Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Multiple internet explorer processes found even when ie is closed


  • Please log in to reply
21 replies to this topic

#1 rabidturtles359

rabidturtles359

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:07:17 PM

Posted 05 February 2014 - 11:56 AM

Hello,

 

about a week ago i was informed by my step father that the internet kept closing on him. I decided to investigate and saw what he meant. After opening ie and a seemingly random amount of time, ie will just close. After doing a bit of poking around on my step fathers account and making sure everything is updated, the problem persisted. i tried running ie without add-ons (in case of a buggy one), i tried resetting ie to default settings, and i tried re-installing ie updates. Nothing helped the problem.

 

Finally i noticed Multiple internet explorer processes in the task manager. I found this unusual since ie was not running. i restarted the computer and found Multiple internet explorer processes running without ever touching ie upon fresh boot. Now since i was on my step fathers account, i decided to see if this problem was on my account. (There are two accounts on this Win7 desktop machine. Mine(admin) and my step fathers(basic user). Mine is password protected and his is not. He is not allowed update programs or install programs without admin password. I had this arrangement to hopefully prevent a situation like this.) Anyways i inspected my account and i don't find Multiple internet explorer processes upon boot or closure of ie. Also ie does not just close like on his account ( i use chrome most of the time anyways). 

 

Since i thought something was not right and i thought the computer might be infected, i ran full scans with:

Vipre Antivirus

then SuperAntiSpyware(probably didn't use it to its full potential)

They found nothing but cookies.

 

I started doing research on this problem of Multiple internet explorer processes running and found several users on here had the "same" problem

 

http://www.bleepingcomputer.com/forums/t/506468/internet-explorer-opening-multiple-processes-in-task-mgr-when-not-using-ie/

http://www.bleepingcomputer.com/forums/t/505348/internet-explorer-opening-multiple-processes-in-task-mgr-crashing-internet/

http://www.bleepingcomputer.com/forums/t/484738/multiple-internet-explorer-processes-running-in-background/

 

I read through most of the posts and found it to be mostly over my head. So i decided to make topic of my own in case my problem requires different solutions than others. 

 

Also just today (on my step fathers account) when i went to update flash player (http://www.pcworld.com/article/2094220/adobe-releases-critical-emergency-update-for-flash-player.html) i kept getting redirects/new tabs in ie and chrome to random webpages.

 

-summary- (all symptoms fall under the basic user account, my admin account appears to be clean?)

ie closing randomly

Multiple internet explorer processes

redirects/new tabs to random webpages when browsing.(ie and chrome)

 

If anyone requires more information on the problem let me know and i will do my best to accommodate. 

 

I Also have a couple questions:

 

My step father uses this computer almost every day, when we start the removal/fixing process, should i stop him from using the computer till the problem is solved?

 

My laptop computer is the one i mainly use and i am the sole user of it. It has a wireless connection to the router that the infected computer is hardwired to. Is my laptop at risk of being infected? 

 

Thanks for your time! 

p.s. i am a full time college student, i am sorry in advance if it takes me a day or two to reply.



BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,716 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:05:17 PM

Posted 05 February 2014 - 10:14 PM

Welcome aboard p22002758.gif

 

p22002970.gif Download Security Check from here or here and save it to your Desktop.

  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2 SecurityCheck may produce some false warning(s), so leave the results reading to me.

p22002970.gif Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


p22002970.gif Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (do NOT change any settings here)
  • List Users, Partitions and Memory size

Click Go and post the result.

p22002970.gif Download Malwarebytes' Anti-Malware (aka MBAM): https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

p22002970.gifDownload Malwarebytes Anti-Rootkit from HERE to your Desktop.
  • Unzip downloaded file.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • DO NOT click on the Cleanup button. Simply exit the program.
  • When done, please post the two logs produced they will be in the MBAR folder..... mbar-log-xxxxx.txt and system-log.txt


p22002970.gif Please download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • Do not reboot until instructed.
  • If the tool does not run from any of the links provided, please let me know.


If normal mode still doesn't work, run the tool from safe mode.

When the scan is done Notepad will open with rKill log.
Post it in your next reply.

NOTE. rKill.txt log will also be present on your desktop.

NOTE Do NOT wrap your logs in "quote" or "code" brackets.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#3 rabidturtles359

rabidturtles359
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:07:17 PM

Posted 08 February 2014 - 12:51 PM

Thanks for the quick reply!

 

Security Check Log:

 

 Results of screen317's Security Check version 0.99.79  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
ThreatTrack Security VIPRE   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:`````````
 Java 7 Update 51  
 Adobe Flash Player 10 Flash Player out of Date!
 Adobe Reader XI  
 Google Chrome 32.0.1700.102  
 Google Chrome 32.0.1700.107  
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 0% 
````````````````````End of Log``````````````````````
 
 
FSS Log:
 

Farbar Service Scanner Version: 02-02-2014
Ran by Kyle (administrator) on 08-02-2014 at 09:56:17
Running from "C:\Users\Kyle.Steve-PC\Documents\BCprograms"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
 
System Restore Disabled Policy: 
========================
 
 
Action Center:
============
 
 
Windows Update:
============
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.
 
 
Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
 
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
 
 
**** End of log ****
 
MiniToolBox Log:
 

MiniToolBox by Farbar  Version: 23-01-2014
Ran by Kyle (administrator) on 08-02-2014 at 09:59:53
Running from "C:\Users\Kyle.Steve-PC\Documents\BCprograms"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
========================= Hosts content: =================================
 
 
 
========================= IP Configuration: ================================
 
Realtek PCIe FE Family Controller = Local Area Connection (Connected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Steve-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : hsd1.pa.comcast.net.
 
Ethernet adapter Local Area Connection:
 
   Connection-specific DNS Suffix  . : hsd1.pa.comcast.net.
   Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
   Physical Address. . . . . . . . . : 00-25-64-DB-BB-15
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::4df5:9873:bd80:fed3%10(Preferred) 
   IPv4 Address. . . . . . . . . . . : 10.0.0.2(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Saturday, February 08, 2014 9:39:48 AM
   Lease Expires . . . . . . . . . . : Saturday, February 15, 2014 9:39:48 AM
   Default Gateway . . . . . . . . . : 10.0.0.1
   DHCP Server . . . . . . . . . . . : 10.0.0.1
   DHCPv6 IAID . . . . . . . . . . . : 234890596
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-A8-56-E6-00-25-64-DB-BB-15
   DNS Servers . . . . . . . . . . . : 75.75.76.76
                                       75.75.75.75
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter isatap.hsd1.pa.comcast.net.:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : hsd1.pa.comcast.net.
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:348f:26de:51c4:b1bd(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::348f:26de:51c4:b1bd%11(Preferred) 
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  cdns02.comcast.net
Address:  75.75.76.76
 
Name:    google.com
Addresses:  2607:f8b0:4006:807::1000
 173.194.43.3
 173.194.43.8
 173.194.43.6
 173.194.43.5
 173.194.43.4
 173.194.43.7
 173.194.43.2
 173.194.43.9
 173.194.43.14
 173.194.43.1
 173.194.43.0
 
 
Pinging google.com [74.125.228.41] with 32 bytes of data:
Reply from 74.125.228.41: bytes=32 time=33ms TTL=52
Reply from 74.125.228.41: bytes=32 time=34ms TTL=52
 
Ping statistics for 74.125.228.41:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 33ms, Maximum = 34ms, Average = 33ms
Server:  cdns02.comcast.net
Address:  75.75.76.76
 
Name:    yahoo.com
Addresses:  98.139.183.24
 98.138.253.109
 206.190.36.45
 
 
Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=43ms TTL=50
Reply from 98.139.183.24: bytes=32 time=43ms TTL=48
 
Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 43ms, Maximum = 43ms, Average = 43ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 10...00 25 64 db bb 15 ......Realtek PCIe FE Family Controller
  1...........................Software Loopback Interface 1
 12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 11...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0         10.0.0.1         10.0.0.2     20
         10.0.0.0    255.255.255.0         On-link          10.0.0.2    276
         10.0.0.2  255.255.255.255         On-link          10.0.0.2    276
       10.0.0.255  255.255.255.255         On-link          10.0.0.2    276
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link          10.0.0.2    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link          10.0.0.2    276
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 11     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 11     58 2001::/32                On-link
 11    306 2001:0:9d38:6ab8:348f:26de:51c4:b1bd/128
                                    On-link
 10    276 fe80::/64                On-link
 11    306 fe80::/64                On-link
 11    306 fe80::348f:26de:51c4:b1bd/128
                                    On-link
 10    276 fe80::4df5:9873:bd80:fed3/128
                                    On-link
  1    306 ff00::/8                 On-link
 11    306 ff00::/8                 On-link
 10    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 08 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (02/01/2014 04:21:06 PM) (Source: Application Error) (User: )
Description: Faulting application name: SBAMSvc.exe, version: 7.0.6.2, time stamp: 0x52292bbc
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000374
Fault offset: 0x000ce753
Faulting process id: 0x4e0
Faulting application start time: 0xSBAMSvc.exe0
Faulting application path: SBAMSvc.exe1
Faulting module path: SBAMSvc.exe2
Report Id: SBAMSvc.exe3
 
Error: (02/01/2014 09:59:44 AM) (Source: Application Error) (User: )
Description: Faulting application name: SBAMSvc.exe, version: 7.0.6.2, time stamp: 0x52292bbc
Faulting module name: SBAMSvc.exe, version: 7.0.6.2, time stamp: 0x52292bbc
Exception code: 0xc0000005
Fault offset: 0x0000c5a1
Faulting process id: 0x1694
Faulting application start time: 0xSBAMSvc.exe0
Faulting application path: SBAMSvc.exe1
Faulting module path: SBAMSvc.exe2
Report Id: SBAMSvc.exe3
 
Error: (01/28/2014 09:12:09 PM) (Source: Application Error) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.16428, time stamp: 0x525b664c
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x20296425
Faulting process id: 0x2474
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
 
Error: (01/19/2014 08:05:17 AM) (Source: Application Hang) (User: )
Description: The program SBAMUI.exe version 6.2.4.7 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 1840
 
Start Time: 01cf1516bf051c3c
 
Termination Time: 31
 
Application Path: C:\Program Files (x86)\GFI Software\VIPRE\SBAMUI.exe
 
Report Id: 4778cf5b-810a-11e3-9b32-002564dbbb15
 
Error: (01/16/2014 03:46:03 PM) (Source: Application Error) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.16428, time stamp: 0x525b664c
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc000070a
Fault offset: 0x0009c7fd
Faulting process id: 0x1ef8
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
 
Error: (01/16/2014 02:57:34 PM) (Source: Application Error) (User: )
Description: Faulting application name: SBAMSvc.exe, version: 6.2.4.7, time stamp: 0x51701458
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000374
Fault offset: 0x000ce753
Faulting process id: 0xd14
Faulting application start time: 0xSBAMSvc.exe0
Faulting application path: SBAMSvc.exe1
Faulting module path: SBAMSvc.exe2
Report Id: SBAMSvc.exe3
 
Error: (12/22/2013 07:04:28 PM) (Source: Application Error) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.16428, time stamp: 0x525b664c
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x20296425
Faulting process id: 0x2338
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
 
Error: (12/17/2013 09:12:22 PM) (Source: Application Hang) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.16428 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 2078
 
Start Time: 01cefb969185ace7
 
Termination Time: 16
 
Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
 
Report Id:
 
Error: (12/04/2013 08:38:02 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 11.0.9600.16428 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: df4
 
Start Time: 01cef15a465863ba
 
Termination Time: 0
 
Application Path: C:\Program Files\Internet Explorer\iexplore.exe
 
Report Id:
 
Error: (12/04/2013 08:37:16 PM) (Source: Application Error) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.16428, time stamp: 0x525b664c
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000005
Fault offset: 0x00038e19
Faulting process id: 0xee4
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
 
 
System errors:
=============
Error: (02/08/2014 09:41:27 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.
 
Error: (02/08/2014 09:40:57 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.
 
Error: (02/08/2014 06:50:10 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.
 
Error: (02/08/2014 06:49:40 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.
 
Error: (02/07/2014 07:24:08 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.
 
Error: (02/07/2014 07:23:38 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.
 
Error: (02/07/2014 04:14:33 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.
 
Error: (02/07/2014 04:14:03 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.
 
Error: (02/07/2014 06:24:17 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
 
Error: (02/06/2014 04:23:26 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.
 
 
Microsoft Office Sessions:
=========================
 
=========================== Installed Programs ============================
 
 Update for Microsoft Office 2007 (KB2508958)
Adobe Flash Player 10 Plugin (Version: 10.0.42.34)
Adobe Flash Player 12 ActiveX (Version: 12.0.0.44)
Adobe Reader XI (11.0.06) (Version: 11.0.06)
ATI Catalyst Control Center (Version: 2.009.0614.2130)
Bing Rewards Client Installer (Version: 16.0.345.0)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2009.0614.2131.36800)
Catalyst Control Center Graphics Full Existing (Version: 2009.0614.2131.36800)
Catalyst Control Center Graphics Full New (Version: 2009.0614.2131.36800)
Catalyst Control Center Graphics Light (Version: 2009.0614.2131.36800)
Catalyst Control Center Graphics Previews Common (Version: 2009.0614.2131.36800)
Catalyst Control Center Graphics Previews Vista (Version: 2009.0614.2131.36800)
Catalyst Control Center InstallProxy (Version: 2009.0614.2131.36800)
Catalyst Control Center Localization All (Version: 2009.0614.2131.36800)
CCC Help Chinese Standard (Version: 2009.0614.2130.36800)
CCC Help Chinese Traditional (Version: 2009.0614.2130.36800)
CCC Help Czech (Version: 2009.0614.2130.36800)
CCC Help Danish (Version: 2009.0614.2130.36800)
CCC Help Dutch (Version: 2009.0614.2130.36800)
CCC Help English (Version: 2009.0614.2130.36800)
CCC Help Finnish (Version: 2009.0614.2130.36800)
CCC Help French (Version: 2009.0614.2130.36800)
CCC Help German (Version: 2009.0614.2130.36800)
CCC Help Greek (Version: 2009.0614.2130.36800)
CCC Help Hungarian (Version: 2009.0614.2130.36800)
CCC Help Italian (Version: 2009.0614.2130.36800)
CCC Help Japanese (Version: 2009.0614.2130.36800)
CCC Help Korean (Version: 2009.0614.2130.36800)
CCC Help Norwegian (Version: 2009.0614.2130.36800)
CCC Help Polish (Version: 2009.0614.2130.36800)
CCC Help Portuguese (Version: 2009.0614.2130.36800)
CCC Help Russian (Version: 2009.0614.2130.36800)
CCC Help Spanish (Version: 2009.0614.2130.36800)
CCC Help Swedish (Version: 2009.0614.2130.36800)
CCC Help Thai (Version: 2009.0614.2130.36800)
CCC Help Turkish (Version: 2009.0614.2130.36800)
ccc-core-static (Version: 2009.0614.2131.36800)
ccc-utility64 (Version: 2009.0614.2131.36800)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Consumer In-Home Service Agreement (Version: 2.0.0)
D3DX10 (Version: 15.4.2368.0902)
Dell DataSafe Local Backup - Support Software (Version: 9.4.60)
Dell DataSafe Local Backup (Version: 9.4.60)
Dell DataSafe Online (Version: 1.2.0011)
Dell Dock (Version: 2.0.0)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Google Chrome (Version: 32.0.1700.107)
GoToAssist 8.0.0.514
Java 7 Update 51 (Version: 7.0.510)
Java Auto Updater (Version: 2.1.9.8)
Java™ 6 Update 14 (64-bit) (Version: 6.0.140)
Junk Mail filter update (Version: 15.4.3502.0922)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Default Manager (Version: 2.2.114.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Suite Activation Assistant (Version: 1.2.1)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft UI Engine (Version: 6.3.2348.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.58299)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Works (Version: 9.7.0621)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
My Dell (Version: 3.4.6361.48)
PowerDVD DX (Version: 8.3.5424)
RAIDXpert (Version: 2.4.1546.4)
Roxio Burn (Version: 1.0)
Roxio Burn (Version: 1.0.0)
Roxio Update Manager (Version: 6.0.0)
Skins (Version: 2009.0614.2131.36800)
SUPERAntiSpyware (Version: 5.0.1108)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VIPRE Antivirus (Version: 7.0.6.2)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Yahoo! BrowserPlus
 
========================= Devices: ================================
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 39%
Total physical RAM: 3839.12 MB
Available physical RAM: 2333.82 MB
Total Pagefile: 7676.41 MB
Available Pagefile: 5837.18 MB
Total Virtual: 4095.88 MB
Available Virtual: 3967.09 MB
 
========================= Partitions: =====================================
 
1 Drive c: (OS) (Fixed) (Total:451.07 GB) (Free:394.53 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\STEVE-PC
 
Administrator            Guest                    Kyle                     
Steve                    
 
 
**** End of log ****
 
 
MBAM Log:
 

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org
 
Database version: v2014.02.08.05
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Kyle :: STEVE-PC [administrator]
 
Protection: Enabled
 
2/8/2014 11:53:25 AM
mbam-log-2014-02-08 (11-53-25).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 247917
Time elapsed: 6 minute(s), 15 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 1
C:\Users\Steve\AppData\Local\JavaSoft\3cmlink.dll (Malware.Gen) -> Quarantined and deleted successfully.
 
(end)
 
 
Malwarebytes Anti-Rootkit Logs:
 

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1009
 
© Malwarebytes Corporation 2011-2012
 
OS version: 6.1.7601 Windows 7 Service Pack 1 x64
 
Account is Administrative
 
Internet Explorer version: 11.0.9600.16476
 
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.800000 GHz
Memory total: 4025606144, free: 1982582784
 
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1009
 
© Malwarebytes Corporation 2011-2012
 
OS version: 6.1.7601 Windows 7 Service Pack 1 x64
 
Account is Administrative
 
Internet Explorer version: 11.0.9600.16476
 
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.800000 GHz
Memory total: 4025606144, free: 1885519872
 
=======================================
 
 
Downloaded database version: v2014.02.08.05
Downloaded database version: v2013.12.18.01
Initializing...
=======================================
------------ Kernel report ------------
     02/08/2014 12:12:41
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_AuthenticAMD.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\system32\drivers\pciide.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\PxHlpa64.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\CLASSPNP.SYS
\SystemRoot\system32\drivers\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\termdd.sys
\??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
\??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\amdppm.sys
\SystemRoot\system32\DRIVERS\atikmdag.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\Rt64win7.sys
\SystemRoot\system32\DRIVERS\usbohci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\drivers\mouclass.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\drivers\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\AtiHdmi.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\drivers\viahduaa.sys
\SystemRoot\system32\drivers\hidusb.sys
\SystemRoot\system32\drivers\HIDCLASS.SYS
\SystemRoot\system32\drivers\HIDPARSE.SYS
\SystemRoot\system32\drivers\USBD.SYS
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_dumpata.sys
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\sbapifs.sys
\??\C:\Windows\system32\drivers\mbam.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\sbwtis.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa80045f5790
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP0T0L0-0\
Lower Device Object: 0xfffffa80040b2060
Lower Device Driver Name: \Driver\atapi\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa80045f5790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa80045f52c0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa80045f5790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa80040b0520, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa80040b2060, DeviceName: \Device\Ide\IdeDeviceP0T0L0-0\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 1E260D63
 
Partition information:
 
    Partition 0 type is Other (0xde)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 63  Numsec = 80262
 
    Partition 1 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 81920  Numsec = 30720000
    Partition file system is NTFS
    Partition is bootable
 
    Partition 2 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 30801920  Numsec = 945969200
 
    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
 
Disk Size: 500107862016 bytes
Sector size: 512 bytes
 
Scanning physical sectors of unpartitioned space on drive 0 (1-62-976753168-976773168)...
Done!
Scan finished
=======================================
 
 
Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-1-81920-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished
 
 

Malwarebytes Anti-Rootkit BETA 1.07.0.1009
www.malwarebytes.org
 
Database version: v2014.02.08.05
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Kyle :: STEVE-PC [administrator]
 
2/8/2014 12:12:47 PM
mbar-log-2014-02-08 (12-12-47).txt
 
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 266066
Time elapsed: 13 minute(s), 49 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
Physical Sectors Detected: 0
(No malicious items detected)
 
(end)
 
 
I don't think i got rkill to work properly from either link..
 
the "black DOS box" didn't disappear, it got hung at:
 

 * Windows Defender Disabled
 
   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001
 
although it got hung up there it still created the log below.
 
RKILL Log:

 

Rkill 2.6.5 by Lawrence Abrams (Grinler)
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 02/08/2014 12:38:00 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * No malware processes found to kill.
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * Windows Defender Disabled
 
   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001
 
Checking Windows Service Integrity: 
 
 * Windows Defender (WinDefend) is not Running.
   Startup Type set to: Manual
 
Searching for Missing Digital Signatures: 
 
 
 
 
 
Does it matter that i ran these tests from my account and not the account with the symptoms?
 
Thanks for your time!

Edited by rabidturtles359, 08 February 2014 - 12:54 PM.


#4 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,716 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:05:17 PM

Posted 08 February 2014 - 12:54 PM

Download TDSSKiller and save it to your desktop.

  • Doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#5 rabidturtles359

rabidturtles359
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:07:17 PM

Posted 08 February 2014 - 01:00 PM

TDSS log:

12:58:07.0030 0x1600  TDSS rootkit removing tool 3.0.0.22 Feb  3 2014 16:45:35

12:58:15.0003 0x1600  ============================================================
12:58:15.0003 0x1600  Current date / time: 2014/02/08 12:58:15.0003
12:58:15.0003 0x1600  SystemInfo:
12:58:15.0003 0x1600  
12:58:15.0003 0x1600  OS Version: 6.1.7601 ServicePack: 1.0
12:58:15.0003 0x1600  Product type: Workstation
12:58:15.0004 0x1600  ComputerName: STEVE-PC
12:58:15.0004 0x1600  UserName: Kyle
12:58:15.0004 0x1600  Windows directory: C:\Windows
12:58:15.0004 0x1600  System windows directory: C:\Windows
12:58:15.0004 0x1600  Running under WOW64
12:58:15.0004 0x1600  Processor architecture: Intel x64
12:58:15.0004 0x1600  Number of processors: 2
12:58:15.0004 0x1600  Page size: 0x1000
12:58:15.0004 0x1600  Boot type: Normal boot
12:58:15.0004 0x1600  ============================================================
12:58:16.0369 0x1600  KLMD registered as C:\Windows\system32\drivers\54962029.sys
12:58:16.0428 0x1600  System UUID: {EB201E3A-D5B1-3439-5562-5FF0021D6595}
12:58:16.0842 0x1600  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:58:16.0851 0x1600  ============================================================
12:58:16.0851 0x1600  \Device\Harddisk0\DR0:
12:58:16.0851 0x1600  MBR partitions:
12:58:16.0852 0x1600  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
12:58:16.0852 0x1600  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x38625830
12:58:16.0852 0x1600  ============================================================
12:58:16.0878 0x1600  C: <-> \Device\Harddisk0\DR0\Partition2
12:58:16.0878 0x1600  ============================================================
12:58:16.0878 0x1600  Initialize success
12:58:16.0878 0x1600  ============================================================
12:58:21.0199 0x0d04  ============================================================
12:58:21.0199 0x0d04  Scan started
12:58:21.0199 0x0d04  Mode: Manual; 
12:58:21.0199 0x0d04  ============================================================
12:58:21.0199 0x0d04  KSN ping started
12:58:24.0036 0x0d04  KSN ping finished: true
12:58:25.0093 0x0d04  ================ Scan system memory ========================
12:58:25.0094 0x0d04  System memory - ok
12:58:25.0095 0x0d04  ================ Scan services =============================
12:58:25.0196 0x0d04  [ 7D9D615201A483D6FA99491C2E655A5A, EF24EBC4E08B555E5A90E6D560F375267137064AED1A9DC5251BB1FF2B65BA37 ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
12:58:25.0205 0x0d04  !SASCORE - ok
12:58:25.0362 0x0d04  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
12:58:25.0379 0x0d04  1394ohci - ok
12:58:25.0406 0x0d04  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
12:58:25.0415 0x0d04  ACPI - ok
12:58:25.0439 0x0d04  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
12:58:25.0441 0x0d04  AcpiPmi - ok
12:58:25.0530 0x0d04  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:58:25.0535 0x0d04  AdobeARMservice - ok
12:58:25.0636 0x0d04  [ C8C6C0D659734FDBF63F6F421A5416BC, 11C452D77D0A8A5E430D0D0C9949797FFC03D2E3DADB8FBB9B63EDA868AFF83C ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:58:25.0653 0x0d04  AdobeFlashPlayerUpdateSvc - ok
12:58:25.0698 0x0d04  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
12:58:25.0713 0x0d04  adp94xx - ok
12:58:25.0735 0x0d04  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
12:58:25.0743 0x0d04  adpahci - ok
12:58:25.0765 0x0d04  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
12:58:25.0771 0x0d04  adpu320 - ok
12:58:25.0797 0x0d04  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
12:58:25.0799 0x0d04  AeLookupSvc - ok
12:58:25.0876 0x0d04  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\Windows\system32\drivers\afd.sys
12:58:25.0902 0x0d04  AFD - ok
12:58:25.0933 0x0d04  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
12:58:25.0935 0x0d04  agp440 - ok
12:58:25.0956 0x0d04  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
12:58:25.0963 0x0d04  ALG - ok
12:58:25.0990 0x0d04  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
12:58:25.0992 0x0d04  aliide - ok
12:58:26.0021 0x0d04  [ FC07CEAF07E33344628C4415FAAE3469, 5A992AFBDCEAC1E738DDEB5E57E868D9FE486ABF2628DBC5C3C81B3A2CEA1E30 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
12:58:26.0025 0x0d04  AMD External Events Utility - ok
12:58:26.0056 0x0d04  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
12:58:26.0057 0x0d04  amdide - ok
12:58:26.0084 0x0d04  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
12:58:26.0090 0x0d04  AmdK8 - ok
12:58:26.0119 0x0d04  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
12:58:26.0121 0x0d04  AmdPPM - ok
12:58:26.0140 0x0d04  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
12:58:26.0144 0x0d04  amdsata - ok
12:58:26.0160 0x0d04  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
12:58:26.0165 0x0d04  amdsbs - ok
12:58:26.0182 0x0d04  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
12:58:26.0184 0x0d04  amdxata - ok
12:58:26.0206 0x0d04  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
12:58:26.0208 0x0d04  AppID - ok
12:58:26.0235 0x0d04  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
12:58:26.0237 0x0d04  AppIDSvc - ok
12:58:26.0272 0x0d04  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
12:58:26.0277 0x0d04  Appinfo - ok
12:58:26.0304 0x0d04  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
12:58:26.0307 0x0d04  arc - ok
12:58:26.0325 0x0d04  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
12:58:26.0329 0x0d04  arcsas - ok
12:58:26.0419 0x0d04  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:58:26.0425 0x0d04  aspnet_state - ok
12:58:26.0469 0x0d04  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
12:58:26.0470 0x0d04  AsyncMac - ok
12:58:26.0497 0x0d04  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
12:58:26.0498 0x0d04  atapi - ok
12:58:26.0524 0x0d04  [ 38467FF83C2B4265D51F418812A91E3C, 93F3C16E3B97EDBE7315CC9B9008D2B77D658EBFF14ECB184D521373E0B193D0 ] AtiHdmiService  C:\Windows\system32\drivers\AtiHdmi.sys
12:58:26.0533 0x0d04  AtiHdmiService - ok
12:58:26.0731 0x0d04  [ 80793852021864A9ED344843EEBA5FDB, 2F96DCD49149FD712A1423AA7EDA19ED47671C21C91AB638BB998AC965C4AC8F ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
12:58:26.0945 0x0d04  atikmdag - ok
12:58:27.0031 0x0d04  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:58:27.0047 0x0d04  AudioEndpointBuilder - ok
12:58:27.0085 0x0d04  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
12:58:27.0098 0x0d04  AudioSrv - ok
12:58:27.0168 0x0d04  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
12:58:27.0187 0x0d04  AxInstSV - ok
12:58:27.0238 0x0d04  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
12:58:27.0254 0x0d04  b06bdrv - ok
12:58:27.0274 0x0d04  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
12:58:27.0281 0x0d04  b57nd60a - ok
12:58:27.0305 0x0d04  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
12:58:27.0308 0x0d04  BDESVC - ok
12:58:27.0348 0x0d04  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
12:58:27.0350 0x0d04  Beep - ok
12:58:27.0436 0x0d04  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
12:58:27.0456 0x0d04  BFE - ok
12:58:27.0500 0x0d04  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
12:58:27.0516 0x0d04  BITS - ok
12:58:27.0538 0x0d04  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
12:58:27.0540 0x0d04  blbdrive - ok
12:58:27.0579 0x0d04  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
12:58:27.0587 0x0d04  bowser - ok
12:58:27.0607 0x0d04  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:58:27.0608 0x0d04  BrFiltLo - ok
12:58:27.0622 0x0d04  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:58:27.0624 0x0d04  BrFiltUp - ok
12:58:27.0650 0x0d04  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
12:58:27.0653 0x0d04  Browser - ok
12:58:27.0677 0x0d04  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
12:58:27.0684 0x0d04  Brserid - ok
12:58:27.0705 0x0d04  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
12:58:27.0707 0x0d04  BrSerWdm - ok
12:58:27.0722 0x0d04  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
12:58:27.0723 0x0d04  BrUsbMdm - ok
12:58:27.0741 0x0d04  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
12:58:27.0743 0x0d04  BrUsbSer - ok
12:58:27.0753 0x0d04  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
12:58:27.0755 0x0d04  BTHMODEM - ok
12:58:27.0779 0x0d04  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
12:58:27.0783 0x0d04  bthserv - ok
12:58:27.0816 0x0d04  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
12:58:27.0824 0x0d04  cdfs - ok
12:58:27.0877 0x0d04  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\drivers\cdrom.sys
12:58:27.0888 0x0d04  cdrom - ok
12:58:27.0923 0x0d04  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
12:58:27.0930 0x0d04  CertPropSvc - ok
12:58:27.0949 0x0d04  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
12:58:27.0954 0x0d04  circlass - ok
12:58:27.0977 0x0d04  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
12:58:27.0986 0x0d04  CLFS - ok
12:58:28.0033 0x0d04  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:58:28.0036 0x0d04  clr_optimization_v2.0.50727_32 - ok
12:58:28.0066 0x0d04  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:58:28.0069 0x0d04  clr_optimization_v2.0.50727_64 - ok
12:58:28.0150 0x0d04  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:58:28.0159 0x0d04  clr_optimization_v4.0.30319_32 - ok
12:58:28.0181 0x0d04  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:58:28.0185 0x0d04  clr_optimization_v4.0.30319_64 - ok
12:58:28.0206 0x0d04  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
12:58:28.0208 0x0d04  CmBatt - ok
12:58:28.0245 0x0d04  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
12:58:28.0249 0x0d04  cmdide - ok
12:58:28.0317 0x0d04  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
12:58:28.0328 0x0d04  CNG - ok
12:58:28.0355 0x0d04  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
12:58:28.0357 0x0d04  Compbatt - ok
12:58:28.0378 0x0d04  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
12:58:28.0382 0x0d04  CompositeBus - ok
12:58:28.0393 0x0d04  COMSysApp - ok
12:58:28.0415 0x0d04  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
12:58:28.0417 0x0d04  crcdisk - ok
12:58:28.0449 0x0d04  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
12:58:28.0462 0x0d04  CryptSvc - ok
12:58:28.0506 0x0d04  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
12:58:28.0517 0x0d04  DcomLaunch - ok
12:58:28.0546 0x0d04  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
12:58:28.0553 0x0d04  defragsvc - ok
12:58:28.0627 0x0d04  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
12:58:28.0636 0x0d04  DfsC - ok
12:58:28.0674 0x0d04  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
12:58:28.0682 0x0d04  Dhcp - ok
12:58:28.0707 0x0d04  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
12:58:28.0708 0x0d04  discache - ok
12:58:28.0723 0x0d04  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
12:58:28.0729 0x0d04  Disk - ok
12:58:28.0761 0x0d04  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
12:58:28.0766 0x0d04  Dnscache - ok
12:58:28.0818 0x0d04  [ 0840ABBBDF438691EE65A20040635CBE, F83597ECECFADBA45242B683A19A01ADF84203B016301B64530C7BE8234175E8 ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
12:58:28.0829 0x0d04  DockLoginService - ok
12:58:28.0877 0x0d04  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
12:58:28.0887 0x0d04  dot3svc - ok
12:58:28.0928 0x0d04  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
12:58:28.0940 0x0d04  DPS - ok
12:58:28.0966 0x0d04  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
12:58:28.0967 0x0d04  drmkaud - ok
12:58:29.0034 0x0d04  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
12:58:29.0058 0x0d04  DXGKrnl - ok
12:58:29.0084 0x0d04  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
12:58:29.0088 0x0d04  EapHost - ok
12:58:29.0230 0x0d04  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
12:58:29.0353 0x0d04  ebdrv - ok
12:58:29.0387 0x0d04  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS             C:\Windows\System32\lsass.exe
12:58:29.0388 0x0d04  EFS - ok
12:58:29.0465 0x0d04  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
12:58:29.0492 0x0d04  ehRecvr - ok
12:58:29.0519 0x0d04  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
12:58:29.0522 0x0d04  ehSched - ok
12:58:29.0549 0x0d04  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
12:58:29.0561 0x0d04  elxstor - ok
12:58:29.0585 0x0d04  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
12:58:29.0587 0x0d04  ErrDev - ok
12:58:29.0661 0x0d04  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
12:58:29.0671 0x0d04  EventSystem - ok
12:58:29.0689 0x0d04  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
12:58:29.0694 0x0d04  exfat - ok
12:58:29.0722 0x0d04  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
12:58:29.0727 0x0d04  fastfat - ok
12:58:29.0778 0x0d04  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
12:58:29.0795 0x0d04  Fax - ok
12:58:29.0811 0x0d04  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
12:58:29.0813 0x0d04  fdc - ok
12:58:29.0838 0x0d04  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
12:58:29.0840 0x0d04  fdPHost - ok
12:58:29.0856 0x0d04  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
12:58:29.0861 0x0d04  FDResPub - ok
12:58:29.0898 0x0d04  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
12:58:29.0904 0x0d04  FileInfo - ok
12:58:29.0928 0x0d04  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
12:58:29.0932 0x0d04  Filetrace - ok
12:58:29.0945 0x0d04  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
12:58:29.0948 0x0d04  flpydisk - ok
12:58:29.0982 0x0d04  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
12:58:29.0989 0x0d04  FltMgr - ok
12:58:30.0065 0x0d04  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
12:58:30.0105 0x0d04  FontCache - ok
12:58:30.0148 0x0d04  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:58:30.0152 0x0d04  FontCache3.0.0.0 - ok
12:58:30.0178 0x0d04  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
12:58:30.0183 0x0d04  FsDepends - ok
12:58:30.0211 0x0d04  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
12:58:30.0212 0x0d04  Fs_Rec - ok
12:58:30.0259 0x0d04  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
12:58:30.0265 0x0d04  fvevol - ok
12:58:30.0281 0x0d04  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
12:58:30.0283 0x0d04  gagp30kx - ok
12:58:30.0325 0x0d04  [ 4EA5458FCA8518344686C543749365B1, 52D4D2392C80A4C57C74B09FE04E9DFF6CB01521F03132EB7523BE52B8BF7A50 ] gfiark          C:\Windows\system32\drivers\gfiark.sys
12:58:30.0329 0x0d04  gfiark - ok
12:58:30.0351 0x0d04  [ 16A23FF8621929ADC5B18DCCD5E206EE, 6204E3110503F76DC5970FDBD7340CE1265EE57196759E4D4DB187BAF119FF22 ] gfiutil         C:\Windows\system32\drivers\gfiutil.sys
12:58:30.0354 0x0d04  gfiutil - ok
12:58:30.0405 0x0d04  [ D3316F6E3C011435F36E3D6E49B3196C, 941DF52BA26603A146ED6B65A696DB87153868ED0469EF9C2EB09AC7E63525B7 ] GoToAssist      C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
12:58:30.0408 0x0d04  GoToAssist - ok
12:58:30.0467 0x0d04  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
12:58:30.0486 0x0d04  gpsvc - ok
12:58:30.0509 0x0d04  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
12:58:30.0511 0x0d04  hcw85cir - ok
12:58:30.0549 0x0d04  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
12:58:30.0553 0x0d04  HDAudBus - ok
12:58:30.0562 0x0d04  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
12:58:30.0563 0x0d04  HidBatt - ok
12:58:30.0583 0x0d04  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
12:58:30.0587 0x0d04  HidBth - ok
12:58:30.0607 0x0d04  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
12:58:30.0609 0x0d04  HidIr - ok
12:58:30.0633 0x0d04  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
12:58:30.0638 0x0d04  hidserv - ok
12:58:30.0686 0x0d04  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
12:58:30.0690 0x0d04  HidUsb - ok
12:58:30.0725 0x0d04  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
12:58:30.0734 0x0d04  hkmsvc - ok
12:58:30.0773 0x0d04  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:58:30.0790 0x0d04  HomeGroupListener - ok
12:58:30.0822 0x0d04  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:58:30.0827 0x0d04  HomeGroupProvider - ok
12:58:30.0857 0x0d04  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
12:58:30.0860 0x0d04  HpSAMD - ok
12:58:30.0928 0x0d04  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
12:58:30.0946 0x0d04  HTTP - ok
12:58:30.0977 0x0d04  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
12:58:30.0977 0x0d04  hwpolicy - ok
12:58:31.0024 0x0d04  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
12:58:31.0033 0x0d04  i8042prt - ok
12:58:31.0084 0x0d04  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
12:58:31.0106 0x0d04  iaStorV - ok
12:58:31.0175 0x0d04  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:58:31.0195 0x0d04  idsvc - ok
12:58:31.0213 0x0d04  IEEtwCollectorService - ok
12:58:31.0239 0x0d04  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
12:58:31.0241 0x0d04  iirsp - ok
12:58:31.0294 0x0d04  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
12:58:31.0315 0x0d04  IKEEXT - ok
12:58:31.0359 0x0d04  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
12:58:31.0362 0x0d04  intelide - ok
12:58:31.0378 0x0d04  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
12:58:31.0384 0x0d04  intelppm - ok
12:58:31.0412 0x0d04  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
12:58:31.0421 0x0d04  IPBusEnum - ok
12:58:31.0463 0x0d04  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:58:31.0470 0x0d04  IpFilterDriver - ok
12:58:31.0512 0x0d04  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
12:58:31.0526 0x0d04  iphlpsvc - ok
12:58:31.0553 0x0d04  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
12:58:31.0559 0x0d04  IPMIDRV - ok
12:58:31.0575 0x0d04  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
12:58:31.0584 0x0d04  IPNAT - ok
12:58:31.0596 0x0d04  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
12:58:31.0598 0x0d04  IRENUM - ok
12:58:31.0605 0x0d04  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
12:58:31.0606 0x0d04  isapnp - ok
12:58:31.0631 0x0d04  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
12:58:31.0638 0x0d04  iScsiPrt - ok
12:58:31.0679 0x0d04  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
12:58:31.0684 0x0d04  kbdclass - ok
12:58:31.0700 0x0d04  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
12:58:31.0704 0x0d04  kbdhid - ok
12:58:31.0718 0x0d04  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso          C:\Windows\system32\lsass.exe
12:58:31.0719 0x0d04  KeyIso - ok
12:58:31.0751 0x0d04  [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
12:58:31.0759 0x0d04  KSecDD - ok
12:58:31.0772 0x0d04  [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
12:58:31.0776 0x0d04  KSecPkg - ok
12:58:31.0794 0x0d04  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
12:58:31.0795 0x0d04  ksthunk - ok
12:58:31.0818 0x0d04  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
12:58:31.0828 0x0d04  KtmRm - ok
12:58:31.0879 0x0d04  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
12:58:31.0889 0x0d04  LanmanServer - ok
12:58:31.0930 0x0d04  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:58:31.0943 0x0d04  LanmanWorkstation - ok
12:58:31.0961 0x0d04  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
12:58:31.0963 0x0d04  lltdio - ok
12:58:31.0987 0x0d04  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
12:58:31.0995 0x0d04  lltdsvc - ok
12:58:32.0006 0x0d04  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
12:58:32.0008 0x0d04  lmhosts - ok
12:58:32.0038 0x0d04  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
12:58:32.0041 0x0d04  LSI_FC - ok
12:58:32.0053 0x0d04  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
12:58:32.0056 0x0d04  LSI_SAS - ok
12:58:32.0072 0x0d04  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:58:32.0074 0x0d04  LSI_SAS2 - ok
12:58:32.0102 0x0d04  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:58:32.0111 0x0d04  LSI_SCSI - ok
12:58:32.0131 0x0d04  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
12:58:32.0134 0x0d04  luafv - ok
12:58:32.0164 0x0d04  [ 0BB97D43299910CBFBA59C461B99B910, 27C22D9D9EE8A410D7396960DA93E9E260D4DCDD38DCE06E85E45C5E24C067DE ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
12:58:32.0166 0x0d04  MBAMProtector - ok
12:58:32.0233 0x0d04  [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
12:58:32.0248 0x0d04  MBAMScheduler - ok
12:58:32.0306 0x0d04  [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
12:58:32.0319 0x0d04  MBAMService - ok
12:58:32.0357 0x0d04  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
12:58:32.0361 0x0d04  Mcx2Svc - ok
12:58:32.0377 0x0d04  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
12:58:32.0381 0x0d04  megasas - ok
12:58:32.0402 0x0d04  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
12:58:32.0409 0x0d04  MegaSR - ok
12:58:32.0426 0x0d04  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
12:58:32.0429 0x0d04  MMCSS - ok
12:58:32.0457 0x0d04  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
12:58:32.0462 0x0d04  Modem - ok
12:58:32.0488 0x0d04  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
12:58:32.0492 0x0d04  monitor - ok
12:58:32.0518 0x0d04  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\drivers\mouclass.sys
12:58:32.0520 0x0d04  mouclass - ok
12:58:32.0534 0x0d04  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
12:58:32.0536 0x0d04  mouhid - ok
12:58:32.0567 0x0d04  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
12:58:32.0570 0x0d04  mountmgr - ok
12:58:32.0595 0x0d04  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
12:58:32.0600 0x0d04  mpio - ok
12:58:32.0615 0x0d04  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
12:58:32.0618 0x0d04  mpsdrv - ok
12:58:32.0670 0x0d04  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
12:58:32.0690 0x0d04  MpsSvc - ok
12:58:32.0740 0x0d04  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
12:58:32.0751 0x0d04  MRxDAV - ok
12:58:32.0782 0x0d04  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
12:58:32.0787 0x0d04  mrxsmb - ok
12:58:32.0840 0x0d04  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:58:32.0849 0x0d04  mrxsmb10 - ok
12:58:32.0872 0x0d04  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:58:32.0877 0x0d04  mrxsmb20 - ok
12:58:32.0902 0x0d04  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
12:58:32.0903 0x0d04  msahci - ok
12:58:32.0924 0x0d04  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
12:58:32.0929 0x0d04  msdsm - ok
12:58:32.0947 0x0d04  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
12:58:32.0951 0x0d04  MSDTC - ok
12:58:32.0989 0x0d04  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
12:58:32.0991 0x0d04  Msfs - ok
12:58:33.0011 0x0d04  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
12:58:33.0013 0x0d04  mshidkmdf - ok
12:58:33.0048 0x0d04  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
12:58:33.0049 0x0d04  msisadrv - ok
12:58:33.0081 0x0d04  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
12:58:33.0094 0x0d04  MSiSCSI - ok
12:58:33.0104 0x0d04  msiserver - ok
12:58:33.0128 0x0d04  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
12:58:33.0140 0x0d04  MSKSSRV - ok
12:58:33.0155 0x0d04  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
12:58:33.0156 0x0d04  MSPCLOCK - ok
12:58:33.0165 0x0d04  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
12:58:33.0166 0x0d04  MSPQM - ok
12:58:33.0209 0x0d04  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
12:58:33.0234 0x0d04  MsRPC - ok
12:58:33.0260 0x0d04  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
12:58:33.0262 0x0d04  mssmbios - ok
12:58:33.0272 0x0d04  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
12:58:33.0273 0x0d04  MSTEE - ok
12:58:33.0279 0x0d04  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
12:58:33.0280 0x0d04  MTConfig - ok
12:58:33.0296 0x0d04  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
12:58:33.0298 0x0d04  Mup - ok
12:58:33.0355 0x0d04  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
12:58:33.0367 0x0d04  napagent - ok
12:58:33.0399 0x0d04  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
12:58:33.0407 0x0d04  NativeWifiP - ok
12:58:33.0483 0x0d04  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
12:58:33.0504 0x0d04  NDIS - ok
12:58:33.0522 0x0d04  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
12:58:33.0524 0x0d04  NdisCap - ok
12:58:33.0543 0x0d04  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
12:58:33.0545 0x0d04  NdisTapi - ok
12:58:33.0571 0x0d04  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
12:58:33.0573 0x0d04  Ndisuio - ok
12:58:33.0625 0x0d04  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
12:58:33.0638 0x0d04  NdisWan - ok
12:58:33.0669 0x0d04  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
12:58:33.0671 0x0d04  NDProxy - ok
12:58:33.0687 0x0d04  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
12:58:33.0691 0x0d04  NetBIOS - ok
12:58:33.0741 0x0d04  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
12:58:33.0748 0x0d04  NetBT - ok
12:58:33.0765 0x0d04  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon        C:\Windows\system32\lsass.exe
12:58:33.0767 0x0d04  Netlogon - ok
12:58:33.0800 0x0d04  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
12:58:33.0807 0x0d04  Netman - ok
12:58:33.0841 0x0d04  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:58:33.0845 0x0d04  NetMsmqActivator - ok
12:58:33.0856 0x0d04  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:58:33.0859 0x0d04  NetPipeActivator - ok
12:58:33.0886 0x0d04  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
12:58:33.0897 0x0d04  netprofm - ok
12:58:33.0911 0x0d04  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:58:33.0914 0x0d04  NetTcpActivator - ok
12:58:33.0924 0x0d04  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:58:33.0928 0x0d04  NetTcpPortSharing - ok
12:58:33.0967 0x0d04  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
12:58:33.0972 0x0d04  nfrd960 - ok
12:58:34.0009 0x0d04  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
12:58:34.0027 0x0d04  NlaSvc - ok
12:58:34.0040 0x0d04  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
12:58:34.0041 0x0d04  Npfs - ok
12:58:34.0061 0x0d04  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
12:58:34.0066 0x0d04  nsi - ok
12:58:34.0082 0x0d04  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
12:58:34.0083 0x0d04  nsiproxy - ok
12:58:34.0197 0x0d04  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
12:58:34.0247 0x0d04  Ntfs - ok
12:58:34.0272 0x0d04  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
12:58:34.0273 0x0d04  Null - ok
12:58:34.0305 0x0d04  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
12:58:34.0309 0x0d04  nvraid - ok
12:58:34.0336 0x0d04  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
12:58:34.0349 0x0d04  nvstor - ok
12:58:34.0372 0x0d04  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
12:58:34.0376 0x0d04  nv_agp - ok
12:58:34.0465 0x0d04  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:58:34.0476 0x0d04  odserv - ok
12:58:34.0494 0x0d04  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
12:58:34.0497 0x0d04  ohci1394 - ok
12:58:34.0513 0x0d04  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:58:34.0517 0x0d04  ose - ok
12:58:34.0545 0x0d04  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
12:58:34.0554 0x0d04  p2pimsvc - ok
12:58:34.0580 0x0d04  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
12:58:34.0591 0x0d04  p2psvc - ok
12:58:34.0612 0x0d04  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
12:58:34.0615 0x0d04  Parport - ok
12:58:34.0659 0x0d04  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
12:58:34.0666 0x0d04  partmgr - ok
12:58:34.0698 0x0d04  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
12:58:34.0707 0x0d04  PcaSvc - ok
12:58:34.0758 0x0d04  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
12:58:34.0766 0x0d04  pci - ok
12:58:34.0801 0x0d04  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
12:58:34.0803 0x0d04  pciide - ok
12:58:34.0841 0x0d04  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
12:58:34.0857 0x0d04  pcmcia - ok
12:58:34.0877 0x0d04  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
12:58:34.0880 0x0d04  pcw - ok
12:58:34.0920 0x0d04  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
12:58:34.0936 0x0d04  PEAUTH - ok
12:58:34.0998 0x0d04  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
12:58:35.0003 0x0d04  PerfHost - ok
12:58:35.0110 0x0d04  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
12:58:35.0151 0x0d04  pla - ok
12:58:35.0224 0x0d04  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
12:58:35.0255 0x0d04  PlugPlay - ok
12:58:35.0277 0x0d04  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
12:58:35.0280 0x0d04  PNRPAutoReg - ok
12:58:35.0302 0x0d04  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
12:58:35.0309 0x0d04  PNRPsvc - ok
12:58:35.0336 0x0d04  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
12:58:35.0346 0x0d04  PolicyAgent - ok
12:58:35.0381 0x0d04  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
12:58:35.0386 0x0d04  Power - ok
12:58:35.0423 0x0d04  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
12:58:35.0432 0x0d04  PptpMiniport - ok
12:58:35.0451 0x0d04  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
12:58:35.0455 0x0d04  Processor - ok
12:58:35.0503 0x0d04  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
12:58:35.0521 0x0d04  ProfSvc - ok
12:58:35.0530 0x0d04  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
12:58:35.0532 0x0d04  ProtectedStorage - ok
12:58:35.0565 0x0d04  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
12:58:35.0569 0x0d04  Psched - ok
12:58:35.0585 0x0d04  [ 4712CC14E720ECCCC0AA16949D18AAF1, AF0223D118A25CA14EC1AF8A40A793D3CBCBE3576CCACBCD4F9A3D3F10407262 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
12:58:35.0587 0x0d04  PxHlpa64 - ok
12:58:35.0678 0x0d04  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
12:58:35.0726 0x0d04  ql2300 - ok
12:58:35.0753 0x0d04  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
12:58:35.0757 0x0d04  ql40xx - ok
12:58:35.0781 0x0d04  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
12:58:35.0788 0x0d04  QWAVE - ok
12:58:35.0806 0x0d04  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
12:58:35.0807 0x0d04  QWAVEdrv - ok
12:58:35.0825 0x0d04  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
12:58:35.0826 0x0d04  RasAcd - ok
12:58:35.0855 0x0d04  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
12:58:35.0860 0x0d04  RasAgileVpn - ok
12:58:35.0882 0x0d04  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
12:58:35.0886 0x0d04  RasAuto - ok
12:58:35.0915 0x0d04  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
12:58:35.0919 0x0d04  Rasl2tp - ok
12:58:35.0948 0x0d04  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
12:58:35.0957 0x0d04  RasMan - ok
12:58:35.0982 0x0d04  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
12:58:35.0985 0x0d04  RasPppoe - ok
12:58:36.0013 0x0d04  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
12:58:36.0020 0x0d04  RasSstp - ok
12:58:36.0075 0x0d04  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
12:58:36.0088 0x0d04  rdbss - ok
12:58:36.0110 0x0d04  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
12:58:36.0111 0x0d04  rdpbus - ok
12:58:36.0125 0x0d04  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
12:58:36.0125 0x0d04  RDPCDD - ok
12:58:36.0138 0x0d04  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
12:58:36.0139 0x0d04  RDPENCDD - ok
12:58:36.0151 0x0d04  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
12:58:36.0151 0x0d04  RDPREFMP - ok
12:58:36.0192 0x0d04  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
12:58:36.0196 0x0d04  RdpVideoMiniport - ok
12:58:36.0242 0x0d04  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
12:58:36.0258 0x0d04  RDPWD - ok
12:58:36.0308 0x0d04  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
12:58:36.0323 0x0d04  rdyboost - ok
12:58:36.0355 0x0d04  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
12:58:36.0365 0x0d04  RemoteAccess - ok
12:58:36.0397 0x0d04  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
12:58:36.0401 0x0d04  RemoteRegistry - ok
12:58:36.0420 0x0d04  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
12:58:36.0424 0x0d04  RpcEptMapper - ok
12:58:36.0442 0x0d04  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
12:58:36.0444 0x0d04  RpcLocator - ok
12:58:36.0481 0x0d04  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
12:58:36.0491 0x0d04  RpcSs - ok
12:58:36.0540 0x0d04  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
12:58:36.0548 0x0d04  rspndr - ok
12:58:36.0595 0x0d04  [ EE082E06A82FF630351D1E0EBBD3D8D0, 537F1A4108BDA72E8DD271466E7B7FCF39D4D55E4129AB35A409AB7AF2E7D219 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
12:58:36.0608 0x0d04  RTL8167 - ok
12:58:36.0621 0x0d04  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs           C:\Windows\system32\lsass.exe
12:58:36.0622 0x0d04  SamSs - ok
12:58:36.0673 0x0d04  [ 3289766038DB2CB14D07DC84392138D5, A7790B787690CC1A8B97E4532090C5295350A836A9474DEA74CEB3E81CF26124 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
12:58:36.0676 0x0d04  SASDIFSV - ok
12:58:36.0699 0x0d04  [ 58A38E75F3316A83C23DF6173D41F2B5, B0A8CDA1D164B7534FB41AB80792861384709BF0F914F44553275CF20194F1A1 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
12:58:36.0701 0x0d04  SASKUTIL - ok
12:58:36.0873 0x0d04  [ 2B6A9111B4C48E44692CB9ADD30629A5, A8D7DB4552B4446857F3A3C09B6B39E1CC33732DBC69140EEA184C4911B285B8 ] SBAMSvc         C:\Program Files (x86)\VIPRE\SBAMSvc.exe
12:58:36.0978 0x0d04  SBAMSvc - ok
12:58:37.0035 0x0d04  [ 7B7505F8674AC9C8418B55F807A06F1D, 876407127790900E04C454FDF6F8E993941303FF88B22A94E8EFEE09BFB3DA11 ] sbapifs         C:\Windows\system32\DRIVERS\sbapifs.sys
12:58:37.0042 0x0d04  sbapifs - ok
12:58:37.0075 0x0d04  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
12:58:37.0078 0x0d04  sbp2port - ok
12:58:37.0093 0x0d04  [ 8B90AEC3A3F0D0373CBB76EE38FD5FDE, E4A65FCBEA1BD91DE474E64F409EDC27AFC1AAFA98DF9B55C88F3859F298DA8B ] SBPIMSvc        C:\Program Files (x86)\VIPRE\SBPIMSvc.exe
12:58:37.0097 0x0d04  SBPIMSvc - ok
12:58:37.0127 0x0d04  [ 97ECCE37DBAA0A871B4504CEF53EE76B, 4D319B238DC7968C17D977C1C02DE0F350C07CF721788A84E56EF19C2C4A2D4B ] sbwtis          C:\Windows\system32\DRIVERS\sbwtis.sys
12:58:37.0130 0x0d04  sbwtis - ok
12:58:37.0171 0x0d04  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
12:58:37.0188 0x0d04  SCardSvr - ok
12:58:37.0215 0x0d04  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
12:58:37.0217 0x0d04  scfilter - ok
12:58:37.0294 0x0d04  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
12:58:37.0316 0x0d04  Schedule - ok
12:58:37.0354 0x0d04  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
12:58:37.0360 0x0d04  SCPolicySvc - ok
12:58:37.0396 0x0d04  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
12:58:37.0401 0x0d04  SDRSVC - ok
12:58:37.0421 0x0d04  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
12:58:37.0422 0x0d04  secdrv - ok
12:58:37.0442 0x0d04  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
12:58:37.0444 0x0d04  seclogon - ok
12:58:37.0468 0x0d04  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
12:58:37.0476 0x0d04  SENS - ok
12:58:37.0499 0x0d04  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
12:58:37.0501 0x0d04  SensrSvc - ok
12:58:37.0515 0x0d04  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
12:58:37.0517 0x0d04  Serenum - ok
12:58:37.0534 0x0d04  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
12:58:37.0537 0x0d04  Serial - ok
12:58:37.0549 0x0d04  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
12:58:37.0551 0x0d04  sermouse - ok
12:58:37.0585 0x0d04  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
12:58:37.0589 0x0d04  SessionEnv - ok
12:58:37.0611 0x0d04  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
12:58:37.0612 0x0d04  sffdisk - ok
12:58:37.0622 0x0d04  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
12:58:37.0624 0x0d04  sffp_mmc - ok
12:58:37.0636 0x0d04  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
12:58:37.0638 0x0d04  sffp_sd - ok
12:58:37.0664 0x0d04  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
12:58:37.0667 0x0d04  sfloppy - ok
12:58:37.0756 0x0d04  [ 74EC60E20516AAA573BE74F31175270F, 35A68231368DEE46FEF2A4E30BFAAC38F093FC5A362A7491ED38BDE11F0FC356 ] SftService      C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
12:58:37.0802 0x0d04  SftService - ok
12:58:37.0841 0x0d04  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
12:58:37.0850 0x0d04  SharedAccess - ok
12:58:37.0879 0x0d04  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:58:37.0887 0x0d04  ShellHWDetection - ok
12:58:37.0920 0x0d04  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:58:37.0925 0x0d04  SiSRaid2 - ok
12:58:37.0949 0x0d04  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
12:58:37.0956 0x0d04  SiSRaid4 - ok
12:58:37.0975 0x0d04  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
12:58:37.0978 0x0d04  Smb - ok
12:58:38.0004 0x0d04  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
12:58:38.0007 0x0d04  SNMPTRAP - ok
12:58:38.0020 0x0d04  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
12:58:38.0021 0x0d04  spldr - ok
12:58:38.0074 0x0d04  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
12:58:38.0099 0x0d04  Spooler - ok
12:58:38.0254 0x0d04  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
12:58:38.0321 0x0d04  sppsvc - ok
12:58:38.0351 0x0d04  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
12:58:38.0354 0x0d04  sppuinotify - ok
12:58:38.0419 0x0d04  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
12:58:38.0432 0x0d04  srv - ok
12:58:38.0471 0x0d04  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
12:58:38.0481 0x0d04  srv2 - ok
12:58:38.0509 0x0d04  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
12:58:38.0513 0x0d04  srvnet - ok
12:58:38.0530 0x0d04  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
12:58:38.0535 0x0d04  SSDPSRV - ok
12:58:38.0546 0x0d04  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
12:58:38.0550 0x0d04  SstpSvc - ok
12:58:38.0577 0x0d04  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
12:58:38.0579 0x0d04  stexstor - ok
12:58:38.0620 0x0d04  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
12:58:38.0632 0x0d04  stisvc - ok
12:58:38.0664 0x0d04  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
12:58:38.0667 0x0d04  swenum - ok
12:58:38.0874 0x0d04  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
12:58:38.0888 0x0d04  swprv - ok
12:58:38.0986 0x0d04  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
12:58:39.0035 0x0d04  SysMain - ok
12:58:39.0071 0x0d04  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:58:39.0075 0x0d04  TabletInputService - ok
12:58:39.0104 0x0d04  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
12:58:39.0111 0x0d04  TapiSrv - ok
12:58:39.0133 0x0d04  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
12:58:39.0137 0x0d04  TBS - ok
12:58:39.0238 0x0d04  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
12:58:39.0321 0x0d04  Tcpip - ok
12:58:39.0408 0x0d04  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
12:58:39.0482 0x0d04  TCPIP6 - ok
12:58:39.0514 0x0d04  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
12:58:39.0516 0x0d04  tcpipreg - ok
12:58:39.0546 0x0d04  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
12:58:39.0549 0x0d04  TDPIPE - ok
12:58:39.0576 0x0d04  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
12:58:39.0581 0x0d04  TDTCP - ok
12:58:39.0617 0x0d04  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
12:58:39.0620 0x0d04  tdx - ok
12:58:39.0651 0x0d04  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
12:58:39.0653 0x0d04  TermDD - ok
12:58:39.0719 0x0d04  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
12:58:39.0733 0x0d04  TermService - ok
12:58:39.0762 0x0d04  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
12:58:39.0765 0x0d04  Themes - ok
12:58:39.0787 0x0d04  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
12:58:39.0793 0x0d04  THREADORDER - ok
12:58:39.0809 0x0d04  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
12:58:39.0813 0x0d04  TrkWks - ok
12:58:39.0863 0x0d04  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:58:39.0876 0x0d04  TrustedInstaller - ok
12:58:39.0911 0x0d04  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
12:58:39.0914 0x0d04  tssecsrv - ok
12:58:39.0962 0x0d04  [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
12:58:39.0968 0x0d04  TsUsbFlt - ok
12:58:39.0998 0x0d04  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
12:58:40.0002 0x0d04  tunnel - ok
12:58:40.0031 0x0d04  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
12:58:40.0033 0x0d04  uagp35 - ok
12:58:40.0065 0x0d04  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
12:58:40.0079 0x0d04  udfs - ok
12:58:40.0114 0x0d04  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
12:58:40.0117 0x0d04  UI0Detect - ok
12:58:40.0138 0x0d04  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
12:58:40.0144 0x0d04  uliagpkx - ok
12:58:40.0175 0x0d04  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys
12:58:40.0177 0x0d04  umbus - ok
12:58:40.0194 0x0d04  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
12:58:40.0195 0x0d04  UmPass - ok
12:58:40.0220 0x0d04  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
12:58:40.0228 0x0d04  upnphost - ok
12:58:40.0265 0x0d04  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
12:58:40.0268 0x0d04  usbccgp - ok
12:58:40.0306 0x0d04  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
12:58:40.0314 0x0d04  usbcir - ok
12:58:40.0347 0x0d04  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
12:58:40.0353 0x0d04  usbehci - ok
12:58:40.0378 0x0d04  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
12:58:40.0388 0x0d04  usbhub - ok
12:58:40.0400 0x0d04  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
12:58:40.0402 0x0d04  usbohci - ok
12:58:40.0425 0x0d04  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
12:58:40.0427 0x0d04  usbprint - ok
12:58:40.0474 0x0d04  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\drivers\usbscan.sys
12:58:40.0478 0x0d04  usbscan - ok
12:58:40.0520 0x0d04  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:58:40.0527 0x0d04  USBSTOR - ok
12:58:40.0545 0x0d04  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
12:58:40.0550 0x0d04  usbuhci - ok
12:58:40.0574 0x0d04  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
12:58:40.0578 0x0d04  UxSms - ok
12:58:40.0591 0x0d04  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc        C:\Windows\system32\lsass.exe
12:58:40.0593 0x0d04  VaultSvc - ok
12:58:40.0603 0x0d04  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
12:58:40.0605 0x0d04  vdrvroot - ok
12:58:40.0652 0x0d04  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
12:58:40.0665 0x0d04  vds - ok
12:58:40.0692 0x0d04  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
12:58:40.0694 0x0d04  vga - ok
12:58:40.0712 0x0d04  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
12:58:40.0716 0x0d04  VgaSave - ok
12:58:40.0763 0x0d04  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
12:58:40.0779 0x0d04  vhdmp - ok
12:58:40.0866 0x0d04  [ B5572441293F126EC6251910DAADA6FC, E9F05C1F49097E77881FB81C40238A071F33015E20EC7E6ECC26DF68372231FD ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
12:58:40.0904 0x0d04  VIAHdAudAddService - ok
12:58:40.0941 0x0d04  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
12:58:40.0943 0x0d04  viaide - ok
12:58:40.0965 0x0d04  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
12:58:40.0972 0x0d04  volmgr - ok
12:58:41.0031 0x0d04  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
12:58:41.0040 0x0d04  volmgrx - ok
12:58:41.0067 0x0d04  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
12:58:41.0074 0x0d04  volsnap - ok
12:58:41.0097 0x0d04  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
12:58:41.0102 0x0d04  vsmraid - ok
12:58:41.0165 0x0d04  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
12:58:41.0216 0x0d04  VSS - ok
12:58:41.0240 0x0d04  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
12:58:41.0241 0x0d04  vwifibus - ok
12:58:41.0270 0x0d04  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
12:58:41.0278 0x0d04  W32Time - ok
12:58:41.0303 0x0d04  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
12:58:41.0305 0x0d04  WacomPen - ok
12:58:41.0340 0x0d04  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
12:58:41.0348 0x0d04  WANARP - ok
12:58:41.0361 0x0d04  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
12:58:41.0365 0x0d04  Wanarpv6 - ok
12:58:41.0435 0x0d04  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
12:58:41.0477 0x0d04  WatAdminSvc - ok
12:58:41.0563 0x0d04  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
12:58:41.0609 0x0d04  wbengine - ok
12:58:41.0645 0x0d04  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
12:58:41.0652 0x0d04  WbioSrvc - ok
12:58:41.0693 0x0d04  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
12:58:41.0702 0x0d04  wcncsvc - ok
12:58:41.0718 0x0d04  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:58:41.0721 0x0d04  WcsPlugInService - ok
12:58:41.0746 0x0d04  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
12:58:41.0747 0x0d04  Wd - ok
12:58:41.0829 0x0d04  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
12:58:41.0848 0x0d04  Wdf01000 - ok
12:58:41.0876 0x0d04  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
12:58:41.0880 0x0d04  WdiServiceHost - ok
12:58:41.0886 0x0d04  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
12:58:41.0888 0x0d04  WdiSystemHost - ok
12:58:41.0911 0x0d04  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
12:58:41.0919 0x0d04  WebClient - ok
12:58:41.0935 0x0d04  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
12:58:41.0942 0x0d04  Wecsvc - ok
12:58:41.0967 0x0d04  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
12:58:41.0970 0x0d04  wercplsupport - ok
12:58:41.0985 0x0d04  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
12:58:41.0989 0x0d04  WerSvc - ok
12:58:42.0016 0x0d04  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
12:58:42.0017 0x0d04  WfpLwf - ok
12:58:42.0054 0x0d04  [ B14EF15BD757FA488F9C970EEE9C0D35, F27DF2D47E7076786AE7C396583D7A1C56B93E766711066C900964FC7313E794 ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
12:58:42.0058 0x0d04  WimFltr - ok
12:58:42.0079 0x0d04  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
12:58:42.0080 0x0d04  WIMMount - ok
12:58:42.0101 0x0d04  WinDefend - ok
12:58:42.0109 0x0d04  WinHttpAutoProxySvc - ok
12:58:42.0144 0x0d04  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
12:58:42.0150 0x0d04  Winmgmt - ok
12:58:42.0256 0x0d04  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
12:58:42.0318 0x0d04  WinRM - ok
12:58:42.0374 0x0d04  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
12:58:42.0396 0x0d04  Wlansvc - ok
12:58:42.0533 0x0d04  [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:58:42.0577 0x0d04  wlidsvc - ok
12:58:42.0609 0x0d04  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
12:58:42.0610 0x0d04  WmiAcpi - ok
12:58:42.0648 0x0d04  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
12:58:42.0656 0x0d04  wmiApSrv - ok
12:58:42.0676 0x0d04  WMPNetworkSvc - ok
12:58:42.0691 0x0d04  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
12:58:42.0693 0x0d04  WPCSvc - ok
12:58:42.0734 0x0d04  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
12:58:42.0745 0x0d04  WPDBusEnum - ok
12:58:42.0766 0x0d04  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
12:58:42.0767 0x0d04  ws2ifsl - ok
12:58:42.0790 0x0d04  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
12:58:42.0801 0x0d04  wscsvc - ok
12:58:42.0806 0x0d04  WSearch - ok
12:58:42.0935 0x0d04  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
12:58:43.0004 0x0d04  wuauserv - ok
12:58:43.0039 0x0d04  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
12:58:43.0042 0x0d04  WudfPf - ok
12:58:43.0081 0x0d04  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
12:58:43.0096 0x0d04  WUDFRd - ok
12:58:43.0136 0x0d04  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
12:58:43.0147 0x0d04  wudfsvc - ok
12:58:43.0184 0x0d04  [ FE90B750AB808FB9DD8FBB428B5FF83B, 3F8F592EC813BE292D305A87C5BA852F8BC3D7CE610612D9871F209A17326AA8 ] WwanSvc         C:\Windows\System32\wwansvc.dll
12:58:43.0191 0x0d04  WwanSvc - ok
12:58:43.0200 0x0d04  ================ Scan global ===============================
12:58:43.0236 0x0d04  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
12:58:43.0285 0x0d04  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:58:43.0317 0x0d04  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:58:43.0339 0x0d04  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
12:58:43.0371 0x0d04  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
12:58:43.0378 0x0d04  [ Global ] - ok
12:58:43.0379 0x0d04  ================ Scan MBR ==================================
12:58:43.0397 0x0d04  [ CDB4DE4BBD714F152979DA2DCBEF57EB ] \Device\Harddisk0\DR0
12:58:43.0551 0x0d04  \Device\Harddisk0\DR0 - ok
12:58:43.0552 0x0d04  ================ Scan VBR ==================================
12:58:43.0558 0x0d04  [ 375120EC57A69622C69EEBF2B3900759 ] \Device\Harddisk0\DR0\Partition1
12:58:43.0559 0x0d04  \Device\Harddisk0\DR0\Partition1 - ok
12:58:43.0581 0x0d04  [ 0DA84943A55C9A427960016F3B6514C8 ] \Device\Harddisk0\DR0\Partition2
12:58:43.0583 0x0d04  \Device\Harddisk0\DR0\Partition2 - ok
12:58:43.0584 0x0d04  Waiting for KSN requests completion. In queue: 339
12:58:44.0584 0x0d04  Waiting for KSN requests completion. In queue: 339
12:58:45.0584 0x0d04  Waiting for KSN requests completion. In queue: 28
12:58:46.0612 0x0d04  AV detected via SS2: ThreatTrack Security VIPRE, C:\Program Files (x86)\VIPRE\SBAMWSC.EXE ( 7.0.6.2 ), 0x40000 ( disabled : updated )
12:58:46.0652 0x0d04  Win FW state via NFP2: enabled
12:58:49.0165 0x0d04  ============================================================
12:58:49.0165 0x0d04  Scan finished
12:58:49.0165 0x0d04  ============================================================
12:58:49.0189 0x12ec  Detected object count: 0
12:58:49.0189 0x12ec  Actual detected object count: 0


#6 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,716 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:05:17 PM

Posted 21 February 2014 - 11:48 PM

I apologize for the delay.

It looks like an email notification missed me.

 

All looks clean so far.

 

p22002970.gif Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe
Double click on TFC.exe to run the program.
Click on Start button to begin cleaning process.
TFC will close all running programs, and it may ask you to restart computer.

p22002970.gif Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.


p22002970.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.


p22002970.gif Please run a free online scan with the ESET Online Scanner

  • Disable your antivirus program
  • Click on "Run ESET Online Scanner" button.
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • Accept any security warnings from your browser.
  • Check Scan archives
  • Click Start
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click on List of found threats
  • Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
    NOTE. If Eset doesn't find any threats it'll NOT produce any log.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#7 rabidturtles359

rabidturtles359
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:07:17 PM

Posted 22 February 2014 - 02:15 PM

No worries on the delay.

 

 

# AdwCleaner v3.019 - Report created 22/02/2014 at 12:14:20
# Updated 17/02/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Kyle - STEVE-PC
# Running from : C:\Users\Kyle.Steve-PC\Desktop\adwcleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\Ask
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4C836512-BB70-11D2-A5A7-00105A9C91C6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DB797690-40E0-11D2-9BD5-0060082AE372}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB797681-40E0-11D2-9BD5-0060082AE372}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Key Deleted : HKCU\Software\YahooPartnerToolbar
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16428
 
 
-\\ Google Chrome v
 
*************************
 
AdwCleaner[R0].txt - [1569 octets] - [22/02/2014 12:13:11]
AdwCleaner[S0].txt - [1461 octets] - [22/02/2014 12:14:20]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1521 octets] ##########
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 7 Home Premium x64
Ran by Kyle on Sat 02/22/2014 at 12:19:17.61
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{180780f0-b348-4b44-8210-94a8f3ee15b2}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{EBC736A8-9734-4193-80E7-AA66DDCB9EAC}
Successfully deleted: [Registry Key] "hkey_current_user\software\microsoft\internet explorer\low rights\elevationpolicy\{a5aa24ea-11b8-4113-95ae-9ed71deaf12a}"
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Empty Folder] C:\Users\Kyle.Steve-PC\appdata\local\{460E911F-AA5A-4B5B-9B4D-2AE950D8918D}
Successfully deleted: [Empty Folder] C:\Users\Kyle.Steve-PC\appdata\local\{B3323D6A-BEF4-4818-8501-1AA5CC4EA687}
Successfully deleted: [Empty Folder] C:\Users\Kyle.Steve-PC\appdata\local\{D2B9D7D1-4876-42FC-B8CF-F4B92985C049}
Successfully deleted: [Empty Folder] C:\Users\Kyle.Steve-PC\appdata\local\{D6A1E59F-2ED7-48D9-B537-EFCAFDDCD1EF}
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 02/22/2014 at 12:24:33.38
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 ESET Online Scanner found nothing.
 
Thanks for your help!


#8 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,716 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:05:17 PM

Posted 22 February 2014 - 04:51 PM

How is computer doing now?

 

Update Adobe Flash Player: http://get.adobe.com/flashplayer/
Make sure you UN-check Yes, install McAfee Security Scan Plus

NOTE 1: Beginning with Adobe Flash Version 11.3, the universal installer includes the 32-bit and 64-bit versions of the Flash Player.
NOTE 2: While installing make sure you UN-check any extra garbage which wants to install alongside.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#9 rabidturtles359

rabidturtles359
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:07:17 PM

Posted 22 February 2014 - 06:41 PM

The computer seems better. There seems to be no more lingering processes i have found and IE hasn't crashed yet. Although those problems may be fixed, google chrome still produced some redirects earlier. Also logging on to my stepfathers account, this message always pops up...https://www.dropbox.com/s/fs2vbpf4pboo7bz/error.png



#10 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,716 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:05:17 PM

Posted 22 February 2014 - 07:06 PM

Reset Chrome...
Click on "Customize and control Google Chrome":
 
p22003758.gif
 
Click "Settings" then "Show advanced settings" at the bottom of the screen.
 
Click "Reset browser settings" button.
 
Restart Chrome.
 


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#11 rabidturtles359

rabidturtles359
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:07:17 PM

Posted 22 February 2014 - 07:15 PM

okay, done.

 

rebooting computer and logging into the account still produces the same error i attached  before



#12 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,716 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:05:17 PM

Posted 22 February 2014 - 07:20 PM

Is the redirection gone?

 

Run this from your dad's account...

 

Download Autoruns for Windows: http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx
No installation required.
Simply unzip Autoruns.zip file, and double click on autoruns.exe file to run the program.
Go File>Save, and save it as AutoRuns.txt file to know location.
You must select Text from drop-down menu as a file type:

p4436801.gif
 

Upload the file(s) here: http://www.sendspace.com/
Click on Browse button and navigate to the file you want to upload.
Click on Upload button.
Click on FIRST Copy Link button and paste the link in your next reply.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#13 rabidturtles359

rabidturtles359
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:07:17 PM

Posted 22 February 2014 - 07:52 PM

Yes the redirects seem to be gone. Thanks

 

http://www.sendspace.com/file/qga35d



#14 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,716 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:05:17 PM

Posted 22 February 2014 - 08:41 PM

Re-run Autouns, click on "Logon" tab and UN-check:

 

+ "DellSupportCenter"

+ "JavaSoft"

+ "msnmsgr"

+ "nmyaxmrm"

 

Restart computer and see if the error is gone.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#15 rabidturtles359

rabidturtles359
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:07:17 PM

Posted 22 February 2014 - 08:48 PM

The only thing i can find under the "logon" tab is

 

"DellSupportCenter"

 

 the other three are not under "logon" tab






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users