide me.

Thank you all.

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:00 PM

Posted 13 January 2014 - 12:08 PM

Hello, lets review these logs,...

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
.
.
.
ADW Cleaner

Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished...
    <-insert any special instructions here for what to uncheck OR remove this line if there are none->
  • This time click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • .
    .
    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.
    .
    .
    .
    .
    • Last run ESET.
      • Hold down Control and click on this link to open ESET OnlineScan in a new window.
      • Click the esetonlinebtn.png button.
      • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
      • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
      • Double click on the esetsmartinstaller_enu.png icon on your desktop.
      • Check "YES, I accept the Terms of Use."
      • Click the Start button.
      • Accept any security warnings from your browser.
      • Under scan settings, check "Scan Archives" and "Remove found threats"
      • Click Advanced settings and select the following:
      • Scan potentially unwanted applications
      • Scan for potentially unsafe applications
      • Enable Anti-Stealth technology
      • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
      • When the scan completes, click List Threats
      • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
      • Click the Back button.
      • Click the Finish button.
      • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Smoke&mirrors

Smoke&mirrors
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  

Posted 14 January 2014 - 04:55 AM

O.k Boopme... some went well... and some not so well..

after the ADW scan... the system restarted... showed the log.. and some other windows warnings..denied access...  the initial desktop it showed me.. only had my computer and recycle bin...  .. there seems to be quite a few locks on folders and what not.. if i navigate to C: ... some i can open .. some I can't...

 

I then moved on to JRT.exe .. downloaded.. tried to run as admin... it thought about it for awhile... then I got asked for permission, I accepted.. A cmd window seemed to flash for milliseconds.. I left it for 1 hour.. nothing... I deleted it... re downloaded it.. still didn't work..

 

I am now just waiting on the results of ESET..

 

 

 

 

 

 

MiniToolBox by Farbar  Version: 18-12-2013
Ran by Ethan (administrator) on 14-01-2014 at 15:43:07
Running from "C:\Users\Ethan\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
 
 
 
========================= IP Configuration: ================================
 
802.11n Wireless LAN Card = Wireless Network Connection (Hardware not present)
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (01/14/2014 02:55:00 PM) (Source: MsiInstaller) (User: Ethan-PC)
Description: Product: ActiveState ActivePython 2.7.5.6 (32-bit) -- Error 1730. You must be an Administrator to remove this application. To remove this application, you can log on as an Administrator, or contact your technical support group for assistance.
 
Error: (01/14/2014 02:43:32 PM) (Source: Application Hang) (User: )
Description: The program python.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 1358
 
Start Time: 01cf10e58e851c49
 
Termination Time: 0
 
Application Path: C:\Python27\python.exe
 
Report Id:
 
Error: (01/13/2014 05:23:09 PM) (Source: System Restore) (User: )
Description: Failed to create restore point (Process = C:\Windows\SysWOW64\SupportAppCB\Setup\setup.exe  -l0xx -removeonly; Description = Removed ONLINE MANAGER; Error = 0x8007043c).
 
Error: (01/13/2014 04:15:36 PM) (Source: PerfNet) (User: )
Description: 
 
Error: (01/13/2014 04:15:36 PM) (Source: PerfNet) (User: )
Description: 
 
Error: (01/13/2014 02:44:59 PM) (Source: Application Error) (User: )
Description: Faulting application name: mstsc.exe, version: 6.1.7601.17514, time stamp: 0x4ce7ab44
Faulting module name: explorerframe.dll, version: 6.1.7601.17514, time stamp: 0x4ce7c6a8
Exception code: 0xc0000005
Fault offset: 0x00000000000411ce
Faulting process id: 0x%9
Faulting application start time: 0xmstsc.exe0
Faulting application path: mstsc.exe1
Faulting module path: mstsc.exe2
Report Id: mstsc.exe3
 
Error: (01/13/2014 02:32:34 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 40685
 
Error: (01/13/2014 02:32:34 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 40685
 
Error: (01/13/2014 02:32:34 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (01/13/2014 03:47:07 AM) (Source: Google Update) (User: Ethan-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s
 
 
System errors:
=============
Error: (01/14/2014 02:23:20 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
cdrom
 
Error: (01/14/2014 01:30:30 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
cdrom
 
Error: (01/14/2014 01:01:35 AM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (01/14/2014 01:01:19 AM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (01/14/2014 01:01:18 AM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (01/14/2014 01:01:18 AM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (01/14/2014 01:01:18 AM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (01/13/2014 09:45:51 PM) (Source: DCOM) (User: )
Description: 1068stisvc{A1F4E726-8CF1-11D1-BF92-0060081ED811}
 
Error: (01/13/2014 09:39:37 PM) (Source: DCOM) (User: )
Description: 1084iPod Service{7A7FB085-6068-4898-8CCA-480A9187277C}
 
Error: (01/13/2014 09:39:37 PM) (Source: DCOM) (User: )
Description: 1084iPod Service{063D34A4-BF84-4B8D-B699-E8CA06504DDE}
 
 
Microsoft Office Sessions:
=========================
 
=========================== Installed Programs ============================
 
??????? Windows Live Mesh ActiveX ??(????) (Version: 15.4.5722.2)
??????? Windows Live Mesh ActiveX ??? (Version: 15.4.5722.2)
µTorrent (Version: 3.2.0)
Adobe AIR (Version: 3.9.0.1380)
Adobe Download Assistant (Version: 1.2.6)
Adobe Flash Player 11 ActiveX (Version: 11.8.800.94)
Adobe Flash Player 11 Plugin (Version: 11.4.402.265)
Adobe Photoshop Elements 12 (Version: 12.0)
Adobe Reader X (10.1.4) MUI (Version: 10.1.4)
AMD APP SDK Runtime (Version: 10.0.851.4)
AMD Catalyst Install Manager (Version: 3.0.859.0)
AMD Fuel (Version: 2012.0321.2215.37961)
AMD Media Foundation Decoders (Version: 1.0.70321.2226)
AMD VISION Engine Control Center (Version: 2012.0321.2215.37961)
Any Video Converter 5.5.3
Apple Application Support (Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (Version: 2.1.3.127)
ASUS AI Recovery (Version: 1.0.25)
ASUS FaceLogon (Version: 1.0.0014)
ASUS LifeFrame3 (Version: 3.0.29)
ASUS Live Update (Version: 3.1.7)
ASUS Power4Gear Hybrid (Version: 1.2.1)
ASUS Splendid Video Enhancement Technology (Version: 1.02.0041)
ASUS USB Charger Plus (Version: 2.0.9)
ASUS Virtual Camera (Version: 1.0.25)
ASUS Virtual Touch (Version: 1.0.9)
ASUS WebStorage (Version: 3.0.108.222)
AsusVibe2.0 (Version: 2.0.9.157)
ATK Package (Version: 1.0.0016)
avast! Free Antivirus (Version: 9.0.2011)
Bonjour (Version: 3.0.0.10)
Catalyst Control Center Graphics Previews Common (Version: 2012.0321.2215.37961)
Catalyst Control Center InstallProxy (Version: 2012.0321.2215.37961)
Catalyst Control Center Localization All (Version: 2012.0321.2215.37961)
Catalyst Control Center Profiles Mobile (Version: 2012.0321.2215.37961)
CCC Help Chinese Standard (Version: 2012.0321.2214.37961)
CCC Help Chinese Traditional (Version: 2012.0321.2214.37961)
CCC Help Czech (Version: 2012.0321.2214.37961)
CCC Help Danish (Version: 2012.0321.2214.37961)
CCC Help Dutch (Version: 2012.0321.2214.37961)
CCC Help English (Version: 2012.0321.2214.37961)
CCC Help Finnish (Version: 2012.0321.2214.37961)
CCC Help French (Version: 2012.0321.2214.37961)
CCC Help German (Version: 2012.0321.2214.37961)
CCC Help Greek (Version: 2012.0321.2214.37961)
CCC Help Hungarian (Version: 2012.0321.2214.37961)
CCC Help Italian (Version: 2012.0321.2214.37961)
CCC Help Japanese (Version: 2012.0321.2214.37961)
CCC Help Korean (Version: 2012.0321.2214.37961)
CCC Help Norwegian (Version: 2012.0321.2214.37961)
CCC Help Polish (Version: 2012.0321.2214.37961)
CCC Help Portuguese (Version: 2012.0321.2214.37961)
CCC Help Russian (Version: 2012.0321.2214.37961)
CCC Help Spanish (Version: 2012.0321.2214.37961)
CCC Help Swedish (Version: 2012.0321.2214.37961)
CCC Help Thai (Version: 2012.0321.2214.37961)
CCC Help Turkish (Version: 2012.0321.2214.37961)
ccc-utility64 (Version: 2012.0321.2215.37961)
CCleaner (Version: 3.22)
Control ActiveX de Windows Live Mesh para conexiones remotas (Version: 15.4.5722.2)
CyberLink LabelPrint (Version: 2.5.3624)
CyberLink Media Suite (Version: 8.0.2926)
CyberLink Power2Go (Version: 7.0.0.1126)
D3DX10 (Version: 15.4.2368.0902)
Edraw Max 7
Elements 12 Organizer (Version: 12.0)
ETDWare PS/2-X64 10.0.5.4_WHQL (Version: 10.0.5.4)
Facebook Video Calling 1.2.0.287 (Version: 1.2.287)
Fast Boot (Version: 1.0.10)
File Type Assistant (Version: 2013.4.8.0)
FLV Player Free 1.0
Free File Viewer 2012 (Version: 2012.10.9.0)
Galeria de Fotografias do Windows Live (Version: 15.4.3502.0922)
Galería fotográfica de Windows Live (Version: 15.4.3502.0922)
Galerie de photos Windows Live (Version: 15.4.3502.0922)
GitHub (Version: 1.2.5.0)
Google Chrome (Version: 31.0.1650.63)
Google Earth (Version: 7.1.2.2041)
Google Update Helper (Version: 1.3.22.3)
GSpot Codec Information Appliance
iBackupBot 5.1.0.3 (Version: 5.1.0.3)
InstantOn for NB (Version: 2.3.2)
iPhone Backup Extractor (Version: 4.6.6.0)
iThmb Converter version 1.80.0.624 (Version: 1.80.0.624)
iTunes (Version: 11.1.3.8)
Java 7 Update 45 (Version: 7.0.450)
Java Auto Updater (Version: 2.1.9.8)
Junk Mail filter update (Version: 15.4.3502.0922)
Leawo iOS Data Recovery (Version: 1.4.0.0)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320)
Microsoft .NET Framework 4 Extended (Version: 4.0.30320)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
Nullsoft Install System (Version: 2.46)
ODF Add-in for Microsoft Office (Version: 4.0.5309.0)
PandoraRecovery (Remove Only)
PSE12 STI Installer (Version: 12.0)
QuickTime (Version: 7.72.80.56)
Ralink RT2860 Wireless LAN Card (Version: 1.2.0.40)
RapidShare Downloader version 5.3 (Version: 5.3)
Realtek Ethernet Controller Driver (Version: 7.49.927.2011)
Realtek High Definition Audio Driver (Version: 6.0.1.6622)
Recuva (Version: 1.48)
SceneSwitch (Version: 1.0.12)
Smartfren Connex AC782 UI
Stellar Phoenix Photo Recovery (Version: 5.0.0.0)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (Version: 3)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2825642) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Vibosoft iDataRescuer (Version: 2.0.0.2)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
Windows Driver Package - Cellebrite Mobile Synchronization Cellebrite USB Hub Filter (05/08/2011 1.0.0.27) (Version: 05/08/2011 1.0.0.27)
Windows Driver Package - Cmotech (cmusbnet) Net  (06/11/2007 2.0.0.9) (Version: 06/11/2007 2.0.0.9)
Windows Driver Package - Cmotech Modem  (06/08/2007 2.0.3.9) (Version: 06/08/2007 2.0.3.9)
Windows Driver Package - Cmotech Ports  (06/08/2007 2.0.3.9) (Version: 06/08/2007 2.0.3.9)
Windows Live ??? (Version: 15.4.3502.0922)
Windows Live ???? (Version: 15.4.3502.0922)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3538.0513)
Windows Live Family Safety (Version: 15.4.3538.0513)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinFlash (Version: 2.41.0)
WinX Free FLV to AVI Converter 4.1.10
WinX Free WMV to AVI Converter 2.0.8
WinZip 17.5 (Version: 17.5.10562)
Wireless Console 3 (Version: 3.0.27)
Wondershare Dr.Fone for iOS(Build 3.5.0.25) (Version: 3.5.0.25)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 83%
Total physical RAM: 1646.59 MB
Available physical RAM: 276.37 MB
Total Pagefile: 3293.19 MB
Available Pagefile: 1341.01 MB
Total Virtual: 4095.88 MB
Available Virtual: 3976.42 MB
 
========================= Partitions: =====================================
 
1 Drive c: (OS) (Fixed) (Total:119.24 GB) (Free:13.42 GB) NTFS
2 Drive d: (DATA) (Fixed) (Total:153.53 GB) (Free:15.31 GB) NTFS
 
========================= Users: ========================================
 
**** End of log ****
 
 
 
 
 
15:54:31.0158 0x137c  TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
15:54:31.0169 0x137c  UEFI system
15:54:40.0728 0x137c  ============================================================
15:54:40.0728 0x137c  Current date / time: 2014/01/14 15:54:40.0728
15:54:40.0728 0x137c  SystemInfo:
15:54:40.0728 0x137c  
15:54:40.0728 0x137c  OS Version: 6.1.7601 ServicePack: 1.0
15:54:40.0728 0x137c  Product type: Workstation
15:54:40.0729 0x137c  ComputerName: ETHAN-PC
15:54:40.0730 0x137c  UserName: Ethan
15:54:40.0730 0x137c  Windows directory: C:\Windows
15:54:40.0730 0x137c  System windows directory: C:\Windows
15:54:40.0730 0x137c  Running under WOW64
15:54:40.0730 0x137c  Processor architecture: Intel x64
15:54:40.0730 0x137c  Number of processors: 2
15:54:40.0730 0x137c  Page size: 0x1000
15:54:40.0730 0x137c  Boot type: Normal boot
15:54:40.0730 0x137c  ============================================================
15:54:47.0540 0x137c  KLMD registered as C:\Windows\system32\drivers\56202371.sys
15:54:48.0465 0x137c  System UUID: {E5FFF832-06DE-8608-0F32-60003CF883E4}
15:54:51.0036 0x137c  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:54:51.0179 0x137c  ============================================================
15:54:51.0179 0x137c  \Device\Harddisk0\DR0:
15:54:51.0180 0x137c  GPT partitions:
15:54:51.0181 0x137c  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {4AA4663F-20B7-4BD4-AA25-581559E36D39}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x64000
15:54:51.0181 0x137c  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {A569D816-B0DF-4C93-8CA8-A13F21D7FA37}, Name: Microsoft reserved partition, StartLBA 0x64800, BlocksNum 0x40000
15:54:51.0181 0x137c  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {298C2CC9-F552-4560-A6F1-2067A12D27D6}, Name: Basic data partition, StartLBA 0xA4800, BlocksNum 0xEE79000
15:54:51.0181 0x137c  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {FC215BF3-8FA7-4963-8FEF-7C27D6B9309C}, Name: Basic data partition, StartLBA 0xEF1D800, BlocksNum 0x13311000
15:54:51.0181 0x137c  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {700FACD3-F7C3-4E66-8332-239AF6E511DC}, Name: Basic data partition, StartLBA 0x2222E800, BlocksNum 0x3200000
15:54:51.0182 0x137c  MBR partitions:
15:54:51.0182 0x137c  ============================================================
15:54:51.0311 0x137c  C: <-> \Device\Harddisk0\DR0\Partition3
15:54:51.0355 0x137c  D: <-> \Device\Harddisk0\DR0\Partition4
15:54:51.0357 0x137c  ============================================================
15:54:51.0357 0x137c  Initialize success
15:54:51.0357 0x137c  ============================================================
15:55:19.0323 0x0d00  ============================================================
15:55:19.0323 0x0d00  Scan started
15:55:19.0323 0x0d00  Mode: Manual; 
15:55:19.0323 0x0d00  ============================================================
15:55:19.0323 0x0d00  KSN ping started
15:55:20.0398 0x0d00  KSN ping finished: true
15:55:21.0991 0x0d00  ================ Scan system memory ========================
15:55:21.0992 0x0d00  System memory - ok
15:55:21.0994 0x0d00  ================ Scan services =============================
15:55:22.0242 0x0d00  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
15:55:22.0276 0x0d00  1394ohci - ok
15:55:22.0431 0x0d00  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
15:55:22.0465 0x0d00  ACPI - ok
15:55:22.0483 0x0d00  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
15:55:22.0487 0x0d00  AcpiPmi - ok
15:55:22.0647 0x0d00  [ 430C19CB511FD6E0DDCD44B42B1810DA, 2EE9FFB0B6DEC653327D8932EC731D81FF86C64A67CD37AABD2022CF04AA487C ] AdobeActiveFileMonitor12.0 C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe
15:55:22.0678 0x0d00  AdobeActiveFileMonitor12.0 - ok
15:55:22.0765 0x0d00  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A, F419E159D3E428A3929A1A983142E7B0783D3F104EE9587585418E51011E4B8F ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:55:22.0788 0x0d00  AdobeARMservice - ok
15:55:22.0886 0x0d00  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
15:55:22.0937 0x0d00  adp94xx - ok
15:55:22.0990 0x0d00  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
15:55:23.0017 0x0d00  adpahci - ok
15:55:23.0048 0x0d00  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
15:55:23.0066 0x0d00  adpu320 - ok
15:55:23.0119 0x0d00  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
15:55:23.0127 0x0d00  AeLookupSvc - ok
15:55:23.0343 0x0d00  [ 69FD46FAC0D9C4A8ECD522AC6A7481F5, 048FA3F77423D43346A35F142DBD0ACEC190F5E68F79960856C325B3CA7DD6C9 ] AFBAgent        C:\Windows\system32\FBAgent.exe
15:55:23.0441 0x0d00  AFBAgent - ok
15:55:23.0543 0x0d00  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\Windows\system32\drivers\afd.sys
15:55:23.0620 0x0d00  AFD - ok
15:55:23.0738 0x0d00  [ 98022774D9930ECBB292E70DB7601DF6, BE64A40B9BE997D73C0FC14D97E204C9D886EDA07EC4C9391A70CE477084E5F1 ] AgereSoftModem  C:\Windows\system32\DRIVERS\agrsm64.sys
15:55:23.0861 0x0d00  AgereSoftModem - ok
15:55:23.0910 0x0d00  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
15:55:23.0919 0x0d00  agp440 - ok
15:55:23.0998 0x0d00  [ 16F6F6B7903B913AB41AB848C8BB5658, 7304257048CB42E5274B3F6400F4A053A38E3B70A157662FE9D2B7C5979DE851 ] AiCharger       C:\Windows\system32\DRIVERS\AiCharger.sys
15:55:24.0010 0x0d00  AiCharger - ok
15:55:24.0068 0x0d00  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
15:55:24.0080 0x0d00  ALG - ok
15:55:24.0124 0x0d00  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
15:55:24.0132 0x0d00  aliide - ok
15:55:24.0198 0x0d00  [ E5011A136CBF4D6DFFFB7ACA500B0AC0, 2A336939141C09F09BD760E745711A405A96451E700F79B8D5F5689717A4E54F ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
15:55:24.0230 0x0d00  AMD External Events Utility - ok
15:55:24.0337 0x0d00  AMD FUEL Service - ok
15:55:24.0383 0x0d00  [ D39CB7B4BB3A46BC84AD0CC1B8261FB8, 047DF172B42A536871E30E697A209BDC100615B4422ADAF958D0475412EA6E4D ] amdhub30        C:\Windows\system32\DRIVERS\amdhub30.sys
15:55:24.0404 0x0d00  amdhub30 - ok
15:55:24.0420 0x0d00  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
15:55:24.0425 0x0d00  amdide - ok
15:55:24.0447 0x0d00  [ 6A2EEB0C4133B20773BB3DD0B7B377B4, E4CB35C6937C70A145A13E5AE5B34A271B49101DA623171ACBFDA8601E5A70EA ] amdiox64        C:\Windows\system32\DRIVERS\amdiox64.sys
15:55:24.0454 0x0d00  amdiox64 - ok
15:55:24.0496 0x0d00  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
15:55:24.0505 0x0d00  AmdK8 - ok
15:55:25.0410 0x0d00  [ 5CE13723454E7852672B323286D60CC1, 88D795A4DFBA6062BBABAC2C7E70B1928BF58D5C54FF449964A9D284278966CC ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
15:55:26.0275 0x0d00  amdkmdag - ok
15:55:26.0427 0x0d00  [ 7975ED962CCFACA2BAB67A3994131B10, 4BD85479B47D4F4FA9AFA97A273520A697A41BE97CC28A88DC4D28F772612808 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
15:55:26.0466 0x0d00  amdkmdap - ok
15:55:26.0526 0x0d00  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
15:55:26.0535 0x0d00  AmdPPM - ok
15:55:26.0558 0x0d00  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
15:55:26.0582 0x0d00  amdsata - ok
15:55:26.0613 0x0d00  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
15:55:26.0637 0x0d00  amdsbs - ok
15:55:26.0666 0x0d00  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
15:55:26.0678 0x0d00  amdxata - ok
15:55:26.0749 0x0d00  [ 990E896740E42C6B88284AFD1799AA56, 600556B41A272588D58AB0D552AD903BD0BF5CFB9CB2F5D966E0AD5EA5F2A3F8 ] amdxhc          C:\Windows\system32\DRIVERS\amdxhc.sys
15:55:26.0780 0x0d00  amdxhc - ok
15:55:26.0819 0x0d00  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
15:55:26.0830 0x0d00  AppID - ok
15:55:26.0874 0x0d00  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
15:55:26.0881 0x0d00  AppIDSvc - ok
15:55:26.0949 0x0d00  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
15:55:26.0958 0x0d00  Appinfo - ok
15:55:27.0046 0x0d00  [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:55:27.0056 0x0d00  Apple Mobile Device - ok
15:55:27.0103 0x0d00  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
15:55:27.0115 0x0d00  arc - ok
15:55:27.0150 0x0d00  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
15:55:27.0162 0x0d00  arcsas - ok
15:55:27.0273 0x0d00  [ A3626C6D3F2DC95497F3F61842D7FD89, BB95BAFD3BE22136595D889DADAD67C68ACE6A6EAB02B026C254D97C9E9F2E62 ] ASLDRService    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
15:55:27.0286 0x0d00  ASLDRService - ok
15:55:27.0312 0x0d00  [ 4C016FD76ED5C05E84CA8CAB77993961, 025E7BE9FCEFD6A83F4471BBA0C11F1C11BD5047047D26626DA24EE9A419CDC4 ] ASMMAP64        C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
15:55:27.0319 0x0d00  ASMMAP64 - ok
15:55:27.0452 0x0d00  [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:55:27.0479 0x0d00  aspnet_state - ok
15:55:27.0575 0x0d00  [ 6A122B4F0E5293CACFA8A5F2CBA9B356, 9D69076B697BEE8742E32EBEF1802D829DEA6B1D93AF485D11CC89A08CA4D809 ] ASUS InstantOn  C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
15:55:27.0610 0x0d00  ASUS InstantOn - ok
15:55:27.0651 0x0d00  [ CBF4C9263F35A9E80E4AD5CBBAE6049C, 5C0871C95DB9E6FF3D1CBDCB1B76BB3CE20ADA23B6C2C8435D7BCE7E71C43346 ] AsusVBus        C:\Windows\system32\DRIVERS\AsusVBus.sys
15:55:27.0663 0x0d00  AsusVBus - ok
15:55:27.0720 0x0d00  [ C951F6F1D909E1AAD7160D9EE860A3F1, D8E3DDD6EB4516CE3D3C4DBA2AE9B77EBFEDDE817035B40447F63CF3DCF1275D ] AsusVTouch      C:\Windows\system32\DRIVERS\AsusVTouch.sys
15:55:27.0732 0x0d00  AsusVTouch - ok
15:55:27.0794 0x0d00  [ 9C2BEA3957EFFD45F352F0938DFB3721, 7006CC604C480CF512A29AD03BA17FFA564FDDF34CE768ACBD805611503D5012 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
15:55:27.0816 0x0d00  aswMonFlt - ok
15:55:27.0860 0x0d00  [ 679712B7A353EE665B9301592164A172, CA3C918106A355BAFD0833BB493DF2CCBC2D0F90CA7EBF5E27CC088C7170B0E0 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
15:55:27.0883 0x0d00  aswRdr - ok
15:55:27.0934 0x0d00  [ C04F7B373881009D7994D9BF55D24AB4, 5DEEA804F4F9862024F40A204E88DBCFFBDD2DC87CA86145E3FB649CFCCDC624 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
15:55:27.0944 0x0d00  aswRvrt - ok
15:55:28.0068 0x0d00  [ 52B5F8FAF7E78C02D26B0B6E3A05F596, 7C45BA507529F822D4397BD5F001EC861C85E9CBB1F75927E48843B15D5C0B8E ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
15:55:28.0157 0x0d00  aswSnx - ok
15:55:28.0237 0x0d00  [ 251360C2FCA22BAFE0583314B3262F98, 1EB1B4620E3AFA8ACDDE5F1A6EC4AAEDD40AE2FC5C013AF1B13B03C4B60F6CEB ] aswSP           C:\Windows\system32\drivers\aswSP.sys
15:55:28.0283 0x0d00  aswSP - ok
15:55:28.0346 0x0d00  [ AAB5F5336EDBB5D99CC7E1A9F4D8F63F, 01B40475DCA40E7B426DB0578A33DB62D62640F3A7F9F95A6BBF0AD3CF0F2941 ] aswStm          C:\Windows\system32\drivers\aswStm.sys
15:55:28.0369 0x0d00  aswStm - ok
15:55:28.0425 0x0d00  [ 90399625F341AB76BA4B85A5E860EB1F, 92DD461B14240222F451F971642844A4DAD9DF4FFEAA8F12D16EA117822BEEF3 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
15:55:28.0457 0x0d00  aswVmm - ok
15:55:28.0495 0x0d00  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
15:55:28.0507 0x0d00  AsyncMac - ok
15:55:28.0550 0x0d00  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
15:55:28.0554 0x0d00  atapi - ok
15:55:28.0707 0x0d00  [ E857EEE6B92AAA473EBB3465ADD8F7E7, 1C7E4737E649A025B3C4974A4F7D1353EAB85561FC8ED54E5C22A777E1A189B3 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
15:55:28.0837 0x0d00  athr - ok
15:55:28.0928 0x0d00  [ 24464B908E143D2561E9E452FEE97309, F5A24FEBAD1B1795A075130F7FFDD4EB76C8F1855FA1628A29CAFAF03C1C9183 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
15:55:28.0950 0x0d00  AtiHDAudioService - ok
15:55:28.0985 0x0d00  [ DBC598E47E7A382E60E2A4745D41FEF9, A810AC197CA456B0285E2CAE6986D38B31F4ADA32BEB47EC7A48A2B2196BA639 ] ATKGFNEXSrv     C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
15:55:29.0008 0x0d00  ATKGFNEXSrv - ok
15:55:29.0072 0x0d00  [ 41CEAFFCF3550785E59E3EC9BEE8D97A, 89FE604088B65B82AA794E1DA8429033CD2F05FFB2D7EFAAC7B967C7A83D1B1E ] ATKWMIACPIIO    C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
15:55:29.0083 0x0d00  ATKWMIACPIIO - ok
15:55:29.0185 0x0d00  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:55:29.0285 0x0d00  AudioEndpointBuilder - ok
15:55:29.0361 0x0d00  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
15:55:29.0411 0x0d00  AudioSrv - ok
15:55:29.0519 0x0d00  [ D74884939D53612FD84AC82C59CCFE27, 07BFB34A3748E018C0A674A6253A03FFA522B31AE1942E84B3CC4DDDED9C16A9 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
15:55:29.0538 0x0d00  avast! Antivirus - ok
15:55:29.0595 0x0d00  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
15:55:29.0618 0x0d00  AxInstSV - ok
15:55:29.0701 0x0d00  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
15:55:29.0746 0x0d00  b06bdrv - ok
15:55:29.0869 0x0d00  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
15:55:29.0894 0x0d00  b57nd60a - ok
15:55:29.0952 0x0d00  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
15:55:29.0977 0x0d00  BDESVC - ok
15:55:30.0009 0x0d00  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
15:55:30.0014 0x0d00  Beep - ok
15:55:30.0121 0x0d00  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
15:55:30.0188 0x0d00  BFE - ok
15:55:30.0304 0x0d00  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
15:55:30.0391 0x0d00  BITS - ok
15:55:30.0460 0x0d00  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
15:55:30.0474 0x0d00  blbdrive - ok
15:55:30.0586 0x0d00  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:55:30.0631 0x0d00  Bonjour Service - ok
15:55:30.0655 0x0d00  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:55:30.0664 0x0d00  bowser - ok
15:55:30.0708 0x0d00  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
15:55:30.0720 0x0d00  BrFiltLo - ok
15:55:30.0738 0x0d00  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
15:55:30.0743 0x0d00  BrFiltUp - ok
15:55:30.0790 0x0d00  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
15:55:30.0813 0x0d00  Browser - ok
15:55:30.0865 0x0d00  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
15:55:30.0890 0x0d00  Brserid - ok
15:55:30.0911 0x0d00  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
15:55:30.0918 0x0d00  BrSerWdm - ok
15:55:30.0949 0x0d00  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
15:55:30.0955 0x0d00  BrUsbMdm - ok
15:55:30.0988 0x0d00  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
15:55:30.0993 0x0d00  BrUsbSer - ok
15:55:31.0070 0x0d00  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
15:55:31.0082 0x0d00  BthEnum - ok
15:55:31.0113 0x0d00  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
15:55:31.0123 0x0d00  BTHMODEM - ok
15:55:31.0162 0x0d00  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
15:55:31.0185 0x0d00  BthPan - ok
15:55:31.0283 0x0d00  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
15:55:31.0362 0x0d00  BTHPORT - ok
15:55:31.0464 0x0d00  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
15:55:31.0476 0x0d00  bthserv - ok
15:55:31.0523 0x0d00  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
15:55:31.0533 0x0d00  BTHUSB - ok
15:55:31.0631 0x0d00  [ 0886F51AD7D353C3252E3FFFBE75E66D, 94C7BA39545439D32FB55610CA7BF065B63F7E6E93873AD041BA0FA446E11269 ] cbrtucbl        C:\Windows\system32\DRIVERS\cbrtucbl.sys
15:55:31.0643 0x0d00  cbrtucbl - ok
15:55:31.0681 0x0d00  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:55:31.0692 0x0d00  cdfs - ok
15:55:31.0725 0x0d00  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
15:55:31.0746 0x0d00  cdrom - ok
15:55:31.0849 0x0d00  [ DD9D8A273D7ED18E249F9903641FFCAA, CBF476030B6EFDFA3DB4984A7F51400A36E09189FDDB7E41E09B22DEF38F1534 ] CDROM_Eject_Z   C:\Program Files\Smartfren Connex AC782 UI\C+WEject.exe
15:55:31.0879 0x0d00  CDROM_Eject_Z - ok
15:55:31.0941 0x0d00  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
15:55:31.0963 0x0d00  CertPropSvc - ok
15:55:32.0019 0x0d00  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
15:55:32.0030 0x0d00  circlass - ok
15:55:32.0085 0x0d00  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
15:55:32.0130 0x0d00  CLFS - ok
15:55:32.0228 0x0d00  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:55:32.0319 0x0d00  clr_optimization_v2.0.50727_32 - ok
15:55:32.0380 0x0d00  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:55:32.0403 0x0d00  clr_optimization_v2.0.50727_64 - ok
15:55:32.0504 0x0d00  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:55:32.0625 0x0d00  clr_optimization_v4.0.30319_32 - ok
15:55:32.0678 0x0d00  [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:55:32.0736 0x0d00  clr_optimization_v4.0.30319_64 - ok
15:55:32.0777 0x0d00  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
15:55:32.0784 0x0d00  CmBatt - ok
15:55:32.0831 0x0d00  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
15:55:32.0839 0x0d00  cmdide - ok
15:55:32.0915 0x0d00  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
15:55:32.0961 0x0d00  CNG - ok
15:55:33.0029 0x0d00  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
15:55:33.0035 0x0d00  Compbatt - ok
15:55:33.0071 0x0d00  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
15:55:33.0083 0x0d00  CompositeBus - ok
15:55:33.0108 0x0d00  COMSysApp - ok
15:55:33.0158 0x0d00  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
15:55:33.0164 0x0d00  crcdisk - ok
15:55:33.0262 0x0d00  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:55:33.0296 0x0d00  CryptSvc - ok
15:55:33.0361 0x0d00  [ C7259495924D21F1AFA26467D9F4DAE0, 7FF991D7FE660E7CAC682FC82B9C44EC38E267A0C3AAE0C4FAEE0853756AF5C8 ] dc3d            C:\Windows\system32\DRIVERS\dc3d.sys
15:55:33.0373 0x0d00  dc3d - ok
15:55:33.0467 0x0d00  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:55:33.0536 0x0d00  DcomLaunch - ok
15:55:33.0605 0x0d00  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
15:55:33.0645 0x0d00  defragsvc - ok
15:55:33.0671 0x0d00  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
15:55:33.0694 0x0d00  DfsC - ok
15:55:33.0756 0x0d00  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
15:55:33.0796 0x0d00  Dhcp - ok
15:55:33.0845 0x0d00  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
15:55:33.0852 0x0d00  discache - ok
15:55:33.0901 0x0d00  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
15:55:33.0911 0x0d00  Disk - ok
15:55:33.0969 0x0d00  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:55:33.0999 0x0d00  Dnscache - ok
15:55:34.0064 0x0d00  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
15:55:34.0095 0x0d00  dot3svc - ok
15:55:34.0153 0x0d00  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
15:55:34.0176 0x0d00  DPS - ok
15:55:34.0215 0x0d00  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
15:55:34.0227 0x0d00  drmkaud - ok
15:55:34.0345 0x0d00  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
15:55:34.0434 0x0d00  DXGKrnl - ok
15:55:34.0487 0x0d00  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
15:55:34.0510 0x0d00  EapHost - ok
15:55:34.0815 0x0d00  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
15:55:35.0120 0x0d00  ebdrv - ok
15:55:35.0200 0x0d00  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS             C:\Windows\System32\lsass.exe
15:55:35.0222 0x0d00  EFS - ok
15:55:35.0361 0x0d00  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
15:55:35.0428 0x0d00  ehRecvr - ok
15:55:35.0467 0x0d00  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
15:55:35.0495 0x0d00  ehSched - ok
15:55:35.0612 0x0d00  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
15:55:35.0667 0x0d00  elxstor - ok
15:55:35.0685 0x0d00  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
15:55:35.0699 0x0d00  ErrDev - ok
15:55:35.0788 0x0d00  [ A3AAF33C7050D2BB3A800D4ACFF68BE4, 09F7C67C51EA095DF27C2E8D5DE83A6E9AD9E004CA95783487C76D679E2BE985 ] ETD             C:\Windows\system32\DRIVERS\ETD.sys
15:55:35.0821 0x0d00  ETD - ok
15:55:35.0908 0x0d00  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
15:55:35.0943 0x0d00  EventSystem - ok
15:55:35.0964 0x0d00  ewusbmbb - ok
15:55:35.0987 0x0d00  ew_hwusbdev - ok
15:55:36.0053 0x0d00  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
15:55:36.0086 0x0d00  exfat - ok
15:55:36.0136 0x0d00  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
15:55:36.0167 0x0d00  fastfat - ok
15:55:36.0259 0x0d00  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
15:55:36.0326 0x0d00  Fax - ok
15:55:36.0346 0x0d00  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
15:55:36.0352 0x0d00  fdc - ok
15:55:36.0389 0x0d00  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
15:55:36.0396 0x0d00  fdPHost - ok
15:55:36.0425 0x0d00  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
15:55:36.0437 0x0d00  FDResPub - ok
15:55:36.0458 0x0d00  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:55:36.0468 0x0d00  FileInfo - ok
15:55:36.0488 0x0d00  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
15:55:36.0496 0x0d00  Filetrace - ok
15:55:36.0517 0x0d00  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
15:55:36.0523 0x0d00  flpydisk - ok
15:55:36.0579 0x0d00  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:55:36.0604 0x0d00  FltMgr - ok
15:55:36.0750 0x0d00  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
15:55:36.0856 0x0d00  FontCache - ok
15:55:36.0942 0x0d00  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:55:36.0949 0x0d00  FontCache3.0.0.0 - ok
15:55:36.0970 0x0d00  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
15:55:36.0979 0x0d00  FsDepends - ok
15:55:37.0040 0x0d00  [ DC0DCE4EC2C5D2CF6472F9FD6AA9A7DC, 7022722FA38E81F6F4D0EF9F0FBEDD27C09A238B5246A3C36AEAAC11FF76FE07 ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
15:55:37.0050 0x0d00  fssfltr - ok
15:55:37.0305 0x0d00  [ 40CDFAD174B3D5E80F95DDA003C0B97F, 2DA149CE42B87681ECDCC8905D0957443F430A9C7002FF78F22A95F9112A7C4C ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
15:55:37.0471 0x0d00  fsssvc - ok
15:55:37.0532 0x0d00  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:55:37.0539 0x0d00  Fs_Rec - ok
15:55:37.0612 0x0d00  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
15:55:37.0645 0x0d00  fvevol - ok
15:55:37.0681 0x0d00  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
15:55:37.0690 0x0d00  gagp30kx - ok
15:55:37.0742 0x0d00  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:55:37.0754 0x0d00  GEARAspiWDM - ok
15:55:37.0837 0x0d00  [ 14908F4F9005C29DE8F5587E271390EE, 43DDFA99F52467F91019DB858989F111EBE48A2BED8D43EA2C15D1FD3C104489 ] gfibto          C:\Windows\system32\drivers\gfibto.sys
15:55:37.0844 0x0d00  gfibto - ok
15:55:38.0003 0x0d00  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
15:55:38.0091 0x0d00  gpsvc - ok
15:55:38.0201 0x0d00  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:55:38.0224 0x0d00  gupdate - ok
15:55:38.0278 0x0d00  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:55:38.0292 0x0d00  gupdatem - ok
15:55:38.0332 0x0d00  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
15:55:38.0344 0x0d00  hcw85cir - ok
15:55:38.0413 0x0d00  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:55:38.0454 0x0d00  HdAudAddService - ok
15:55:38.0509 0x0d00  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
15:55:38.0532 0x0d00  HDAudBus - ok
15:55:38.0579 0x0d00  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
15:55:38.0595 0x0d00  HidBatt - ok
15:55:38.0642 0x0d00  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
15:55:38.0664 0x0d00  HidBth - ok
15:55:38.0689 0x0d00  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
15:55:38.0700 0x0d00  HidIr - ok
15:55:38.0746 0x0d00  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
15:55:38.0767 0x0d00  hidserv - ok
15:55:38.0825 0x0d00  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
15:55:38.0832 0x0d00  HidUsb - ok
15:55:38.0879 0x0d00  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
15:55:38.0902 0x0d00  hkmsvc - ok
15:55:38.0943 0x0d00  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:55:38.0977 0x0d00  HomeGroupListener - ok
15:55:39.0032 0x0d00  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:55:39.0065 0x0d00  HomeGroupProvider - ok
15:55:39.0093 0x0d00  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
15:55:39.0103 0x0d00  HpSAMD - ok
15:55:39.0142 0x0d00  HSPADataCardusbmdm - ok
15:55:39.0161 0x0d00  HSPADataCardusbnmea - ok
15:55:39.0182 0x0d00  HSPADataCardusbser - ok
15:55:39.0293 0x0d00  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:55:39.0361 0x0d00  HTTP - ok
15:55:39.0380 0x0d00  huawei_enumerator - ok
15:55:39.0423 0x0d00  hwdatacard - ok
15:55:39.0456 0x0d00  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
15:55:39.0462 0x0d00  hwpolicy - ok
15:55:39.0515 0x0d00  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
15:55:39.0538 0x0d00  i8042prt - ok
15:55:39.0608 0x0d00  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
15:55:39.0656 0x0d00  iaStorV - ok
15:55:39.0782 0x0d00  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:55:39.0862 0x0d00  idsvc - ok
15:55:39.0885 0x0d00  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
15:55:39.0893 0x0d00  iirsp - ok
15:55:40.0026 0x0d00  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
15:55:40.0109 0x0d00  IKEEXT - ok
15:55:40.0501 0x0d00  [ 02674201AD9FE19AC3376705077882C6, 9AA800AA77EBA488FA537FF47D361F6B09E8063A99CCBF5AE2F754A6A648DF84 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:55:40.0835 0x0d00  IntcAzAudAddService - ok
15:55:40.0904 0x0d00  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
15:55:40.0910 0x0d00  intelide - ok
15:55:40.0948 0x0d00  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
15:55:40.0957 0x0d00  intelppm - ok
15:55:41.0001 0x0d00  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
15:55:41.0024 0x0d00  IPBusEnum - ok
15:55:41.0045 0x0d00  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:55:41.0056 0x0d00  IpFilterDriver - ok
15:55:41.0143 0x0d00  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
15:55:41.0232 0x0d00  iphlpsvc - ok
15:55:41.0280 0x0d00  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
15:55:41.0291 0x0d00  IPMIDRV - ok
15:55:41.0314 0x0d00  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
15:55:41.0327 0x0d00  IPNAT - ok
15:55:41.0426 0x0d00  [ 33B286326BD2B1A7748C43391058FB19, C6240C9ED5B7C227595E953E3D1AB5F2D45CCD86FDBDF985836A970B4B6467FE ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
15:55:41.0494 0x0d00  iPod Service - ok
15:55:41.0536 0x0d00  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:55:41.0547 0x0d00  IRENUM - ok
15:55:41.0577 0x0d00  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
15:55:41.0582 0x0d00  isapnp - ok
15:55:41.0644 0x0d00  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
15:55:41.0676 0x0d00  iScsiPrt - ok
15:55:41.0714 0x0d00  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
15:55:41.0722 0x0d00  kbdclass - ok
15:55:41.0752 0x0d00  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
15:55:41.0763 0x0d00  kbdhid - ok
15:55:41.0816 0x0d00  [ E63EF8C3271D014F14E2469CE75FECB4, 3A8DFA4B446AFDC35F01FD5218D0BEBC510A1E3DE9976210F00D19767D0F9069 ] kbfiltr         C:\Windows\system32\DRIVERS\kbfiltr.sys
15:55:41.0822 0x0d00  kbfiltr - ok
15:55:41.0850 0x0d00  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso          C:\Windows\system32\lsass.exe
15:55:41.0872 0x0d00  KeyIso - ok
15:55:41.0922 0x0d00  [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:55:41.0933 0x0d00  KSecDD - ok
15:55:41.0964 0x0d00  [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
15:55:41.0980 0x0d00  KSecPkg - ok
15:55:42.0010 0x0d00  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
15:55:42.0017 0x0d00  ksthunk - ok
15:55:42.0089 0x0d00  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
15:55:42.0134 0x0d00  KtmRm - ok
15:55:42.0180 0x0d00  [ 033B4AED2C5519072C0D81E00804D003, 6C450A604C382416C482FED43098B4E95BD61B480B0CEFD728A269446AF18708 ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
15:55:42.0192 0x0d00  L1C - ok
15:55:42.0261 0x0d00  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
15:55:42.0301 0x0d00  LanmanServer - ok
15:55:42.0356 0x0d00  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:55:42.0389 0x0d00  LanmanWorkstation - ok
15:55:42.0440 0x0d00  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
15:55:42.0450 0x0d00  lltdio - ok
15:55:42.0516 0x0d00  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
15:55:42.0559 0x0d00  lltdsvc - ok
15:55:42.0597 0x0d00  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
15:55:42.0608 0x0d00  lmhosts - ok
15:55:42.0677 0x0d00  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
15:55:42.0701 0x0d00  LSI_FC - ok
15:55:42.0739 0x0d00  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
15:55:42.0751 0x0d00  LSI_SAS - ok
15:55:42.0770 0x0d00  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
15:55:42.0798 0x0d00  LSI_SAS2 - ok
15:55:42.0822 0x0d00  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
15:55:42.0848 0x0d00  LSI_SCSI - ok
15:55:42.0880 0x0d00  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
15:55:42.0892 0x0d00  luafv - ok
15:55:42.0921 0x0d00  massfilter - ok
15:55:43.0016 0x0d00  [ 0BB97D43299910CBFBA59C461B99B910, 27C22D9D9EE8A410D7396960DA93E9E260D4DCDD38DCE06E85E45C5E24C067DE ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
15:55:43.0027 0x0d00  MBAMProtector - ok
15:55:43.0151 0x0d00  [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
15:55:43.0207 0x0d00  MBAMScheduler - ok
15:55:43.0312 0x0d00  [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
15:55:43.0419 0x0d00  MBAMService - ok
15:55:43.0501 0x0d00  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
15:55:43.0524 0x0d00  Mcx2Svc - ok
15:55:43.0664 0x0d00  [ 7CF1B716372B89568AE4C0FE769F5869, 0D70A7A594BCFBB26D7249C0F4B0AF9EF874F2318B3FDCE44648CC61279594ED ] MDM             C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
15:55:43.0697 0x0d00  MDM - ok
15:55:43.0727 0x0d00  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
15:55:43.0734 0x0d00  megasas - ok
15:55:43.0818 0x0d00  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
15:55:43.0874 0x0d00  MegaSR - ok
15:55:44.0004 0x0d00  [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
15:55:44.0017 0x0d00  Microsoft Office Groove Audit Service - ok
15:55:44.0097 0x0d00  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
15:55:44.0120 0x0d00  MMCSS - ok
15:55:44.0167 0x0d00  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
15:55:44.0174 0x0d00  Modem - ok
15:55:44.0222 0x0d00  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
15:55:44.0229 0x0d00  monitor - ok
15:55:44.0273 0x0d00  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
15:55:44.0281 0x0d00  mouclass - ok
15:55:44.0317 0x0d00  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
15:55:44.0328 0x0d00  mouhid - ok
15:55:44.0356 0x0d00  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
15:55:44.0367 0x0d00  mountmgr - ok
15:55:44.0408 0x0d00  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
15:55:44.0431 0x0d00  mpio - ok
15:55:44.0475 0x0d00  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:55:44.0485 0x0d00  mpsdrv - ok
15:55:44.0579 0x0d00  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
15:55:44.0660 0x0d00  MpsSvc - ok
15:55:44.0723 0x0d00  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:55:44.0746 0x0d00  MRxDAV - ok
15:55:44.0786 0x0d00  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:55:44.0808 0x0d00  mrxsmb - ok
15:55:44.0845 0x0d00  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:55:44.0874 0x0d00  mrxsmb10 - ok
15:55:44.0903 0x0d00  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:55:44.0915 0x0d00  mrxsmb20 - ok
15:55:44.0964 0x0d00  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
15:55:44.0970 0x0d00  msahci - ok
15:55:45.0016 0x0d00  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
15:55:45.0038 0x0d00  msdsm - ok
15:55:45.0074 0x0d00  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
15:55:45.0106 0x0d00  MSDTC - ok
15:55:45.0176 0x0d00  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:55:45.0183 0x0d00  Msfs - ok
15:55:45.0239 0x0d00  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
15:55:45.0248 0x0d00  mshidkmdf - ok
15:55:45.0264 0x0d00  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
15:55:45.0269 0x0d00  msisadrv - ok
15:55:45.0327 0x0d00  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
15:55:45.0358 0x0d00  MSiSCSI - ok
15:55:45.0372 0x0d00  msiserver - ok
15:55:45.0413 0x0d00  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
15:55:45.0419 0x0d00  MSKSSRV - ok
15:55:45.0438 0x0d00  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
15:55:45.0443 0x0d00  MSPCLOCK - ok
15:55:45.0469 0x0d00  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
15:55:45.0475 0x0d00  MSPQM - ok
15:55:45.0520 0x0d00  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
15:55:45.0551 0x0d00  MsRPC - ok
15:55:45.0593 0x0d00  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
15:55:45.0601 0x0d00  mssmbios - ok
15:55:45.0634 0x0d00  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
15:55:45.0640 0x0d00  MSTEE - ok
15:55:45.0674 0x0d00  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
15:55:45.0687 0x0d00  MTConfig - ok
15:55:45.0716 0x0d00  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
15:55:45.0724 0x0d00  Mup - ok
15:55:45.0808 0x0d00  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
15:55:45.0865 0x0d00  napagent - ok
15:55:45.0932 0x0d00  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
15:55:45.0971 0x0d00  NativeWifiP - ok
15:55:46.0177 0x0d00  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:55:46.0271 0x0d00  NDIS - ok
15:55:46.0311 0x0d00  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
15:55:46.0322 0x0d00  NdisCap - ok
15:55:46.0368 0x0d00  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:55:46.0380 0x0d00  NdisTapi - ok
15:55:46.0405 0x0d00  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
15:55:46.0414 0x0d00  Ndisuio - ok
15:55:46.0449 0x0d00  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
15:55:46.0471 0x0d00  NdisWan - ok
15:55:46.0498 0x0d00  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
15:55:46.0507 0x0d00  NDProxy - ok
15:55:46.0545 0x0d00  [ EE00C544C025958AF50C7B199F3C8595, D774DB020D9C46D1AA0B2DB9FA2C36C4A9C38D904CC6929695321D32ACA0D4D1 ] Netaapl         C:\Windows\system32\DRIVERS\netaapl64.sys
15:55:46.0556 0x0d00  Netaapl - ok
15:55:46.0573 0x0d00  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
15:55:46.0582 0x0d00  NetBIOS - ok
15:55:46.0633 0x0d00  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
15:55:46.0667 0x0d00  NetBT - ok
15:55:46.0699 0x0d00  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon        C:\Windows\system32\lsass.exe
15:55:46.0710 0x0d00  Netlogon - ok
15:55:46.0795 0x0d00  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
15:55:46.0839 0x0d00  Netman - ok
15:55:46.0897 0x0d00  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:55:46.0953 0x0d00  NetMsmqActivator - ok
15:55:47.0007 0x0d00  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:55:47.0018 0x0d00  NetPipeActivator - ok
15:55:47.0091 0x0d00  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
15:55:47.0149 0x0d00  netprofm - ok
15:55:47.0450 0x0d00  [ 9E6EF8D3EE10DB0CD9961AECBE1B8220, BA240F7EF28F6213F078B1CA41F048F77C1C2F2B95FEA4C12F68FFEFA23ADD9E ] netr28x         C:\Windows\system32\DRIVERS\netr28x.sys
15:55:47.0681 0x0d00  netr28x - ok
15:55:47.0788 0x0d00  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:55:47.0810 0x0d00  NetTcpActivator - ok
15:55:47.0843 0x0d00  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:55:47.0854 0x0d00  NetTcpPortSharing - ok
15:55:47.0916 0x0d00  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
15:55:47.0928 0x0d00  nfrd960 - ok
15:55:47.0988 0x0d00  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:55:48.0030 0x0d00  NlaSvc - ok
15:55:48.0055 0x0d00  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:55:48.0065 0x0d00  Npfs - ok
15:55:48.0092 0x0d00  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
15:55:48.0114 0x0d00  nsi - ok
15:55:48.0136 0x0d00  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:55:48.0144 0x0d00  nsiproxy - ok
15:55:48.0342 0x0d00  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
15:55:48.0476 0x0d00  Ntfs - ok
15:55:48.0509 0x0d00  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
15:55:48.0520 0x0d00  Null - ok
15:55:48.0563 0x0d00  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
15:55:48.0584 0x0d00  nvraid - ok
15:55:48.0612 0x0d00  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
15:55:48.0632 0x0d00  nvstor - ok
15:55:48.0670 0x0d00  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
15:55:48.0683 0x0d00  nv_agp - ok
15:55:48.0814 0x0d00  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:55:48.0860 0x0d00  odserv - ok
15:55:48.0882 0x0d00  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
15:55:48.0892 0x0d00  ohci1394 - ok
15:55:48.0985 0x0d00  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:55:49.0007 0x0d00  ose - ok
15:55:49.0099 0x0d00  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
15:55:49.0146 0x0d00  p2pimsvc - ok
15:55:49.0241 0x0d00  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
15:55:49.0295 0x0d00  p2psvc - ok
15:55:49.0331 0x0d00  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
15:55:49.0354 0x0d00  Parport - ok
15:55:49.0404 0x0d00  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
15:55:49.0427 0x0d00  partmgr - ok
15:55:49.0464 0x0d00  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:55:49.0497 0x0d00  PcaSvc - ok
15:55:49.0541 0x0d00  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
15:55:49.0562 0x0d00  pci - ok
15:55:49.0607 0x0d00  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
15:55:49.0619 0x0d00  pciide - ok
15:55:49.0669 0x0d00  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
15:55:49.0705 0x0d00  pcmcia - ok
15:55:49.0747 0x0d00  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
15:55:49.0757 0x0d00  pcw - ok
15:55:49.0830 0x0d00  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:55:49.0892 0x0d00  PEAUTH - ok
15:55:49.0975 0x0d00  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
15:55:49.0986 0x0d00  PerfHost - ok
15:55:50.0167 0x0d00  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
15:55:50.0303 0x0d00  pla - ok
15:55:50.0386 0x0d00  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:55:50.0438 0x0d00  PlugPlay - ok
15:55:50.0469 0x0d00  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
15:55:50.0493 0x0d00  PNRPAutoReg - ok
15:55:50.0540 0x0d00  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
15:55:50.0570 0x0d00  PNRPsvc - ok
15:55:50.0667 0x0d00  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
15:55:50.0725 0x0d00  PolicyAgent - ok
15:55:50.0784 0x0d00  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
15:55:50.0818 0x0d00  Power - ok
15:55:50.0866 0x0d00  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
15:55:50.0889 0x0d00  PptpMiniport - ok
15:55:50.0919 0x0d00  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
15:55:50.0942 0x0d00  Processor - ok
15:55:51.0009 0x0d00  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
15:55:51.0042 0x0d00  ProfSvc - ok
15:55:51.0062 0x0d00  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
15:55:51.0085 0x0d00  ProtectedStorage - ok
15:55:51.0171 0x0d00  [ 07D57B890DD5693A6AB660CBAE8F91B4, 934895A41C116056E22FE3298418332A9F4280F96E96EEE06C977A4925395674 ] PxHlpa64        C:\Windows\system32\drivers\PxHlpa64.sys
15:55:51.0204 0x0d00  PxHlpa64 - ok
15:55:51.0379 0x0d00  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
15:55:51.0540 0x0d00  ql2300 - ok
15:55:51.0570 0x0d00  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
15:55:51.0583 0x0d00  ql40xx - ok
15:55:51.0638 0x0d00  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
15:55:51.0671 0x0d00  QWAVE - ok
15:55:51.0696 0x0d00  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:55:51.0706 0x0d00  QWAVEdrv - ok
15:55:51.0753 0x0d00  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:55:51.0759 0x0d00  RasAcd - ok
15:55:51.0802 0x0d00  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
15:55:51.0809 0x0d00  RasAgileVpn - ok
15:55:51.0845 0x0d00  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
15:55:51.0869 0x0d00  RasAuto - ok
15:55:51.0902 0x0d00  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
15:55:51.0924 0x0d00  Rasl2tp - ok
15:55:51.0987 0x0d00  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
15:55:52.0034 0x0d00  RasMan - ok
15:55:52.0063 0x0d00  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:55:52.0075 0x0d00  RasPppoe - ok
15:55:52.0125 0x0d00  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
15:55:52.0136 0x0d00  RasSstp - ok
15:55:52.0183 0x0d00  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
15:55:52.0218 0x0d00  rdbss - ok
15:55:52.0272 0x0d00  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
15:55:52.0279 0x0d00  rdpbus - ok
15:55:52.0312 0x0d00  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
15:55:52.0318 0x0d00  RDPCDD - ok
15:55:52.0365 0x0d00  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
15:55:52.0371 0x0d00  RDPENCDD - ok
15:55:52.0398 0x0d00  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
15:55:52.0405 0x0d00  RDPREFMP - ok
15:55:52.0489 0x0d00  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
15:55:52.0522 0x0d00  RDPWD - ok
15:55:52.0569 0x0d00  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
15:55:52.0600 0x0d00  rdyboost - ok
15:55:52.0648 0x0d00  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:55:52.0672 0x0d00  RemoteAccess - ok
15:55:52.0723 0x0d00  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
15:55:52.0757 0x0d00  RemoteRegistry - ok
15:55:52.0817 0x0d00  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
15:55:52.0839 0x0d00  RFCOMM - ok
15:55:52.0884 0x0d00  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
15:55:52.0907 0x0d00  RpcEptMapper - ok
15:55:52.0922 0x0d00  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
15:55:52.0931 0x0d00  RpcLocator - ok
15:55:52.0990 0x0d00  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
15:55:53.0034 0x0d00  RpcSs - ok
15:55:53.0143 0x0d00  [ 7F4F11527AF5A7E4526CB6A146B3E40C, 705177014374AB2F12AF4558344C35C206C2820BD1A16770173EA10D094D182B ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
15:55:53.0255 0x0d00  RTL8167 - ok
15:55:53.0305 0x0d00  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs           C:\Windows\system32\lsass.exe
15:55:53.0316 0x0d00  SamSs - ok
15:55:53.0354 0x0d00  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
15:55:53.0378 0x0d00  sbp2port - ok
15:55:53.0462 0x0d00  scan - ok
15:55:53.0511 0x0d00  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:55:53.0542 0x0d00  SCardSvr - ok
15:55:53.0567 0x0d00  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
15:55:53.0574 0x0d00  scfilter - ok
15:55:53.0680 0x0d00  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
15:55:53.0785 0x0d00  Schedule - ok
15:55:53.0829 0x0d00  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
15:55:53.0838 0x0d00  SCPolicySvc - ok
15:55:53.0892 0x0d00  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
15:55:53.0905 0x0d00  sdbus - ok
15:55:53.0938 0x0d00  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
15:55:53.0971 0x0d00  SDRSVC - ok
15:55:54.0016 0x0d00  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
15:55:54.0022 0x0d00  secdrv - ok
15:55:54.0038 0x0d00  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
15:55:54.0052 0x0d00  seclogon - ok
15:55:54.0075 0x0d00  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
15:55:54.0100 0x0d00  SENS - ok
15:55:54.0154 0x0d00  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
15:55:54.0177 0x0d00  SensrSvc - ok
15:55:54.0208 0x0d00  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
15:55:54.0214 0x0d00  Serenum - ok
15:55:54.0285 0x0d00  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
15:55:54.0297 0x0d00  Serial - ok
15:55:54.0334 0x0d00  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
15:55:54.0341 0x0d00  sermouse - ok
15:55:54.0406 0x0d00  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
15:55:54.0438 0x0d00  SessionEnv - ok
15:55:54.0453 0x0d00  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
15:55:54.0458 0x0d00  sffdisk - ok
15:55:54.0476 0x0d00  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
15:55:54.0483 0x0d00  sffp_mmc - ok
15:55:54.0509 0x0d00  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
15:55:54.0515 0x0d00  sffp_sd - ok
15:55:54.0533 0x0d00  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
15:55:54.0538 0x0d00  sfloppy - ok
15:55:54.0609 0x0d00  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
15:55:54.0655 0x0d00  SharedAccess - ok
15:55:54.0710 0x0d00  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:55:54.0757 0x0d00  ShellHWDetection - ok
15:55:54.0800 0x0d00  [ 1BC348CF6BAA90EC8E533EF6E6A69933, 2B26F6EB701F48E092DED6A7B888F24736F2899EE81D54DD4B1E9DF7CFD36E7A ] SiSGbeLH        C:\Windows\system32\DRIVERS\SiSG664.sys
15:55:54.0809 0x0d00  SiSGbeLH - ok
15:55:54.0844 0x0d00  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
15:55:54.0854 0x0d00  SiSRaid2 - ok
15:55:54.0874 0x0d00  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
15:55:54.0885 0x0d00  SiSRaid4 - ok
15:55:54.0926 0x0d00  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
15:55:54.0938 0x0d00  Smb - ok
15:55:54.0990 0x0d00  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:55:55.0014 0x0d00  SNMPTRAP - ok
15:55:55.0042 0x0d00  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
15:55:55.0050 0x0d00  spldr - ok
15:55:55.0139 0x0d00  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
15:55:55.0217 0x0d00  Spooler - ok
15:55:55.0545 0x0d00  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
15:55:55.0855 0x0d00  sppsvc - ok
15:55:55.0899 0x0d00  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
15:55:55.0921 0x0d00  sppuinotify - ok
15:55:55.0977 0x0d00  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
15:55:56.0021 0x0d00  srv - ok
15:55:56.0081 0x0d00  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:55:56.0123 0x0d00  srv2 - ok
15:55:56.0158 0x0d00  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:55:56.0181 0x0d00  srvnet - ok
15:55:56.0229 0x0d00  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
15:55:56.0263 0x0d00  SSDPSRV - ok
15:55:56.0301 0x0d00  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
15:55:56.0318 0x0d00  SstpSvc - ok
15:55:56.0353 0x0d00  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
15:55:56.0360 0x0d00  stexstor - ok
15:55:56.0451 0x0d00  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
15:55:56.0570 0x0d00  stisvc - ok
15:55:56.0614 0x0d00  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
15:55:56.0626 0x0d00  swenum - ok
15:55:56.0703 0x0d00  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
15:55:56.0770 0x0d00  swprv - ok
15:55:56.0967 0x0d00  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
15:55:57.0123 0x0d00  SysMain - ok
15:55:57.0193 0x0d00  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:55:57.0223 0x0d00  TabletInputService - ok
15:55:57.0268 0x0d00  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
15:55:57.0313 0x0d00  TapiSrv - ok
15:55:57.0365 0x0d00  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
15:55:57.0395 0x0d00  TBS - ok
15:55:57.0590 0x0d00  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
15:55:57.0774 0x0d00  Tcpip - ok
15:55:58.0021 0x0d00  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
15:55:58.0186 0x0d00  TCPIP6 - ok
15:55:58.0255 0x0d00  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:55:58.0266 0x0d00  tcpipreg - ok
15:55:58.0314 0x0d00  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
15:55:58.0321 0x0d00  TDPIPE - ok
15:55:58.0382 0x0d00  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
15:55:58.0389 0x0d00  TDTCP - ok
15:55:58.0440 0x0d00  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
15:55:58.0463 0x0d00  tdx - ok
15:55:58.0492 0x0d00  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
15:55:58.0504 0x0d00  TermDD - ok
15:55:58.0600 0x0d00  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
15:55:58.0673 0x0d00  TermService - ok
15:55:58.0710 0x0d00  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
15:55:58.0734 0x0d00  Themes - ok
15:55:58.0761 0x0d00  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
15:55:58.0784 0x0d00  THREADORDER - ok
15:55:58.0826 0x0d00  [ DBCC20C02E8A3E43B03C304A4E40A84F, BF5F3ACCB0342304A6870E94D2576644B08DBF307C853C7DBA4B82B0C7309DA4 ] TPM             C:\Windows\system32\drivers\tpm.sys
15:55:58.0834 0x0d00  TPM - ok
15:55:58.0884 0x0d00  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
15:55:58.0918 0x0d00  TrkWks - ok
15:55:58.0997 0x0d00  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:55:59.0030 0x0d00  TrustedInstaller - ok
15:55:59.0093 0x0d00  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
15:55:59.0101 0x0d00  tssecsrv - ok
15:55:59.0144 0x0d00  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
15:55:59.0160 0x0d00  TsUsbFlt - ok
15:55:59.0223 0x0d00  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
15:55:59.0233 0x0d00  TsUsbGD - ok
15:55:59.0309 0x0d00  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
15:55:59.0332 0x0d00  tunnel - ok
15:55:59.0373 0x0d00  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
15:55:59.0383 0x0d00  uagp35 - ok
15:55:59.0445 0x0d00  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:55:59.0479 0x0d00  udfs - ok
15:55:59.0515 0x0d00  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
15:55:59.0533 0x0d00  UI0Detect - ok
15:55:59.0577 0x0d00  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
15:55:59.0587 0x0d00  uliagpkx - ok
15:55:59.0634 0x0d00  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
15:55:59.0646 0x0d00  umbus - ok
15:55:59.0663 0x0d00  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
15:55:59.0669 0x0d00  UmPass - ok
15:55:59.0725 0x0d00  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
15:55:59.0770 0x0d00  upnphost - ok
15:55:59.0825 0x0d00  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
15:55:59.0834 0x0d00  USBAAPL64 - ok
15:55:59.0898 0x0d00  [ ACCEA6BC68D0C9A78EB97EE159028B4E, 132F7A543C1DA9456FBABA50552B37E3162ACA612A8567BB3FF0F7DA84231419 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
15:55:59.0910 0x0d00  usbccgp - ok
15:55:59.0980 0x0d00  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
15:56:00.0003 0x0d00  usbcir - ok
15:56:00.0042 0x0d00  [ 311C1DD1088E55BEAE15954D17F50646, A663344ABD1414D570617F59CC00020640F31DB34265142EFCA8817328DB842A ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
15:56:00.0051 0x0d00  usbehci - ok
15:56:00.0112 0x0d00  [ 33A58C5630200E17B51C8D73DD64181B, 75707B7E5CE686119CA430944477C9A6DBD5AA4211FDDECFF0986EACA65975B3 ] usbfilter       C:\Windows\system32\DRIVERS\usbfilter.sys
15:56:00.0131 0x0d00  usbfilter - ok
15:56:00.0215 0x0d00  [ 280E90CBF4B2DDD169F0728CB44D726F, 2B39666C022A4F7338BDDB4CB0D7B4D0CC6B398298D29E38826F27FADF4C29DD ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
15:56:00.0256 0x0d00  usbhub - ok
15:56:00.0310 0x0d00  [ F0B7639E9B40BBC1F9C783006C39B5E0, D2E2A219735CDBA34E241E7A78EEDB2F4E1196E831F25F4FDFD9EE814F7B0534 ] UsbModemDriver  C:\Windows\system32\DRIVERS\USB_MODEM_T.sys
15:56:00.0331 0x0d00  UsbModemDriver - ok
15:56:00.0378 0x0d00  [ 9406D801042FAF859CF81B2C886413DC, D16536EC05260D7A2902314E1AA5E5F73533483B9967739C381FD41B6192B92F ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
15:56:00.0385 0x0d00  usbohci - ok
15:56:00.0434 0x0d00  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
15:56:00.0445 0x0d00  usbprint - ok
15:56:00.0478 0x0d00  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:56:00.0489 0x0d00  USBSTOR - ok
15:56:00.0542 0x0d00  [ A83D0EC9AE4C31704442099D40BA2471, A29D714FCDF10DF7A2A17D54B131AEFDA61AED988CF8B99C7B30728C50130DCE ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
15:56:00.0550 0x0d00  usbuhci - ok
15:56:00.0632 0x0d00  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
15:56:00.0687 0x0d00  usbvideo - ok
15:56:00.0728 0x0d00  [ 712569CAF1099404F04DB2F73E03C5F8, 61A20AFB2CA669A0C6D7917AE3020EAFAC4A27FFB8C5EAEFDE2E60619FB8A8FD ] USB_BusEnum_H   C:\Windows\system32\DRIVERS\USB_BusEnum_H.sys
15:56:00.0740 0x0d00  USB_BusEnum_H - ok
15:56:00.0801 0x0d00  [ 712569CAF1099404F04DB2F73E03C5F8, 61A20AFB2CA669A0C6D7917AE3020EAFAC4A27FFB8C5EAEFDE2E60619FB8A8FD ] USB_BusEnum_T   C:\Windows\system32\DRIVERS\USB_BusEnum_T.sys
15:56:00.0812 0x0d00  USB_BusEnum_T - ok
15:56:00.0867 0x0d00  [ 712569CAF1099404F04DB2F73E03C5F8, 61A20AFB2CA669A0C6D7917AE3020EAFAC4A27FFB8C5EAEFDE2E60619FB8A8FD ] USB_BusEnum_W   C:\Windows\system32\DRIVERS\USB_BusEnum_W.sys
15:56:00.0877 0x0d00  USB_BusEnum_W - ok
15:56:00.0927 0x0d00  [ D81A7A4875CB431815C7E04046201208, 4A0A7FB2B2589B474FC8644E0373252A3B6B83DC17EB33FBADD854A0E65406C2 ] USB_ETS_H       C:\Windows\system32\DRIVERS\USB_ETS_H.sys
15:56:00.0934 0x0d00  USB_ETS_H - ok
15:56:00.0985 0x0d00  [ D81A7A4875CB431815C7E04046201208, 4A0A7FB2B2589B474FC8644E0373252A3B6B83DC17EB33FBADD854A0E65406C2 ] USB_ETS_T       C:\Windows\system32\DRIVERS\USB_ETS_T.sys
15:56:00.0996 0x0d00  USB_ETS_T - ok
15:56:01.0043 0x0d00  [ D81A7A4875CB431815C7E04046201208, 4A0A7FB2B2589B474FC8644E0373252A3B6B83DC17EB33FBADD854A0E65406C2 ] USB_ETS_W       C:\Windows\system32\DRIVERS\USB_ETS_W.sys
15:56:01.0056 0x0d00  USB_ETS_W - ok
15:56:01.0088 0x0d00  [ 5438E4DA624A8C4728D51CA095F48804, F9755314ACCDF803BF2A2F485612AF7E8F19865D1331AAAF581C3211473039CC ] USB_WinMux_H    C:\Windows\system32\DRIVERS\USB_WinMux_H.sys
15:56:01.0100 0x0d00  USB_WinMux_H - ok
15:56:01.0148 0x0d00  [ 5438E4DA624A8C4728D51CA095F48804, F9755314ACCDF803BF2A2F485612AF7E8F19865D1331AAAF581C3211473039CC ] USB_WinMux_T    C:\Windows\system32\DRIVERS\USB_WinMux_T.sys
15:56:01.0155 0x0d00  USB_WinMux_T - ok
15:56:01.0195 0x0d00  [ 5438E4DA624A8C4728D51CA095F48804, F9755314ACCDF803BF2A2F485612AF7E8F19865D1331AAAF581C3211473039CC ] USB_WinMux_W    C:\Windows\system32\DRIVERS\USB_WinMux_W.sys
15:56:01.0203 0x0d00  USB_WinMux_W - ok
15:56:01.0307 0x0d00  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
15:56:01.0330 0x0d00  UxSms - ok
15:56:01.0363 0x0d00  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc        C:\Windows\system32\lsass.exe
15:56:01.0375 0x0d00  VaultSvc - ok
15:56:01.0446 0x0d00  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
15:56:01.0455 0x0d00  vdrvroot - ok
15:56:01.0557 0x0d00  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
15:56:01.0617 0x0d00  vds - ok
15:56:01.0647 0x0d00  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
15:56:01.0654 0x0d00  vga - ok
15:56:01.0690 0x0d00  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
15:56:01.0702 0x0d00  VgaSave - ok
15:56:01.0745 0x0d00  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
15:56:01.0777 0x0d00  vhdmp - ok
15:56:01.0832 0x0d00  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
15:56:01.0839 0x0d00  viaide - ok
15:56:01.0880 0x0d00  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
15:56:01.0894 0x0d00  volmgr - ok
15:56:01.0953 0x0d00  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
15:56:01.0996 0x0d00  volmgrx - ok
15:56:02.0038 0x0d00  [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B889161EC2BC6527A ] volsnap         C:\Windows\system32\drivers\volsnap.sys
15:56:02.0072 0x0d00  volsnap - ok
15:56:02.0125 0x0d00  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
15:56:02.0180 0x0d00  vsmraid - ok
15:56:02.0367 0x0d00  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
15:56:02.0518 0x0d00  VSS - ok
15:56:02.0543 0x0d00  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
15:56:02.0549 0x0d00  vwifibus - ok
15:56:02.0582 0x0d00  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
15:56:02.0604 0x0d00  vwififlt - ok
15:56:02.0657 0x0d00  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
15:56:02.0669 0x0d00  vwifimp - ok
15:56:02.0728 0x0d00  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
15:56:02.0785 0x0d00  W32Time - ok
15:56:02.0812 0x0d00  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
15:56:02.0821 0x0d00  WacomPen - ok
15:56:02.0862 0x0d00  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
15:56:02.0874 0x0d00  WANARP - ok
15:56:02.0908 0x0d00  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
15:56:02.0917 0x0d00  Wanarpv6 - ok
15:56:03.0108 0x0d00  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
15:56:03.0219 0x0d00  WatAdminSvc - ok
15:56:03.0369 0x0d00  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
15:56:03.0513 0x0d00  wbengine - ok
15:56:03.0563 0x0d00  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
15:56:03.0598 0x0d00  WbioSrvc - ok
15:56:03.0661 0x0d00  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
15:56:03.0707 0x0d00  wcncsvc - ok
15:56:03.0729 0x0d00  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:56:03.0751 0x0d00  WcsPlugInService - ok
15:56:03.0779 0x0d00  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
15:56:03.0790 0x0d00  Wd - ok
15:56:03.0894 0x0d00  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:56:03.0972 0x0d00  Wdf01000 - ok
15:56:04.0031 0x0d00  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
15:56:04.0062 0x0d00  WdiServiceHost - ok
15:56:04.0087 0x0d00  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
15:56:04.0104 0x0d00  WdiSystemHost - ok
15:56:04.0168 0x0d00  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
15:56:04.0214 0x0d00  WebClient - ok
15:56:04.0261 0x0d00  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:56:04.0303 0x0d00  Wecsvc - ok
15:56:04.0333 0x0d00  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
15:56:04.0356 0x0d00  wercplsupport - ok
15:56:04.0406 0x0d00  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
15:56:04.0438 0x0d00  WerSvc - ok
15:56:04.0504 0x0d00  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
15:56:04.0511 0x0d00  WfpLwf - ok
15:56:04.0558 0x0d00  [ 52DED146E4797E6CCF94799E8E22BB2A, 57A29260D81AA3AD3F8C29E9CFA7CE3970D7A8BF673ADD9B256EE76C7DEC080E ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
15:56:04.0581 0x0d00  WimFltr - ok
15:56:04.0609 0x0d00  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
15:56:04.0616 0x0d00  WIMMount - ok
15:56:04.0651 0x0d00  WinDefend - ok
15:56:04.0690 0x0d00  WinHttpAutoProxySvc - ok
15:56:04.0768 0x0d00  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
15:56:04.0802 0x0d00  Winmgmt - ok
15:56:04.0987 0x0d00  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
15:56:05.0161 0x0d00  WinRM - ok
15:56:05.0242 0x0d00  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUSB.sys
15:56:05.0250 0x0d00  WinUsb - ok
15:56:05.0348 0x0d00  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
15:56:05.0440 0x0d00  Wlansvc - ok
15:56:05.0581 0x0d00  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
15:56:05.0611 0x0d00  wlcrasvc - ok
15:56:05.0879 0x0d00  [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:56:06.0068 0x0d00  wlidsvc - ok
15:56:06.0124 0x0d00  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
15:56:06.0131 0x0d00  WmiAcpi - ok
15:56:06.0233 0x0d00  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:56:06.0264 0x0d00  wmiApSrv - ok
15:56:06.0301 0x0d00  WMPNetworkSvc - ok
15:56:06.0353 0x0d00  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
15:56:06.0377 0x0d00  WPCSvc - ok
15:56:06.0412 0x0d00  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:56:06.0445 0x0d00  WPDBusEnum - ok
15:56:06.0511 0x0d00  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
15:56:06.0518 0x0d00  ws2ifsl - ok
15:56:06.0555 0x0d00  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
15:56:06.0586 0x0d00  wscsvc - ok
15:56:06.0601 0x0d00  WSearch - ok
15:56:06.0852 0x0d00  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
15:56:07.0069 0x0d00  wuauserv - ok
15:56:07.0125 0x0d00  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
15:56:07.0137 0x0d00  WudfPf - ok
15:56:07.0187 0x0d00  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
15:56:07.0218 0x0d00  WUDFRd - ok
15:56:07.0283 0x0d00  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
15:56:07.0317 0x0d00  wudfsvc - ok
15:56:07.0372 0x0d00  [ FE90B750AB808FB9DD8FBB428B5FF83B, 3F8F592EC813BE292D305A87C5BA852F8BC3D7CE610612D9871F209A17326AA8 ] WwanSvc         C:\Windows\System32\wwansvc.dll
15:56:07.0415 0x0d00  WwanSvc - ok
15:56:07.0484 0x0d00  [ ABEA67F122D25A0B1E0F7C0ABEECA069, F1BD154C9ED2CAEFF73FE40067CB757C56DCE60ED1B2D62F699C0CD77891D92A ] ztemtusbser     C:\Windows\system32\DRIVERS\CT_ZTEMT_U_USBSER.sys
15:56:07.0507 0x0d00  ztemtusbser - ok
15:56:07.0541 0x0d00  ZTEusbmdm6k - ok
15:56:07.0566 0x0d00  ZTEusbnet - ok
15:56:07.0586 0x0d00  ZTEusbnmea - ok
15:56:07.0635 0x0d00  ZTEusbser6k - ok
15:56:07.0766 0x0d00  ================ Scan global ===============================
15:56:07.0810 0x0d00  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
15:56:07.0882 0x0d00  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
15:56:07.0949 0x0d00  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
15:56:08.0017 0x0d00  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
15:56:08.0100 0x0d00  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
15:56:08.0145 0x0d00  [ Global ] - ok
15:56:08.0146 0x0d00  ================ Scan MBR ==================================
15:56:08.0162 0x0d00  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
15:56:08.0187 0x0d00  \Device\Harddisk0\DR0 - ok
15:56:08.0189 0x0d00  ================ Scan VBR ==================================
15:56:08.0205 0x0d00  [ 205EEB52DFCCBD2FCE878E1CD94BACF2 ] \Device\Harddisk0\DR0\Partition1
15:56:08.0210 0x0d00  \Device\Harddisk0\DR0\Partition1 - ok
15:56:08.0232 0x0d00  [ 78210174E40617E6F8BFBF4041B6E54B ] \Device\Harddisk0\DR0\Partition2
15:56:08.0233 0x0d00  \Device\Harddisk0\DR0\Partition2 - ok
15:56:08.0250 0x0d00  [ 1765BDDB86A77C20462BCAB92C067EF2 ] \Device\Harddisk0\DR0\Partition3
15:56:08.0254 0x0d00  \Device\Harddisk0\DR0\Partition3 - ok
15:56:08.0287 0x0d00  [ 376B8FC455D5EDDF76B361A91DD0F6F1 ] \Device\Harddisk0\DR0\Partition4
15:56:08.0294 0x0d00  \Device\Harddisk0\DR0\Partition4 - ok
15:56:08.0331 0x0d00  [ 8B2DDAEE0C4F482FA93F113380A037C4 ] \Device\Harddisk0\DR0\Partition5
15:56:08.0336 0x0d00  \Device\Harddisk0\DR0\Partition5 - ok
15:56:08.0338 0x0d00  Waiting for KSN requests completion. In queue: 110
15:56:09.0339 0x0d00  Waiting for KSN requests completion. In queue: 110
15:56:10.0465 0x0d00  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2011.263 ), 0x41000 ( enabled : updated )
15:56:10.0490 0x0d00  Win FW state via NFP2: enabled
15:56:11.0357 0x0d00  ============================================================
15:56:11.0358 0x0d00  Scan finished
15:56:11.0358 0x0d00  ============================================================
15:56:11.0393 0x1298  Detected object count: 0
15:56:11.0393 0x1298  Actual detected object count: 0
16:05:59.0158 0x1058  Deinitialize success
 
 
 
 
# AdwCleaner v3.017 - Report created 14/01/2014 at 16:37:17
# Updated 12/01/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Ethan - ETHAN-PC
# Running from : C:\Windows\Temp\dlmC1CA.tmp\adwcleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\blekko toolbars
Folder Deleted : C:\ProgramData\rvlkl
Folder Deleted : C:\Program Files (x86)\Toolbar Cleaner
Folder Deleted : C:\Users\Ethan\AppData\Local\filetypeassistant
Folder Deleted : C:\Users\Ethan\AppData\LocalLow\adawaretb
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioCompress3.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioFormatSettings3.DLL
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{F54A0D21-6A53-460C-8301-C694EC9E1033}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{F7BCCFD4-2FA6-477D-A1B0-EF7500B3C49E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F14321-8FED-4CBC-B01A-4B57FC199062}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2C6F7E96-73BC-47A5-9F51-B67F0BAFE24D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4C58EB04-7B72-4D3D-A36E-66167A99BC31}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4EE0B011-604C-47F3-8F2B-39F79640B85E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6C9945B7-1D19-46CB-88C0-45A24DF6CD6E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{84B9B044-17C0-48FB-A300-C9747D5DF29C}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Deleted : HKCU\Software\OCS
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\Software\adawaretb
Key Deleted : HKLM\Software\Toolbar Cleaner
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v10.0.9200.16736
 
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
 
-\\ Google Chrome v31.0.1650.63
 
[ File : C:\Users\Ethan\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted : homepage
 
*************************
 
AdwCleaner[R0].txt - [3824 octets] - [14/01/2014 16:15:57]
AdwCleaner[S0].txt - [3255 octets] - [14/01/2014 16:37:17]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3315 octets] ##########
 
 


#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:00 PM

Posted 14 January 2014 - 08:45 PM

Anything from ESET yet? l know it can take hors sometimes.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 Smoke&mirrors

Smoke&mirrors
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  

Posted 15 January 2014 - 12:07 AM

Boopme.. It just finished...here is the results.

 

also Boopme...is it ok that JRT did not work?

 

C:\Users\Ethan\AppData\Local\Temp\72cd10a3-978f-4d54-9b3f-a0c67d1b3401.exe multiple threats
C:\Users\Ethan\AppData\Local\Temp\DeltaTB.exe.0 a variant of Win32/Toolbar.Babylon.H application
C:\Users\Ethan\AppData\Local\Temp\ICReinstall_Setup.exe a variant of Win32/InstallCore.GZ application
C:\Users\Ethan\AppData\Local\Temp\OCS\ocs_v71a.exe a variant of Win32/DownloadSponsor.A application
C:\Users\Ethan\AppData\Local\Temp\OCS\Downloads\4fa1c9165c1398e0457a3bcba496c17c\39bdceba34b3d92c9a195d975e7d974c\rcsetup_v148.exe Win32/Bundled.Toolbar.Google.D application
C:\Users\Ethan\Desktop\cbsidlm-cbsi176-Junkware_Removal_Tool-SEO-75910255.exe a variant of Win32/CNETInstaller.B application
C:\Users\Ethan\Downloads\cbsidlm-cbsi118-Pandora_Recovery-SEO-10694796.exe a variant of Win32/CNETInstaller.B application
C:\Users\Ethan\Downloads\cbsidlm-cbsi134-Pandora_Recovery-BP-10694796.exe a variant of Win32/CNETInstaller.B application
C:\Users\Ethan\Downloads\cbsidlm-cbsi145-CodeBreaker-SEO-10969474.exe a variant of Win32/CNETInstaller.B application
C:\Users\Ethan\Downloads\cbsidlm-cbsi145-iBackupBot-SEO-10969873.exe a variant of Win32/CNETInstaller.B application
C:\Users\Ethan\Downloads\cbsidlm-cbsi145-iExplorer-SEO-10969335.exe a variant of Win32/CNETInstaller.B application
C:\Users\Ethan\Downloads\cbsidlm-cbsi171-AdwCleaner-SEO-75851221.exe a variant of Win32/CNETInstaller.B application
C:\Users\Ethan\Downloads\rcsetup148.exe Win32/Bundled.Toolbar.Google.D application
C:\Users\Ethan\Downloads\recuva-1-48.exe a variant of Win32/DownloadSponsor.A application
C:\Users\Ethan\Downloads\Setup.exe a variant of Win32/InstallCore.GZ application
C:\Users\Ethan\Downloads\WinZip175.exe a variant of Win32/OpenInstall application
C:\Documents and Settings\Ethan\AppData\Local\Temp\72cd10a3-978f-4d54-9b3f-a0c67d1b3401.exe multiple threats cleaned by deleting - quarantined
C:\Documents and Settings\Ethan\AppData\Local\Temp\DeltaTB.exe.0 a variant of Win32/Toolbar.Babylon.H application cleaned by deleting - quarantined
C:\Documents and Settings\Ethan\AppData\Local\Temp\ICReinstall_Setup.exe a variant of Win32/InstallCore.GZ application cleaned by deleting - quarantined
C:\Documents and Settings\Ethan\AppData\Local\Temp\OCS\ocs_v71a.exe a variant of Win32/DownloadSponsor.A application cleaned by deleting - quarantined
C:\Documents and Settings\Ethan\AppData\Local\Temp\OCS\Downloads\4fa1c9165c1398e0457a3bcba496c17c\39bdceba34b3d92c9a195d975e7d974c\rcsetup_v148.exe Win32/Bundled.Toolbar.Google.D application cleaned by deleting - quarantined
C:\Documents and Settings\Ethan\Desktop\cbsidlm-cbsi176-Junkware_Removal_Tool-SEO-75910255.exe a variant of Win32/CNETInstaller.B application cleaned by deleting - quarantined
C:\Documents and Settings\Ethan\Downloads\cbsidlm-cbsi118-Pandora_Recovery-SEO-10694796.exe a variant of Win32/CNETInstaller.B application cleaned by deleting - quarantined
C:\Documents and Settings\Ethan\Downloads\cbsidlm-cbsi134-Pandora_Recovery-BP-10694796.exe a variant of Win32/CNETInstaller.B application cleaned by deleting - quarantined
C:\Documents and Settings\Ethan\Downloads\cbsidlm-cbsi145-CodeBreaker-SEO-10969474.exe a variant of Win32/CNETInstaller.B application cleaned by deleting - quarantined
C:\Documents and Settings\Ethan\Downloads\cbsidlm-cbsi145-iBackupBot-SEO-10969873.exe a variant of Win32/CNETInstaller.B application cleaned by deleting - quarantined
C:\Documents and Settings\Ethan\Downloads\cbsidlm-cbsi145-iExplorer-SEO-10969335.exe a variant of Win32/CNETInstaller.B application cleaned by deleting - quarantined
C:\Documents and Settings\Ethan\Downloads\cbsidlm-cbsi171-AdwCleaner-SEO-75851221.exe a variant of Win32/CNETInstaller.B application cleaned by deleting - quarantined
C:\Documents and Settings\Ethan\Downloads\rcsetup148.exe Win32/Bundled.Toolbar.Google.D application cleaned by deleting - quarantined
C:\Documents and Settings\Ethan\Downloads\recuva-1-48.exe a variant of Win32/DownloadSponsor.A application cleaned by deleting - quarantined
C:\Documents and Settings\Ethan\Downloads\Setup.exe a variant of Win32/InstallCore.GZ application cleaned by deleting - quarantined
C:\Documents and Settings\Ethan\Downloads\WinZip175.exe a variant of Win32/OpenInstall application cleaned by deleting - quarantined
D:\last try\ProgramData\rvlkl\rvlkl.exe a variant of Win64/KeyLogger.RevealerKeylogger.NAA application cleaned by deleting - quarantined
D:\last try\Users\Ethan\AppData\Local\Temp\DeltaTB.exe.0 a variant of Win32/Toolbar.Babylon.H application cleaned by deleting - quarantined
D:\last try\Users\Ethan\Downloads\cbsidlm-cbsi118-Pandora_Recovery-SEO-10694796.exe a variant of Win32/CNETInstaller.B application cleaned by deleting - quarantined
D:\last try\Users\Ethan\Downloads\cbsidlm-cbsi118-Pandora_Recovery-SEO-10694796_1.exe a variant of Win32/CNETInstaller.B application cleaned by deleting - quarantined
D:\last try\Users\Ethan\Downloads\cbsidlm-cbsi134-Pandora_Recovery-BP-10694796.exe a variant of Win32/CNETInstaller.B application cleaned by deleting - quarantined
D:\last try\Users\Ethan\Downloads\cbsidlm-cbsi134-Pandora_Recovery-BP-10694796_1.exe a variant of Win32/CNETInstaller.B application cleaned by deleting - quarantined
D:\last try\Users\Ethan\Downloads\WinZip175.exe a variant of Win32/OpenInstall application cleaned by deleting - quarantined
D:\last try\Users\Ethan\poo\121103125101.gif a variant of Win32/Toolbar.Montiera.F application cleaned by deleting - quarantined
D:\last try\Users\Ethan\poo\121103125101_1.gif a variant of Win32/Toolbar.Montiera.F application cleaned by deleting - quarantined


#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:00 PM

Posted 15 January 2014 - 03:40 PM

You can try JRT once more from Safe Mode.. I have to see why it will not run .. Your AV may be stopping it.

 

There was a Keylogger installed here.. Did you put it there?

 

How is it running now?


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 Smoke&mirrors

Smoke&mirrors
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  

Posted 16 January 2014 - 09:28 PM

Hey Boopme, yeah initially the keylogger was mine.. But i lost access to that 8 months ago, i tried JRT from safe mode.. No good. Things seem to be running slightly smoother, i am concerned that it starts up with a different desktop sometimes..and The amount of users.. I didnt install?

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:00 PM

Posted 16 January 2014 - 10:10 PM

There are errors to fix, probably file corruption..

I only see User ,,Ethan

Torrent downloads are usually spiked with crap.


Lets see what we can do.

Some outdated tools that malware can use need to be removed and replaced
In Control Panel remove
Adobe Reader X (10.1.4) MUI (Version: 10.1.4)
Java 7 Update 45 (Version: 7.0.450)

 
Install
Adobe Reader XI
NOTE: UN check the box.. Yes, install Google Chrome

You may not need java, but to install the latest ..use Version 7 Update 51

>>>>>>>>>>
Empty your temp folders using TFC (Temporary File Cleaner)
  • Please download TFC by Old Timer and save it to your desktop.
    alternate download link
  • Save any unsaved work. (TFC will close ALL open programs including your browser!)
  • Double-click on TFC.exe to run it. (If you are using Vista, right-click on the file and choose "Run As Administrator".)
  • Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
  • Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway allowing Windows to load normally (not into Safe Mode) to ensure a complete clean.
>>>>>>>>>>

Download Windows Repair (All in One) from this site

Install the program then run it.

NOTE 1. In Windows Vista, 7 and 8 right click on the program, click "Run As Administrator".
NOTE 2. Disable your antivirus program before running Windows Repair.


Go to Step 2 and click on Check button next to 1. See If Check Disk Is Needed.
If the tool that the Check Disk is needed click on Do It button next to 2. Check Disk.
In that case make sure you restart computer.

p22004342.gif


Once the above is done go to Step 3 and allow it to run System File Check by clicking on Do It button:

p22004343.gif


Go to Step 4 and under "System Restore" click on Create button:

p22004346.gif


Go to Start Repairs tab and click Start button.

Leave all checkmarks as they're.
NOTE for Windows 8 users. Reset Registry Permissions is NOT checked by design.

Click on Start button.

p22004347.gif

Post Windows Repair log which is located in the following folder:
64-bit systems - C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\Logs
32-bit systems - C:\Program Files\Tweaking.com\Windows Repair (All in One)\Logs

Edited by boopme, 16 January 2014 - 10:11 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 Smoke&mirrors

Smoke&mirrors
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  

Posted 18 January 2014 - 07:10 PM

Hi Boopme, following is ..I hope... the right report / log.. cheers for your help so far mate... your a bloody ripper hey

 

Starting Repairs...
   Start (19/01/2014 8:48:48 AM)
 
01 - Reset Registry Permissions 01/03
   HKEY_CURRENT_USER & Sub Keys
   Start (19/01/2014 8:48:49 AM)
   Running Repair Under Current User Account
   Done (19/01/2014 8:49:34 AM)
 
01 - Reset Registry Permissions 02/03
   HKEY_LOCAL_MACHINE & Sub Keys
   Start (19/01/2014 8:49:34 AM)
   Running Repair Under System Account
   Done (19/01/2014 9:02:42 AM)
 
01 - Reset Registry Permissions 03/03
   HKEY_CLASSES_ROOT & Sub Keys
   Start (19/01/2014 9:02:42 AM)
   Running Repair Under System Account
   Done (19/01/2014 9:07:01 AM)
 
03 - Register System Files
   Start (19/01/2014 9:07:01 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (19/01/2014 9:08:35 AM)
 
04 - Repair WMI
   Start (19/01/2014 9:08:35 AM)
   Running Repair Under Current User Account
   Done (19/01/2014 9:14:39 AM)
 
05 - Repair Windows Firewall
   Start (19/01/2014 9:14:39 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (19/01/2014 9:15:03 AM)
 
06 - Repair Internet Explorer
   Start (19/01/2014 9:15:03 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (19/01/2014 9:16:01 AM)
 
07 - Repair MDAC/MS Jet
   Start (19/01/2014 9:16:01 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (19/01/2014 9:16:31 AM)
 
08 - Repair Hosts File
   Start (19/01/2014 9:16:31 AM)
   Running Repair Under System Account
   Done (19/01/2014 9:16:33 AM)
 
09 - Remove Policies Set By Infections
   Start (19/01/2014 9:16:33 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (19/01/2014 9:16:38 AM)
 
11 - Repair Icons
   Start (19/01/2014 9:16:38 AM)
   Running Repair Under System Account
   Done (19/01/2014 9:16:41 AM)
 
12 - Repair Winsock & DNS Cache
   Start (19/01/2014 9:16:41 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (19/01/2014 9:16:46 AM)
 
14 - Repair Proxy Settings
   Start (19/01/2014 9:16:46 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (19/01/2014 9:16:51 AM)
 
16 - Repair Windows Updates
   Start (19/01/2014 9:16:51 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (19/01/2014 9:17:57 AM)
 
17 - Repair CD/DVD Missing/Not Working
   Start (19/01/2014 9:17:57 AM)
   Done (19/01/2014 9:17:57 AM)
 
18 - Repair Volume Shadow Copy Service
   Start (19/01/2014 9:17:57 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (19/01/2014 9:18:23 AM)
 
20 - Repair MSI (Windows Installer)
   Start (19/01/2014 9:18:23 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (19/01/2014 9:18:40 AM)
 
22.01 - Repair bat Association
   Start (19/01/2014 9:18:40 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (19/01/2014 9:18:47 AM)
 
22.02 - Repair cmd Association
   Start (19/01/2014 9:18:47 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (19/01/2014 9:18:52 AM)
 
22.03 - Repair com Association
   Start (19/01/2014 9:18:52 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (19/01/2014 9:18:57 AM)
 
22.04 - Repair Directory Association
   Start (19/01/2014 9:18:57 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (19/01/2014 9:19:02 AM)
 
22.05 - Repair Drive Association
   Start (19/01/2014 9:19:02 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (19/01/2014 9:19:07 AM)
 
22.06 - Repair exe Association
   Start (19/01/2014 9:19:07 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (19/01/2014 9:19:12 AM)
 
22.07 - Repair Folder Association
   Start (19/01/2014 9:19:12 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (19/01/2014 9:19:17 AM)
 
22.08 - Repair inf Association
   Start (19/01/2014 9:19:17 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (19/01/2014 9:19:22 AM)
 
22.09 - Repair lnk (Shortcuts) Association
   Start (19/01/2014 9:19:22 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (19/01/2014 9:19:27 AM)
 
22.10 - Repair msc Association
   Start (19/01/2014 9:19:27 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (19/01/2014 9:19:32 AM)
 
22.11 - Repair reg Association
   Start (19/01/2014 9:19:32 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (19/01/2014 9:19:37 AM)
 
22.12 - Repair scr Association
   Start (19/01/2014 9:19:37 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (19/01/2014 9:19:42 AM)
 
23 - Repair Windows Safe Mode
   Start (19/01/2014 9:19:42 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (19/01/2014 9:19:47 AM)
 
24 - Repair Print Spooler
   Start (19/01/2014 9:19:47 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (19/01/2014 9:20:05 AM)
 
25 - Restore Important Windows Services
   Start (19/01/2014 9:20:05 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (19/01/2014 9:20:25 AM)
 
26 - Set Windows Services To Default Startup
   Start (19/01/2014 9:20:25 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (19/01/2014 9:20:36 AM)
 
   Skipping Repair.
   Repair is for Windows v6.2 (Windows 8 & Newer) or higher.
   Current version: 6.1
 
Cleaning up empty logs...
 
All Selected Repairs Done.
   Done (19/01/2014 9:20:37 AM)
   Total Repair Time: 00:31:49
 
 
...YOU MUST RESTART YOUR SYSTEM...
   Running Repair Under Current User Account


#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:00 PM

Posted 18 January 2014 - 08:41 PM

Looks better...


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 Smoke&mirrors

Smoke&mirrors
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  

Posted 19 January 2014 - 10:51 PM

Hey Boopme, I just want to take a minute real quick.. and just let you know.... how much I appreciate your time.. your Brain.. your generosity and Good will, I would have had ..no idea whatsoever about trying to solve my PC issues.. If there was more people in the world like you.. and your fellow bleepers... well... the world would be a much.. Much better place..

 

I owe you a beer sometime... So.. if you are ever going to Darwin NT Australia... or Bali Indonesia.. The beers are on me..

 

Thank you so much.

 

Ethan 



#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:00 PM

Posted 21 January 2014 - 01:25 PM

Great Ethan... Now I may get to Bali one day.. So keep one cold.. :thumbup2:


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users