Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Possible System32/svchost.exe virus


  • This topic is locked This topic is locked
6 replies to this topic

#1 zoo55

zoo55

  • Members
  • 67 posts
  • OFFLINE
  •  
  • Local time:04:27 AM

Posted 27 January 2014 - 02:57 AM

(Hi, sorry if this is a duplicate post.  I was typing and hit some key (enter?) and last screen wiped clear.  So I try again.)

 

Have reviewed several forums and believe I have captioned virus.  Appreciate any help you smart folks can provide.

 

Symptoms:  slow; svchost.exe shows >106,000 kbytes in Task Manager; reports of spam email from contacts.

OS:  W7/64

AV:  avast (free);  Malwarebytes (free - scanned today; some bugs removed but symptoms above persist).

PC:  Toshiba Portege R830

 

Please let me know if you need additional info.

 

Thanks



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:27 PM

Posted 27 January 2014 - 01:55 PM

Hello zoo55
Let's see how it is after these.

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
.
.
.
ADW Cleaner

Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished...
    <-insert any special instructions here for what to uncheck OR remove this line if there are none->
  • This time click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • .
    .
    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.
    .
    .
    .
    .
    • Last run ESET.
      • Hold down Control and click on this link to open ESET OnlineScan in a new window.
      • Click the esetonlinebtn.png button.
      • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
      • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
      • Double click on the esetsmartinstaller_enu.png icon on your desktop.
      • Check "YES, I accept the Terms of Use."
      • Click the Start button.
      • Accept any security warnings from your browser.
      • Under scan settings, check "Scan Archives" and "Remove found threats"
      • Click Advanced settings and select the following:
      • Scan potentially unwanted applications
      • Scan for potentially unsafe applications
      • Enable Anti-Stealth technology
      • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
      • When the scan completes, click List Threats
      • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
      • Click the Back button.
      • Click the Finish button.
      • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 zoo55

zoo55
  • Topic Starter

  • Members
  • 67 posts
  • OFFLINE
  •  
  • Local time:04:27 AM

Posted 28 January 2014 - 02:02 AM

Thanks for your quick response.  Logs below.  
 
Note, I absolutely saved the exported ESET scan as a .txt file, but for reasons known only to ... somebody, the file is not to be found on my PC.  However, I did locate a "log.txt" file in the ESET folder (Chrome browser) that seemed to have the same information.  If you need me to re-run ESET I will.
 
Note 2, my PC also has the "plugged in, not charging" curse.  Can you help with that, or should I open another topic?  If so, would that go under this forum, "Am I infected"?
 
 
 
 
MiniToolBox by Farbar  Version: 23-01-2014
Ran by Vances (administrator) on 28-01-2014 at 12:12:52
Running from "C:\Users\Vances\Desktop"
Microsoft Windows 7 Ultimate  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
ProxyServer: http=68.63.19.90:36452;https=68.63.19.90:36452;ftp=68.63.19.90:36452;socks=68.63.19.90:36452
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
 
 
 
========================= IP Configuration: ================================
 
Atheros AR9002WB-1NG Wireless Network Adapter = Wireless Network Connection (Connected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
Intel® 82579V Gigabit Network Connection = Local Area Connection (Media disconnected)
TAP-Windows Adapter V9 = Local Area Connection 4 (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
set interface interface="Wireless Network Connection" forwarding=enabled advertise=enabled metric=100 nud=enabled
set interface interface="Local Area Connection" forwarding=enabled advertise=enabled metric=100 nud=enabled
set interface interface="Wireless Network Connection 2" forwarding=enabled advertise=enabled metric=100 nud=enabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Vances-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Ethernet adapter Local Area Connection 4:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : TAP-Windows Adapter V9
   Physical Address. . . . . . . . . : 00-FF-7E-9B-BC-64
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wireless Network Connection 2:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : 0A-A3-C4-FC-CE-3B
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Intel® 82579V Gigabit Network Connection
   Physical Address. . . . . . . . . : E8-9D-87-E1-46-26
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wireless Network Connection:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Atheros AR9002WB-1NG Wireless Network Adapter
   Physical Address. . . . . . . . . : 68-A3-C4-FC-CE-3B
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2400:d803:76c8:646:44a0:f788:f494:3a20(Preferred) 
   Temporary IPv6 Address. . . . . . : 2400:d803:76c8:646:ac21:206d:c6b2:d7fa(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::44a0:f788:f494:3a20%10(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.25(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Tuesday, January 28, 2014 11:29:03 AM
   Lease Expires . . . . . . . . . . : Tuesday, January 28, 2014 3:40:41 PM
   Default Gateway . . . . . . . . . : fe80::226:75ff:fe99:e935%10
                                       192.168.1.254
   DHCP Server . . . . . . . . . . . : 192.168.1.254
   DHCPv6 IAID . . . . . . . . . . . : 241738692
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-8D-08-BE-68-A3-C4-FC-CE-3B
   DNS Servers . . . . . . . . . . . : 192.168.1.254
                                       192.168.1.254
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter isatap.{ACA77195-6C5C-44C8-BBAA-0DCB6A64468C}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{CB36AB82-97D0-4097-8EF0-073F313AF113}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Reusable ISATAP Interface {95F52D4B-9344-47AB-AC9E-C71B01B60039}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{7E9BBC64-1141-4CF7-A0EC-A29EA919C22D}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 22:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:889:adf:3f57:fee6(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::889:adf:3f57:fee6%33(Preferred) 
   Default Gateway . . . . . . . . . : 
   NetBIOS over Tcpip. . . . . . . . : Disabled
 
Tunnel adapter isatap.{292432F3-00E7-4E55-94E1-F10731ED7119}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #6
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Reusable ISATAP Interface {B8237EBE-EFE1-4DD0-A8B7-B2828090D7C3}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #7
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  UnKnown
Address:  192.168.1.254
 
DNS request timed out.
    timeout was 2 seconds.
Name:    google.com
Addresses:  173.194.117.39
 173.194.117.33
 173.194.117.32
 173.194.117.36
 173.194.117.34
 173.194.117.40
 173.194.117.46
 173.194.117.35
 173.194.117.37
 173.194.117.38
 173.194.117.41
 
 
Pinging google.com [2404:6800:4003:c00::65] with 32 bytes of data:
Reply from 2404:6800:4003:c00::65: time=125ms 
Reply from 2404:6800:4003:c00::65: time=5ms 
 
Ping statistics for 2404:6800:4003:c00::65:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 5ms, Maximum = 125ms, Average = 65ms
Server:  UnKnown
Address:  192.168.1.254
 
DNS request timed out.
    timeout was 2 seconds.
Name:    yahoo.com
Addresses:  98.138.253.109
 206.190.36.45
 98.139.183.24
 
 
Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=223ms TTL=44
Reply from 206.190.36.45: bytes=32 time=238ms TTL=44
 
Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 223ms, Maximum = 238ms, Average = 230ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 19...00 ff 7e 9b bc 64 ......TAP-Windows Adapter V9
 14...0a a3 c4 fc ce 3b ......Microsoft Virtual WiFi Miniport Adapter
 12...e8 9d 87 e1 46 26 ......Intel® 82579V Gigabit Network Connection
 10...68 a3 c4 fc ce 3b ......Atheros AR9002WB-1NG Wireless Network Adapter
  1...........................Software Loopback Interface 1
 22...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
 35...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 32...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
 33...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 36...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #6
 34...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #7
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    192.168.1.254     192.168.1.25    200
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link      192.168.1.25    356
     192.168.1.25  255.255.255.255         On-link      192.168.1.25    356
    192.168.1.255  255.255.255.255         On-link      192.168.1.25    356
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.1.25    356
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.1.25    356
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 10   4121 ::/0                     fe80::226:75ff:fe99:e935
  1    306 ::1/128                  On-link
 33     58 2001::/32                On-link
 33    306 2001:0:9d38:6ab8:889:adf:3f57:fee6/128
                                    On-link
 10     33 2400:d803:76c8:646::/64  On-link
 10     41 2400:d803:76c8:646::/64  fe80::226:75ff:fe99:e935
 10    281 2400:d803:76c8:646:44a0:f788:f494:3a20/128
                                    On-link
 10    281 2400:d803:76c8:646:ac21:206d:c6b2:d7fa/128
                                    On-link
 10    281 fe80::/64                On-link
 33    306 fe80::/64                On-link
 33    306 fe80::889:adf:3f57:fee6/128
                                    On-link
 10    281 fe80::44a0:f788:f494:3a20/128
                                    On-link
  1    306 ff00::/8                 On-link
 33    306 ff00::/8                 On-link
 10    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (01/26/2014 09:39:21 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (01/24/2014 01:53:20 PM) (Source: Application Hang) (User: )
Description: The program OUTLOOK.EXE version 12.0.6680.5000 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 1670
 
Start Time: 01cf18a97a23b5e0
 
Termination Time: 171
 
Application Path: C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
 
Report Id: c460cb95-84bb-11e3-bec3-e89d87e14626
 
Error: (01/23/2014 06:20:24 PM) (Source: Application Error) (User: )
Description: Faulting application name: EXCEL.EXE, version: 12.0.6679.5000, time stamp: 0x518af3b3
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc000041d
Fault offset: 0x74bb4f0d
Faulting process id: 0x948
Faulting application start time: 0xEXCEL.EXE0
Faulting application path: EXCEL.EXE1
Faulting module path: EXCEL.EXE2
Report Id: EXCEL.EXE3
 
Error: (01/21/2014 00:32:12 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (01/20/2014 01:24:39 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (01/17/2014 00:53:13 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (01/16/2014 01:56:33 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (01/16/2014 10:49:28 AM) (Source: ESENT) (User: )
Description: taskhost (1736) An attempt to open the file "C:\Users\Vances\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" for read only access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ".  The open file operation will fail with error -1032 (0xfffffbf8).
 
Error: (01/15/2014 05:15:34 PM) (Source: Application Hang) (User: )
Description: The program OUTLOOK.EXE version 12.0.6680.5000 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: ab4
 
Start Time: 01cf11d06fd6b017
 
Termination Time: 16
 
Application Path: C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
 
Report Id: 8a564b76-7dc5-11e3-8841-e89d87e14626
 
Error: (01/15/2014 05:01:11 PM) (Source: Application Error) (User: )
Description: Faulting application name: OUTLOOK.EXE, version: 12.0.6680.5000, time stamp: 0x51c3d112
Faulting module name: olmapi32.dll, version: 12.0.6672.5000, time stamp: 0x50e61339
Exception code: 0xc0000005
Fault offset: 0x00023643
Faulting process id: 0xd64
Faulting application start time: 0xOUTLOOK.EXE0
Faulting application path: OUTLOOK.EXE1
Faulting module path: OUTLOOK.EXE2
Report Id: OUTLOOK.EXE3
 
 
System errors:
=============
Error: (01/27/2014 04:43:00 PM) (Source: Service Control Manager) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Program Compatibility Assistant Service service, but this action failed with the following error: 
%%1056
 
Error: (01/27/2014 04:42:14 PM) (Source: Service Control Manager) (User: )
Description: The Windows Update service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
 
Error: (01/27/2014 04:42:14 PM) (Source: Service Control Manager) (User: )
Description: The Windows Management Instrumentation service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
 
Error: (01/27/2014 04:42:14 PM) (Source: Service Control Manager) (User: )
Description: The Themes service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
 
Error: (01/27/2014 04:42:14 PM) (Source: Service Control Manager) (User: )
Description: The Shell Hardware Detection service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
 
Error: (01/27/2014 04:42:14 PM) (Source: Service Control Manager) (User: )
Description: The System Event Notification Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
 
Error: (01/27/2014 04:42:14 PM) (Source: Service Control Manager) (User: )
Description: The Task Scheduler service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
 
Error: (01/27/2014 04:42:14 PM) (Source: Service Control Manager) (User: )
Description: The User Profile Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
 
Error: (01/27/2014 04:42:14 PM) (Source: Service Control Manager) (User: )
Description: The Multimedia Class Scheduler service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
 
Error: (01/27/2014 04:42:14 PM) (Source: Service Control Manager) (User: )
Description: The Server service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
 
 
Microsoft Office Sessions:
=========================
Error: (01/15/2014 05:01:10 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1213 seconds with 300 seconds of active time.  This session ended with a crash.
 
Error: (11/22/2013 05:10:59 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5001, Microsoft Office Version: 12.0.6612.1000. This session lasted 6520 seconds with 4860 seconds of active time.  This session ended with a crash.
 
Error: (11/22/2013 03:00:43 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 3 seconds with 0 seconds of active time.  This session ended with a crash.
 
 
CodeIntegrity Errors:
===================================
  Date: 2013-12-29 22:57:37.372
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\netaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-12-29 22:57:37.192
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\netaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-12-29 22:57:36.152
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\netaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-12-29 22:57:35.342
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\netaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
=========================== Installed Programs ============================
 
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Adobe Flash Player 11 ActiveX (Version: 11.9.900.170)
Adobe Flash Player 11 Plugin (Version: 11.9.900.170)
Adobe Reader XI (11.0.06) (Version: 11.0.06)
Apple Application Support (Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (Version: 2.1.3.127)
Atheros Bluetooth Filter Driver Package (Version: 1.00.0004)
Atheros Driver Installation Program (Version: 9.2)
Audacity 2.0.4 (Version: 2.0.4)
avast! Free Antivirus (Version: 9.0.2011)
Bluetooth Stack for Windows by Toshiba (Version: v8.00.12(T))
Bonjour (Version: 3.0.0.10)
CCleaner (Version: 4.06)
CopyTrans Suite Remove Only (Version: 2.37)
CutePDF Writer 3.0 (Version:  3.0)
DIRECTV Player (Version: 9.0)
Dropbox (Version: 2.4.11)
EPSON L210 Series Printer Uninstall
FormatFactory 3.1.1 (Version: 3.1.1)
Google Chrome (Version: 32.0.1700.76)
Google Update Helper (Version: 1.3.22.3)
HMA! Pro VPN 2.8.3.1 (Version: 2.8.3.1)
ImgBurn (Version: 2.5.8.0)
Intel® Processor Graphics (Version: 9.17.10.3223)
Intel® SDK for OpenCL - CPU Only Runtime Package (Version: 2.0.0.37149)
IrfanView (remove only) (Version: 4.36)
iTunes (Version: 11.1.3.8)
Java 7 Update 51 (Version: 7.0.510)
Java Auto Updater (Version: 2.1.9.8)
LAME v3.99.3 (for Windows)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
mHotspot version 6.4.0.0 (Version: 6.4.0.0)
Microsoft .NET Framework 4.5 (Version: 4.5.50709)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
PDF Split And Merge Basic (Version: 2.2.2)
PL-2303 USB-to-Serial (Version: 1.3.0)
RealDownloader (Version: 1.3.3)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0)
RealPlayer (Version: 16.0.3)
Realtek High Definition Audio Driver (Version: 6.0.1.6271)
RealUpgrade 1.1 (Version: 1.1.0)
Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.34.1)
Revo Uninstaller 1.95 (Version: 1.95)
Skype Click to Call (Version: 6.13.13771)
Skype™ 6.11 (Version: 6.11.102)
StreamTorrent 1.0
System Requirements Lab for Intel (Version: 4.5.15.0)
TeamViewer 9 (Version: 9.0.24951)
Tixati
TOSHIBA Value Added Package (Version: 1.5.10.64)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4.5 (KB2750147) (Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805221) (Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805226) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VLC media player 2.1.2 (Version: 2.1.2)
VoiceOver Kit (Version: 1.42.128.0)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 62%
Total physical RAM: 1951.43 MB
Available physical RAM: 725.41 MB
Total Pagefile: 3902.85 MB
Available Pagefile: 2273.53 MB
Total Virtual: 4095.88 MB
Available Virtual: 3968.57 MB
 
========================= Partitions: =====================================
 
1 Drive c: (S3A8523D003) (Fixed) (Total:265.25 GB) (Free:215.39 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\VANCES-PC
 
Administrator            Guest                    Vances                   
 
 
**** End of log ****
 
12:16:30.0814 0x0e78  TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
12:16:34.0870 0x0e78  ============================================================
12:16:34.0870 0x0e78  Current date / time: 2014/01/28 12:16:34.0870
12:16:34.0870 0x0e78  SystemInfo:
12:16:34.0870 0x0e78  
12:16:34.0870 0x0e78  OS Version: 6.1.7601 ServicePack: 1.0
12:16:34.0870 0x0e78  Product type: Workstation
12:16:34.0870 0x0e78  ComputerName: VANCES-PC
12:16:34.0870 0x0e78  UserName: Vances
12:16:34.0870 0x0e78  Windows directory: C:\Windows
12:16:34.0870 0x0e78  System windows directory: C:\Windows
12:16:34.0870 0x0e78  Running under WOW64
12:16:34.0870 0x0e78  Processor architecture: Intel x64
12:16:34.0870 0x0e78  Number of processors: 4
12:16:34.0870 0x0e78  Page size: 0x1000
12:16:34.0870 0x0e78  Boot type: Normal boot
12:16:34.0870 0x0e78  ============================================================
12:16:37.0539 0x0e78  KLMD registered as C:\Windows\system32\drivers\93765604.sys
12:16:37.0835 0x0e78  System UUID: {B7E87094-1907-BF32-89FC-FD7CE6233877}
12:16:38.0771 0x0e78  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:16:38.0771 0x0e78  ============================================================
12:16:38.0771 0x0e78  \Device\Harddisk0\DR0:
12:16:38.0787 0x0e78  MBR partitions:
12:16:38.0787 0x0e78  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x2127E800
12:16:38.0787 0x0e78  ============================================================
12:16:38.0818 0x0e78  C: <-> \Device\Harddisk0\DR0\Partition1
12:16:38.0849 0x0e78  ============================================================
12:16:38.0849 0x0e78  Initialize success
12:16:38.0849 0x0e78  ============================================================
12:16:47.0632 0x0620  ============================================================
12:16:47.0632 0x0620  Scan started
12:16:47.0632 0x0620  Mode: Manual; 
12:16:47.0632 0x0620  ============================================================
12:16:47.0632 0x0620  KSN ping started
12:17:10.0938 0x0620  KSN ping finished: true
12:17:11.0188 0x0620  ================ Scan system memory ========================
12:17:11.0188 0x0620  System memory - ok
12:17:11.0188 0x0620  ================ Scan services =============================
12:17:11.0391 0x0620  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
12:17:11.0406 0x0620  1394ohci - ok
12:17:11.0469 0x0620  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
12:17:11.0469 0x0620  ACPI - ok
12:17:11.0500 0x0620  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
12:17:11.0500 0x0620  AcpiPmi - ok
12:17:11.0609 0x0620  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:17:11.0609 0x0620  AdobeARMservice - ok
12:17:11.0703 0x0620  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
12:17:11.0718 0x0620  adp94xx - ok
12:17:11.0765 0x0620  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
12:17:11.0781 0x0620  adpahci - ok
12:17:11.0796 0x0620  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
12:17:11.0812 0x0620  adpu320 - ok
12:17:11.0843 0x0620  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
12:17:11.0843 0x0620  AeLookupSvc - ok
12:17:11.0890 0x0620  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\Windows\system32\drivers\afd.sys
12:17:11.0906 0x0620  AFD - ok
12:17:11.0952 0x0620  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
12:17:11.0968 0x0620  agp440 - ok
12:17:11.0999 0x0620  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
12:17:12.0015 0x0620  ALG - ok
12:17:12.0062 0x0620  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
12:17:12.0062 0x0620  aliide - ok
12:17:12.0093 0x0620  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
12:17:12.0108 0x0620  amdide - ok
12:17:12.0155 0x0620  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
12:17:12.0155 0x0620  AmdK8 - ok
12:17:12.0186 0x0620  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
12:17:12.0186 0x0620  AmdPPM - ok
12:17:12.0233 0x0620  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
12:17:12.0249 0x0620  amdsata - ok
12:17:12.0280 0x0620  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
12:17:12.0280 0x0620  amdsbs - ok
12:17:12.0296 0x0620  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
12:17:12.0296 0x0620  amdxata - ok
12:17:12.0358 0x0620  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
12:17:12.0358 0x0620  AppID - ok
12:17:12.0389 0x0620  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
12:17:12.0389 0x0620  AppIDSvc - ok
12:17:12.0436 0x0620  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
12:17:12.0436 0x0620  Appinfo - ok
12:17:12.0498 0x0620  [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:17:12.0514 0x0620  Apple Mobile Device - ok
12:17:12.0545 0x0620  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
12:17:12.0561 0x0620  AppMgmt - ok
12:17:12.0592 0x0620  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
12:17:12.0608 0x0620  arc - ok
12:17:12.0623 0x0620  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
12:17:12.0623 0x0620  arcsas - ok
12:17:12.0764 0x0620  [ 108FB6DDB69E537A2EA53F425363FAE5, B12A9F5338D39805E08A44A335FF7AA77F2266F535A2F5C8412CC746C75E5B1D ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:17:12.0795 0x0620  aspnet_state - ok
12:17:12.0857 0x0620  [ 9C2BEA3957EFFD45F352F0938DFB3721, 7006CC604C480CF512A29AD03BA17FFA564FDDF34CE768ACBD805611503D5012 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
12:17:12.0873 0x0620  aswMonFlt - ok
12:17:12.0904 0x0620  [ 679712B7A353EE665B9301592164A172, CA3C918106A355BAFD0833BB493DF2CCBC2D0F90CA7EBF5E27CC088C7170B0E0 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
12:17:12.0920 0x0620  aswRdr - ok
12:17:12.0935 0x0620  [ C04F7B373881009D7994D9BF55D24AB4, 5DEEA804F4F9862024F40A204E88DBCFFBDD2DC87CA86145E3FB649CFCCDC624 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
12:17:12.0951 0x0620  aswRvrt - ok
12:17:13.0013 0x0620  [ 52B5F8FAF7E78C02D26B0B6E3A05F596, 7C45BA507529F822D4397BD5F001EC861C85E9CBB1F75927E48843B15D5C0B8E ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
12:17:13.0029 0x0620  aswSnx - ok
12:17:13.0091 0x0620  [ 251360C2FCA22BAFE0583314B3262F98, 1EB1B4620E3AFA8ACDDE5F1A6EC4AAEDD40AE2FC5C013AF1B13B03C4B60F6CEB ] aswSP           C:\Windows\system32\drivers\aswSP.sys
12:17:13.0107 0x0620  aswSP - ok
12:17:13.0154 0x0620  [ AAB5F5336EDBB5D99CC7E1A9F4D8F63F, 01B40475DCA40E7B426DB0578A33DB62D62640F3A7F9F95A6BBF0AD3CF0F2941 ] aswStm          C:\Windows\system32\drivers\aswStm.sys
12:17:13.0154 0x0620  aswStm - ok
12:17:13.0185 0x0620  [ 90399625F341AB76BA4B85A5E860EB1F, 92DD461B14240222F451F971642844A4DAD9DF4FFEAA8F12D16EA117822BEEF3 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
12:17:13.0200 0x0620  aswVmm - ok
12:17:13.0216 0x0620  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
12:17:13.0232 0x0620  AsyncMac - ok
12:17:13.0263 0x0620  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
12:17:13.0263 0x0620  atapi - ok
12:17:13.0419 0x0620  [ B2931C83CFB12A3223A47B180473AE1A, D9089E0D4AB82F4F5FCD6A82F446504E7968EA6A09B55190F68EB8A09F6CFE78 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
12:17:13.0497 0x0620  athr - ok
12:17:13.0575 0x0620  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:17:13.0590 0x0620  AudioEndpointBuilder - ok
12:17:13.0622 0x0620  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
12:17:13.0637 0x0620  AudioSrv - ok
12:17:13.0746 0x0620  [ D74884939D53612FD84AC82C59CCFE27, 07BFB34A3748E018C0A674A6253A03FFA522B31AE1942E84B3CC4DDDED9C16A9 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
12:17:13.0746 0x0620  avast! Antivirus - ok
12:17:13.0809 0x0620  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
12:17:13.0809 0x0620  AxInstSV - ok
12:17:13.0887 0x0620  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
12:17:13.0902 0x0620  b06bdrv - ok
12:17:13.0965 0x0620  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
12:17:13.0965 0x0620  b57nd60a - ok
12:17:14.0027 0x0620  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
12:17:14.0043 0x0620  BDESVC - ok
12:17:14.0058 0x0620  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
12:17:14.0058 0x0620  Beep - ok
12:17:14.0152 0x0620  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
12:17:14.0168 0x0620  BFE - ok
12:17:14.0214 0x0620  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
12:17:14.0277 0x0620  BITS - ok
12:17:14.0324 0x0620  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
12:17:14.0324 0x0620  blbdrive - ok
12:17:14.0386 0x0620  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:17:14.0417 0x0620  Bonjour Service - ok
12:17:14.0448 0x0620  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
12:17:14.0464 0x0620  bowser - ok
12:17:14.0495 0x0620  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:17:14.0495 0x0620  BrFiltLo - ok
12:17:14.0511 0x0620  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:17:14.0511 0x0620  BrFiltUp - ok
12:17:14.0573 0x0620  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
12:17:14.0589 0x0620  Browser - ok
12:17:14.0620 0x0620  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
12:17:14.0620 0x0620  Brserid - ok
12:17:14.0636 0x0620  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
12:17:14.0636 0x0620  BrSerWdm - ok
12:17:14.0651 0x0620  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
12:17:14.0651 0x0620  BrUsbMdm - ok
12:17:14.0667 0x0620  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
12:17:14.0667 0x0620  BrUsbSer - ok
12:17:14.0745 0x0620  [ 2347ABBD13BADA65826FDAB4CAAFE357, EA11668ECC7F92287C5B570DBF5629A80269E79AC256F5AF0984D8B270010BAE ] BtFilter        C:\Windows\system32\DRIVERS\btfilter.sys
12:17:14.0745 0x0620  BtFilter - ok
12:17:14.0776 0x0620  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
12:17:14.0776 0x0620  BTHMODEM - ok
12:17:14.0854 0x0620  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
12:17:14.0870 0x0620  BTHPORT - ok
12:17:14.0916 0x0620  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
12:17:14.0916 0x0620  bthserv - ok
12:17:14.0948 0x0620  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
12:17:14.0948 0x0620  BTHUSB - ok
12:17:14.0979 0x0620  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
12:17:14.0979 0x0620  cdfs - ok
12:17:15.0026 0x0620  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
12:17:15.0041 0x0620  cdrom - ok
12:17:15.0088 0x0620  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
12:17:15.0104 0x0620  CertPropSvc - ok
12:17:15.0150 0x0620  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
12:17:15.0166 0x0620  circlass - ok
12:17:15.0213 0x0620  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
12:17:15.0228 0x0620  CLFS - ok
12:17:15.0306 0x0620  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:17:15.0322 0x0620  clr_optimization_v2.0.50727_32 - ok
12:17:15.0369 0x0620  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:17:15.0384 0x0620  clr_optimization_v2.0.50727_64 - ok
12:17:15.0478 0x0620  [ 6D7C8A951AF6AD6835C029B3CB88D333, 66F3D79887B2449B4C6912D1A258D1A96056888F51A8AA24FEDF37942AD5BDBB ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:17:15.0634 0x0620  clr_optimization_v4.0.30319_32 - ok
12:17:15.0650 0x0620  [ 86329C35FF23CFEF0FB6C0023BA06BCE, D915CE7AD564F97A1C3B047D5248B7EF67ADDC59687FBC90F1776C21DAA0D3FD ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:17:15.0743 0x0620  clr_optimization_v4.0.30319_64 - ok
12:17:15.0790 0x0620  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
12:17:15.0790 0x0620  CmBatt - ok
12:17:15.0821 0x0620  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
12:17:15.0821 0x0620  cmdide - ok
12:17:15.0884 0x0620  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
12:17:15.0899 0x0620  CNG - ok
12:17:15.0930 0x0620  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
12:17:15.0946 0x0620  Compbatt - ok
12:17:16.0008 0x0620  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
12:17:16.0008 0x0620  CompositeBus - ok
12:17:16.0024 0x0620  COMSysApp - ok
12:17:16.0133 0x0620  [ 61D0FDF2D2269F13D44C23EF951AD36C, 40ED0D8787335AB929D7DB2624D0B3AC1D8DE3494E95987A4DE2ECFD13870D19 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
12:17:16.0164 0x0620  cphs - ok
12:17:16.0196 0x0620  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
12:17:16.0196 0x0620  crcdisk - ok
12:17:16.0258 0x0620  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
12:17:16.0274 0x0620  CryptSvc - ok
12:17:16.0336 0x0620  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
12:17:16.0367 0x0620  CSC - ok
12:17:16.0445 0x0620  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
12:17:16.0461 0x0620  CscService - ok
12:17:16.0554 0x0620  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
12:17:16.0570 0x0620  DcomLaunch - ok
12:17:16.0632 0x0620  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
12:17:16.0632 0x0620  defragsvc - ok
12:17:16.0679 0x0620  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
12:17:16.0679 0x0620  DfsC - ok
12:17:16.0742 0x0620  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
12:17:16.0757 0x0620  Dhcp - ok
12:17:16.0788 0x0620  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
12:17:16.0788 0x0620  discache - ok
12:17:16.0820 0x0620  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
12:17:16.0820 0x0620  Disk - ok
12:17:16.0866 0x0620  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
12:17:16.0866 0x0620  Dnscache - ok
12:17:16.0913 0x0620  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
12:17:16.0944 0x0620  dot3svc - ok
12:17:16.0991 0x0620  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
12:17:16.0991 0x0620  DPS - ok
12:17:17.0022 0x0620  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
12:17:17.0022 0x0620  drmkaud - ok
12:17:17.0100 0x0620  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
12:17:17.0132 0x0620  DXGKrnl - ok
12:17:17.0194 0x0620  [ 3C1C5ABA3CF134C5378E7F1A0704C17C, F8D13025E360BD376A107C1386F6DD5F0C6012622D0A75111C2DF930748243A2 ] e1cexpress      C:\Windows\system32\DRIVERS\e1c62x64.sys
12:17:17.0210 0x0620  e1cexpress - ok
12:17:17.0272 0x0620  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
12:17:17.0288 0x0620  EapHost - ok
12:17:17.0444 0x0620  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
12:17:17.0537 0x0620  ebdrv - ok
12:17:17.0584 0x0620  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS             C:\Windows\System32\lsass.exe
12:17:17.0584 0x0620  EFS - ok
12:17:17.0662 0x0620  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
12:17:17.0678 0x0620  ehRecvr - ok
12:17:17.0709 0x0620  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
12:17:17.0709 0x0620  ehSched - ok
12:17:17.0787 0x0620  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
12:17:17.0802 0x0620  elxstor - ok
12:17:17.0834 0x0620  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
12:17:17.0834 0x0620  ErrDev - ok
12:17:17.0912 0x0620  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
12:17:17.0927 0x0620  EventSystem - ok
12:17:17.0958 0x0620  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
12:17:17.0974 0x0620  exfat - ok
12:17:17.0990 0x0620  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
12:17:17.0990 0x0620  fastfat - ok
12:17:18.0083 0x0620  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
12:17:18.0114 0x0620  Fax - ok
12:17:18.0146 0x0620  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
12:17:18.0146 0x0620  fdc - ok
12:17:18.0177 0x0620  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
12:17:18.0192 0x0620  fdPHost - ok
12:17:18.0208 0x0620  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
12:17:18.0208 0x0620  FDResPub - ok
12:17:18.0239 0x0620  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
12:17:18.0239 0x0620  FileInfo - ok
12:17:18.0255 0x0620  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
12:17:18.0270 0x0620  Filetrace - ok
12:17:18.0286 0x0620  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
12:17:18.0286 0x0620  flpydisk - ok
12:17:18.0333 0x0620  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
12:17:18.0348 0x0620  FltMgr - ok
12:17:18.0442 0x0620  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
12:17:18.0489 0x0620  FontCache - ok
12:17:18.0551 0x0620  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:17:18.0568 0x0620  FontCache3.0.0.0 - ok
12:17:18.0599 0x0620  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
12:17:18.0615 0x0620  FsDepends - ok
12:17:18.0661 0x0620  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
12:17:18.0661 0x0620  Fs_Rec - ok
12:17:18.0724 0x0620  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
12:17:18.0739 0x0620  fvevol - ok
12:17:18.0771 0x0620  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
12:17:18.0786 0x0620  gagp30kx - ok
12:17:18.0833 0x0620  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:17:18.0833 0x0620  GEARAspiWDM - ok
12:17:18.0911 0x0620  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
12:17:18.0942 0x0620  gpsvc - ok
12:17:19.0051 0x0620  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:17:19.0051 0x0620  gupdate - ok
12:17:19.0067 0x0620  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:17:19.0083 0x0620  gupdatem - ok
12:17:19.0098 0x0620  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
12:17:19.0098 0x0620  hcw85cir - ok
12:17:19.0145 0x0620  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:17:19.0161 0x0620  HdAudAddService - ok
12:17:19.0192 0x0620  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
12:17:19.0192 0x0620  HDAudBus - ok
12:17:19.0223 0x0620  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
12:17:19.0223 0x0620  HidBatt - ok
12:17:19.0254 0x0620  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
12:17:19.0254 0x0620  HidBth - ok
12:17:19.0270 0x0620  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
12:17:19.0270 0x0620  HidIr - ok
12:17:19.0301 0x0620  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
12:17:19.0317 0x0620  hidserv - ok
12:17:19.0332 0x0620  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
12:17:19.0348 0x0620  HidUsb - ok
12:17:19.0379 0x0620  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
12:17:19.0379 0x0620  hkmsvc - ok
12:17:19.0410 0x0620  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:17:19.0426 0x0620  HomeGroupListener - ok
12:17:19.0457 0x0620  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:17:19.0473 0x0620  HomeGroupProvider - ok
12:17:19.0519 0x0620  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
12:17:19.0519 0x0620  HpSAMD - ok
12:17:19.0597 0x0620  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
12:17:19.0629 0x0620  HTTP - ok
12:17:19.0675 0x0620  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
12:17:19.0675 0x0620  hwpolicy - ok
12:17:19.0722 0x0620  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
12:17:19.0738 0x0620  i8042prt - ok
12:17:19.0785 0x0620  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
12:17:19.0800 0x0620  iaStorV - ok
12:17:19.0863 0x0620  [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS            C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
12:17:19.0878 0x0620  ICCS - ok
12:17:19.0956 0x0620  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:17:19.0987 0x0620  idsvc - ok
12:17:20.0221 0x0620  [ 690E1FCE66B5F0DB3A00B30E9CC2D617, 157C78A1DD902C2204C6733F5CE502A9240876E8CB3FB2FF44EF2716B65BC4F4 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
12:17:20.0362 0x0620  igfx - ok
12:17:20.0440 0x0620  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
12:17:20.0440 0x0620  iirsp - ok
12:17:20.0518 0x0620  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
12:17:20.0549 0x0620  IKEEXT - ok
12:17:20.0721 0x0620  [ 75687FA02233621851567BCEC6291238, 0463B8A76B77AE465F0DD72EB711C6F238FB8507E35648195E32ED5DFF8E5134 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
12:17:20.0783 0x0620  IntcAzAudAddService - ok
12:17:20.0861 0x0620  [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
12:17:20.0877 0x0620  IntcDAud - ok
12:17:20.0908 0x0620  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
12:17:20.0908 0x0620  intelide - ok
12:17:20.0955 0x0620  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
12:17:20.0970 0x0620  intelppm - ok
12:17:21.0001 0x0620  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
12:17:21.0017 0x0620  IPBusEnum - ok
12:17:21.0048 0x0620  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:17:21.0064 0x0620  IpFilterDriver - ok
12:17:21.0111 0x0620  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
12:17:21.0142 0x0620  iphlpsvc - ok
12:17:21.0173 0x0620  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
12:17:21.0173 0x0620  IPMIDRV - ok
12:17:21.0220 0x0620  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
12:17:21.0220 0x0620  IPNAT - ok
12:17:21.0345 0x0620  [ 33B286326BD2B1A7748C43391058FB19, C6240C9ED5B7C227595E953E3D1AB5F2D45CCD86FDBDF985836A970B4B6467FE ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
12:17:21.0360 0x0620  iPod Service - ok
12:17:21.0391 0x0620  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
12:17:21.0391 0x0620  IRENUM - ok
12:17:21.0438 0x0620  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
12:17:21.0438 0x0620  isapnp - ok
12:17:21.0469 0x0620  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
12:17:21.0501 0x0620  iScsiPrt - ok
12:17:21.0532 0x0620  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
12:17:21.0532 0x0620  kbdclass - ok
12:17:21.0594 0x0620  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
12:17:21.0594 0x0620  kbdhid - ok
12:17:21.0625 0x0620  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso          C:\Windows\system32\lsass.exe
12:17:21.0625 0x0620  KeyIso - ok
12:17:21.0657 0x0620  [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
12:17:21.0672 0x0620  KSecDD - ok
12:17:21.0688 0x0620  [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
12:17:21.0703 0x0620  KSecPkg - ok
12:17:21.0750 0x0620  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
12:17:21.0750 0x0620  ksthunk - ok
12:17:21.0797 0x0620  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
12:17:21.0813 0x0620  KtmRm - ok
12:17:21.0875 0x0620  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
12:17:21.0891 0x0620  LanmanServer - ok
12:17:21.0937 0x0620  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:17:21.0969 0x0620  LanmanWorkstation - ok
12:17:22.0000 0x0620  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
12:17:22.0015 0x0620  lltdio - ok
12:17:22.0062 0x0620  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
12:17:22.0078 0x0620  lltdsvc - ok
12:17:22.0093 0x0620  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
12:17:22.0093 0x0620  lmhosts - ok
12:17:22.0109 0x0620  lmimirr - ok
12:17:22.0140 0x0620  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
12:17:22.0140 0x0620  LSI_FC - ok
12:17:22.0187 0x0620  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
12:17:22.0187 0x0620  LSI_SAS - ok
12:17:22.0203 0x0620  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:17:22.0218 0x0620  LSI_SAS2 - ok
12:17:22.0218 0x0620  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:17:22.0234 0x0620  LSI_SCSI - ok
12:17:22.0249 0x0620  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
12:17:22.0265 0x0620  luafv - ok
12:17:22.0296 0x0620  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
12:17:22.0312 0x0620  Mcx2Svc - ok
12:17:22.0343 0x0620  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
12:17:22.0343 0x0620  megasas - ok
12:17:22.0374 0x0620  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
12:17:22.0390 0x0620  MegaSR - ok
12:17:22.0437 0x0620  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
12:17:22.0437 0x0620  MEIx64 - ok
12:17:22.0515 0x0620  [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
12:17:22.0530 0x0620  Microsoft Office Groove Audit Service - ok
12:17:22.0561 0x0620  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
12:17:22.0577 0x0620  MMCSS - ok
12:17:22.0593 0x0620  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
12:17:22.0593 0x0620  Modem - ok
12:17:22.0639 0x0620  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
12:17:22.0655 0x0620  monitor - ok
12:17:22.0702 0x0620  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
12:17:22.0702 0x0620  mouclass - ok
12:17:22.0733 0x0620  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
12:17:22.0749 0x0620  mouhid - ok
12:17:22.0795 0x0620  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
12:17:22.0811 0x0620  mountmgr - ok
12:17:22.0827 0x0620  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
12:17:22.0858 0x0620  mpio - ok
12:17:22.0905 0x0620  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
12:17:22.0920 0x0620  mpsdrv - ok
12:17:22.0998 0x0620  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
12:17:23.0014 0x0620  MpsSvc - ok
12:17:23.0045 0x0620  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
12:17:23.0061 0x0620  MRxDAV - ok
12:17:23.0092 0x0620  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
12:17:23.0107 0x0620  mrxsmb - ok
12:17:23.0139 0x0620  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:17:23.0139 0x0620  mrxsmb10 - ok
12:17:23.0185 0x0620  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:17:23.0185 0x0620  mrxsmb20 - ok
12:17:23.0217 0x0620  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
12:17:23.0217 0x0620  msahci - ok
12:17:23.0248 0x0620  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
12:17:23.0248 0x0620  msdsm - ok
12:17:23.0295 0x0620  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
12:17:23.0310 0x0620  MSDTC - ok
12:17:23.0357 0x0620  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
12:17:23.0357 0x0620  Msfs - ok
12:17:23.0388 0x0620  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
12:17:23.0388 0x0620  mshidkmdf - ok
12:17:23.0419 0x0620  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
12:17:23.0435 0x0620  msisadrv - ok
12:17:23.0482 0x0620  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
12:17:23.0497 0x0620  MSiSCSI - ok
12:17:23.0497 0x0620  msiserver - ok
12:17:23.0544 0x0620  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
12:17:23.0544 0x0620  MSKSSRV - ok
12:17:23.0560 0x0620  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
12:17:23.0575 0x0620  MSPCLOCK - ok
12:17:23.0575 0x0620  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
12:17:23.0591 0x0620  MSPQM - ok
12:17:23.0622 0x0620  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
12:17:23.0638 0x0620  MsRPC - ok
12:17:23.0685 0x0620  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
12:17:23.0685 0x0620  mssmbios - ok
12:17:23.0731 0x0620  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
12:17:23.0731 0x0620  MSTEE - ok
12:17:23.0747 0x0620  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
12:17:23.0747 0x0620  MTConfig - ok
12:17:23.0778 0x0620  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
12:17:23.0778 0x0620  Mup - ok
12:17:23.0841 0x0620  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
12:17:23.0872 0x0620  napagent - ok
12:17:23.0934 0x0620  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
12:17:23.0934 0x0620  NativeWifiP - ok
12:17:23.0997 0x0620  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
12:17:24.0028 0x0620  NDIS - ok
12:17:24.0043 0x0620  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
12:17:24.0043 0x0620  NdisCap - ok
12:17:24.0059 0x0620  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
12:17:24.0075 0x0620  NdisTapi - ok
12:17:24.0106 0x0620  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
12:17:24.0106 0x0620  Ndisuio - ok
12:17:24.0153 0x0620  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
12:17:24.0153 0x0620  NdisWan - ok
12:17:24.0184 0x0620  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
12:17:24.0184 0x0620  NDProxy - ok
12:17:24.0215 0x0620  [ EE00C544C025958AF50C7B199F3C8595, D774DB020D9C46D1AA0B2DB9FA2C36C4A9C38D904CC6929695321D32ACA0D4D1 ] Netaapl         C:\Windows\system32\DRIVERS\netaapl64.sys
12:17:24.0231 0x0620  Netaapl - ok
12:17:24.0262 0x0620  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
12:17:24.0262 0x0620  NetBIOS - ok
12:17:24.0309 0x0620  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
12:17:24.0309 0x0620  NetBT - ok
12:17:24.0340 0x0620  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon        C:\Windows\system32\lsass.exe
12:17:24.0340 0x0620  Netlogon - ok
12:17:24.0402 0x0620  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
12:17:24.0418 0x0620  Netman - ok
12:17:24.0496 0x0620  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:17:24.0543 0x0620  NetMsmqActivator - ok
12:17:24.0558 0x0620  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:17:24.0574 0x0620  NetPipeActivator - ok
12:17:24.0652 0x0620  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
12:17:24.0667 0x0620  netprofm - ok
12:17:24.0699 0x0620  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:17:24.0699 0x0620  NetTcpActivator - ok
12:17:24.0714 0x0620  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:17:24.0714 0x0620  NetTcpPortSharing - ok
12:17:24.0745 0x0620  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
12:17:24.0745 0x0620  nfrd960 - ok
12:17:24.0792 0x0620  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
12:17:24.0808 0x0620  NlaSvc - ok
12:17:24.0823 0x0620  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
12:17:24.0823 0x0620  Npfs - ok
12:17:24.0855 0x0620  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
12:17:24.0855 0x0620  nsi - ok
12:17:24.0901 0x0620  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
12:17:24.0901 0x0620  nsiproxy - ok
12:17:25.0011 0x0620  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
12:17:25.0057 0x0620  Ntfs - ok
12:17:25.0057 0x0620  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
12:17:25.0073 0x0620  Null - ok
12:17:25.0120 0x0620  [ 0EBC9D13CD96C15B1B18D8678A609E4B, B10896DE16B0C102DFB3E73A6C11A1982C5B428015DAE1F8776BCEF94A0F75C6 ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
12:17:25.0120 0x0620  nusb3hub - ok
12:17:25.0151 0x0620  [ 7BDEC000D56D485021D9C1E63C2F81CA, 7F1303FD0371AF8715BFC38433B730C797170AEF10C7DB845B7B547DA8DBB5D5 ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
12:17:25.0167 0x0620  nusb3xhc - ok
12:17:25.0198 0x0620  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
12:17:25.0198 0x0620  nvraid - ok
12:17:25.0229 0x0620  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
12:17:25.0229 0x0620  nvstor - ok
12:17:25.0245 0x0620  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
12:17:25.0260 0x0620  nv_agp - ok
12:17:25.0369 0x0620  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:17:25.0401 0x0620  odserv - ok
12:17:25.0432 0x0620  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
12:17:25.0447 0x0620  ohci1394 - ok
12:17:25.0525 0x0620  [ 6F722C84CCCEF77A871D0F7E50AB25EB, F81F33DC8C20A6C331B1F7006B124F2FB9B7297E0C37CB7272A4074C2D19856C ] OpenVPNService  C:\Program Files (x86)\HMA! Pro VPN\bin\openvpnserv.exe
12:17:25.0541 0x0620  OpenVPNService - ok
12:17:25.0619 0x0620  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:17:25.0635 0x0620  ose - ok
12:17:25.0681 0x0620  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
12:17:25.0697 0x0620  p2pimsvc - ok
12:17:25.0728 0x0620  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
12:17:25.0744 0x0620  p2psvc - ok
12:17:25.0791 0x0620  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
12:17:25.0806 0x0620  Parport - ok
12:17:25.0837 0x0620  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
12:17:25.0837 0x0620  partmgr - ok
12:17:25.0884 0x0620  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
12:17:25.0900 0x0620  PcaSvc - ok
12:17:25.0915 0x0620  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
12:17:25.0915 0x0620  pci - ok
12:17:25.0947 0x0620  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
12:17:25.0947 0x0620  pciide - ok
12:17:25.0993 0x0620  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
12:17:26.0009 0x0620  pcmcia - ok
12:17:26.0025 0x0620  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
12:17:26.0040 0x0620  pcw - ok
12:17:26.0071 0x0620  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
12:17:26.0087 0x0620  PEAUTH - ok
12:17:26.0196 0x0620  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
12:17:26.0227 0x0620  PeerDistSvc - ok
12:17:26.0337 0x0620  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
12:17:26.0352 0x0620  PerfHost - ok
12:17:26.0461 0x0620  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
12:17:26.0508 0x0620  pla - ok
12:17:26.0555 0x0620  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
12:17:26.0571 0x0620  PlugPlay - ok
12:17:26.0617 0x0620  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
12:17:26.0617 0x0620  PNRPAutoReg - ok
12:17:26.0633 0x0620  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
12:17:26.0649 0x0620  PNRPsvc - ok
12:17:26.0727 0x0620  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
12:17:26.0742 0x0620  PolicyAgent - ok
12:17:26.0789 0x0620  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
12:17:26.0805 0x0620  Power - ok
12:17:26.0851 0x0620  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
12:17:26.0867 0x0620  PptpMiniport - ok
12:17:26.0898 0x0620  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
12:17:26.0898 0x0620  Processor - ok
12:17:26.0945 0x0620  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
12:17:26.0961 0x0620  ProfSvc - ok
12:17:26.0976 0x0620  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
12:17:26.0992 0x0620  ProtectedStorage - ok
12:17:27.0039 0x0620  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
12:17:27.0054 0x0620  Psched - ok
12:17:27.0132 0x0620  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
12:17:27.0163 0x0620  ql2300 - ok
12:17:27.0210 0x0620  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
12:17:27.0210 0x0620  ql40xx - ok
12:17:27.0257 0x0620  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
12:17:27.0288 0x0620  QWAVE - ok
12:17:27.0304 0x0620  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
12:17:27.0319 0x0620  QWAVEdrv - ok
12:17:27.0319 0x0620  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
12:17:27.0335 0x0620  RasAcd - ok
12:17:27.0382 0x0620  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
12:17:27.0382 0x0620  RasAgileVpn - ok
12:17:27.0429 0x0620  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
12:17:27.0429 0x0620  RasAuto - ok
12:17:27.0475 0x0620  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
12:17:27.0491 0x0620  Rasl2tp - ok
12:17:27.0538 0x0620  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
12:17:27.0553 0x0620  RasMan - ok
12:17:27.0616 0x0620  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
12:17:27.0631 0x0620  RasPppoe - ok
12:17:27.0647 0x0620  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
12:17:27.0647 0x0620  RasSstp - ok
12:17:27.0694 0x0620  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
12:17:27.0709 0x0620  rdbss - ok
12:17:27.0725 0x0620  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
12:17:27.0725 0x0620  rdpbus - ok
12:17:27.0741 0x0620  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
12:17:27.0741 0x0620  RDPCDD - ok
12:17:27.0787 0x0620  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
12:17:27.0787 0x0620  RDPDR - ok
12:17:27.0834 0x0620  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
12:17:27.0834 0x0620  RDPENCDD - ok
12:17:27.0865 0x0620  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
12:17:27.0865 0x0620  RDPREFMP - ok
12:17:27.0912 0x0620  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
12:17:27.0912 0x0620  RdpVideoMiniport - ok
12:17:27.0975 0x0620  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
12:17:27.0990 0x0620  RDPWD - ok
12:17:28.0053 0x0620  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
12:17:28.0053 0x0620  rdyboost - ok
12:17:28.0115 0x0620  [ 96EFEC24346A8EB1157E80523079ADDC, 7F8FC284029856C754E400B6C954369FFE27763C81D8F4AF4E58BFDD44CBC24A ] RealNetworks Downloader Resolver Service C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
12:17:28.0115 0x0620  RealNetworks Downloader Resolver Service - ok
12:17:28.0162 0x0620  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
12:17:28.0177 0x0620  RemoteAccess - ok
12:17:28.0224 0x0620  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
12:17:28.0224 0x0620  RemoteRegistry - ok
12:17:28.0271 0x0620  [ A14DF7C3BC519328ACCB8FA741BAD78A, F15D05A601782F10B8CA8C2FF81777A99D993ED3063DC42E2799CC0C74722DDC ] risdxc          C:\Windows\system32\DRIVERS\risdxc64.sys
12:17:28.0271 0x0620  risdxc - ok
12:17:28.0287 0x0620  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
12:17:28.0302 0x0620  RpcEptMapper - ok
12:17:28.0318 0x0620  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
12:17:28.0333 0x0620  RpcLocator - ok
12:17:28.0396 0x0620  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
12:17:28.0427 0x0620  RpcSs - ok
12:17:28.0474 0x0620  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
12:17:28.0474 0x0620  rspndr - ok
12:17:28.0505 0x0620  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
12:17:28.0505 0x0620  s3cap - ok
12:17:28.0536 0x0620  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs           C:\Windows\system32\lsass.exe
12:17:28.0536 0x0620  SamSs - ok
12:17:28.0552 0x0620  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
12:17:28.0567 0x0620  sbp2port - ok
12:17:28.0614 0x0620  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
12:17:28.0645 0x0620  SCardSvr - ok
12:17:28.0677 0x0620  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
12:17:28.0677 0x0620  scfilter - ok
12:17:28.0786 0x0620  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
12:17:28.0817 0x0620  Schedule - ok
12:17:28.0848 0x0620  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
12:17:28.0848 0x0620  SCPolicySvc - ok
12:17:28.0879 0x0620  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
12:17:28.0879 0x0620  SDRSVC - ok
12:17:28.0911 0x0620  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
12:17:28.0926 0x0620  secdrv - ok
12:17:28.0957 0x0620  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
12:17:28.0957 0x0620  seclogon - ok
12:17:28.0989 0x0620  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
12:17:29.0004 0x0620  SENS - ok
12:17:29.0004 0x0620  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
12:17:29.0020 0x0620  SensrSvc - ok
12:17:29.0035 0x0620  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
12:17:29.0035 0x0620  Serenum - ok
12:17:29.0067 0x0620  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
12:17:29.0067 0x0620  Serial - ok
12:17:29.0098 0x0620  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
12:17:29.0098 0x0620  sermouse - ok
12:17:29.0145 0x0620  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
12:17:29.0145 0x0620  SessionEnv - ok
12:17:29.0176 0x0620  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
12:17:29.0176 0x0620  sffdisk - ok
12:17:29.0191 0x0620  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
12:17:29.0191 0x0620  sffp_mmc - ok
12:17:29.0191 0x0620  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
12:17:29.0191 0x0620  sffp_sd - ok
12:17:29.0223 0x0620  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
12:17:29.0223 0x0620  sfloppy - ok
12:17:29.0269 0x0620  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
12:17:29.0285 0x0620  SharedAccess - ok
12:17:29.0316 0x0620  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:17:29.0332 0x0620  ShellHWDetection - ok
12:17:29.0363 0x0620  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:17:29.0363 0x0620  SiSRaid2 - ok
12:17:29.0410 0x0620  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
12:17:29.0410 0x0620  SiSRaid4 - ok
12:17:29.0613 0x0620  [ 9F712B26EE3B0242DE997A42FD302E2C, 12663EB108F158282A965EE70980627C2F2332BA7944D7DE03B78E18BEB87D26 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
12:17:29.0706 0x0620  Skype C2C Service - ok
12:17:29.0769 0x0620  [ F5BBEDF602C310B00036EB2DBF4348A5, AC2712E639F0C54BCF00EB4E90E805335871EA27AE8A45DFC53EDF28822318C4 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
12:17:29.0784 0x0620  SkypeUpdate - ok
12:17:29.0815 0x0620  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
12:17:29.0815 0x0620  Smb - ok
12:17:29.0878 0x0620  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
12:17:29.0893 0x0620  SNMPTRAP - ok
12:17:29.0925 0x0620  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
12:17:29.0925 0x0620  spldr - ok
12:17:29.0971 0x0620  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
12:17:30.0003 0x0620  Spooler - ok
12:17:30.0174 0x0620  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
12:17:30.0268 0x0620  sppsvc - ok
12:17:30.0330 0x0620  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
12:17:30.0330 0x0620  sppuinotify - ok
12:17:30.0393 0x0620  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
12:17:30.0408 0x0620  srv - ok
12:17:30.0439 0x0620  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
12:17:30.0439 0x0620  srv2 - ok
12:17:30.0471 0x0620  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
12:17:30.0471 0x0620  srvnet - ok
12:17:30.0502 0x0620  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
12:17:30.0517 0x0620  SSDPSRV - ok
12:17:30.0533 0x0620  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
12:17:30.0549 0x0620  SstpSvc - ok
12:17:30.0673 0x0620  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
12:17:30.0673 0x0620  stexstor - ok
12:17:30.0814 0x0620  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
12:17:30.0845 0x0620  stisvc - ok
12:17:30.0876 0x0620  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
12:17:30.0876 0x0620  storflt - ok
12:17:30.0892 0x0620  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
12:17:30.0892 0x0620  storvsc - ok
12:17:30.0923 0x0620  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
12:17:30.0923 0x0620  swenum - ok
12:17:30.0985 0x0620  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
12:17:31.0017 0x0620  swprv - ok
12:17:31.0032 0x0620  Synth3dVsc - ok
12:17:31.0157 0x0620  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
12:17:31.0204 0x0620  SysMain - ok
12:17:31.0235 0x0620  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:17:31.0251 0x0620  TabletInputService - ok
12:17:31.0282 0x0620  [ 3C32FF010F869BC184DF71290477384E, 55CFCEC7F026C6E2E96A2FBE846AB513BB12BB0348735274FE1B71AF019C837B ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
12:17:31.0297 0x0620  tap0901 - ok
12:17:31.0329 0x0620  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
12:17:31.0344 0x0620  TapiSrv - ok
12:17:31.0375 0x0620  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
12:17:31.0391 0x0620  TBS - ok
12:17:31.0500 0x0620  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
12:17:31.0563 0x0620  Tcpip - ok
12:17:31.0641 0x0620  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
12:17:31.0687 0x0620  TCPIP6 - ok
12:17:31.0719 0x0620  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
12:17:31.0734 0x0620  tcpipreg - ok
12:17:31.0781 0x0620  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
12:17:31.0781 0x0620  TDPIPE - ok
12:17:31.0812 0x0620  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
12:17:31.0812 0x0620  TDTCP - ok
12:17:31.0843 0x0620  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
12:17:31.0859 0x0620  tdx - ok
12:17:32.0436 0x0620  [ DF4A7E1E2BA788E28747F1EF49692ED6, 3417C0C713AB086E31CA20D6DCE923FF224093CFF2BAA6F29DCCBD2BEE5EEED6 ] TeamViewer9     C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
12:17:32.0545 0x0620  TeamViewer9 - ok
12:17:32.0592 0x0620  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
12:17:32.0608 0x0620  TermDD - ok
12:17:32.0686 0x0620  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
12:17:32.0701 0x0620  TermService - ok
12:17:32.0748 0x0620  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
12:17:32.0748 0x0620  Themes - ok
12:17:32.0779 0x0620  [ D6704940A79831B4FA271D7A73D291D8, 9F6088AE2E4F4058D4414C32ACC2E3D9707BA90587B8611F4416DDDCD1717762 ] Thpevm          C:\Windows\system32\DRIVERS\Thpevm.SYS
12:17:32.0779 0x0620  Thpevm - ok
12:17:32.0811 0x0620  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
12:17:32.0826 0x0620  THREADORDER - ok
12:17:32.0951 0x0620  [ CDC97FA5C42B07FB0D4600E17C32F582, 1801964D228E03FF72D01E714ECE76D3040DD89B8FE828821CF999E6CB455F53 ] TosCoSrv        C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
12:17:32.0982 0x0620  TosCoSrv - ok
12:17:33.0091 0x0620  [ A22DEB5EC05FEBFDCA1D3FF70FA1FF46, 3D3F68DC994C99436E31B72AEE15F4F46437AC3F2C2CD1D477C738E16397CB50 ] TOSHIBA Bluetooth Service C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
12:17:33.0091 0x0620  TOSHIBA Bluetooth Service - ok
12:17:33.0138 0x0620  [ 755E5CA34D6186FC0E1430CD47E6E97C, 08CE7842D58B36D31253602E505841E604748EED845134E7AF158EADFC4927E9 ] toshidpt        C:\Windows\system32\drivers\Toshidpt.sys
12:17:33.0138 0x0620  toshidpt - ok
12:17:33.0201 0x0620  [ 8021F63311797085949FA387F7C83583, 7781994B9F06784807D32FD5A93C5406A441908870B1328BBDA9D15C5DD98C1B ] tosporte        C:\Windows\system32\DRIVERS\tosporte.sys
12:17:33.0201 0x0620  tosporte - ok
12:17:33.0263 0x0620  [ 58E3F35AECD7BD5FCC1BD198B4AD354F, 2822DA60CF4967804ECC9D02A3DA5771AD75BCB76B2721EA500B27193BC20B26 ] Tosrfbd         C:\Windows\system32\DRIVERS\tosrfbd.sys
12:17:33.0279 0x0620  Tosrfbd - ok
12:17:33.0310 0x0620  [ 90F0B1745ABF13F44C2A6ED79F7CE9FB, B705B0ADD6965CF63D3FCD039DBC80EEB8B3860608367D248C7350BB16D83337 ] tosrfbnp        C:\Windows\system32\Drivers\tosrfbnp.sys
12:17:33.0310 0x0620  tosrfbnp - ok
12:17:33.0341 0x0620  [ 9E4E65EA51E34647340BD6007467AC54, D4FD658250298AE52959009C7DB031A7D82E48088DB5D94E6D3F990058B9D75E ] Tosrfcom        C:\Windows\system32\Drivers\tosrfcom.sys
12:17:33.0341 0x0620  Tosrfcom - ok
12:17:33.0388 0x0620  [ A4DDAD3BF13F370EC392BE243E334EBA, DB4F33DB2B9692AB4087E408AAEC2AB4046278BBD696213089E2D931C04E966B ] tosrfec         C:\Windows\system32\DRIVERS\tosrfec.sys
12:17:33.0388 0x0620  tosrfec - ok
12:17:33.0435 0x0620  [ 7D2467D3EB9BAA4B69AE4A28C83DE57A, 38D2C64559EF4598025474643EC0D506F0107822AC6205E8C4D26B76EB28177D ] Tosrfhid        C:\Windows\system32\DRIVERS\Tosrfhid.sys
12:17:33.0450 0x0620  Tosrfhid - ok
12:17:33.0481 0x0620  [ B6FDC3C76FFE9C5171EEA9C37EA367C2, 4F8D4E2E37164DB91F396B836BD888CF221010103CF3FBECE00B747155819374 ] tosrfnds        C:\Windows\system32\DRIVERS\tosrfnds.sys
12:17:33.0481 0x0620  tosrfnds - ok
12:17:33.0544 0x0620  [ 7A0048693F98460FF537BE31C741B927, 6CD73974D8A9215A5B538C7F32E1C85F6912D38A0B70DB10015621C4E1670980 ] Tosrfusb        C:\Windows\system32\DRIVERS\tosrfusb.sys
12:17:33.0559 0x0620  Tosrfusb - ok
12:17:33.0606 0x0620  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
12:17:33.0622 0x0620  TrkWks - ok
12:17:33.0700 0x0620  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:17:33.0715 0x0620  TrustedInstaller - ok
12:17:33.0747 0x0620  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
12:17:33.0747 0x0620  tssecsrv - ok
12:17:33.0778 0x0620  [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
12:17:33.0793 0x0620  TsUsbFlt - ok
12:17:33.0809 0x0620  tsusbhub - ok
12:17:33.0856 0x0620  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
12:17:33.0871 0x0620  tunnel - ok
12:17:33.0903 0x0620  [ EFFCE6E033EBDD0F3C0F14A413558F65, 576E7C8F1FBE874A0F8F7AA97FC19F472474CFD4A6F663034341E98FF5A28BB5 ] TVALZ           C:\Windows\system32\DRIVERS\TVALZ.SYS
12:17:33.0918 0x0620  TVALZ - ok
12:17:33.0965 0x0620  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
12:17:33.0965 0x0620  uagp35 - ok
12:17:34.0027 0x0620  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
12:17:34.0043 0x0620  udfs - ok
12:17:34.0090 0x0620  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
12:17:34.0090 0x0620  UI0Detect - ok
12:17:34.0137 0x0620  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
12:17:34.0152 0x0620  uliagpkx - ok
12:17:34.0168 0x0620  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
12:17:34.0183 0x0620  umbus - ok
12:17:34.0230 0x0620  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
12:17:34.0230 0x0620  UmPass - ok
12:17:34.0261 0x0620  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
12:17:34.0277 0x0620  UmRdpService - ok
12:17:34.0339 0x0620  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
12:17:34.0355 0x0620  upnphost - ok
12:17:34.0386 0x0620  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
12:17:34.0386 0x0620  USBAAPL64 - ok
12:17:34.0433 0x0620  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
12:17:34.0433 0x0620  usbccgp - ok
12:17:34.0464 0x0620  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
12:17:34.0464 0x0620  usbcir - ok
12:17:34.0495 0x0620  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
12:17:34.0495 0x0620  usbehci - ok
12:17:34.0542 0x0620  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
12:17:34.0558 0x0620  usbhub - ok
12:17:34.0573 0x0620  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
12:17:34.0605 0x0620  usbohci - ok
12:17:34.0636 0x0620  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
12:17:34.0651 0x0620  usbprint - ok
12:17:34.0698 0x0620  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:17:34.0698 0x0620  USBSTOR - ok
12:17:34.0745 0x0620  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
12:17:34.0776 0x0620  usbuhci - ok
12:17:34.0807 0x0620  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
12:17:34.0823 0x0620  usbvideo - ok
12:17:34.0854 0x0620  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
12:17:34.0870 0x0620  UxSms - ok
12:17:34.0885 0x0620  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc        C:\Windows\system32\lsass.exe
12:17:34.0885 0x0620  VaultSvc - ok
12:17:34.0932 0x0620  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
12:17:34.0948 0x0620  vdrvroot - ok
12:17:35.0010 0x0620  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
12:17:35.0041 0x0620  vds - ok
12:17:35.0073 0x0620  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
12:17:35.0073 0x0620  vga - ok
12:17:35.0104 0x0620  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
12:17:35.0104 0x0620  VgaSave - ok
12:17:35.0104 0x0620  VGPU - ok
12:17:35.0151 0x0620  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
12:17:35.0166 0x0620  vhdmp - ok
12:17:35.0213 0x0620  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
12:17:35.0213 0x0620  viaide - ok
12:17:35.0229 0x0620  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
12:17:35.0244 0x0620  vmbus - ok
12:17:35.0260 0x0620  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
12:17:35.0260 0x0620  VMBusHID - ok
12:17:35.0291 0x0620  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
12:17:35.0307 0x0620  volmgr - ok
12:17:35.0369 0x0620  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
12:17:35.0385 0x0620  volmgrx - ok
12:17:35.0431 0x0620  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
12:17:35.0431 0x0620  volsnap - ok
12:17:35.0494 0x0620  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
12:17:35.0509 0x0620  vsmraid - ok
12:17:35.0603 0x0620  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
12:17:35.0650 0x0620  VSS - ok
12:17:35.0665 0x0620  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
12:17:35.0681 0x0620  vwifibus - ok
12:17:35.0697 0x0620  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
12:17:35.0697 0x0620  vwififlt - ok
12:17:35.0728 0x0620  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
12:17:35.0728 0x0620  vwifimp - ok
12:17:35.0790 0x0620  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
12:17:35.0821 0x0620  W32Time - ok
12:17:35.0868 0x0620  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
12:17:35.0868 0x0620  WacomPen - ok
12:17:35.0931 0x0620  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
12:17:35.0946 0x0620  WANARP - ok
12:17:35.0946 0x0620  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
12:17:35.0962 0x0620  Wanarpv6 - ok
12:17:36.0040 0x0620  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
12:17:36.0071 0x0620  WatAdminSvc - ok
12:17:36.0165 0x0620  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
12:17:36.0211 0x0620  wbengine - ok
12:17:36.0258 0x0620  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
12:17:36.0274 0x0620  WbioSrvc - ok
12:17:36.0336 0x0620  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
12:17:36.0367 0x0620  wcncsvc - ok
12:17:36.0383 0x0620  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:17:36.0383 0x0620  WcsPlugInService - ok
12:17:36.0414 0x0620  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
12:17:36.0430 0x0620  Wd - ok
12:17:36.0508 0x0620  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
12:17:36.0539 0x0620  Wdf01000 - ok
12:17:36.0601 0x0620  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
12:17:36.0617 0x0620  WdiServiceHost - ok
12:17:36.0617 0x0620  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
12:17:36.0633 0x0620  WdiSystemHost - ok
12:17:36.0679 0x0620  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
12:17:36.0711 0x0620  WebClient - ok
12:17:36.0742 0x0620  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
12:17:36.0742 0x0620  Wecsvc - ok
12:17:36.0757 0x0620  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
12:17:36.0757 0x0620  wercplsupport - ok
12:17:36.0804 0x0620  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
12:17:36.0820 0x0620  WerSvc - ok
12:17:36.0867 0x0620  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
12:17:36.0882 0x0620  WfpLwf - ok
12:17:36.0898 0x0620  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
12:17:36.0898 0x0620  WIMMount - ok
12:17:36.0929 0x0620  WinDefend - ok
12:17:36.0960 0x0620  WinHttpAutoProxySvc - ok
12:17:37.0038 0x0620  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
12:17:37.0069 0x0620  Winmgmt - ok
12:17:37.0225 0x0620  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
12:17:37.0288 0x0620  WinRM - ok
12:17:37.0335 0x0620  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
12:17:37.0335 0x0620  WinUsb - ok
12:17:37.0397 0x0620  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
12:17:37.0428 0x0620  Wlansvc - ok
12:17:37.0459 0x0620  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
12:17:37.0459 0x0620  WmiAcpi - ok
12:17:37.0491 0x0620  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
12:17:37.0506 0x0620  wmiApSrv - ok
12:17:37.0537 0x0620  WMPNetworkSvc - ok
12:17:37.0600 0x0620  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
12:17:37.0600 0x0620  WPCSvc - ok
12:17:37.0662 0x0620  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
12:17:37.0678 0x0620  WPDBusEnum - ok
12:17:37.0709 0x0620  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
12:17:37.0709 0x0620  ws2ifsl - ok
12:17:37.0740 0x0620  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
12:17:37.0756 0x0620  wscsvc - ok
12:17:37.0756 0x0620  WSearch - ok
12:17:37.0896 0x0620  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
12:17:37.0974 0x0620  wuauserv - ok
12:17:38.0005 0x0620  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
12:17:38.0005 0x0620  WudfPf - ok
12:17:38.0052 0x0620  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
12:17:38.0052 0x0620  WUDFRd - ok
12:17:38.0068 0x0620  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
12:17:38.0083 0x0620  wudfsvc - ok
12:17:38.0115 0x0620  [ FE90B750AB808FB9DD8FBB428B5FF83B, 3F8F592EC813BE292D305A87C5BA852F8BC3D7CE610612D9871F209A17326AA8 ] WwanSvc         C:\Windows\System32\wwansvc.dll
12:17:38.0130 0x0620  WwanSvc - ok
12:17:38.0161 0x0620  ================ Scan global ===============================
12:17:38.0193 0x0620  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
12:17:38.0224 0x0620  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:17:38.0239 0x0620  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:17:38.0286 0x0620  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
12:17:38.0317 0x0620  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
12:17:38.0333 0x0620  [ Global ] - ok
12:17:38.0333 0x0620  ================ Scan MBR ==================================
12:17:38.0349 0x0620  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:17:38.0598 0x0620  \Device\Harddisk0\DR0 - ok
12:17:38.0598 0x0620  ================ Scan VBR ==================================
12:17:38.0614 0x0620  [ 43A526DEBA8EDD7676BCC4179DF4FD11 ] \Device\Harddisk0\DR0\Partition1
12:17:38.0614 0x0620  \Device\Harddisk0\DR0\Partition1 - ok
12:17:38.0614 0x0620  Waiting for KSN requests completion. In queue: 352
12:17:39.0628 0x0620  Waiting for KSN requests completion. In queue: 352
12:17:40.0642 0x0620  Waiting for KSN requests completion. In queue: 352
12:17:41.0656 0x0620  Waiting for KSN requests completion. In queue: 42
12:17:42.0670 0x0620  Waiting for KSN requests completion. In queue: 42
12:17:43.0715 0x0620  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2011.263 ), 0x41000 ( enabled : updated )
12:17:43.0731 0x0620  Win FW state via NFP2: enabled
12:17:57.0615 0x0620  ============================================================
12:17:57.0615 0x0620  Scan finished
12:17:57.0615 0x0620  ============================================================
12:17:57.0630 0x1454  Detected object count: 0
12:17:57.0630 0x1454  Actual detected object count: 0
 
 
 
 
1
 
# AdwCleaner v3.017 - Report created 28/01/2014 at 12:21:31
# Updated 12/01/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Vances - VANCES-PC
# Running from : C:\Users\Vances\Desktop\AdwCleaner (2).exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v10.0.9200.16750
 
 
*************************
 
AdwCleaner[R0].txt - [1906 octets] - [27/01/2014 16:32:43]
AdwCleaner[R1].txt - [759 octets] - [28/01/2014 12:20:09]
AdwCleaner[S0].txt - [1797 octets] - [27/01/2014 16:35:42]
AdwCleaner[S1].txt - [681 octets] - [28/01/2014 12:21:31]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [740 octets] ##########
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Ultimate x64
Ran by Vances on Tue 01/28/2014 at 12:27:06.91
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 01/28/2014 at 12:35:18.79
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=3efb05e16ab44d4fbfd358e5dfa14ff8
# engine=16820
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-01-28 06:40:45
# local_time=2014-01-28 02:40:45 (+0800, Malay Peninsula Standard Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=774 16777213 85 77 2907061 2907274 0 0
# compatibility_mode=5893 16776573 100 94 0 142521095 0 0
# scanned=264480
# found=2
# cleaned=2
# scan_time=6297
sh=8EBB21D03921B00DE990760F7FA7F08DE689AB06 ft=1 fh=c71c00111e1f412d vn="a variant of Win32/OpenInstall application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Vances\AppData\Local\Temp\OIC8D70.tmp"
sh=0756B43122B2067F48FF02112928ADA9D49FB81C ft=1 fh=5c02abab6b04de71 vn="a variant of Win32/OpenInstall application (cleaned by deleting - quarantined)"
 
 
 


#4 zoo55

zoo55
  • Topic Starter

  • Members
  • 67 posts
  • OFFLINE
  •  
  • Local time:04:27 AM

Posted 28 January 2014 - 06:00 AM

Using Outlook 2007 and two gmail accounts via imap.  Having problems with gmail imap server closing because idle too long - can't "Send/Receive" all folders.  Happened after running various malware removal tools.  Any suggestions?

 

Thanks very much.



#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:27 PM

Posted 28 January 2014 - 11:41 AM

It appears to be a hidden rootkit or even some hard/software issue..
 
for System32/svchost.exe virus we need a deeper look.

Please follow this Preparation Guide, do steps 6,7 and 8 and post in a new topic.
Let me know if all went well.


For .. Note 2, my PC also has the "plugged in, not charging" curse. Can you help with that, or should I open another topic? If so, would that go under this forum, "Am I infected"?

This is better asked in INternal hardware...
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 zoo55

zoo55
  • Topic Starter

  • Members
  • 67 posts
  • OFFLINE
  •  
  • Local time:04:27 AM

Posted 28 January 2014 - 12:51 PM

OK, I ran DDS and posted in logs forum per instructions.

 

Standing by.



#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:27 PM

Posted 28 January 2014 - 02:45 PM

Now that your log is properly posted, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a Malware Removal Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.
From this point on the Malware Removal Team should be the only members that you take advice from, until they have verified your log as clean.
Please be patient. It may take a while to get a response because the Malware Removal Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the Malware Removal Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRL Team member is already assisting you and not open the thread to respond.
The current wait time is 1 - 5 days and ALL logs are answered.
If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.
To avoid confusion, I am closing this topic.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users