Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Suspicious Activity


  • Please log in to reply
16 replies to this topic

#1 C. Fraser

C. Fraser

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:08:57 PM

Posted 01 February 2014 - 08:36 PM

Hi all,

 

My account with my ISP has a limited amount of bandwidth I can use a month before accruing extra charges. I was notified today that I had reached that total, although I'm very conscious about how much I use, and generally I don't use very much on a daily basis. When I checked the daily usage report, I noticed that there was over 7 GB of activity this past Wednesday, and I know for certain that I did not download, or use anything that  would account for that much activity.

 

I did call my ISP and they suspect a virus (and, nicely enough, are going to give me a credit for this months over usage). I ran scans with MS Security Essentials, Malwarebytes and the Bitdefender online scanner, with no positive results. 

 

Other than the large amount of activity on that one day, everything else on my account (ISP daily usage) looked fine, and as far as I can tell the computer is running as per usual. 

 

Any help will be appreciated.

 



BC AdBot (Login to Remove)

 


#2 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:01:57 AM

Posted 01 February 2014 - 10:39 PM

Please download TDSSKiller exe version to your desktop. Double-click on TDSSKiller.exe to run the tool for known TDSS variants. Vista/Windows 7 users right-click and select Run As Administrator.
  •     Click on Change Parameters and click Detect TDLFS File System.
  •     Click the Start Scan button.
  •     Do not use the computer during the scan
  •     If the scan completes with nothing found, click Close to exit.
  •     If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  •     Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  •     Note: If Cure is not an option, Skip instead, do not choose Delete unless instructed.
  •     A TDSSKiller text file would be saved in Local Disk C.
  •     Copy and paste the contents of that file in your next reply.
ADW Cleaner


Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Clean.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

Edited by cryptodan, 01 February 2014 - 10:40 PM.


#3 C. Fraser

C. Fraser
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:08:57 PM

Posted 02 February 2014 - 04:26 PM

Hi Cryptodan. Thanks for your help. All reports posted below.
 
 
TDSSKiller Report: (didn't report finding anything)
 
15:55:55.0042 0x0e8c  TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
15:56:03.0189 0x0e8c  ============================================================
15:56:03.0189 0x0e8c  Current date / time: 2014/02/02 15:56:03.0189
15:56:03.0189 0x0e8c  SystemInfo:
15:56:03.0189 0x0e8c  
15:56:03.0189 0x0e8c  OS Version: 6.1.7601 ServicePack: 1.0
15:56:03.0189 0x0e8c  Product type: Workstation
15:56:03.0189 0x0e8c  ComputerName: COINFRASER-PC
15:56:03.0189 0x0e8c  UserName: Coin Fraser
15:56:03.0189 0x0e8c  Windows directory: C:\Windows
15:56:03.0189 0x0e8c  System windows directory: C:\Windows
15:56:03.0189 0x0e8c  Processor architecture: Intel x86
15:56:03.0189 0x0e8c  Number of processors: 6
15:56:03.0189 0x0e8c  Page size: 0x1000
15:56:03.0189 0x0e8c  Boot type: Normal boot
15:56:03.0190 0x0e8c  ============================================================
15:56:10.0154 0x0e8c  KLMD registered as C:\Windows\system32\drivers\23549724.sys
15:56:10.0558 0x0e8c  System UUID: {44960295-EBA0-39CE-B19A-343D7DFEFCC6}
15:56:11.0333 0x0e8c  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:56:11.0335 0x0e8c  ============================================================
15:56:11.0335 0x0e8c  \Device\Harddisk0\DR0:
15:56:11.0335 0x0e8c  MBR partitions:
15:56:11.0335 0x0e8c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
15:56:11.0335 0x0e8c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800
15:56:11.0335 0x0e8c  ============================================================
15:56:11.0341 0x0e8c  C: <-> \Device\Harddisk0\DR0\Partition2
15:56:11.0341 0x0e8c  ============================================================
15:56:11.0341 0x0e8c  Initialize success
15:56:11.0341 0x0e8c  ============================================================
15:57:29.0922 0x0694  ============================================================
15:57:29.0922 0x0694  Scan started
15:57:29.0922 0x0694  Mode: Manual; TDLFS; 
15:57:29.0922 0x0694  ============================================================
15:57:29.0922 0x0694  KSN ping started
15:57:43.0246 0x0694  KSN ping finished: true
15:57:44.0193 0x0694  ================ Scan system memory ========================
15:57:44.0193 0x0694  System memory - ok
15:57:44.0194 0x0694  ================ Scan services =============================
15:57:44.0329 0x0694  [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
15:57:44.0337 0x0694  1394ohci - ok
15:57:44.0379 0x0694  [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI            C:\Windows\system32\drivers\ACPI.sys
15:57:44.0387 0x0694  ACPI - ok
15:57:44.0401 0x0694  [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
15:57:44.0402 0x0694  AcpiPmi - ok
15:57:44.0430 0x0694  [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
15:57:44.0440 0x0694  adp94xx - ok
15:57:44.0457 0x0694  [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci         C:\Windows\system32\drivers\adpahci.sys
15:57:44.0464 0x0694  adpahci - ok
15:57:44.0481 0x0694  [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320         C:\Windows\system32\drivers\adpu320.sys
15:57:44.0484 0x0694  adpu320 - ok
15:57:44.0504 0x0694  [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
15:57:44.0505 0x0694  AeLookupSvc - ok
15:57:44.0541 0x0694  [ F81BB7E487EDCEAB630A7EE66CF23913, 7D1638FD7E388EF670FA0A421762E0413351058A20DDF0F9988A383F05395A68 ] AFD             C:\Windows\system32\drivers\afd.sys
15:57:44.0549 0x0694  AFD - ok
15:57:44.0563 0x0694  [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\Windows\system32\drivers\agp440.sys
15:57:44.0566 0x0694  agp440 - ok
15:57:44.0579 0x0694  [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
15:57:44.0581 0x0694  aic78xx - ok
15:57:44.0603 0x0694  [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG             C:\Windows\System32\alg.exe
15:57:44.0604 0x0694  ALG - ok
15:57:44.0621 0x0694  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide          C:\Windows\system32\drivers\aliide.sys
15:57:44.0622 0x0694  aliide - ok
15:57:44.0651 0x0694  [ E608D708EFE1F8AE7160DB7C0DE4D8E6, 0A84AC2B46069B086AFA3D10AE563C03ED343F9C9318220D813E12072A7B6012 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
15:57:44.0656 0x0694  AMD External Events Utility - ok
15:57:44.0698 0x0694  AMD FUEL Service - ok
15:57:44.0719 0x0694  [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
15:57:44.0723 0x0694  amdagp - ok
15:57:44.0746 0x0694  [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide          C:\Windows\system32\drivers\amdide.sys
15:57:44.0748 0x0694  amdide - ok
15:57:44.0753 0x0694  amdiox86 - ok
15:57:44.0770 0x0694  [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
15:57:44.0773 0x0694  AmdK8 - ok
15:57:45.0064 0x0694  [ F611C341A8B0926D6C2D6417464BD11E, 5E9296B7A0AE9203CDCC170A7FA7F4B2E4D7EF20A53CC6AFE832029FEC3E93FF ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
15:57:45.0318 0x0694  amdkmdag - ok
15:57:45.0355 0x0694  [ C08F6E9987D2AACFF9653ADB30C4DA3D, 24DCB857C0A8179296BA8D00C403D3633BA2A548B6E1A4ADF4DB3D047ACDA84F ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
15:57:45.0362 0x0694  amdkmdap - ok
15:57:45.0381 0x0694  [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
15:57:45.0382 0x0694  AmdPPM - ok
15:57:45.0412 0x0694  [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
15:57:45.0417 0x0694  amdsata - ok
15:57:45.0438 0x0694  [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
15:57:45.0444 0x0694  amdsbs - ok
15:57:45.0454 0x0694  [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
15:57:45.0455 0x0694  amdxata - ok
15:57:45.0468 0x0694  [ 66F4DE5876DC1A47BA1ACE909FA9AEEF, 2194C4323081E30E93DCA3602F276CBD6BE25256094E62332FA03B397962CE28 ] AODDriver4.1    C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys
15:57:45.0470 0x0694  AODDriver4.1 - ok
15:57:45.0474 0x0694  [ 66F4DE5876DC1A47BA1ACE909FA9AEEF, 2194C4323081E30E93DCA3602F276CBD6BE25256094E62332FA03B397962CE28 ] AODDriver4.2    C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys
15:57:45.0476 0x0694  AODDriver4.2 - ok
15:57:45.0481 0x0694  [ AEA177F783E20150ACE5383EE368DA19, 8FA9EE27AA1F22E8B8FE33A21028CA1E0062BAA95CB132C20D55B98C03B4254F ] AppID           C:\Windows\system32\drivers\appid.sys
15:57:45.0483 0x0694  AppID - ok
15:57:45.0489 0x0694  [ 62A9C86CB6085E20DB4823E4E97826F5, E0F840B49710022C4FB437002AD06F64B0F6B5D628B32D00F2B66765E6B97E4B ] AppIDSvc        C:\Windows\System32\appidsvc.dll
15:57:45.0491 0x0694  AppIDSvc - ok
15:57:45.0513 0x0694  [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo         C:\Windows\System32\appinfo.dll
15:57:45.0514 0x0694  Appinfo - ok
15:57:45.0522 0x0694  [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc             C:\Windows\system32\drivers\arc.sys
15:57:45.0524 0x0694  arc - ok
15:57:45.0535 0x0694  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas          C:\Windows\system32\drivers\arcsas.sys
15:57:45.0537 0x0694  arcsas - ok
15:57:45.0553 0x0694  [ BDD2471EB6D516C1EC1E9A537518BD16, E372087670E916377E685049D10EFAE084792178EE14B778034373B4BCF7E64E ] asmthub3        C:\Windows\system32\DRIVERS\asmthub3.sys
15:57:45.0556 0x0694  asmthub3 - ok
15:57:45.0572 0x0694  [ 54DC8F8341B4EBEF37F4003BDED7A43B, ED599A8446958E75FF35FBB6AA8ECF6AE41F731C5EAA231FDC5C5B5BD353EA36 ] asmtxhci        C:\Windows\system32\DRIVERS\asmtxhci.sys
15:57:45.0579 0x0694  asmtxhci - ok
15:57:45.0645 0x0694  [ 9D768C43FEF254DD50B1DBF8AD5C4C0B, A50854EA5C08605133B8BB4DFDC6090357C5665314AA72E0BFA1E07D4E451F09 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
15:57:45.0662 0x0694  aspnet_state - ok
15:57:45.0686 0x0694  [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
15:57:45.0688 0x0694  AsyncMac - ok
15:57:45.0714 0x0694  [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi           C:\Windows\system32\drivers\atapi.sys
15:57:45.0716 0x0694  atapi - ok
15:57:45.0751 0x0694  [ 434192D027A6A11E32E1C74C7C43E1ED, EA4A981B42EC16C2457D80218E94D7B339E05629A028ED5A011D8C7C1039BFD2 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW73.sys
15:57:45.0755 0x0694  AtiHDAudioService - ok
15:57:45.0788 0x0694  [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:57:45.0815 0x0694  AudioEndpointBuilder - ok
15:57:45.0830 0x0694  [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] Audiosrv        C:\Windows\System32\Audiosrv.dll
15:57:45.0840 0x0694  Audiosrv - ok
15:57:45.0857 0x0694  [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV        C:\Windows\System32\AxInstSV.dll
15:57:45.0859 0x0694  AxInstSV - ok
15:57:45.0886 0x0694  [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv         C:\Windows\system32\drivers\bxvbdx.sys
15:57:45.0896 0x0694  b06bdrv - ok
15:57:45.0913 0x0694  [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
15:57:45.0919 0x0694  b57nd60x - ok
15:57:45.0930 0x0694  [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC          C:\Windows\System32\bdesvc.dll
15:57:45.0932 0x0694  BDESVC - ok
15:57:45.0945 0x0694  [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep            C:\Windows\system32\drivers\Beep.sys
15:57:45.0946 0x0694  Beep - ok
15:57:45.0967 0x0694  [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE             C:\Windows\System32\bfe.dll
15:57:45.0978 0x0694  BFE - ok
15:57:46.0005 0x0694  [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS            C:\Windows\System32\qmgr.dll
15:57:46.0023 0x0694  BITS - ok
15:57:46.0027 0x0694  [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
15:57:46.0028 0x0694  blbdrive - ok
15:57:46.0048 0x0694  [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:57:46.0050 0x0694  bowser - ok
15:57:46.0057 0x0694  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
15:57:46.0058 0x0694  BrFiltLo - ok
15:57:46.0069 0x0694  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
15:57:46.0070 0x0694  BrFiltUp - ok
15:57:46.0084 0x0694  [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser         C:\Windows\System32\browser.dll
15:57:46.0086 0x0694  Browser - ok
15:57:46.0101 0x0694  [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
15:57:46.0107 0x0694  Brserid - ok
15:57:46.0118 0x0694  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
15:57:46.0120 0x0694  BrSerWdm - ok
15:57:46.0126 0x0694  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
15:57:46.0127 0x0694  BrUsbMdm - ok
15:57:46.0132 0x0694  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
15:57:46.0133 0x0694  BrUsbSer - ok
15:57:46.0142 0x0694  [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
15:57:46.0143 0x0694  BTHMODEM - ok
15:57:46.0160 0x0694  [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv         C:\Windows\system32\bthserv.dll
15:57:46.0162 0x0694  bthserv - ok
15:57:46.0175 0x0694  [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:57:46.0177 0x0694  cdfs - ok
15:57:46.0198 0x0694  [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
15:57:46.0200 0x0694  cdrom - ok
15:57:46.0219 0x0694  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc     C:\Windows\System32\certprop.dll
15:57:46.0221 0x0694  CertPropSvc - ok
15:57:46.0231 0x0694  [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass        C:\Windows\system32\drivers\circlass.sys
15:57:46.0232 0x0694  circlass - ok
15:57:46.0248 0x0694  [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS            C:\Windows\system32\CLFS.sys
15:57:46.0254 0x0694  CLFS - ok
15:57:46.0282 0x0694  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:57:46.0285 0x0694  clr_optimization_v2.0.50727_32 - ok
15:57:46.0298 0x0694  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:57:46.0311 0x0694  clr_optimization_v4.0.30319_32 - ok
15:57:46.0321 0x0694  [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
15:57:46.0322 0x0694  CmBatt - ok
15:57:46.0330 0x0694  [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
15:57:46.0331 0x0694  cmdide - ok
15:57:46.0356 0x0694  [ 85449EEBE8F8EBD6481EFBF0F352B4EB, E6FF04970C5A5BFDE7297A86C1C7B9BFE2E0F976A1A1AFB874CEB488DC6151CC ] CNG             C:\Windows\system32\Drivers\cng.sys
15:57:46.0364 0x0694  CNG - ok
15:57:46.0382 0x0694  [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
15:57:46.0383 0x0694  Compbatt - ok
15:57:46.0404 0x0694  [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
15:57:46.0407 0x0694  CompositeBus - ok
15:57:46.0413 0x0694  COMSysApp - ok
15:57:46.0440 0x0694  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
15:57:46.0441 0x0694  crcdisk - ok
15:57:46.0457 0x0694  [ 7CA1BECEA5DE2643ADDAD32670E7A4C9, E3AB4CC52A97E3855D7EAB87363F807FDD2162ED8C76A036CD71549ED64E7797 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:57:46.0462 0x0694  CryptSvc - ok
15:57:46.0498 0x0694  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:57:46.0511 0x0694  DcomLaunch - ok
15:57:46.0528 0x0694  [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc       C:\Windows\System32\defragsvc.dll
15:57:46.0534 0x0694  defragsvc - ok
15:57:46.0545 0x0694  [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
15:57:46.0547 0x0694  DfsC - ok
15:57:46.0569 0x0694  [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
15:57:46.0576 0x0694  Dhcp - ok
15:57:46.0600 0x0694  [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache        C:\Windows\system32\drivers\discache.sys
15:57:46.0601 0x0694  discache - ok
15:57:46.0607 0x0694  [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk            C:\Windows\system32\drivers\disk.sys
15:57:46.0609 0x0694  Disk - ok
15:57:46.0627 0x0694  [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:57:46.0632 0x0694  Dnscache - ok
15:57:46.0647 0x0694  [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc         C:\Windows\System32\dot3svc.dll
15:57:46.0653 0x0694  dot3svc - ok
15:57:46.0661 0x0694  [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS             C:\Windows\system32\dps.dll
15:57:46.0665 0x0694  DPS - ok
15:57:46.0692 0x0694  [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
15:57:46.0692 0x0694  drmkaud - ok
15:57:46.0724 0x0694  [ 71BC35067CABC02C9453AEAA42B2E43E, 713B19F2C08EA5E4C087F7A74A8856932CF33E19D63384823DD4E02ED8798619 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
15:57:46.0738 0x0694  DXGKrnl - ok
15:57:46.0772 0x0694  [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost         C:\Windows\System32\eapsvc.dll
15:57:46.0775 0x0694  EapHost - ok
15:57:46.0866 0x0694  [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv           C:\Windows\system32\drivers\evbdx.sys
15:57:46.0944 0x0694  ebdrv - ok
15:57:46.0960 0x0694  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] EFS             C:\Windows\System32\lsass.exe
15:57:46.0962 0x0694  EFS - ok
15:57:47.0022 0x0694  [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
15:57:47.0043 0x0694  ehRecvr - ok
15:57:47.0051 0x0694  [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched         C:\Windows\ehome\ehsched.exe
15:57:47.0053 0x0694  ehSched - ok
15:57:47.0080 0x0694  [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
15:57:47.0096 0x0694  elxstor - ok
15:57:47.0099 0x0694  [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
15:57:47.0100 0x0694  ErrDev - ok
15:57:47.0112 0x0694  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem     C:\Windows\system32\es.dll
15:57:47.0117 0x0694  EventSystem - ok
15:57:47.0132 0x0694  [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat           C:\Windows\system32\drivers\exfat.sys
15:57:47.0136 0x0694  exfat - ok
15:57:47.0148 0x0694  [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
15:57:47.0152 0x0694  fastfat - ok
15:57:47.0180 0x0694  [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax             C:\Windows\system32\fxssvc.exe
15:57:47.0197 0x0694  Fax - ok
15:57:47.0207 0x0694  [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc             C:\Windows\system32\drivers\fdc.sys
15:57:47.0208 0x0694  fdc - ok
15:57:47.0211 0x0694  [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost         C:\Windows\system32\fdPHost.dll
15:57:47.0213 0x0694  fdPHost - ok
15:57:47.0216 0x0694  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub        C:\Windows\system32\fdrespub.dll
15:57:47.0218 0x0694  FDResPub - ok
15:57:47.0227 0x0694  [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:57:47.0228 0x0694  FileInfo - ok
15:57:47.0235 0x0694  [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
15:57:47.0236 0x0694  Filetrace - ok
15:57:47.0246 0x0694  [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
15:57:47.0247 0x0694  flpydisk - ok
15:57:47.0263 0x0694  [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:57:47.0268 0x0694  FltMgr - ok
15:57:47.0335 0x0694  [ E12C4928B32ACE04610259647F072635, B71B9C2DF45F33C4DAC88435129B08B0BCDBBE82E8C3AD0A95F00137CC8B619F ] FontCache       C:\Windows\system32\FntCache.dll
15:57:47.0363 0x0694  FontCache - ok
15:57:47.0387 0x0694  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
15:57:47.0390 0x0694  FontCache3.0.0.0 - ok
15:57:47.0399 0x0694  [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
15:57:47.0400 0x0694  FsDepends - ok
15:57:47.0420 0x0694  [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:57:47.0421 0x0694  Fs_Rec - ok
15:57:47.0434 0x0694  [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
15:57:47.0439 0x0694  fvevol - ok
15:57:47.0454 0x0694  [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
15:57:47.0456 0x0694  gagp30kx - ok
15:57:47.0489 0x0694  [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc           C:\Windows\System32\gpsvc.dll
15:57:47.0513 0x0694  gpsvc - ok
15:57:47.0547 0x0694  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
15:57:47.0550 0x0694  gupdate - ok
15:57:47.0555 0x0694  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
15:57:47.0557 0x0694  gupdatem - ok
15:57:47.0577 0x0694  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
15:57:47.0582 0x0694  gusvc - ok
15:57:47.0585 0x0694  [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
15:57:47.0587 0x0694  hcw85cir - ok
15:57:47.0626 0x0694  [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:57:47.0633 0x0694  HdAudAddService - ok
15:57:47.0655 0x0694  [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
15:57:47.0657 0x0694  HDAudBus - ok
15:57:47.0672 0x0694  [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
15:57:47.0673 0x0694  HidBatt - ok
15:57:47.0685 0x0694  [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth          C:\Windows\system32\drivers\hidbth.sys
15:57:47.0688 0x0694  HidBth - ok
15:57:47.0695 0x0694  [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr           C:\Windows\system32\drivers\hidir.sys
15:57:47.0697 0x0694  HidIr - ok
15:57:47.0708 0x0694  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv         C:\Windows\system32\hidserv.dll
15:57:47.0710 0x0694  hidserv - ok
15:57:47.0729 0x0694  [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
15:57:47.0730 0x0694  HidUsb - ok
15:57:47.0741 0x0694  [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc          C:\Windows\system32\kmsvc.dll
15:57:47.0744 0x0694  hkmsvc - ok
15:57:47.0761 0x0694  [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:57:47.0766 0x0694  HomeGroupListener - ok
15:57:47.0780 0x0694  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:57:47.0784 0x0694  HomeGroupProvider - ok
15:57:47.0801 0x0694  [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
15:57:47.0803 0x0694  HpSAMD - ok
15:57:47.0823 0x0694  [ 871917B07A141BFF43D76D8844D48106, 30C702008D0EE57D63F74864967DD19A55A268E77E42B5B3CC73037AD51D2987 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:57:47.0839 0x0694  HTTP - ok
15:57:47.0855 0x0694  [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
15:57:47.0856 0x0694  hwpolicy - ok
15:57:47.0862 0x0694  [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
15:57:47.0864 0x0694  i8042prt - ok
15:57:47.0885 0x0694  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
15:57:47.0893 0x0694  iaStorV - ok
15:57:47.0931 0x0694  [ C521D7EB6497BB1AF6AFA89E322FB43C, BDDCFCBB5B76A9295669B5AC9F732D6127199ED5C300770B554C4E4794F66BB7 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:57:47.0992 0x0694  idsvc - ok
15:57:47.0999 0x0694  IEEtwCollectorService - ok
15:57:48.0005 0x0694  [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp           C:\Windows\system32\drivers\iirsp.sys
15:57:48.0007 0x0694  iirsp - ok
15:57:48.0039 0x0694  [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT          C:\Windows\System32\ikeext.dll
15:57:48.0064 0x0694  IKEEXT - ok
15:57:48.0144 0x0694  [ 9E36C303A36DF5EDF0C002859F13E4B7, 373B2DE134EC8B5D8C6719F1EEC58A9D119DD2E1E3F4D0D085A9AB11072C7C57 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
15:57:48.0198 0x0694  IntcAzAudAddService - ok
15:57:48.0228 0x0694  [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide        C:\Windows\system32\drivers\intelide.sys
15:57:48.0229 0x0694  intelide - ok
15:57:48.0246 0x0694  [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm        C:\Windows\system32\drivers\intelppm.sys
15:57:48.0248 0x0694  intelppm - ok
15:57:48.0258 0x0694  [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
15:57:48.0260 0x0694  IPBusEnum - ok
15:57:48.0264 0x0694  [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:57:48.0266 0x0694  IpFilterDriver - ok
15:57:48.0306 0x0694  [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
15:57:48.0323 0x0694  iphlpsvc - ok
15:57:48.0342 0x0694  [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
15:57:48.0344 0x0694  IPMIDRV - ok
15:57:48.0360 0x0694  [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
15:57:48.0363 0x0694  IPNAT - ok
15:57:48.0376 0x0694  [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:57:48.0376 0x0694  IRENUM - ok
15:57:48.0380 0x0694  [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
15:57:48.0382 0x0694  isapnp - ok
15:57:48.0399 0x0694  [ CB7A9ABB12B8415BCE5D74994C7BA3AE, 464BFF3F5EEE985BE075E23E1813F5CB82A9A0771A92C6D889B13B867BCDF647 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
15:57:48.0405 0x0694  iScsiPrt - ok
15:57:48.0413 0x0694  [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
15:57:48.0415 0x0694  kbdclass - ok
15:57:48.0427 0x0694  [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
15:57:48.0429 0x0694  kbdhid - ok
15:57:48.0435 0x0694  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] KeyIso          C:\Windows\system32\lsass.exe
15:57:48.0437 0x0694  KeyIso - ok
15:57:48.0451 0x0694  [ F286830298323272260332D6ABC905C1, FF4CD182A95CA53119B228690D682EE9214BE131A0DBCB09B6189FBEBBFF902C ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:57:48.0453 0x0694  KSecDD - ok
15:57:48.0466 0x0694  [ D7C760D57B1656DD748B9E4AB6CB5A51, F8AE4185A6A9F7005DEFF1FDC03F395C6189825B482B8C650637FD29DE93AB68 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
15:57:48.0469 0x0694  KSecPkg - ok
15:57:48.0486 0x0694  [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm           C:\Windows\system32\msdtckrm.dll
15:57:48.0494 0x0694  KtmRm - ok
15:57:48.0514 0x0694  [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer    C:\Windows\system32\srvsvc.dll
15:57:48.0519 0x0694  LanmanServer - ok
15:57:48.0534 0x0694  [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:57:48.0538 0x0694  LanmanWorkstation - ok
15:57:48.0566 0x0694  [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
15:57:48.0569 0x0694  lltdio - ok
15:57:48.0584 0x0694  [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
15:57:48.0589 0x0694  lltdsvc - ok
15:57:48.0600 0x0694  [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts         C:\Windows\System32\lmhsvc.dll
15:57:48.0602 0x0694  lmhosts - ok
15:57:48.0627 0x0694  [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
15:57:48.0629 0x0694  LSI_FC - ok
15:57:48.0651 0x0694  [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
15:57:48.0653 0x0694  LSI_SAS - ok
15:57:48.0670 0x0694  [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
15:57:48.0679 0x0694  LSI_SAS2 - ok
15:57:48.0695 0x0694  [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
15:57:48.0698 0x0694  LSI_SCSI - ok
15:57:48.0718 0x0694  [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv           C:\Windows\system32\drivers\luafv.sys
15:57:48.0728 0x0694  luafv - ok
15:57:48.0757 0x0694  [ 4470E3C1E0C3378E4CAB137893C12C3A, CA8E66356F0E671D5454E561E7EAD74DE25DCF53BE452369F96ECACFA8709489 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
15:57:48.0760 0x0694  MBAMProtector - ok
15:57:48.0808 0x0694  [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler   C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
15:57:48.0818 0x0694  MBAMScheduler - ok
15:57:48.0867 0x0694  [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService     C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
15:57:48.0899 0x0694  MBAMService - ok
15:57:48.0925 0x0694  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
15:57:48.0928 0x0694  Mcx2Svc - ok
15:57:48.0941 0x0694  [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas         C:\Windows\system32\drivers\megasas.sys
15:57:48.0952 0x0694  megasas - ok
15:57:48.0985 0x0694  [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
15:57:48.0991 0x0694  MegaSR - ok
15:57:49.0006 0x0694  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS           C:\Windows\system32\mmcss.dll
15:57:49.0010 0x0694  MMCSS - ok
15:57:49.0028 0x0694  [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem           C:\Windows\system32\drivers\modem.sys
15:57:49.0032 0x0694  Modem - ok
15:57:49.0048 0x0694  [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
15:57:49.0049 0x0694  monitor - ok
15:57:49.0058 0x0694  [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
15:57:49.0059 0x0694  mouclass - ok
15:57:49.0068 0x0694  [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
15:57:49.0069 0x0694  mouhid - ok
15:57:49.0082 0x0694  [ FC8771F45ECCCFD89684E38842539B9B, 806DDF2B4830CA866582FE74A521BB7DF26CA0E19013DAF584D3677FB48CC77A ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
15:57:49.0084 0x0694  mountmgr - ok
15:57:49.0114 0x0694  [ E77DC03DD3C8E5A388BF9EED2A28F3D1, ED0DAA975D1EC35CE036F02596218E15CC6A054167628D12A0A5AD91B841F422 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
15:57:49.0123 0x0694  MpFilter - ok
15:57:49.0129 0x0694  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio            C:\Windows\system32\drivers\mpio.sys
15:57:49.0132 0x0694  mpio - ok
15:57:49.0182 0x0694  [ 06D4F934E09C359B0EFBFB3146F1D910, 484F57CD6F8757137F3B3491B8AC8ECF6C6385A666CD1671833DDD9E962AAB4A ] MpKslff783a9d   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{98B21C57-FAB2-43C0-B9A0-0CCECF2E588A}\MpKslff783a9d.sys
15:57:49.0219 0x0694  MpKslff783a9d - ok
15:57:49.0252 0x0694  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:57:49.0254 0x0694  mpsdrv - ok
15:57:49.0277 0x0694  [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc          C:\Windows\system32\mpssvc.dll
15:57:49.0294 0x0694  MpsSvc - ok
15:57:49.0317 0x0694  [ 21F4B24ACFC79A483515BD986DD9043F, 22681907E02E0B723ABE2CEF0602D36C8EF862E7E2B62A9B40A5EF582E58D7BA ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:57:49.0320 0x0694  MRxDAV - ok
15:57:49.0339 0x0694  [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:57:49.0343 0x0694  mrxsmb - ok
15:57:49.0360 0x0694  [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:57:49.0365 0x0694  mrxsmb10 - ok
15:57:49.0374 0x0694  [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:57:49.0376 0x0694  mrxsmb20 - ok
15:57:49.0388 0x0694  [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci          C:\Windows\system32\drivers\msahci.sys
15:57:49.0389 0x0694  msahci - ok
15:57:49.0399 0x0694  [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
15:57:49.0402 0x0694  msdsm - ok
15:57:49.0418 0x0694  [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC           C:\Windows\System32\msdtc.exe
15:57:49.0423 0x0694  MSDTC - ok
15:57:49.0439 0x0694  [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:57:49.0440 0x0694  Msfs - ok
15:57:49.0446 0x0694  [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
15:57:49.0446 0x0694  mshidkmdf - ok
15:57:49.0448 0x0694  MSICDSetup - ok
15:57:49.0466 0x0694  [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
15:57:49.0467 0x0694  msisadrv - ok
15:57:49.0482 0x0694  [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
15:57:49.0485 0x0694  MSiSCSI - ok
15:57:49.0488 0x0694  msiserver - ok
15:57:49.0508 0x0694  [ C23F5F6865AD25DD70A00A32DEA2D0A9, 5C284AC9ABED799D6668096D3FBA9C26C9BDA844B91D93CB057048725CAA56B5 ] MSI_SuperCharger C:\Program Files\MSI\Super-Charger\ChargeService.exe
15:57:49.0556 0x0694  MSI_SuperCharger - ok
15:57:49.0576 0x0694  [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
15:57:49.0577 0x0694  MSKSSRV - ok
15:57:49.0596 0x0694  [ B0F49DA36F30922F5DDC3B623B778FCE, EE025AEFA4A2095AFEABFB3A49639DA77D78068A3F5EEDA6C15D34853AFD5609 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
15:57:49.0596 0x0694  MsMpSvc - ok
15:57:49.0614 0x0694  [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
15:57:49.0615 0x0694  MSPCLOCK - ok
15:57:49.0618 0x0694  [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
15:57:49.0618 0x0694  MSPQM - ok
15:57:49.0642 0x0694  [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
15:57:49.0646 0x0694  MsRPC - ok
15:57:49.0668 0x0694  [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
15:57:49.0669 0x0694  mssmbios - ok
15:57:49.0681 0x0694  [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
15:57:49.0682 0x0694  MSTEE - ok
15:57:49.0692 0x0694  [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
15:57:49.0692 0x0694  MTConfig - ok
15:57:49.0700 0x0694  [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup             C:\Windows\system32\Drivers\mup.sys
15:57:49.0701 0x0694  Mup - ok
15:57:49.0730 0x0694  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent        C:\Windows\system32\qagentRT.dll
15:57:49.0738 0x0694  napagent - ok
15:57:49.0769 0x0694  [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
15:57:49.0776 0x0694  NativeWifiP - ok
15:57:49.0813 0x0694  [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:57:49.0838 0x0694  NDIS - ok
15:57:49.0844 0x0694  [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
15:57:49.0845 0x0694  NdisCap - ok
15:57:49.0877 0x0694  [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:57:49.0879 0x0694  NdisTapi - ok
15:57:49.0899 0x0694  [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
15:57:49.0902 0x0694  Ndisuio - ok
15:57:49.0924 0x0694  [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
15:57:49.0930 0x0694  NdisWan - ok
15:57:49.0945 0x0694  [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
15:57:49.0948 0x0694  NDProxy - ok
15:57:49.0954 0x0694  [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
15:57:49.0957 0x0694  NetBIOS - ok
15:57:49.0977 0x0694  [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
15:57:49.0984 0x0694  NetBT - ok
15:57:49.0994 0x0694  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] Netlogon        C:\Windows\system32\lsass.exe
15:57:49.0997 0x0694  Netlogon - ok
15:57:50.0015 0x0694  [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman          C:\Windows\System32\netman.dll
15:57:50.0021 0x0694  Netman - ok
15:57:50.0050 0x0694  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:57:50.0081 0x0694  NetMsmqActivator - ok
15:57:50.0093 0x0694  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:57:50.0100 0x0694  NetPipeActivator - ok
15:57:50.0123 0x0694  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm        C:\Windows\System32\netprofm.dll
15:57:50.0132 0x0694  netprofm - ok
15:57:50.0137 0x0694  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:57:50.0140 0x0694  NetTcpActivator - ok
15:57:50.0145 0x0694  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:57:50.0147 0x0694  NetTcpPortSharing - ok
15:57:50.0165 0x0694  [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
15:57:50.0166 0x0694  nfrd960 - ok
15:57:50.0177 0x0694  [ 32FF06EC6D946EF791D98D6C838A3090, 319BDD491CB22D0CCCCE76A2854CF469D7AF046289F9C56CD03AE3D3CBC0275E ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
15:57:50.0179 0x0694  NisDrv - ok
15:57:50.0195 0x0694  [ 42D33042371BFB1A7D40834590CAFD30, 53DA3618EC10293B2DF686E291A4EF6ACBBD41D116EC762D54106D201A784E87 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
15:57:50.0201 0x0694  NisSrv - ok
15:57:50.0232 0x0694  [ 374071043F9E4231EE43BE2BB48DD36D, C4FA3FC40CC49DBBB91901D14210A55D3831FAC9F9B3FF45FCA7F5CF242C9E92 ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:57:50.0239 0x0694  NlaSvc - ok
15:57:50.0250 0x0694  [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:57:50.0251 0x0694  Npfs - ok
15:57:50.0257 0x0694  [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi             C:\Windows\system32\nsisvc.dll
15:57:50.0260 0x0694  nsi - ok
15:57:50.0264 0x0694  [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:57:50.0265 0x0694  nsiproxy - ok
15:57:50.0304 0x0694  [ 5E43D2B0EE64123D4880DFA6626DEFDE, 164413A22DE58B19EA2B4120034B46D6BE1F424B80C3421E10BE5C81153D049F ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
15:57:50.0346 0x0694  Ntfs - ok
15:57:50.0350 0x0694  NTIOLib_1_0_C - ok
15:57:50.0368 0x0694  [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null            C:\Windows\system32\drivers\Null.sys
15:57:50.0369 0x0694  Null - ok
15:57:50.0404 0x0694  [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
15:57:50.0412 0x0694  nvraid - ok
15:57:50.0442 0x0694  [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
15:57:50.0448 0x0694  nvstor - ok
15:57:50.0475 0x0694  [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
15:57:50.0478 0x0694  nv_agp - ok
15:57:50.0484 0x0694  [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
15:57:50.0487 0x0694  ohci1394 - ok
15:57:50.0512 0x0694  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
15:57:50.0529 0x0694  p2pimsvc - ok
15:57:50.0548 0x0694  [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc          C:\Windows\system32\p2psvc.dll
15:57:50.0557 0x0694  p2psvc - ok
15:57:50.0568 0x0694  [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport         C:\Windows\system32\drivers\parport.sys
15:57:50.0575 0x0694  Parport - ok
15:57:50.0600 0x0694  [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
15:57:50.0601 0x0694  partmgr - ok
15:57:50.0614 0x0694  [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
15:57:50.0615 0x0694  Parvdm - ok
15:57:50.0627 0x0694  [ 358AB7956D3160000726574083DFC8A6, 6CAFD4D1B8AB8C1D167ADC018985DDAB5AC2CBFFB3434FE6390F14AF50C19025 ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:57:50.0631 0x0694  PcaSvc - ok
15:57:50.0650 0x0694  [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci             C:\Windows\system32\drivers\pci.sys
15:57:50.0659 0x0694  pci - ok
15:57:50.0679 0x0694  [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide          C:\Windows\system32\drivers\pciide.sys
15:57:50.0680 0x0694  pciide - ok
15:57:50.0693 0x0694  [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
15:57:50.0698 0x0694  pcmcia - ok
15:57:50.0723 0x0694  [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw             C:\Windows\system32\drivers\pcw.sys
15:57:50.0724 0x0694  pcw - ok
15:57:50.0749 0x0694  [ 9E0104BA49F4E6973749A02BF41344ED, B32F39F38DB48D77FBA884DEE34112BAB81CCEF5DD2EAAA12D9589D73D2BB116 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:57:50.0766 0x0694  PEAUTH - ok
15:57:50.0825 0x0694  [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla             C:\Windows\system32\pla.dll
15:57:50.0884 0x0694  pla - ok
15:57:50.0908 0x0694  [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:57:50.0916 0x0694  PlugPlay - ok
15:57:50.0922 0x0694  [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
15:57:50.0925 0x0694  PNRPAutoReg - ok
15:57:50.0934 0x0694  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
15:57:50.0940 0x0694  PNRPsvc - ok
15:57:50.0971 0x0694  [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
15:57:50.0980 0x0694  PolicyAgent - ok
15:57:50.0990 0x0694  [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power           C:\Windows\system32\umpo.dll
15:57:50.0995 0x0694  Power - ok
15:57:51.0008 0x0694  [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
15:57:51.0010 0x0694  PptpMiniport - ok
15:57:51.0016 0x0694  [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor       C:\Windows\system32\drivers\processr.sys
15:57:51.0018 0x0694  Processor - ok
15:57:51.0030 0x0694  [ CADEFAC453040E370A1BDFF3973BE00D, 2E3DD8DA702468D8AB0F3CE27188B1991D4CB015FB36BAE4C6E7996B61CF49B8 ] ProfSvc         C:\Windows\system32\profsvc.dll
15:57:51.0035 0x0694  ProfSvc - ok
15:57:51.0043 0x0694  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:57:51.0045 0x0694  ProtectedStorage - ok
15:57:51.0067 0x0694  [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
15:57:51.0069 0x0694  Psched - ok
15:57:51.0115 0x0694  [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300          C:\Windows\system32\drivers\ql2300.sys
15:57:51.0158 0x0694  ql2300 - ok
15:57:51.0173 0x0694  [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
15:57:51.0176 0x0694  ql40xx - ok
15:57:51.0195 0x0694  [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE           C:\Windows\system32\qwave.dll
15:57:51.0202 0x0694  QWAVE - ok
15:57:51.0208 0x0694  [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:57:51.0209 0x0694  QWAVEdrv - ok
15:57:51.0223 0x0694  [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:57:51.0224 0x0694  RasAcd - ok
15:57:51.0249 0x0694  [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
15:57:51.0250 0x0694  RasAgileVpn - ok
15:57:51.0262 0x0694  [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto         C:\Windows\System32\rasauto.dll
15:57:51.0266 0x0694  RasAuto - ok
15:57:51.0279 0x0694  [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
15:57:51.0282 0x0694  Rasl2tp - ok
15:57:51.0297 0x0694  [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan          C:\Windows\System32\rasmans.dll
15:57:51.0305 0x0694  RasMan - ok
15:57:51.0317 0x0694  [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:57:51.0319 0x0694  RasPppoe - ok
15:57:51.0325 0x0694  [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
15:57:51.0327 0x0694  RasSstp - ok
15:57:51.0343 0x0694  [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
15:57:51.0348 0x0694  rdbss - ok
15:57:51.0363 0x0694  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
15:57:51.0364 0x0694  rdpbus - ok
15:57:51.0375 0x0694  [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
15:57:51.0375 0x0694  RDPCDD - ok
15:57:51.0387 0x0694  [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
15:57:51.0387 0x0694  RDPENCDD - ok
15:57:51.0392 0x0694  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
15:57:51.0393 0x0694  RDPREFMP - ok
15:57:51.0412 0x0694  [ F031683E6D1FEA157ABB2FF260B51E61, 83B552819A5964152882C527E1421DBCEAACC74DEB897E3C4B53F52F1467FED3 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
15:57:51.0416 0x0694  RDPWD - ok
15:57:51.0433 0x0694  [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
15:57:51.0437 0x0694  rdyboost - ok
15:57:51.0446 0x0694  [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:57:51.0449 0x0694  RemoteAccess - ok
15:57:51.0464 0x0694  [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry  C:\Windows\system32\regsvc.dll
15:57:51.0468 0x0694  RemoteRegistry - ok
15:57:51.0479 0x0694  [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
15:57:51.0482 0x0694  RpcEptMapper - ok
15:57:51.0492 0x0694  [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator      C:\Windows\system32\locator.exe
15:57:51.0494 0x0694  RpcLocator - ok
15:57:51.0511 0x0694  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs           C:\Windows\system32\rpcss.dll
15:57:51.0520 0x0694  RpcSs - ok
15:57:51.0528 0x0694  [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
15:57:51.0530 0x0694  rspndr - ok
15:57:51.0595 0x0694  [ BCB84B430A92AE31940870DF304AE659, 19851270FCB35F958ACE00FA835B44BF31BFE52E0AF8EACC161B217756B6B769 ] RTL8167         C:\Windows\system32\DRIVERS\Rt86win7.sys
15:57:51.0619 0x0694  RTL8167 - ok
15:57:51.0623 0x0694  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] SamSs           C:\Windows\system32\lsass.exe
15:57:51.0625 0x0694  SamSs - ok
15:57:51.0645 0x0694  [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
15:57:51.0648 0x0694  sbp2port - ok
15:57:51.0660 0x0694  [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:57:51.0664 0x0694  SCardSvr - ok
15:57:51.0674 0x0694  [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
15:57:51.0675 0x0694  scfilter - ok
15:57:51.0710 0x0694  [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule        C:\Windows\system32\schedsvc.dll
15:57:51.0735 0x0694  Schedule - ok
15:57:51.0744 0x0694  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc     C:\Windows\System32\certprop.dll
15:57:51.0746 0x0694  SCPolicySvc - ok
15:57:51.0759 0x0694  [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
15:57:51.0764 0x0694  SDRSVC - ok
15:57:51.0771 0x0694  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
15:57:51.0772 0x0694  secdrv - ok
15:57:51.0778 0x0694  [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon        C:\Windows\system32\seclogon.dll
15:57:51.0781 0x0694  seclogon - ok
15:57:51.0793 0x0694  [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS            C:\Windows\System32\sens.dll
15:57:51.0795 0x0694  SENS - ok
15:57:51.0818 0x0694  [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
15:57:51.0821 0x0694  SensrSvc - ok
15:57:51.0831 0x0694  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
15:57:51.0832 0x0694  Serenum - ok
15:57:51.0839 0x0694  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial          C:\Windows\system32\DRIVERS\serial.sys
15:57:51.0842 0x0694  Serial - ok
15:57:51.0860 0x0694  [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse        C:\Windows\system32\drivers\sermouse.sys
15:57:51.0861 0x0694  sermouse - ok
15:57:51.0876 0x0694  [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv      C:\Windows\system32\sessenv.dll
15:57:51.0880 0x0694  SessionEnv - ok
15:57:51.0892 0x0694  [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
15:57:51.0893 0x0694  sffdisk - ok
15:57:51.0907 0x0694  [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
15:57:51.0908 0x0694  sffp_mmc - ok
15:57:51.0923 0x0694  [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
15:57:51.0924 0x0694  sffp_sd - ok
15:57:51.0935 0x0694  [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
15:57:51.0936 0x0694  sfloppy - ok
15:57:51.0958 0x0694  [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
15:57:51.0965 0x0694  SharedAccess - ok
15:57:51.0984 0x0694  [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:57:51.0993 0x0694  ShellHWDetection - ok
15:57:52.0002 0x0694  [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp          C:\Windows\system32\drivers\sisagp.sys
15:57:52.0004 0x0694  sisagp - ok
15:57:52.0015 0x0694  [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
15:57:52.0016 0x0694  SiSRaid2 - ok
15:57:52.0026 0x0694  [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
15:57:52.0029 0x0694  SiSRaid4 - ok
15:57:52.0052 0x0694  [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
15:57:52.0054 0x0694  Smb - ok
15:57:52.0067 0x0694  [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:57:52.0070 0x0694  SNMPTRAP - ok
15:57:52.0076 0x0694  [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr           C:\Windows\system32\drivers\spldr.sys
15:57:52.0077 0x0694  spldr - ok
15:57:52.0105 0x0694  [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler         C:\Windows\System32\spoolsv.exe
15:57:52.0114 0x0694  Spooler - ok
15:57:52.0201 0x0694  [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc          C:\Windows\system32\sppsvc.exe
15:57:52.0262 0x0694  sppsvc - ok
15:57:52.0282 0x0694  [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify     C:\Windows\system32\sppuinotify.dll
15:57:52.0285 0x0694  sppuinotify - ok
15:57:52.0312 0x0694  [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv             C:\Windows\system32\DRIVERS\srv.sys
15:57:52.0319 0x0694  srv - ok
15:57:52.0338 0x0694  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:57:52.0345 0x0694  srv2 - ok
15:57:52.0352 0x0694  [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:57:52.0356 0x0694  srvnet - ok
15:57:52.0368 0x0694  [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
15:57:52.0373 0x0694  SSDPSRV - ok
15:57:52.0383 0x0694  [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
15:57:52.0387 0x0694  SstpSvc - ok
15:57:52.0428 0x0694  [ 5FFDA96330357A914A69D79BE1988A38, E2A03A8D108C210B1111E2466E3DD381F0FA440B95B5013DC728EAD9CFE448AF ] Steam Client Service C:\Program Files\Common Files\Steam\SteamService.exe
15:57:52.0439 0x0694  Steam Client Service - ok
15:57:52.0445 0x0694  [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor        C:\Windows\system32\drivers\stexstor.sys
15:57:52.0446 0x0694  stexstor - ok
15:57:52.0464 0x0694  [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc          C:\Windows\System32\wiaservc.dll
15:57:52.0481 0x0694  StiSvc - ok
15:57:52.0487 0x0694  [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
15:57:52.0487 0x0694  swenum - ok
15:57:52.0500 0x0694  [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv           C:\Windows\System32\swprv.dll
15:57:52.0509 0x0694  swprv - ok
15:57:52.0540 0x0694  [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain         C:\Windows\system32\sysmain.dll
15:57:52.0575 0x0694  SysMain - ok
15:57:52.0589 0x0694  [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
15:57:52.0593 0x0694  TabletInputService - ok
15:57:52.0613 0x0694  [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv         C:\Windows\System32\tapisrv.dll
15:57:52.0620 0x0694  TapiSrv - ok
15:57:52.0638 0x0694  [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS             C:\Windows\System32\tbssvc.dll
15:57:52.0641 0x0694  TBS - ok
15:57:52.0700 0x0694  [ CA59F7C570AF70BC174F477CFE2D9EE3, F09E4E14207A2AC6957D2C0AC8707D0E356A9087FA6DC703373242D8EEB026BD ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
15:57:52.0742 0x0694  Tcpip - ok
15:57:52.0782 0x0694  [ CA59F7C570AF70BC174F477CFE2D9EE3, F09E4E14207A2AC6957D2C0AC8707D0E356A9087FA6DC703373242D8EEB026BD ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
15:57:52.0806 0x0694  TCPIP6 - ok
15:57:52.0826 0x0694  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:57:52.0827 0x0694  tcpipreg - ok
15:57:52.0838 0x0694  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
15:57:52.0839 0x0694  TDPIPE - ok
15:57:52.0861 0x0694  [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
15:57:52.0863 0x0694  TDTCP - ok
15:57:52.0874 0x0694  [ B459575348C20E8121D6039DA063C704, 1B4328A9EA39FF5A57F258E02254D04B73455F1DF7C997C13702A8B2F12D0347 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
15:57:52.0876 0x0694  tdx - ok
15:57:52.0890 0x0694  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
15:57:52.0892 0x0694  TermDD - ok
15:57:52.0910 0x0694  [ 382C804C92811BE57829D8E550A900E2, 5F52C2E7902024CF1C9CC0069F411C3F19CCA3DB209F437FA0F3932D4898EB50 ] TermService     C:\Windows\System32\termsrv.dll
15:57:52.0927 0x0694  TermService - ok
15:57:52.0939 0x0694  [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes          C:\Windows\system32\themeservice.dll
15:57:52.0942 0x0694  Themes - ok
15:57:52.0948 0x0694  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER     C:\Windows\system32\mmcss.dll
15:57:52.0950 0x0694  THREADORDER - ok
15:57:52.0957 0x0694  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks          C:\Windows\System32\trkwks.dll
15:57:52.0961 0x0694  TrkWks - ok
15:57:53.0009 0x0694  [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:57:53.0019 0x0694  TrustedInstaller - ok
15:57:53.0042 0x0694  [ B37B08F2E5EEB1A37E448E09BACE1101, 32CC9E06B88BAB6FAB4696B744548DFCE9199A7FD2BA8B019F269CA75895852C ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
15:57:53.0043 0x0694  tssecsrv - ok
15:57:53.0049 0x0694  [ FD1D6C73E6333BE727CBCC6054247654, 6F7B9AE1A5986204DB3348D13B303F30FC17624939DA74D6BD114FAEED0FB30E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
15:57:53.0051 0x0694  TsUsbFlt - ok
15:57:53.0059 0x0694  [ 01246F0BAAD7B68EC0F472AA41E33282, 51F975AF029AD015576FFFA3E88F5DBB8B40C7CD30ECDEDE8AFABCB08C954199 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
15:57:53.0060 0x0694  TsUsbGD - ok
15:57:53.0081 0x0694  [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
15:57:53.0084 0x0694  tunnel - ok
15:57:53.0097 0x0694  [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
15:57:53.0099 0x0694  uagp35 - ok
15:57:53.0114 0x0694  [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:57:53.0120 0x0694  udfs - ok
15:57:53.0133 0x0694  [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect       C:\Windows\system32\UI0Detect.exe
15:57:53.0136 0x0694  UI0Detect - ok
15:57:53.0151 0x0694  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
15:57:53.0153 0x0694  uliagpkx - ok
15:57:53.0156 0x0694  [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
15:57:53.0157 0x0694  umbus - ok
15:57:53.0168 0x0694  [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass          C:\Windows\system32\drivers\umpass.sys
15:57:53.0169 0x0694  UmPass - ok
15:57:53.0188 0x0694  [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost        C:\Windows\System32\upnphost.dll
15:57:53.0196 0x0694  upnphost - ok
15:57:53.0211 0x0694  [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp         C:\Windows\system32\drivers\usbccgp.sys
15:57:53.0213 0x0694  usbccgp - ok
15:57:53.0229 0x0694  [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir          C:\Windows\system32\drivers\usbcir.sys
15:57:53.0232 0x0694  usbcir - ok
15:57:53.0251 0x0694  [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
15:57:53.0252 0x0694  usbehci - ok
15:57:53.0263 0x0694  [ 56E89C8E05A987A49FFA595428FB9767, 9435512985C60E6D3DEC50902CB4FD936852C3BBFCCADA68D3DBB13EDE99D5C9 ] usbfilter       C:\Windows\system32\DRIVERS\usbfilter.sys
15:57:53.0264 0x0694  usbfilter - ok
15:57:53.0282 0x0694  [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
15:57:53.0288 0x0694  usbhub - ok
15:57:53.0295 0x0694  [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
15:57:53.0296 0x0694  usbohci - ok
15:57:53.0309 0x0694  [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint        C:\Windows\system32\drivers\usbprint.sys
15:57:53.0311 0x0694  usbprint - ok
15:57:53.0336 0x0694  [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:57:53.0338 0x0694  USBSTOR - ok
15:57:53.0350 0x0694  [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
15:57:53.0351 0x0694  usbuhci - ok
15:57:53.0358 0x0694  [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms           C:\Windows\System32\uxsms.dll
15:57:53.0361 0x0694  UxSms - ok
15:57:53.0368 0x0694  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] VaultSvc        C:\Windows\system32\lsass.exe
15:57:53.0370 0x0694  VaultSvc - ok
15:57:53.0377 0x0694  [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
15:57:53.0378 0x0694  vdrvroot - ok
15:57:53.0400 0x0694  [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds             C:\Windows\System32\vds.exe
15:57:53.0417 0x0694  vds - ok
15:57:53.0426 0x0694  [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
15:57:53.0427 0x0694  vga - ok
15:57:53.0434 0x0694  [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave         C:\Windows\System32\drivers\vga.sys
15:57:53.0435 0x0694  VgaSave - ok
15:57:53.0451 0x0694  [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
15:57:53.0455 0x0694  vhdmp - ok
15:57:53.0463 0x0694  [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
15:57:53.0465 0x0694  viaagp - ok
15:57:53.0472 0x0694  [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
15:57:53.0473 0x0694  ViaC7 - ok
15:57:53.0483 0x0694  [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide          C:\Windows\system32\drivers\viaide.sys
15:57:53.0484 0x0694  viaide - ok
15:57:53.0494 0x0694  [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
15:57:53.0495 0x0694  volmgr - ok
15:57:53.0513 0x0694  [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
15:57:53.0519 0x0694  volmgrx - ok
15:57:53.0533 0x0694  [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
15:57:53.0539 0x0694  volsnap - ok
15:57:53.0559 0x0694  [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
15:57:53.0564 0x0694  vsmraid - ok
15:57:53.0632 0x0694  [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS             C:\Windows\system32\vssvc.exe
15:57:53.0673 0x0694  VSS - ok
15:57:53.0678 0x0694  [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
15:57:53.0679 0x0694  vwifibus - ok
15:57:53.0693 0x0694  [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time         C:\Windows\system32\w32time.dll
15:57:53.0702 0x0694  W32Time - ok
15:57:53.0714 0x0694  [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
15:57:53.0715 0x0694  WacomPen - ok
15:57:53.0731 0x0694  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
15:57:53.0733 0x0694  WANARP - ok
15:57:53.0736 0x0694  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
15:57:53.0738 0x0694  Wanarpv6 - ok
15:57:53.0802 0x0694  [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
15:57:53.0835 0x0694  WatAdminSvc - ok
15:57:53.0875 0x0694  [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine        C:\Windows\system32\wbengine.exe
15:57:53.0909 0x0694  wbengine - ok
15:57:53.0922 0x0694  [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
15:57:53.0928 0x0694  WbioSrvc - ok
15:57:53.0942 0x0694  [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc         C:\Windows\System32\wcncsvc.dll
15:57:53.0950 0x0694  wcncsvc - ok
15:57:53.0962 0x0694  [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:57:53.0965 0x0694  WcsPlugInService - ok
15:57:53.0974 0x0694  [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd              C:\Windows\system32\drivers\wd.sys
15:57:53.0975 0x0694  Wd - ok
15:57:54.0003 0x0694  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:57:54.0019 0x0694  Wdf01000 - ok
15:57:54.0032 0x0694  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost  C:\Windows\system32\wdi.dll
15:57:54.0036 0x0694  WdiServiceHost - ok
15:57:54.0039 0x0694  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost   C:\Windows\system32\wdi.dll
15:57:54.0043 0x0694  WdiSystemHost - ok
15:57:54.0065 0x0694  [ 75E8EBD7040CE238684333F97014762A, 2CA0B267FBAEB303D1F8B639D733DC0DE17BA1276CC9096035B4F2BBBED3EF7F ] WebClient       C:\Windows\System32\webclnt.dll
15:57:54.0071 0x0694  WebClient - ok
15:57:54.0085 0x0694  [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:57:54.0090 0x0694  Wecsvc - ok
15:57:54.0097 0x0694  [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
15:57:54.0099 0x0694  wercplsupport - ok
15:57:54.0109 0x0694  [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc          C:\Windows\System32\WerSvc.dll
15:57:54.0113 0x0694  WerSvc - ok
15:57:54.0123 0x0694  [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
15:57:54.0124 0x0694  WfpLwf - ok
15:57:54.0136 0x0694  [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
15:57:54.0138 0x0694  WIMMount - ok
15:57:54.0188 0x0694  [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
15:57:54.0205 0x0694  WinDefend - ok
15:57:54.0231 0x0694  WinHttpAutoProxySvc - ok
15:57:54.0273 0x0694  [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
15:57:54.0283 0x0694  Winmgmt - ok
15:57:54.0332 0x0694  [ 1B91CD34EA3A90AB6A4EF0550174F4CC, 5B6618615EBFBA594C945AD35F5C68DA8C6053892B6D12D626BB6120910D80DC ] WinRM           C:\Windows\system32\WsmSvc.dll
15:57:54.0375 0x0694  WinRM - ok
15:57:54.0403 0x0694  [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc         C:\Windows\System32\wlansvc.dll
15:57:54.0429 0x0694  Wlansvc - ok
15:57:54.0434 0x0694  [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
15:57:54.0434 0x0694  WmiAcpi - ok
15:57:54.0451 0x0694  [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:57:54.0455 0x0694  wmiApSrv - ok
15:57:54.0510 0x0694  [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
15:57:54.0561 0x0694  WMPNetworkSvc - ok
15:57:54.0576 0x0694  [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
15:57:54.0579 0x0694  WPCSvc - ok
15:57:54.0592 0x0694  [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:57:54.0597 0x0694  WPDBusEnum - ok
15:57:54.0605 0x0694  [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
15:57:54.0606 0x0694  ws2ifsl - ok
15:57:54.0619 0x0694  [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc          C:\Windows\System32\wscsvc.dll
15:57:54.0622 0x0694  wscsvc - ok
15:57:54.0625 0x0694  WSearch - ok
15:57:54.0689 0x0694  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll
15:57:54.0728 0x0694  wuauserv - ok
15:57:54.0753 0x0694  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
15:57:54.0755 0x0694  WudfPf - ok
15:57:54.0775 0x0694  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
15:57:54.0779 0x0694  wudfsvc - ok
15:57:54.0799 0x0694  [ 3C5E51C05BE9B56EAFF4E388C3AB25E4, 10D9FDEDAB1FB2E76D54661AFA5C1A6B1B0980525F38F5D061537077841C6AEE ] WwanSvc         C:\Windows\System32\wwansvc.dll
15:57:54.0806 0x0694  WwanSvc - ok
15:57:54.0814 0x0694  ================ Scan global ===============================
15:57:54.0839 0x0694  [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll
15:57:54.0857 0x0694  [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
15:57:54.0869 0x0694  [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
15:57:54.0882 0x0694  [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
15:57:54.0897 0x0694  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\Windows\system32\services.exe
15:57:54.0905 0x0694  [ Global ] - ok
15:57:54.0905 0x0694  ================ Scan MBR ==================================
15:57:54.0932 0x0694  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:57:55.0168 0x0694  \Device\Harddisk0\DR0 - ok
15:57:55.0169 0x0694  ================ Scan VBR ==================================
15:57:55.0173 0x0694  [ 2D4E6F47D301C521D3759F50BFFBB591 ] \Device\Harddisk0\DR0\Partition1
15:57:55.0176 0x0694  \Device\Harddisk0\DR0\Partition1 - ok
15:57:55.0203 0x0694  [ 7C50D0F441B8D85DC2954C2DDC0F790D ] \Device\Harddisk0\DR0\Partition2
15:57:55.0206 0x0694  \Device\Harddisk0\DR0\Partition2 - ok
15:57:55.0207 0x0694  Waiting for KSN requests completion. In queue: 250
15:57:56.0207 0x0694  Waiting for KSN requests completion. In queue: 250
15:57:57.0207 0x0694  Waiting for KSN requests completion. In queue: 250
15:57:58.0225 0x0694  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.4.304.0 ), 0x61000 ( enabled : updated )
15:57:58.0229 0x0694  Win FW state via NFP2: enabled
15:58:01.0087 0x0694  ============================================================
15:58:01.0087 0x0694  Scan finished
15:58:01.0087 0x0694  ============================================================
15:58:01.0101 0x092c  Detected object count: 0
15:58:01.0101 0x092c  Actual detected object count: 0
15:58:18.0732 0x08d4  Deinitialize success
 
 
 
 
 
ADW Cleaner Report:
 
# AdwCleaner v3.018 - Report created 02/02/2014 at 16:04:49
# Updated 28/01/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : Coin Fraser - COINFRASER-PC
# Running from : C:\Users\Coin Fraser\Downloads\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16428
 
 
-\\ Google Chrome v32.0.1700.102
 
[ File : C:\Users\Coin Fraser\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [912 octets] - [02/02/2014 16:03:44]
AdwCleaner[S0].txt - [838 octets] - [02/02/2014 16:04:49]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [897 octets] ##########
 
 
 
 
 
Junkware Removal Tool Report:
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Home Premium x86
Ran by Coin Fraser on 02/02/2014 at 16:15:14.26
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 02/02/2014 at 16:16:47.73
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
Fabar Service Scanner Report:
 
 
Farbar Service Scanner Version: 02-02-2014
Ran by Coin Fraser (administrator) on 02-02-2014 at 16:23:15
Running from "C:\Users\Coin Fraser\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X86)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
 
System Restore Disabled Policy: 
========================
 
 
Action Center:
============
 
 
Windows Update:
============
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.
 
 
Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
 
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcore.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys
[2013-11-28 16:29] - [2013-09-13 19:48] - 0338944 ____A (Microsoft Corporation) F81BB7E487EDCEAB630A7EE66CF23913
 
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2013-11-28 16:29] - [2013-09-07 21:07] - 1294272 ____A (Microsoft Corporation) CA59F7C570AF70BC174F477CFE2D9EE3
 
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll
[2013-11-28 16:25] - [2013-07-08 23:46] - 0140288 ____A (Microsoft Corporation) 7CA1BECEA5DE2643ADDAD32670E7A4C9
 
C:\Program Files\Windows Defender\MpSvc.dll
[2013-11-28 16:25] - [2013-05-26 23:57] - 0680960 ____A (Microsoft Corporation) 082CF481F659FAE0DE51AD060881EB47
 
C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\iphlpsvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
 
 
**** End of log ****
 
 

Edited by C. Fraser, 02 February 2014 - 04:27 PM.


#4 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:01:57 AM

Posted 02 February 2014 - 05:17 PM

Please download MiniToolBox, and save it to your desktop and run it, and checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

#5 C. Fraser

C. Fraser
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:08:57 PM

Posted 02 February 2014 - 08:06 PM

MiniToolBox by Farbar  Version: 23-01-2014
Ran by Coin Fraser (administrator) on 02-02-2014 at 20:01:45
Running from "C:\Users\Coin Fraser\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
 
 
 
========================= IP Configuration: ================================
 
Realtek PCIe GBE Family Controller = Local Area Connection (Connected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : CoinFraser-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Ethernet adapter Local Area Connection:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : D4-3D-7E-F2-E0-90
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::6455:7f61:ca88:736b%11(Preferred) 
   IPv4 Address. . . . . . . . . . . : 72.140.215.73(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.192
   Lease Obtained. . . . . . . . . . : February-02-14 4:06:08 PM
   Lease Expires . . . . . . . . . . : February-03-14 10:44:17 PM
   Default Gateway . . . . . . . . . : 72.140.215.65
   DHCP Server . . . . . . . . . . . : 99.239.241.253
   DHCPv6 IAID . . . . . . . . . . . : 248790398
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1A-28-1B-7E-D4-3D-7E-F2-E0-90
   DNS Servers . . . . . . . . . . . : 64.71.255.198
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter isatap.{A3EC492E-B96E-407F-AF2F-CE1A5DF48E6B}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter 6TO4 Adapter:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2002:488c:d749::488c:d749(Preferred) 
   Default Gateway . . . . . . . . . : 2002:c058:6301::c058:6301
   DNS Servers . . . . . . . . . . . : 64.71.255.198
   NetBIOS over Tcpip. . . . . . . . : Disabled
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:32:183b:b773:28b6(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::32:183b:b773:28b6%12(Preferred) 
   Default Gateway . . . . . . . . . : 
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  dns.cs.net.rogers.com
Address:  64.71.255.198
 
Name:    google.com
Addresses:  2607:f8b0:400b:80a::1008
 64.71.249.59
 64.71.249.34
 64.71.249.25
 64.71.249.39
 64.71.249.44
 64.71.249.30
 64.71.249.35
 64.71.249.45
 64.71.249.24
 64.71.249.50
 64.71.249.40
 64.71.249.29
 64.71.249.55
 64.71.249.54
 64.71.249.49
 64.71.249.20
 
 
Pinging google.com [66.185.85.54] with 32 bytes of data:
Reply from 66.185.85.54: bytes=32 time=11ms TTL=58
Reply from 66.185.85.54: bytes=32 time=10ms TTL=58
 
Ping statistics for 66.185.85.54:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 10ms, Maximum = 11ms, Average = 10ms
Server:  dns.cs.net.rogers.com
Address:  64.71.255.198
 
Name:    yahoo.com
Addresses:  98.139.183.24
 98.138.253.109
 206.190.36.45
 
 
Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=94ms TTL=49
Reply from 206.190.36.45: bytes=32 time=94ms TTL=49
 
Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 94ms, Maximum = 94ms, Average = 94ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=1ms TTL=128
Reply from 127.0.0.1: bytes=32 time=2ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 1ms, Maximum = 2ms, Average = 1ms
===========================================================================
Interface List
 11...d4 3d 7e f2 e0 90 ......Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
 13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 14...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
 12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    72.140.215.65    72.140.215.73     20
    72.140.215.64  255.255.255.192         On-link     72.140.215.73    276
    72.140.215.73  255.255.255.255         On-link     72.140.215.73    276
   72.140.215.127  255.255.255.255         On-link     72.140.215.73    276
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     72.140.215.73    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     72.140.215.73    276
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 14   1026 ::/0                     2002:c058:6301::c058:6301
  1    306 ::1/128                  On-link
 12     58 2001::/32                On-link
 12    306 2001:0:9d38:6ab8:32:183b:b773:28b6/128
                                    On-link
 14   1025 2002::/16                On-link
 14    281 2002:488c:d749::488c:d749/128
                                    On-link
 11    276 fe80::/64                On-link
 12    306 fe80::/64                On-link
 12    306 fe80::32:183b:b773:28b6/128
                                    On-link
 11    276 fe80::6455:7f61:ca88:736b/128
                                    On-link
  1    306 ff00::/8                 On-link
 12    306 ff00::/8                 On-link
 11    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
 
System errors:
=============
Error: (02/02/2014 07:56:05 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
 
 
Microsoft Office Sessions:
=========================
 
=========================== Installed Programs ============================
 
AMD Accelerated Video Transcoding (Version: 12.5.100.20928)
AMD APP SDK Runtime (Version: 10.0.1016.4)
AMD Catalyst Install Manager (Version: 8.0.891.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Fuel (Version: 2012.0928.1532.26058)
AMD Media Foundation Decoders (Version: 1.0.70928.1538)
AMD VISION Engine Control Center (Version: 2012.0928.1532.26058)
Asmedia ASM104x USB 3.0 Host Controller Driver (Version: 1.16.2.0)
Bastion
Beneath a Steel Sky (Version: 2.0.0.9)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2012.0928.1532.26058)
Catalyst Control Center InstallProxy (Version: 2012.0928.1532.26058)
Catalyst Control Center Localization All (Version: 2012.0928.1532.26058)
CCC Help Chinese Standard (Version: 2012.0928.1531.26058)
CCC Help Chinese Traditional (Version: 2012.0928.1531.26058)
CCC Help Czech (Version: 2012.0928.1531.26058)
CCC Help Danish (Version: 2012.0928.1531.26058)
CCC Help Dutch (Version: 2012.0928.1531.26058)
CCC Help English (Version: 2012.0928.1531.26058)
CCC Help Finnish (Version: 2012.0928.1531.26058)
CCC Help French (Version: 2012.0928.1531.26058)
CCC Help German (Version: 2012.0928.1531.26058)
CCC Help Greek (Version: 2012.0928.1531.26058)
CCC Help Hungarian (Version: 2012.0928.1531.26058)
CCC Help Italian (Version: 2012.0928.1531.26058)
CCC Help Japanese (Version: 2012.0928.1531.26058)
CCC Help Korean (Version: 2012.0928.1531.26058)
CCC Help Norwegian (Version: 2012.0928.1531.26058)
CCC Help Polish (Version: 2012.0928.1531.26058)
CCC Help Portuguese (Version: 2012.0928.1531.26058)
CCC Help Russian (Version: 2012.0928.1531.26058)
CCC Help Spanish (Version: 2012.0928.1531.26058)
CCC Help Swedish (Version: 2012.0928.1531.26058)
CCC Help Thai (Version: 2012.0928.1531.26058)
CCC Help Turkish (Version: 2012.0928.1531.26058)
ccc-utility (Version: 2012.0928.1532.26058)
Citrix Online Launcher (Version: 1.0.168)
Crusader Kings II
DayZ
Dead Pixels
DEFCON
Defense Grid: The Awakening
Fallout (Version: 2.0.0.14)
FEZ
Fraps
FTL: Faster Than Light
GOG.com Downloader version 3.6.0 (Version: 3.6.0)
Gone Home
Google Chrome (Version: 32.0.1700.102)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.5.4805.320)
Google Update Helper (Version: 1.3.22.3)
GoToMeeting 6.0.0.1259 (Version: 6.0.0.1259)
Hotline Miami
LIMBO
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938)
Microsoft Security Client (Version: 4.4.0304.0)
Microsoft Security Essentials (Version: 4.4.304.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft XNA Framework Redistributable 3.1 (Version: 3.1.10527.0)
Microsoft XNA Framework Redistributable 4.0 (Version: 4.0.20823.0)
MSI Afterburner 2.3.1 (Version: 2.3.1)
MSI Kombustor 2.5.0
OpenAL
OpenOffice 4.0.1 (Version: 4.01.9714)
Out of the Park Baseball 13 (Version: 13)
Papers, Please
Plants vs. Zombies: Game of the Year
PokerStars
Port Royale 2
Realtek Ethernet Controller Driver (Version: 7.72.410.2013)
Realtek High Definition Audio Driver (Version: 6.0.1.6959)
RollerCoaster Tycoon 3 Platinum (Version: 2.0.0.13)
Sid Meier's Civilization V
Sid Meier's Pirates!
Spelunky
Steam
Super-Charger (Version: 1.2.018)
Terraria
The Book of Unwritten Tales
The Elder Scrolls III: Morrowind
Theme Hospital (Version: 2.0.0.5)
Thief 2 - The Metal Age (Version: 2.0.0.18)
Thief Gold
TRAUMA
Trine 2
Universe Sandbox
Victoria II
Winki (Version: 3.2.131)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 18%
Total physical RAM: 3293.52 MB
Available physical RAM: 2681.7 MB
Total Pagefile: 6585.32 MB
Available Pagefile: 5467.16 MB
Total Virtual: 2047.88 MB
Available Virtual: 1932.53 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:931.41 GB) (Free:857.97 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\COINFRASER-PC
 
Administrator            Coin Fraser              Guest                    
 
 
**** End of log ****


#6 C. Fraser

C. Fraser
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:08:57 PM

Posted 05 February 2014 - 10:26 AM

Today when I started my computer, I had a "Set Network Location" window pop up. When I looked in the "Network and Sharing Center" it shows my computer connected to "Network 2" and then the internet. Not sure why this has occurred, or if it is connected to the previous concern.



#7 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:01:57 AM

Posted 10 February 2014 - 01:18 AM

Usually that happens if there was a driver update or your old network connection got disabled then reinstated again. I have seen my own computer have like 3 to 4 network connections.

#8 C. Fraser

C. Fraser
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:08:57 PM

Posted 10 February 2014 - 06:54 PM

Ok, sounds good. 

 

I've noticed further activity on my internet account that I can't account for - about 4 or 5 more days during the rest of the previous billing cycle that has used significantly more bandwidth than I can account for based on my activity. I only have one computer connected to the account,  no wifi, nor is the modem wifi capable. I had my modem unplugged all of yesterday (Sunday) just to see if it might have been a problem on the ISP's end, but checking today there has been no activity.

 

I guess there is no indication of any viruses on my computer? Not sure what else it could be, though. Should I just go ahead and reinstall the OS?



#9 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:01:57 AM

Posted 10 February 2014 - 07:02 PM

Download Autoruns for Windows: http://technet.microsoft.com/en-us/sysinte...s/bb963902.aspx

No installation required.

Simply unzip Autoruns.zip file, and double click on autoruns.exe file to run the program.

Go File>Save, and save it as AutoRuns.txt file to know location.

You must select Text from drop-down menu as a file type:

p4436801.gif

Copy the Contents of the file in your next reply.

Compliments of Broni


How much bandwidth do you use a month on average before this issue started?

#10 C. Fraser

C. Fraser
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:08:57 PM

Posted 10 February 2014 - 07:58 PM

The previous 5 billing cycles have ranged between 16-20 GB. This past billing cycle used 34 GB. And really it is only 6 days (about 19GB) of higher than usual activity that I can't account for. The only thing different that I have been doing during that time is playing an online game. Previously I had not been playing online games. But, the day in which I spent the most time with the game shows a relatively low amount of activity (648 MB). Other days have usage amounts over 2 or 3 GBs. The biggest amount was over 7 GB, and that was the day before I even downloaded the game. 
 
"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" "" "13/07/2009 11:37 PM"
+ "rdpclip" "" "" "File not found: rdpclip" ""
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" "" "24/12/2013 2:36 PM"
+ "MSC" "Microsoft Security Client User Interface" "Microsoft Corporation" "c:\program files\microsoft security client\msseces.exe" "23/10/2013 4:54 PM"
+ "RTHDVCPL" "Realtek HD Audio Manager" "Realtek Semiconductor" "c:\program files\realtek\audio\hda\rtkngui.exe" "27/06/2013 5:18 AM"
+ "StartCCC" "Catalyst® Control Center Launcher" "Advanced Micro Devices, Inc." "c:\program files\ati technologies\ati.ace\core-static\clistart.exe" "28/09/2012 2:25 PM"
+ "Super-Charger" "Super-Charger" "MSI" "c:\program files\msi\super-charger\super-charger.exe" "08/03/2013 3:07 AM"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" "" "28/11/2013 7:58 AM"
+ "Google Chrome" "Google Chrome" "Google Inc." "c:\program files\google\chrome\application\32.0.1700.107\installer\chrmstp.exe" "01/02/2014 4:52 PM"
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe" "13/07/2009 6:42 PM"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" "" "13/07/2009 11:41 PM"
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll" "23/10/2013 4:54 PM"
"HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers" "" "" "" "13/07/2009 11:41 PM"
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll" "23/10/2013 4:54 PM"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" "" "13/07/2009 11:41 PM"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll" "28/02/2013 3:39 PM"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" "" "13/07/2009 11:41 PM"
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll" "23/10/2013 4:54 PM"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" "" "13/07/2009 11:41 PM"
+ "ACE" "AMD Desktop Control Panel" "Advanced Micro Devices, Inc." "c:\program files\ati technologies\ati.ace\core-static\atiacmxx.dll" "28/09/2012 2:27 PM"
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll" "13/07/2009 8:09 PM"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" "" "29/11/2013 11:11 AM"
+ "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" "" "Apache Software Foundation" "c:\program files\openoffice 4\program\shlxthdl\shlxthdl.dll" "20/09/2013 6:50 AM"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" "" "29/11/2013 11:11 AM"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll" "28/02/2013 3:39 PM"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" "" "10/01/2014 11:53 AM"
+ "Google Toolbar Helper" "Google Toolbar" "Google Inc." "c:\program files\google\google toolbar\googletoolbar_32.dll" "04/12/2013 10:47 PM"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" "" "10/01/2014 11:53 AM"
+ "Google Toolbar" "Google Toolbar" "Google Inc." "c:\program files\google\google toolbar\googletoolbar_32.dll" "04/12/2013 10:47 PM"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" "" "10/01/2014 11:53 AM"
+ "PokerStars" "PokerStars Update" "PokerStars" "c:\program files\pokerstars\pokerstarsupdate.exe" "31/10/2013 11:01 AM"
"Task Scheduler" "" "" "" ""
+ "\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\microsoft security client\mpcmdrun.exe" "23/10/2013 4:53 PM"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs" "10/06/2009 4:19 PM"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe" "13/07/2009 7:09 PM"
+ "\Norton Internet Security\Norton Error Analyzer" "" "" "File not found: C:\Program Files\Norton Internet Security\Engine\20.4.0.40\SymErr.exe" ""
"HKLM\System\CurrentControlSet\Services" "" "" "" "08/02/2014 2:47 PM"
+ "AMD External Events Utility" "AMD External Events Service Module" "AMD" "c:\windows\system32\atiesrxx.exe" "27/09/2012 8:38 PM"
+ "AMD FUEL Service" "Provides FUEL Functionality" "Advanced Micro Devices, Inc." "c:\program files\ati technologies\ati.ace\fuel\fuel.service.exe" "28/09/2012 2:42 PM"
+ "BEService" "" "" "c:\program files\common files\battleye\beservice.exe" "26/05/2013 8:38 AM"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe" "09/03/2010 1:10 AM"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe" "09/03/2010 1:10 AM"
+ "gusvc" "Google Updater keeps your Google software up to date. If Google Updater Service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work." "Google" "c:\program files\google\common\google updater\googleupdaterservice.exe" "02/03/2012 4:13 PM"
+ "MBAMScheduler" "Malwarebytes Anti-Malware scheduler" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamscheduler.exe" "28/02/2013 3:38 PM"
+ "MBAMService" "Malwarebytes Anti-Malware service" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamservice.exe" "28/02/2013 3:38 PM"
+ "MSI_SuperCharger" "Super-Charger Service" "MSI" "c:\program files\msi\super-charger\chargeservice.exe" "07/02/2013 5:29 AM"
+ "MsMpSvc" "Helps protect users from malware and other potentially unwanted software" "Microsoft Corporation" "c:\program files\microsoft security client\msmpeng.exe" "23/10/2013 4:53 PM"
+ "NisSrv" "Helps guard against intrusion attempts targeting known and newly discovered vulnerabilities in network protocols" "Microsoft Corporation" "c:\program files\microsoft security client\nissrv.exe" "23/10/2013 4:53 PM"
+ "Steam Client Service" "Steam Client Service monitors and updates Steam content" "Valve Corporation" "c:\program files\common files\steam\steamservice.exe" "25/01/2014 4:44 PM"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll" "26/05/2013 11:57 PM"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe" "20/11/2010 5:36 AM"
"HKLM\System\CurrentControlSet\Services" "" "" "" "08/02/2014 2:47 PM"
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys" "05/12/2008 6:59 PM"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys" "01/05/2007 12:29 PM"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys" "27/02/2007 7:03 PM"
+ "aic78xx" "Adaptec Ultra SCSI miniport" "Adaptec, Inc." "c:\windows\system32\drivers\djsvs.sys" "11/04/2006 7:20 PM"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys" "13/07/2009 6:11 PM"
+ "amdiox86" "" "" "File not found: system32\DRIVERS\amdiox86.sys" ""
+ "amdkmdag" "ATI Radeon Kernel Mode Driver" "Advanced Micro Devices, Inc." "c:\windows\system32\drivers\atikmdag.sys" "27/09/2012 9:10 PM"
+ "amdkmdap" "AMD multi-vendor Miniport Driver" "Advanced Micro Devices, Inc." "c:\windows\system32\drivers\atikmpag.sys" "27/09/2012 8:12 PM"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys" "18/03/2010 8:08 PM"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows family" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys" "20/03/2009 1:35 PM"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys" "19/03/2010 11:19 AM"
+ "AODDriver4.1" "AMD OverDrive Service Driver" "Advanced Micro Devices" "c:\program files\ati technologies\ati.ace\fuel\i386\aoddriver2.sys" "05/04/2012 4:23 AM"
+ "AODDriver4.2" "AMD OverDrive Service Driver" "Advanced Micro Devices" "c:\program files\ati technologies\ati.ace\fuel\i386\aoddriver2.sys" "05/04/2012 4:23 AM"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys" "24/05/2007 4:31 PM"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys" "14/01/2009 2:26 PM"
+ "asmthub3" "ASMedia USB3 Hub Driver" "ASMedia Technology Inc" "c:\windows\system32\drivers\asmthub3.sys" "20/08/2012 7:27 AM"
+ "asmtxhci" "ASMEDIA XHCI Host Controller Driver" "ASMedia Technology Inc" "c:\windows\system32\drivers\asmtxhci.sys" "20/08/2012 7:27 AM"
+ "AtiHDAudioService" "AMD High Definition Audio Function Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\atihdw73.sys" "11/05/2012 3:24 AM"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbdx.sys" "13/02/2009 5:10 PM"
+ "b57nd60x" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60x.sys" "26/04/2009 6:15 AM"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys" "06/08/2006 4:33 PM"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys" "06/08/2006 4:33 PM"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys" "06/08/2006 4:33 PM"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys" "06/08/2006 4:33 PM"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys" "06/08/2006 4:33 PM"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys" "09/08/2006 7:02 AM"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys" "13/07/2009 6:11 PM"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbdx.sys" "31/12/2008 11:06 AM"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys" "03/02/2009 5:09 PM"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys" "11/05/2009 2:22 AM"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys" "18/05/2009 6:42 PM"
+ "iaStorV" "Intel Matrix Storage Manager driver - ia32" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys" "10/06/2010 7:45 PM"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys" "13/12/2005 4:48 PM"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhda.sys" "02/07/2013 9:06 AM"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys" "09/12/2008 5:28 PM"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys" "18/05/2009 7:19 PM"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys" "18/05/2009 7:31 PM"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys" "16/04/2009 5:14 PM"
+ "MBAMProtector" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\windows\system32\drivers\mbam.sys" "28/02/2013 3:33 PM"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7 for x86" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys" "18/05/2009 8:09 PM"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys" "18/05/2009 8:25 PM"
+ "MpKsl15a35efb" "KSLDriver" "Microsoft Corporation" "c:\programdata\microsoft\microsoft antimalware\definition updates\{31cce505-b025-42aa-b3fb-08d9fe220e67}\mpksl15a35efb.sys" "21/08/2013 5:32 PM"
+ "MSICDSetup" "" "" "File not found: D:\CDriver.sys" ""
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys" "06/06/2006 4:12 PM"
+ "NTIOLib_1_0_3" "NTIOLib" "MSI" "c:\program files\msi\super-charger\ntiolib.sys" "25/10/2012 2:57 AM"
+ "NTIOLib_1_0_C" "" "" "File not found: D:\NTIOLib.sys" ""
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys" "19/03/2010 4:00 PM"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys" "19/03/2010 3:51 PM"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys" "22/01/2009 6:28 PM"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys" "18/05/2009 8:17 PM"
+ "RTL8167" "Realtek 8101E/8168/8169 NDIS 6.20 32-bit Driver                " "Realtek                                            " "c:\windows\system32\drivers\rt86win7.sys" "09/04/2013 10:01 PM"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys" "13/09/2006 8:18 AM"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys" "24/09/2008 1:19 PM"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys" "01/10/2008 4:52 PM"
+ "stexstor" "Promise  SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys" "17/02/2009 6:03 PM"
+ "usbfilter" "AMD USB Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\usbfilter.sys" "29/11/2010 4:50 AM"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys" "13/07/2009 6:11 PM"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys" "30/01/2009 8:13 PM"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" "" "28/11/2013 8:42 PM"
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm" "13/07/2009 8:06 PM"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\system32\iccvid.dll" "20/11/2010 6:59 AM"
+ "VIDC.FPS1" "Fraps" "Beepa P/L" "c:\windows\system32\frapsvid.dll" "26/02/2013 1:55 AM"
+ "VIDC.RTV1" "" "" "c:\windows\system32\rtvcvfw32.dll" "28/09/2012 2:45 PM"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" "" "13/07/2009 11:41 PM"
+ "AMD MJPEG Decoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc.dll" "28/09/2012 2:36 PM"
+ "ATI MPEG Audio Encoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc.dll" "28/09/2012 2:36 PM"
+ "ATI MPEG File Writer" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc.dll" "28/09/2012 2:36 PM"
+ "ATI MPEG Multiplexer" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc.dll" "28/09/2012 2:36 PM"
+ "ATI MPEG Video Decoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc.dll" "28/09/2012 2:36 PM"
+ "ATI MPEG Video Encoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc.dll" "28/09/2012 2:36 PM"
+ "ATI Ticker" "" "" "c:\program files\ati technologies\ati.ace\graphics-previews-common\ticker.ax" "28/09/2012 2:25 PM"
+ "ATI Video Rotation Filter" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc.dll" "28/09/2012 2:36 PM"
+ "ATI Video Scaler Filter" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc.dll" "28/09/2012 2:36 PM"
+ "MMACE Deinterlace" "" "" "c:\program files\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll" "28/09/2012 2:26 PM"
+ "MMACE ProcAmp" "" "" "c:\program files\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll" "28/09/2012 2:26 PM"
+ "MMACE SoftEmu" "" "" "c:\program files\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll" "28/09/2012 2:26 PM"


#11 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:01:57 AM

Posted 10 February 2014 - 08:35 PM

Do you have your Steam Client setup to automatically download updates, and what games do you have on Steam?

#12 C. Fraser

C. Fraser
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:08:57 PM

Posted 10 February 2014 - 11:25 PM

I'm pretty sure Steam only updates games  when I open the Steam client, which I do manually, so I should be aware of any updates. Since this has been happening there have been a couple of updates for the online game I have been playing (DayZ), but nothing that would account for the excess of usage--the entire file for DayZ is somewhere over 5 GB. I don't recall any updates for other games in the past week or two, although it's possible there was something else updated, but I can't imagine this would account for the amount of activity I've been experiencing lately. 

 

Steam games:

 

Bastion

The Book of Unwritten Tales

Crusader Kings II

DayZ

Dead Pixels

Defcon

Defense Grid: The Awakening

Morrowind

Fez 

FTL

Gone Home

Hotline Miami

Limbo 

Papers Please

Plants vs. Zombies

Port Royale 2

Civilization V

Pirates!

Spelunky

Terraria

Thief Gold

Trauma

Trine 2

Universe Sandbox

Victoria II

 

A lot of these games are older and aren't supported any longer (I don't expect updates). 


Edited by C. Fraser, 10 February 2014 - 11:26 PM.


#13 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:01:57 AM

Posted 11 February 2014 - 06:36 PM

Steam can push updates to all your games if you have them set to automatic updates. Go through all your games, and see which ones are set to auto, and change them to manual.

#14 C. Fraser

C. Fraser
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:08:57 PM

Posted 11 February 2014 - 10:59 PM

OK, done. All games should no longer have automatic downloads.

 

I also came across a forum post at a different site of a person who had a similar problem. Not sure if it's the same cause, but they were having the same issue, with "excessive unexplained bandwidth usage". The problem turned out to be "  an unknown attack on our static IP address." Which was solved by changing the static IP address. Not sure what a static IP address is or how to change it, but maybe worth a try?

 

link: http:// forums.whirlpool.net.au/archive/1653083 



#15 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:01:57 AM

Posted 12 February 2014 - 06:44 AM

Who is your ISP?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users