Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Mebroot Trojan


  • This topic is locked This topic is locked
4 replies to this topic

#1 Batesmotel

Batesmotel

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:10:32 AM

Posted 11 February 2014 - 03:34 AM

My internet provider has emailed me saying I have a Mebroot trojan. Is this right and how do I remove it?

 

DDS (Ver_2012-11-20.01) - NTFS_x86 
Internet Explorer: 9.0.8112.16526  BrowserJavaVersion: 10.25.2
Run by bates at 18:50:33 on 2014-02-11
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.61.1033.18.3070.1356 [GMT 10.5:30]
.
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\ABBYY Screenshot Reader\NetworkLicenseServer.exe
C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe
C:\Windows\system32\IoctlSvc.exe
C:\Windows\system32\PnkBstrA.exe
C:\Windows\system32\PnkBstrB.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Browny02\BrYNSvc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\System32\alg.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Fisher-Price\DACS\MiniApp\DACSMiniApp.exe
C:\Program Files\Nuance\PaperPort\pptd40nt.exe
C:\Program Files\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
C:\Program Files\Browny02\Brother\BrStMonW.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\ControlCenter4\BrCtrlCntr.exe
C:\Program Files\ControlCenter4\BrCcUxSys.exe
C:\Program Files\Steam\Steam.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files\NCH Software\Scribe\scribe.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\UI0Detect.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Windows\system32\msiexec.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.optuszoo.com.au/
BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - c:\program files\mcafee security scan\3.8.130\McAfeeMSS_IE.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Skype add-on (mastermind): {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll
BHO: PlusIEEventHelper Class: {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - c:\program files\nuance\pdf viewer plus\bin\PlusIEContextMenu.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: <No Name>:  - LocalServer32 - <no file>
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [Steam] "c:\program files\steam\steam.exe" -silent
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [ISUSPM] c:\programdata\flexnet\connect\11\ISUSPM.exe -scheduler
uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe
mRun: [NBKeyScan] "c:\program files\nero\nero8\nero backitup\NBKeyScan.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [DACSMiniApp] c:\program files\fisher-price\dacs\miniapp\DACSMiniApp.exe
mRun: [LifeCam] "c:\program files\microsoft lifecam\LifeExp.exe"
mRun: [IndexSearch] "c:\program files\nuance\paperport\IndexSearch.exe"
mRun: [PaperPort PTD] "c:\program files\nuance\paperport\pptd40nt.exe"
mRun: [PPort12reminder] "c:\program files\nuance\paperport\ereg\ereg.exe" -r "c:\programdata\scansoft\paperport\12\config\ereg\Ereg.ini"
mRun: [PDFHook] c:\program files\nuance\pdf viewer plus\pdfpro5hook.exe
mRun: [PDF5 Registry Controller] c:\program files\nuance\pdf viewer plus\RegistryController.exe
mRun: [ControlCenter4] c:\program files\controlcenter4\BrCcBoot.exe /autorun
mRun: [BrStsMon00] c:\program files\browny02\brother\BrStMonW.exe /AUTORUN
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [ApnTBMon] "c:\program files\askpartnernetwork\toolbar\updater\TBNotifier.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
StartupFolder: c:\users\bates\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\3.8.130\SSScheduler.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Open with PDF Viewer Plus - c:\program files\nuance\pdf viewer plus\bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {5067A26B-1337-4436-8AFE-EE169C2DA79F} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 10.1.1.1
TCP: Interfaces\{0DAAA6D5-9458-4693-AE16-9B0B3E6E4445} : DHCPNameServer = 192.168.1.1 192.168.1.1
TCP: Interfaces\{429BE388-BF50-4628-9843-9B5D1A0E6660} : DHCPNameServer = 10.1.1.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
SEH: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - <orphaned>
LSA: Security Packages =  kerberos msv1_0 schannel wdigest tspkg
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\32.0.1700.107\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\bates\appdata\roaming\mozilla\firefox\profiles\3zm6kyjm.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://ninemsn.com.au/
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\google\update\1.3.22.5\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\mcafee security scan\3.8.130\npMcAfeeMSS.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dv.dll
FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dvstreaming.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_12_0_0_44.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
FF - ExtSQL: !HIDDEN! 2009-09-05 13:27; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2013-9-27 214696]
R1 MpKsl2cd7e564;MpKsl2cd7e564;c:\programdata\microsoft\microsoft antimalware\definition updates\{019593da-0b63-4493-95c3-f7fd9f55f407}\MpKsl2cd7e564.sys [2014-2-11 40392]
R2 ABBYY.Licensing.FineReader.ScreenshotReader.9.0;ABBYY.Licensing.FineReader.ScreenshotReader.9.0;c:\program files\abbyy screenshot reader\NetworkLicenseServer.exe [2009-5-15 759048]
R2 APNMCP;Ask Update Service;c:\program files\askpartnernetwork\toolbar\apnmcp.exe [2014-1-11 166352]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504]
R2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2012-8-30 104768]
R2 PDFProFiltSrvPP;PDFProFiltSrvPP;c:\program files\nuance\paperport\PDFProFiltSrvPP.exe [2010-3-9 144672]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2013-1-18 383264]
R3 BrSerIb;Brother Serial Interface Driver(WDM);c:\windows\system32\drivers\BrSerIb.sys [2009-11-3 71424]
R3 BrUsbSIb;Brother Serial USB Driver(WDM);c:\windows\system32\drivers\BrUsbSib.sys [2009-11-3 11520]
R3 BrYNSvc;BrYNSvc;c:\program files\browny02\BrYNSvc.exe [2011-12-31 245760]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2012-7-29 242240]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\drivers\ew_jubusenum.sys [2011-2-22 70656]
R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\drivers\nx6000.sys [2010-12-2 25600]
R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2013-10-23 280288]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-11-9 160944]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\drivers\ew_hwusbdev.sys [2011-2-22 101504]
S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\drivers\ewusbnet.sys [2011-2-22 116736]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\3.8.130\McCHSvc.exe [2013-9-7 235216]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-7-20 754856]
.
=============== Created Last 30 ================
.
2014-02-11 05:57:26 62576 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{019593da-0b63-4493-95c3-f7fd9f55f407}\offreg.dll
2014-02-11 05:57:26 40392 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{019593da-0b63-4493-95c3-f7fd9f55f407}\MpKsl2cd7e564.sys
2014-02-10 04:59:11 7760024 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{019593da-0b63-4493-95c3-f7fd9f55f407}\mpengine.dll
2014-02-09 11:47:21 7760024 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2014-01-24 07:50:50 719224 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{87487ce6-4c35-41ff-8b6a-57248a028762}\gapaengine.dll
.
==================== Find3M  ====================
.
2014-02-05 08:05:16 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-02-05 08:05:16 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-01-19 07:32:23 231584 ------w- c:\windows\system32\MpSigStub.exe
2013-11-14 22:50:50 1806848 ----a-w- c:\windows\system32\jscript9.dll
2013-11-14 22:42:41 1129472 ----a-w- c:\windows\system32\wininet.dll
2013-11-14 22:42:32 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2013-11-14 22:38:54 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2013-11-14 22:38:16 420864 ----a-w- c:\windows\system32\vbscript.dll
2013-11-14 22:35:52 2382848 ----a-w- c:\windows\system32\mshtml.tlb
.
============= FINISH: 18:51:04.42 ===============
 

Attached Files



BC AdBot (Login to Remove)

 


m

#2 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:02 AM

Posted 11 February 2014 - 07:14 AM

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

 

 

 

Scan with TDSS-Killer

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.zip and extract to your desktop

  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • If Malicious objects are found, do NOT select Copy to quarantine. Change the action to Skip, and save the log.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt


Please post the contents of that log in your next reply.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#3 Batesmotel

Batesmotel
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:10:32 AM

Posted 12 February 2014 - 01:15 AM

Thanks for getting back so soon. I got a log report for you to look at thanks.

 

 

16:39:32.0362 0x06a4  TDSS rootkit removing tool 3.0.0.23 Feb 10 2014 23:32:41
16:39:38.0524 0x06a4  ============================================================
16:39:38.0524 0x06a4  Current date / time: 2014/02/12 16:39:38.0524
16:39:38.0524 0x06a4  SystemInfo:
16:39:38.0524 0x06a4  
16:39:38.0524 0x06a4  OS Version: 6.0.6002 ServicePack: 2.0
16:39:38.0524 0x06a4  Product type: Workstation
16:39:38.0524 0x06a4  ComputerName: BATES-PC
16:39:38.0524 0x06a4  UserName: bates
16:39:38.0524 0x06a4  Windows directory: C:\Windows
16:39:38.0524 0x06a4  System windows directory: C:\Windows
16:39:38.0524 0x06a4  Processor architecture: Intel x86
16:39:38.0524 0x06a4  Number of processors: 2
16:39:38.0524 0x06a4  Page size: 0x1000
16:39:38.0524 0x06a4  Boot type: Normal boot
16:39:38.0524 0x06a4  ============================================================
16:39:39.0569 0x06a4  KLMD registered as C:\Windows\system32\drivers\99516024.sys
16:39:39.0819 0x06a4  System UUID: {5F64B45F-D44D-B3F7-7559-1E10FFD617FF}
16:39:41.0504 0x06a4  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
16:39:41.0987 0x06a4  Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
16:39:42.0003 0x06a4  Drive \Device\Harddisk3\DR4 - Size: 0x1CE800000 (7.23 Gb), SectorSize: 0x200, Cylinders: 0x3AF, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
16:39:42.0003 0x06a4  ============================================================
16:39:42.0003 0x06a4  \Device\Harddisk0\DR0:
16:39:42.0003 0x06a4  MBR partitions:
16:39:42.0003 0x06a4  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705DB0
16:39:42.0003 0x06a4  \Device\Harddisk1\DR1:
16:39:42.0003 0x06a4  MBR partitions:
16:39:42.0003 0x06a4  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A385000
16:39:42.0003 0x06a4  \Device\Harddisk3\DR4:
16:39:42.0003 0x06a4  MBR partitions:
16:39:42.0003 0x06a4  \Device\Harddisk3\DR4\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0xE73FC1
16:39:42.0003 0x06a4  ============================================================
16:39:42.0019 0x06a4  C: <-> \Device\Harddisk0\DR0\Partition1
16:39:42.0034 0x06a4  E: <-> \Device\Harddisk1\DR1\Partition1
16:39:42.0034 0x06a4  ============================================================
16:39:42.0034 0x06a4  Initialize success
16:39:42.0034 0x06a4  ============================================================
16:39:49.0507 0x10e4  ============================================================
16:39:49.0507 0x10e4  Scan started
16:39:49.0507 0x10e4  Mode: Manual; 
16:39:49.0507 0x10e4  ============================================================
16:39:49.0507 0x10e4  KSN ping started
16:39:52.0049 0x10e4  KSN ping finished: true
16:39:53.0017 0x10e4  ================ Scan system memory ========================
16:39:53.0017 0x10e4  System memory - ok
16:39:53.0017 0x10e4  ================ Scan services =============================
16:39:53.0126 0x10e4  [ B33CF4DE909A5B30F526D82053A63C8E, ABF5BB962C038E545C18B96E686E072D780C907096C7BB341297AF31D3703ABD ] ABBYY.Licensing.FineReader.ScreenshotReader.9.0 C:\Program Files\ABBYY Screenshot Reader\NetworkLicenseServer.exe
16:39:53.0157 0x10e4  ABBYY.Licensing.FineReader.ScreenshotReader.9.0 - ok
16:39:53.0266 0x10e4  [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI            C:\Windows\system32\drivers\acpi.sys
16:39:53.0266 0x10e4  ACPI - ok
16:39:53.0360 0x10e4  [ C8C6C0D659734FDBF63F6F421A5416BC, 11C452D77D0A8A5E430D0D0C9949797FFC03D2E3DADB8FBB9B63EDA868AFF83C ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
16:39:53.0360 0x10e4  AdobeFlashPlayerUpdateSvc - ok
16:39:53.0407 0x10e4  [ 04F0FCAC69C7C71A3AC4EB97FAFC8303, FBBDD38574A1F66A5AA12B82E34FDE60B870180C4B7100C15757539DC869ED4B ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
16:39:53.0407 0x10e4  adp94xx - ok
16:39:53.0422 0x10e4  [ 60505E0041F7751BDBB80F88BF45C2CE, 1DE16042B8ABD7B643189E836DE273832EE743FD66AFBB641E8049C4E0CD04D8 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
16:39:53.0438 0x10e4  adpahci - ok
16:39:53.0438 0x10e4  [ 8A42779B02AEC986EAB64ECFC98F8BD7, B89938EFF4E81FA44197D2D839EBD3340DDE01FBC79605049C088621784C1B91 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
16:39:53.0438 0x10e4  adpu160m - ok
16:39:53.0453 0x10e4  [ 241C9E37F8CE45EF51C3DE27515CA4E5, 1A03E93DD8C1F3640C96124A14A3D0F4E349B06CCA2118CE40B8AE201A4030A7 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
16:39:53.0453 0x10e4  adpu320 - ok
16:39:53.0485 0x10e4  [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
16:39:53.0485 0x10e4  AeLookupSvc - ok
16:39:53.0531 0x10e4  [ 3911B972B55FEA0478476B2E777B29FA, 62545B90C7DD3F73777E62CD8264E611A4D71B6956CABFD2D820D25F41F471FD ] AFD             C:\Windows\system32\drivers\afd.sys
16:39:53.0531 0x10e4  AFD - ok
16:39:53.0547 0x10e4  [ 13F9E33747E6B41A3FF305C37DB0D360, 066DD6060B1CF93F85BBAAA52848C801128CD294E8B7EACD912E0EF219DBFBC2 ] agp440          C:\Windows\system32\drivers\agp440.sys
16:39:53.0547 0x10e4  agp440 - ok
16:39:53.0563 0x10e4  [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
16:39:53.0563 0x10e4  aic78xx - ok
16:39:53.0578 0x10e4  [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG             C:\Windows\System32\alg.exe
16:39:53.0578 0x10e4  ALG - ok
16:39:53.0578 0x10e4  [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91, 0EADB6AE21FEDAB55D41F41B638198B556CC2BE2EE57F6C8B40EB044A318319F ] aliide          C:\Windows\system32\drivers\aliide.sys
16:39:53.0578 0x10e4  aliide - ok
16:39:53.0578 0x10e4  [ C47344BC706E5F0B9DCE369516661578, 689C9CDAF6F38227F1C34359CAEB3C7798F318EDFD4B7FE532FBE3C8E4EE3DC8 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
16:39:53.0594 0x10e4  amdagp - ok
16:39:53.0594 0x10e4  [ 9B78A39A4C173FDBC1321E0DD659B34C, 2CA66EB68AD7A317D91C13B8CFD4E8CA985926A610D19595B613F5553B145C7B ] amdide          C:\Windows\system32\drivers\amdide.sys
16:39:53.0594 0x10e4  amdide - ok
16:39:53.0594 0x10e4  [ 18F29B49AD23ECEE3D2A826C725C8D48, 0FA08882301D218E367E63E1966B6406220EE94BAE7E7DAD6E55EB70BF6FED7F ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
16:39:53.0594 0x10e4  AmdK7 - ok
16:39:53.0609 0x10e4  [ 93AE7F7DD54AB986A6F1A1B37BE7442D, ECE0ABA2DECEED94AC678240A4B604F04022F0740F2295CBD07D25F5917E878A ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
16:39:53.0609 0x10e4  AmdK8 - ok
16:39:53.0687 0x10e4  [ B342CD9AA44E4AE99E2368EBDBC2E17A, C3081358313A982F53CAD54C214AFECAD9660A59FB4A3DDFE068724E83041AF8 ] APNMCP          C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
16:39:53.0797 0x10e4  APNMCP - ok
16:39:53.0812 0x10e4  [ C6D704C7F0434DC791AAC37CAC4B6E14, 35CF7D1895F97637E0C678A39F3049B871BCA9526D379C7793ED33B87D2EAC4C ] Appinfo         C:\Windows\System32\appinfo.dll
16:39:53.0812 0x10e4  Appinfo - ok
16:39:53.0906 0x10e4  [ 4FE5C6D40664AE07BE5105874357D2ED, 70DD05EE80B77EB2F781E0919885D1BBB1119EA1A8955935AF5AECD05E30F14A ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:39:53.0906 0x10e4  Apple Mobile Device - ok
16:39:53.0921 0x10e4  [ 5D2888182FB46632511ACEE92FDAD522, 2E53231ACAF9B2FB7993DBC1CD15C06D7B0CCE0D08DAFF7B0CC13A2040028A75 ] arc             C:\Windows\system32\drivers\arc.sys
16:39:53.0921 0x10e4  arc - ok
16:39:53.0937 0x10e4  [ 5E2A321BD7C8B3624E41FDEC3E244945, 9D47FF6C823868F2267FEFAB5851D3CD2BC3F619A2D6EFF803EA22DB0509C450 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
16:39:53.0937 0x10e4  arcsas - ok
16:39:53.0937 0x10e4  [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
16:39:53.0937 0x10e4  AsyncMac - ok
16:39:53.0968 0x10e4  [ 1F05B78AB91C9075565A9D8A4B880BC4, 737BE9F9376DAB0CCDFED93EA6D67F0C432367EA63CD772A453485BE769AF3BD ] atapi           C:\Windows\system32\drivers\atapi.sys
16:39:53.0968 0x10e4  atapi - ok
16:39:53.0999 0x10e4  [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:39:54.0015 0x10e4  AudioEndpointBuilder - ok
16:39:54.0015 0x10e4  [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
16:39:54.0031 0x10e4  Audiosrv - ok
16:39:54.0031 0x10e4  [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep            C:\Windows\system32\drivers\Beep.sys
16:39:54.0031 0x10e4  Beep - ok
16:39:54.0062 0x10e4  [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] BFE             C:\Windows\System32\bfe.dll
16:39:54.0062 0x10e4  BFE - ok
16:39:54.0109 0x10e4  [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] BITS            C:\Windows\system32\qmgr.dll
16:39:54.0124 0x10e4  BITS - ok
16:39:54.0155 0x10e4  [ D4DF28447741FD3D953526E33A617397, E7239BA432090F8AC7DF453DB876507CD4419ECA964D289408A1B2B353618693 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
16:39:54.0155 0x10e4  blbdrive - ok
16:39:54.0202 0x10e4  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:39:54.0218 0x10e4  Bonjour Service - ok
16:39:54.0249 0x10e4  [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
16:39:54.0249 0x10e4  bowser - ok
16:39:54.0265 0x10e4  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
16:39:54.0265 0x10e4  BrFiltLo - ok
16:39:54.0280 0x10e4  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
16:39:54.0280 0x10e4  BrFiltUp - ok
16:39:54.0296 0x10e4  [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser         C:\Windows\System32\browser.dll
16:39:54.0311 0x10e4  Browser - ok
16:39:54.0343 0x10e4  [ 9F80879913DC2712FD0C4D734E3F519B, AECEB7F5B24CA5334B9FE862D939046BAA7E18626505A7887B1DA060D28D87FC ] BrSerIb         C:\Windows\system32\DRIVERS\BrSerIb.sys
16:39:54.0343 0x10e4  BrSerIb - ok
16:39:54.0358 0x10e4  [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid         C:\Windows\system32\drivers\brserid.sys
16:39:54.0358 0x10e4  Brserid - ok
16:39:54.0358 0x10e4  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
16:39:54.0374 0x10e4  BrSerWdm - ok
16:39:54.0374 0x10e4  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
16:39:54.0374 0x10e4  BrUsbMdm - ok
16:39:54.0374 0x10e4  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
16:39:54.0374 0x10e4  BrUsbSer - ok
16:39:54.0389 0x10e4  [ B67512DA42C0C90BF236D5485226C1C7, 1179B7B15753A63E26301766340C66D3D9E76E30901C92775AFC490BD948E909 ] BrUsbSIb        C:\Windows\system32\DRIVERS\BrUsbSIb.sys
16:39:54.0389 0x10e4  BrUsbSIb - ok
16:39:54.0436 0x10e4  [ EA7E57F87D6FEE5FD6C5F813C04E8CD2, 1EB84F4DEE3034FAFBEA2A3F84EECE036E803872DA94D54E958E9F2F09519E88 ] BrYNSvc         C:\Program Files\Browny02\BrYNSvc.exe
16:39:54.0452 0x10e4  BrYNSvc - ok
16:39:54.0452 0x10e4  [ AD07C1EC6665B8B35741AB91200C6B68, DCE1305A30D6713222A01C1F1D03ED0ADABE23C742CE1E82BB142531B82A3FF7 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
16:39:54.0467 0x10e4  BTHMODEM - ok
16:39:54.0545 0x10e4  catchme - ok
16:39:54.0545 0x10e4  [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
16:39:54.0545 0x10e4  cdfs - ok
16:39:54.0592 0x10e4  [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
16:39:54.0592 0x10e4  cdrom - ok
16:39:54.0623 0x10e4  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc     C:\Windows\System32\certprop.dll
16:39:54.0623 0x10e4  CertPropSvc - ok
16:39:54.0639 0x10e4  [ E5D4133F37219DBCFE102BC61072589D, 74C7F8C53D9C71CE3C8B33BC0331948571318402B0A8E1AC4552360504092A46 ] circlass        C:\Windows\system32\drivers\circlass.sys
16:39:54.0639 0x10e4  circlass - ok
16:39:54.0670 0x10e4  [ D7659D3B5B92C31E84E53C1431F35132, 6BFE644AD9890A8CEEDCC4B97ADD564AD57202FBC5D21599469E0C4B31BB27C6 ] CLFS            C:\Windows\system32\CLFS.sys
16:39:54.0686 0x10e4  CLFS - ok
16:39:54.0733 0x10e4  [ 8EE772032E2FE80A924F3B8DD5082194, B743DF91563A22CC15D9B44105804B5866A29D3DFC156DBE88DFAFEF903B94C0 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:39:54.0733 0x10e4  clr_optimization_v2.0.50727_32 - ok
16:39:54.0795 0x10e4  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:39:54.0811 0x10e4  clr_optimization_v4.0.30319_32 - ok
16:39:54.0826 0x10e4  [ 0CA25E686A4928484E9FDABD168AB629, C2CB2333CAB40CDF93219870E66700F957188C86A1B1A004BC4652953091E5C5 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
16:39:54.0826 0x10e4  cmdide - ok
16:39:54.0842 0x10e4  [ 6AFEF0B60FA25DE07C0968983EE4F60A, E4037EF9EDE57A1039AB814EBCE9A8B12C9A084E7FAC6296212ACF2394DD37B6 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
16:39:54.0842 0x10e4  Compbatt - ok
16:39:54.0842 0x10e4  COMSysApp - ok
16:39:54.0857 0x10e4  [ 741E9DFF4F42D2D8477D0FC1DC0DF871, 06EA43D771E3455F943AB624CC00C2259FE5E561164908630755E933EF44A522 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
16:39:54.0857 0x10e4  crcdisk - ok
16:39:54.0889 0x10e4  [ 1F07BECDCA750766A96CDA811BA86410, F4E36F0003184BCB36D59B23AC903421AD8C0A1FD2D6315E06375235ABC9A0AD ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
16:39:54.0889 0x10e4  Crusoe - ok
16:39:54.0920 0x10e4  [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
16:39:54.0920 0x10e4  CryptSvc - ok
16:39:54.0967 0x10e4  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] DcomLaunch      C:\Windows\system32\rpcss.dll
16:39:54.0982 0x10e4  DcomLaunch - ok
16:39:55.0013 0x10e4  [ 622C41A07CA7E6DD91770F50D532CB6C, 2A9040949CB45F9970FDE930278F30D2F08E957290CB3D4DC4F2CA94F3D444D2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
16:39:55.0013 0x10e4  DfsC - ok
16:39:55.0107 0x10e4  [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR            C:\Windows\system32\DFSR.exe
16:39:55.0154 0x10e4  DFSR - ok
16:39:55.0185 0x10e4  [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
16:39:55.0201 0x10e4  Dhcp - ok
16:39:55.0232 0x10e4  [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk            C:\Windows\system32\drivers\disk.sys
16:39:55.0232 0x10e4  disk - ok
16:39:55.0263 0x10e4  [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache        C:\Windows\System32\dnsrslvr.dll
16:39:55.0263 0x10e4  Dnscache - ok
16:39:55.0279 0x10e4  [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc         C:\Windows\System32\dot3svc.dll
16:39:55.0294 0x10e4  dot3svc - ok
16:39:55.0325 0x10e4  [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS             C:\Windows\system32\dps.dll
16:39:55.0325 0x10e4  DPS - ok
16:39:55.0357 0x10e4  [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
16:39:55.0388 0x10e4  drmkaud - ok
16:39:55.0450 0x10e4  [ 687AF6BB383885FF6A64071B189A7F3E, 1C751B8DD27F63E88D0223A8434CED7589AC00EC6275938C59D1B954F0354F78 ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
16:39:55.0450 0x10e4  dtsoftbus01 - ok
16:39:55.0497 0x10e4  [ 988670D8343EF9835FB3659DB71B2EFA, 5F5370FDD08C4BFF0828341952E98E95F722CB779EEC08C9DD6212C4DF3CD33B ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
16:39:55.0513 0x10e4  DXGKrnl - ok
16:39:55.0544 0x10e4  [ 5425F74AC0C1DBD96A1E04F17D63F94C, AD133CEDCDEA75420C75A91BB4CF7152475D46ED7B7703E3BAE5F9946D610292 ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
16:39:55.0544 0x10e4  E1G60 - ok
16:39:55.0544 0x10e4  [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost         C:\Windows\System32\eapsvc.dll
16:39:55.0559 0x10e4  EapHost - ok
16:39:55.0575 0x10e4  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371, F3E9CF5D8E9124CB06F08454C5F0E510DE19A92780151FB2F8A58A0905D59B8F ] Ecache          C:\Windows\system32\drivers\ecache.sys
16:39:55.0575 0x10e4  Ecache - ok
16:39:55.0653 0x10e4  [ 9BE3744D295A7701EB425332014F0797, 1A139EE9232581E466591C5EBEF41E4BF1F82D99C1959F1C68C879B240E9F46D ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
16:39:55.0653 0x10e4  ehRecvr - ok
16:39:55.0669 0x10e4  [ AD1870C8E5D6DD340C829E6074BF3C3F, 064D07106A1BBE80294F1913354832F2B67D22274BB4D36C81D2D83C96FE0B88 ] ehSched         C:\Windows\ehome\ehsched.exe
16:39:55.0669 0x10e4  ehSched - ok
16:39:55.0669 0x10e4  [ C27C4EE8926E74AA72EFCAB24C5242C3, F1EBF78CCE9BA76AFD0478BC66B67CA44DEAF3C380369BFCE91BD8F678C8608A ] ehstart         C:\Windows\ehome\ehstart.dll
16:39:55.0669 0x10e4  ehstart - ok
16:39:55.0700 0x10e4  [ 23B62471681A124889978F6295B3F4C6, A90C521F06125B86A26EA625B0E7F811AF7D328E1313165E7AD4A83596A23819 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
16:39:55.0715 0x10e4  elxstor - ok
16:39:55.0778 0x10e4  [ 4E6B23DFC917EA39306B529B773950F4, C4BA77632B4BD46C4C1797F7F57399DB506D3EB6E5A0A36C269A793DAA3445C2 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
16:39:55.0793 0x10e4  EMDMgmt - ok
16:39:55.0809 0x10e4  [ 3DB974F3935483555D7148663F726C61, C288CFC04213B0340ABEC752C0A7B308B29122B5F51E68387BA1D9E9D7166FDD ] ErrDev          C:\Windows\system32\drivers\errdev.sys
16:39:55.0809 0x10e4  ErrDev - ok
16:39:55.0856 0x10e4  [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem     C:\Windows\system32\es.dll
16:39:55.0856 0x10e4  EventSystem - ok
16:39:55.0903 0x10e4  [ 1A7AE4575F4D56E9AA990A0B9F6BB2BB, DDF37DC8CD1D45D5A85983A4B91406A5485D87BE4F4091BC3EF73EC1708CFA12 ] ewusbnet        C:\Windows\system32\DRIVERS\ewusbnet.sys
16:39:55.0903 0x10e4  ewusbnet - ok
16:39:55.0934 0x10e4  [ E98A64C7F106740A38FB2B78197816F8, 704C86807CA6EC641125A1C7566318B46DEEA63573F15A424A4151999DB1E0E8 ] ew_hwusbdev     C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
16:39:55.0934 0x10e4  ew_hwusbdev - ok
16:39:55.0965 0x10e4  [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat           C:\Windows\system32\drivers\exfat.sys
16:39:55.0965 0x10e4  exfat - ok
16:39:55.0996 0x10e4  [ 1E9B9A70D332103C52995E957DC09EF8, 7E709D545D4025A2E9F3489CF2A231040904CB53E3E4EEAC15A22468FAB2A5B3 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
16:39:55.0996 0x10e4  fastfat - ok
16:39:56.0027 0x10e4  [ AFE1E8B9782A0DD7FB46BBD88E43F89A, B4CBE1DC3430F2F3485F49007C71293D5B86E9C405741EA00A67B00A38BE1F8D ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
16:39:56.0027 0x10e4  fdc - ok
16:39:56.0043 0x10e4  [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost         C:\Windows\system32\fdPHost.dll
16:39:56.0043 0x10e4  fdPHost - ok
16:39:56.0043 0x10e4  [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub        C:\Windows\system32\fdrespub.dll
16:39:56.0043 0x10e4  FDResPub - ok
16:39:56.0059 0x10e4  [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
16:39:56.0059 0x10e4  FileInfo - ok
16:39:56.0059 0x10e4  [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
16:39:56.0059 0x10e4  Filetrace - ok
16:39:56.0074 0x10e4  [ 85B7CF99D532820495D68D747FDA9EBD, 682D35D219D1AFBE51CF0AB03F2D3E15C940F5AF291C1A611A19F4D279143F3C ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
16:39:56.0074 0x10e4  flpydisk - ok
16:39:56.0105 0x10e4  [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
16:39:56.0105 0x10e4  FltMgr - ok
16:39:56.0152 0x10e4  [ 2AFA3A46986AE935DAECEBC7E66314CF, 747FAF9B7F8291B83EE44B91E5708395E749DC87BD42CC3BF2CD41209C298F4D ] FontCache       C:\Windows\system32\FntCache.dll
16:39:56.0168 0x10e4  FontCache - ok
16:39:56.0215 0x10e4  [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
16:39:56.0215 0x10e4  FontCache3.0.0.0 - ok
16:39:56.0246 0x10e4  [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
16:39:56.0277 0x10e4  Fs_Rec - ok
16:39:56.0293 0x10e4  [ 34582A6E6573D54A07ECE5FE24A126B5, 5F45DC38F8015AD90616EAD3B57820CCD284938A96B2C4E1FF5FC7BDEE8A848D ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
16:39:56.0293 0x10e4  gagp30kx - ok
16:39:56.0324 0x10e4  [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:39:56.0324 0x10e4  GEARAspiWDM - ok
16:39:56.0371 0x10e4  [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] gpsvc           C:\Windows\System32\gpsvc.dll
16:39:56.0386 0x10e4  gpsvc - ok
16:39:56.0449 0x10e4  [ 8F0DE4FEF8201E306F9938B0905AC96A, CA7153FE0C037D79FBF7CE0E090D741FB52BCCBBBD4CA505EF4849A0C4199F72 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
16:39:56.0464 0x10e4  gupdate - ok
16:39:56.0464 0x10e4  [ 8F0DE4FEF8201E306F9938B0905AC96A, CA7153FE0C037D79FBF7CE0E090D741FB52BCCBBBD4CA505EF4849A0C4199F72 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
16:39:56.0464 0x10e4  gupdatem - ok
16:39:56.0480 0x10e4  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
16:39:56.0495 0x10e4  gusvc - ok
16:39:56.0527 0x10e4  [ CB04C744BE0A61B1D648FAED182C3B59, 61DC0FF94325DAFCCB7B3980A48727EFBF1283FCF753EC16EF04C730525994C0 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:39:56.0527 0x10e4  HdAudAddService - ok
16:39:56.0573 0x10e4  [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
16:39:56.0589 0x10e4  HDAudBus - ok
16:39:56.0605 0x10e4  [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth          C:\Windows\system32\drivers\hidbth.sys
16:39:56.0605 0x10e4  HidBth - ok
16:39:56.0620 0x10e4  [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058E74A871E0BAD4A ] HidIr           C:\Windows\system32\drivers\hidir.sys
16:39:56.0620 0x10e4  HidIr - ok
16:39:56.0667 0x10e4  [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv         C:\Windows\System32\hidserv.dll
16:39:56.0667 0x10e4  hidserv - ok
16:39:56.0698 0x10e4  [ CCA4B519B17E23A00B826C55716809CC, 91AD0758A6185B0FBBE383BDB1B457FFB850477AFF8DE040DE9527A97D28EF62 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
16:39:56.0698 0x10e4  HidUsb - ok
16:39:56.0729 0x10e4  [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc          C:\Windows\system32\kmsvc.dll
16:39:56.0729 0x10e4  hkmsvc - ok
16:39:56.0745 0x10e4  [ 16EE7B23A009E00D835CDB79574A91A6, 964AFE7D2F7E48C7DE7FDAB48F57ADC4AD44A0B2A9A03071E0E8D334007E5572 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
16:39:56.0745 0x10e4  HpCISSs - ok
16:39:56.0792 0x10e4  [ F870AA3E254628EBEAFE754108D664DE, B0444E7D246AA1982094030ACB991690F6A7DD3FB07B1BB6A1BC0F3AA9718A70 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
16:39:56.0792 0x10e4  HTTP - ok
16:39:56.0839 0x10e4  [ BB3C8E4B88842F3A1B9C5D603210C277, 527E93A3BA77CBCF0CEC5B9093871E8DD318D0354F3B51FD52FB9734026EF400 ] huawei_enumerator C:\Windows\system32\DRIVERS\ew_jubusenum.sys
16:39:56.0839 0x10e4  huawei_enumerator - ok
16:39:56.0854 0x10e4  [ 0B3957226EC94B1ECB7B9348BB535A23, 5EAB9E01DE61D463FD1CD425C5A9ADD3DED53744291E72D5E70077000DF05374 ] hwdatacard      C:\Windows\system32\DRIVERS\ewusbmdm.sys
16:39:56.0854 0x10e4  hwdatacard - ok
16:39:56.0885 0x10e4  [ C6B032D69650985468160FC9937CF5B4, 4D5A944C70037F35A9DBA4F49F174455FA80ED7EAEDAA143F0A2C0E05AE585D8 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
16:39:56.0885 0x10e4  i2omp - ok
16:39:56.0901 0x10e4  [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
16:39:56.0901 0x10e4  i8042prt - ok
16:39:56.0917 0x10e4  [ 54155EA1B0DF185878E0FC9EC3AC3A14, 344A0793499261D2E4FF2FCCC70501329485F8E299EBC68953D07BA86F0D4729 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
16:39:56.0917 0x10e4  iaStorV - ok
16:39:56.0995 0x10e4  [ 98477B08E61945F974ED9FDC4CB6BDAB, C7E8F661F6FBF6AB493E950D2E70363496E155B1838CE7B490B981BD840B04FC ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:39:57.0010 0x10e4  idsvc - ok
16:39:57.0010 0x10e4  [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp           C:\Windows\system32\drivers\iirsp.sys
16:39:57.0026 0x10e4  iirsp - ok
16:39:57.0073 0x10e4  [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78, FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803372B37B122AEB3 ] IKEEXT          C:\Windows\System32\ikeext.dll
16:39:57.0073 0x10e4  IKEEXT - ok
16:39:57.0182 0x10e4  [ 43F5535AA4D6C75A37F70FB9C561CC9B, 382983D70DA3AE2629FF2962B248802B672829D9C26524069B77325DB67B390F ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
16:39:57.0244 0x10e4  IntcAzAudAddService - ok
16:39:57.0260 0x10e4  [ 83AA759F3189E6370C30DE5DC5590718, 7406FE41EA8FB80052517318CB72E2641E92E579FAFAF5E8DDDFF0BF8DAE773A ] intelide        C:\Windows\system32\drivers\intelide.sys
16:39:57.0260 0x10e4  intelide - ok
16:39:57.0260 0x10e4  [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
16:39:57.0291 0x10e4  intelppm - ok
16:39:57.0307 0x10e4  [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
16:39:57.0322 0x10e4  IPBusEnum - ok
16:39:57.0338 0x10e4  [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:39:57.0353 0x10e4  IpFilterDriver - ok
16:39:57.0416 0x10e4  [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
16:39:57.0416 0x10e4  iphlpsvc - ok
16:39:57.0431 0x10e4  IpInIp - ok
16:39:57.0447 0x10e4  [ B25AAF203552B7B3491139D582B39AD1, EA9C38F512F40FF12975A6719E6FE4D7EA93A4B2497103E0FDA5A4CD6033C0A6 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
16:39:57.0463 0x10e4  IPMIDRV - ok
16:39:57.0478 0x10e4  [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
16:39:57.0478 0x10e4  IPNAT - ok
16:39:57.0556 0x10e4  [ D8B8B5A8FE57CF4F307A540D9A153C23, 1C5AA5C29204A90D11FF40A5DD5967CC7195F5C4ACD7E41CB94C230A7DFD459D ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
16:39:57.0572 0x10e4  iPod Service - ok
16:39:57.0587 0x10e4  [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
16:39:57.0587 0x10e4  IRENUM - ok
16:39:57.0603 0x10e4  [ 6C70698A3E5C4376C6AB5C7C17FB0614, 10FBCBA5A74AF5D136B152FD4D3DFA2A1F2CEBC3F979D5BA6DB98B3DCB2F7A07 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
16:39:57.0603 0x10e4  isapnp - ok
16:39:57.0634 0x10e4  [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
16:39:57.0634 0x10e4  iScsiPrt - ok
16:39:57.0650 0x10e4  [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
16:39:57.0650 0x10e4  iteatapi - ok
16:39:57.0665 0x10e4  [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
16:39:57.0681 0x10e4  iteraid - ok
16:39:57.0681 0x10e4  [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
16:39:57.0681 0x10e4  kbdclass - ok
16:39:57.0728 0x10e4  [ EDE59EC70E25C24581ADD1FBEC7325F7, 41B37778E9A12675FC0DF74606AAF18C652EB88513B3C4889C5C512E14587CEE ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
16:39:57.0728 0x10e4  kbdhid - ok
16:39:57.0759 0x10e4  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] KeyIso          C:\Windows\system32\lsass.exe
16:39:57.0759 0x10e4  KeyIso - ok
16:39:57.0821 0x10e4  [ 4A1445EFA932A3BAF5BDB02D7131EE20, 9DD262ED72DF268FE024063788F54124E320D0775D8DC0C5CAD099CD5F655DA2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
16:39:57.0821 0x10e4  KSecDD - ok
16:39:57.0868 0x10e4  [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm           C:\Windows\system32\msdtckrm.dll
16:39:57.0884 0x10e4  KtmRm - ok
16:39:57.0915 0x10e4  [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer    C:\Windows\System32\srvsvc.dll
16:39:57.0915 0x10e4  LanmanServer - ok
16:39:57.0962 0x10e4  [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:39:57.0962 0x10e4  LanmanWorkstation - ok
16:39:57.0977 0x10e4  [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
16:39:57.0977 0x10e4  lltdio - ok
16:39:57.0993 0x10e4  [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
16:39:58.0009 0x10e4  lltdsvc - ok
16:39:58.0009 0x10e4  [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts         C:\Windows\System32\lmhsvc.dll
16:39:58.0024 0x10e4  lmhosts - ok
16:39:58.0055 0x10e4  [ C7E15E82879BF3235B559563D4185365, 98C9268ADF6BAEB0522BB84BE6C98D0D6D5EB4BD27BB61412D208232164C8435 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
16:39:58.0055 0x10e4  LSI_FC - ok
16:39:58.0055 0x10e4  [ EE01EBAE8C9BF0FA072E0FF68718920A, 655924440E611278998226299645BC72B3627A8A057286DC8D65A162CFBBE484 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
16:39:58.0055 0x10e4  LSI_SAS - ok
16:39:58.0071 0x10e4  [ 912A04696E9CA30146A62AFA1463DD5C, 1D336D47B9D1C8449F29CDB776C092235E3D70CE53D9440970533E376EB004D3 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
16:39:58.0087 0x10e4  LSI_SCSI - ok
16:39:58.0087 0x10e4  [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv           C:\Windows\system32\drivers\luafv.sys
16:39:58.0087 0x10e4  luafv - ok
16:39:58.0196 0x10e4  [ E4DFBE4C4A9C2BD87C1430F445F3E3CB, 34A0295D0AC37537B010FEC4534535D92AA4C30900DC37444C992C15F86D3AA4 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe
16:39:58.0211 0x10e4  McComponentHostService - ok
16:39:58.0227 0x10e4  [ AEF9BABB8A506BC4CE0451A64AADED46, D5608A703EA7E97F11ED4D029B4B820440B0C9317DB7D7DC0152253CD723DC07 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
16:39:58.0227 0x10e4  Mcx2Svc - ok
16:39:58.0243 0x10e4  [ 0001CE609D66632FA17B84705F658879, D5F9758BDC2B733307B565A74B33F5581FB425A5A9F32CCFA307DA1569EBD6CD ] megasas         C:\Windows\system32\drivers\megasas.sys
16:39:58.0243 0x10e4  megasas - ok
16:39:58.0274 0x10e4  [ C252F32CD9A49DBFC25ECF26EBD51A99, 47EC8F475AB62A00FAF989CD2C3ABDF2922588F75CC15C83CD99A62EF6400FB0 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
16:39:58.0274 0x10e4  MegaSR - ok
16:39:58.0321 0x10e4  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS           C:\Windows\system32\mmcss.dll
16:39:58.0336 0x10e4  MMCSS - ok
16:39:58.0336 0x10e4  [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem           C:\Windows\system32\drivers\modem.sys
16:39:58.0336 0x10e4  Modem - ok
16:39:58.0336 0x10e4  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
16:39:58.0336 0x10e4  monitor - ok
16:39:58.0352 0x10e4  [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
16:39:58.0352 0x10e4  mouclass - ok
16:39:58.0352 0x10e4  [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
16:39:58.0352 0x10e4  mouhid - ok
16:39:58.0367 0x10e4  [ BDAFC88AA6B92F7842416EA6A48E1600, 2CA8A7BB260016D6B7953980A94C45A3C5D41F7DC7E73EEFB1C18EA144749503 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
16:39:58.0367 0x10e4  MountMgr - ok
16:39:58.0430 0x10e4  [ 3B9398E0146855B1DC0E3D9769C80F01, DF69DB5CA30A5577648635C27DD468AF98515D07DF379B3FFDCC6B40744EDE66 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
16:39:58.0445 0x10e4  MozillaMaintenance - ok
16:39:58.0477 0x10e4  [ E77DC03DD3C8E5A388BF9EED2A28F3D1, ED0DAA975D1EC35CE036F02596218E15CC6A054167628D12A0A5AD91B841F422 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
16:39:58.0492 0x10e4  MpFilter - ok
16:39:58.0492 0x10e4  [ 511D011289755DD9F9A7579FB0B064E6, 1FD0D0D5B6E08FE06F7A5D0821BCD859B0F98A6DEA58AAB7FB6C95B64212FFC8 ] mpio            C:\Windows\system32\drivers\mpio.sys
16:39:58.0492 0x10e4  mpio - ok
16:39:58.0679 0x10e4  [ 06D4F934E09C359B0EFBFB3146F1D910, 484F57CD6F8757137F3B3491B8AC8ECF6C6385A666CD1671833DDD9E962AAB4A ] MpKsl70f7a8ab   C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{18D6F200-C334-4CAD-90BB-2B959D759BDC}\MpKsl70f7a8ab.sys
16:39:58.0679 0x10e4  MpKsl70f7a8ab - ok
16:39:58.0679 0x10e4  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
16:39:58.0679 0x10e4  mpsdrv - ok
16:39:58.0742 0x10e4  [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] MpsSvc          C:\Windows\system32\mpssvc.dll
16:39:58.0757 0x10e4  MpsSvc - ok
16:39:58.0757 0x10e4  [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
16:39:58.0757 0x10e4  Mraid35x - ok
16:39:58.0804 0x10e4  [ 82CEA0395524AACFEB58BA1448E8325C, 16E37990A291C848DE35F48EA7E09AE5B258AE589EB08A3FA2C60DC1278DE182 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
16:39:58.0820 0x10e4  MRxDAV - ok
16:39:58.0867 0x10e4  [ 1E94971C4B446AB2290DEB71D01CF0C2, 4701AA1B419AEF735CB2DA34532B0F1844433272C36D79F4EB55807E39B923D1 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
16:39:58.0867 0x10e4  mrxsmb - ok
16:39:58.0898 0x10e4  [ 4FCCB34D793B116423209C0F8B7A3B03, 7A483AEB691ADBE82779F12F0BB1CCCBFFD7E92902EC1ADC99AB7D129F887143 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:39:58.0913 0x10e4  mrxsmb10 - ok
16:39:58.0929 0x10e4  [ C3CB1B40AD4A0124D617A1199B0B9D7C, B975A39DE6D324C6274B6E3B883F36082A958F028335CEB3A37F44481EB284B3 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:39:58.0929 0x10e4  mrxsmb20 - ok
16:39:58.0945 0x10e4  [ 28023E86F17001F7CD9B15A5BC9AE07D, FC7EAA592C5F796E3BCD7F7EF261709CD899B33FC8486E594A480F143D0D6320 ] msahci          C:\Windows\system32\drivers\msahci.sys
16:39:58.0945 0x10e4  msahci - ok
16:39:58.0976 0x10e4  [ B03E3F64B70F8031E65EB26DA23DE91A, 73184B4A75C1EA5D10B9D78A9E705432551DE15231F10C5A31021896D0938D80 ] MSCamSvc        C:\Program Files\Microsoft LifeCam\MSCamS32.exe
16:39:58.0991 0x10e4  MSCamSvc - ok
16:39:58.0991 0x10e4  [ 4468B0F385A86ECDDAF8D3CA662EC0E7, EAEDC9CDD2EEC5000AF8190A4BE7729282576C3F88E64FDF57F455F5CECC81C9 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
16:39:58.0991 0x10e4  msdsm - ok
16:39:59.0007 0x10e4  [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC           C:\Windows\System32\msdtc.exe
16:39:59.0023 0x10e4  MSDTC - ok
16:39:59.0069 0x10e4  [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
16:39:59.0069 0x10e4  Msfs - ok
16:39:59.0085 0x10e4  [ 956741C67ABAA78B19AADC5474936842, 8D0B04E0E03CFF5A004500C8587BDD3C4E7FFACA552CC90C193CAE16F36A96E3 ] MSHUSBVideo     C:\Windows\system32\Drivers\nx6000.sys
16:39:59.0101 0x10e4  MSHUSBVideo - ok
16:39:59.0101 0x10e4  [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
16:39:59.0101 0x10e4  msisadrv - ok
16:39:59.0132 0x10e4  [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
16:39:59.0147 0x10e4  MSiSCSI - ok
16:39:59.0147 0x10e4  msiserver - ok
16:39:59.0163 0x10e4  [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
16:39:59.0163 0x10e4  MSKSSRV - ok
16:39:59.0194 0x10e4  [ B0F49DA36F30922F5DDC3B623B778FCE, EE025AEFA4A2095AFEABFB3A49639DA77D78068A3F5EEDA6C15D34853AFD5609 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
16:39:59.0194 0x10e4  MsMpSvc - ok
16:39:59.0194 0x10e4  [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
16:39:59.0194 0x10e4  MSPCLOCK - ok
16:39:59.0210 0x10e4  [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
16:39:59.0210 0x10e4  MSPQM - ok
16:39:59.0225 0x10e4  [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
16:39:59.0225 0x10e4  MsRPC - ok
16:39:59.0257 0x10e4  [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
16:39:59.0257 0x10e4  mssmbios - ok
16:39:59.0257 0x10e4  [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
16:39:59.0257 0x10e4  MSTEE - ok
16:39:59.0288 0x10e4  [ DCDAAB8697A47894A554050CE18D0B56, 32F08D9B2890DD01B56043CAB74B4D948E09E5A92B15C4F99160416B1CBEC3A0 ] MTsensor        C:\Windows\system32\DRIVERS\ASACPI.sys
16:39:59.0288 0x10e4  MTsensor - ok
16:39:59.0303 0x10e4  [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup             C:\Windows\system32\Drivers\mup.sys
16:39:59.0303 0x10e4  Mup - ok
16:39:59.0335 0x10e4  [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent        C:\Windows\system32\qagentRT.dll
16:39:59.0350 0x10e4  napagent - ok
16:39:59.0397 0x10e4  [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
16:39:59.0397 0x10e4  NativeWifiP - ok
16:39:59.0444 0x10e4  [ 1357274D1883F68300AEADD15D7BBB42, EE6352CBF0D9D633816F338159CDA27F1A805C3DDC3402D8605B50D8F3CD3300 ] NDIS            C:\Windows\system32\drivers\ndis.sys
16:39:59.0459 0x10e4  NDIS - ok
16:39:59.0491 0x10e4  [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
16:39:59.0491 0x10e4  NdisTapi - ok
16:39:59.0491 0x10e4  [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
16:39:59.0491 0x10e4  Ndisuio - ok
16:39:59.0506 0x10e4  [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
16:39:59.0506 0x10e4  NdisWan - ok
16:39:59.0522 0x10e4  [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
16:39:59.0522 0x10e4  NDProxy - ok
16:39:59.0631 0x10e4  [ 40D7D0A208EE863BCA8D89E299216F15, 4686E416A80D883B7C6CBE21E8D8D6C814D16DC48495F8ACFE7B4664560CA5E3 ] Nero BackItUp Scheduler 3 C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
16:39:59.0647 0x10e4  Nero BackItUp Scheduler 3 - ok
16:39:59.0662 0x10e4  [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
16:39:59.0662 0x10e4  NetBIOS - ok
16:39:59.0678 0x10e4  [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
16:39:59.0678 0x10e4  netbt - ok
16:39:59.0725 0x10e4  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] Netlogon        C:\Windows\system32\lsass.exe
16:39:59.0725 0x10e4  Netlogon - ok
16:39:59.0756 0x10e4  [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman          C:\Windows\System32\netman.dll
16:39:59.0771 0x10e4  Netman - ok
16:39:59.0787 0x10e4  [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm        C:\Windows\System32\netprofm.dll
16:39:59.0787 0x10e4  netprofm - ok
16:39:59.0818 0x10e4  [ D6C4E4A39A36029AC0813D476FBD0248, A0907D98580D1CD3007365CBBB53E84BEF39001E05912776F68EB0564B54B6EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:39:59.0818 0x10e4  NetTcpPortSharing - ok
16:39:59.0834 0x10e4  [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
16:39:59.0834 0x10e4  nfrd960 - ok
16:39:59.0881 0x10e4  [ 32FF06EC6D946EF791D98D6C838A3090, 319BDD491CB22D0CCCCE76A2854CF469D7AF046289F9C56CD03AE3D3CBC0275E ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
16:39:59.0881 0x10e4  NisDrv - ok
16:39:59.0927 0x10e4  [ 42D33042371BFB1A7D40834590CAFD30, 53DA3618EC10293B2DF686E291A4EF6ACBBD41D116EC762D54106D201A784E87 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
16:39:59.0927 0x10e4  NisSrv - ok
16:39:59.0943 0x10e4  [ 2997B15415F9BBE05B5A4C1C85E0C6A2, 5455536515FE740E18E090329FDCC40288724372AD18ACDB2CB4BB9D85CF681E ] NlaSvc          C:\Windows\System32\nlasvc.dll
16:39:59.0959 0x10e4  NlaSvc - ok
16:39:59.0990 0x10e4  [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
16:39:59.0990 0x10e4  Npfs - ok
16:40:00.0021 0x10e4  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi             C:\Windows\system32\nsisvc.dll
16:40:00.0021 0x10e4  nsi - ok
16:40:00.0021 0x10e4  [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
16:40:00.0021 0x10e4  nsiproxy - ok
16:40:00.0083 0x10e4  [ 2C1121F2B87E9A6B12485DF53CD848C7, E580428F3BA7B201C6C7CFADF1F44A6ECA4F589EDB034DA14260136236195936 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
16:40:00.0115 0x10e4  Ntfs - ok
16:40:00.0146 0x10e4  [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
16:40:00.0146 0x10e4  ntrigdigi - ok
16:40:00.0161 0x10e4  [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null            C:\Windows\system32\drivers\Null.sys
16:40:00.0161 0x10e4  Null - ok
16:40:00.0193 0x10e4  [ 1657F3FBD9061526C14FF37E79306F98, 8A3378E7A3D3314380EC76D21542B9A8A7AB0191338729B830AB6BEF786297BC ] NVENETFD        C:\Windows\system32\DRIVERS\nvm60x32.sys
16:40:00.0208 0x10e4  NVENETFD - ok
16:40:00.0473 0x10e4  [ B69E6F70CE1151C8D62ABC9DEF64DFBE, B7BD731D1CCF4E71EF1CF4AFA9189C1831306483B4BF57B12B89113A5230871B ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:40:00.0707 0x10e4  nvlddmkm - ok
16:40:00.0770 0x10e4  [ 1EFEC38A852AB35883BFFF3427B92B3F, 50E9EFDED9614328D9835EC395223622400AF0B683ECF90555DF339BD62D8911 ] NVNET           C:\Windows\system32\DRIVERS\nvmfdx32.sys
16:40:00.0770 0x10e4  NVNET - ok
16:40:00.0785 0x10e4  [ 2EDF9E7751554B42CBB60116DE727101, 37A0AA78E83DBB5A788F7F067EB71DDF6CCC72A66BB41B209E1A5E2F68F8AF9B ] nvraid          C:\Windows\system32\drivers\nvraid.sys
16:40:00.0801 0x10e4  nvraid - ok
16:40:00.0801 0x10e4  [ ABED0C09758D1D97DB0042DBB2688177, 84B9BF886EF9181915E8AB6D971446BC681E6DE4485DBECD62838EAFA10E7F46 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
16:40:00.0801 0x10e4  nvstor - ok
16:40:00.0848 0x10e4  [ DC5F166422BEEBF195E3E4BB8AB4EE22, C98539C12588A79ECAAA2CE50DCDDA801FB62AD401D7DA1056BE30F266F0E63B ] nvstor32        C:\Windows\system32\DRIVERS\nvstor32.sys
16:40:00.0848 0x10e4  nvstor32 - ok
16:40:00.0895 0x10e4  [ E4284FCF99FEA13A7E1836F87AE356F6, 541C40DD3483810632320E8F23427BB52593D156E876C6023BE7F7A8589383E8 ] nvsvc           C:\Windows\system32\nvvsvc.exe
16:40:00.0910 0x10e4  nvsvc - ok
16:40:01.0004 0x10e4  [ 03E60E0BFA53ED15DC984FA34B44BB0F, 50ABF2E303B9A2B6DDD0DB411C24C3CD6CC30AFA664B5682CF9189F96548CC10 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
16:40:01.0035 0x10e4  nvUpdatusService - ok
16:40:01.0066 0x10e4  [ 18BBDF913916B71BD54575BDB6EEAC0B, 5FBA165149AB09E869DCE35622E91CFC964BDD22B31A5E76CF12F1565402B207 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
16:40:01.0066 0x10e4  nv_agp - ok
16:40:01.0066 0x10e4  NwlnkFlt - ok
16:40:01.0082 0x10e4  NwlnkFwd - ok
16:40:01.0160 0x10e4  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:40:01.0175 0x10e4  odserv - ok
16:40:01.0175 0x10e4  [ BE32DA025A0BE1878F0EE8D6D9386CD5, B9D6CB4626FC67D108D713467C9ED8D0E2A071D98621B5531AD9D0C172FE7B89 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
16:40:01.0175 0x10e4  ohci1394 - ok
16:40:01.0222 0x10e4  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:40:01.0222 0x10e4  ose - ok
16:40:01.0269 0x10e4  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
16:40:01.0300 0x10e4  p2pimsvc - ok
16:40:01.0316 0x10e4  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc          C:\Windows\system32\p2psvc.dll
16:40:01.0331 0x10e4  p2psvc - ok
16:40:01.0347 0x10e4  [ 8A79FDF04A73428597E2CAF9D0D67850, DB438FDE5510AB2F350ED1AC4CF0E99D3CC665FE46533A438A8FDA4DAF950F93 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
16:40:01.0347 0x10e4  Parport - ok
16:40:01.0378 0x10e4  [ B9C2B89F08670E159F7181891E449CD9, BD48CE95CF4B75D1FD5FD379B2A8727BC000F2B6748B77636C6BDB0B37B0344A ] partmgr         C:\Windows\system32\drivers\partmgr.sys
16:40:01.0378 0x10e4  partmgr - ok
16:40:01.0394 0x10e4  [ 6C580025C81CAF3AE9E3617C22CAD00E, 64F9061196462085E5DCD3ACB97A0D8FC67CA9A96DDD6E2103AFFF1593AE236A ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
16:40:01.0394 0x10e4  Parvdm - ok
16:40:01.0425 0x10e4  [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc          C:\Windows\System32\pcasvc.dll
16:40:01.0425 0x10e4  PcaSvc - ok
16:40:01.0456 0x10e4  [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci             C:\Windows\system32\drivers\pci.sys
16:40:01.0472 0x10e4  pci - ok
16:40:01.0472 0x10e4  [ 1636D43F10416AEB483BC6001097B26C, 36E61A993693A46538FE0F726D67BB28886F61D53384AD600D1282296A27662E ] pciide          C:\Windows\system32\drivers\pciide.sys
16:40:01.0472 0x10e4  pciide - ok
16:40:01.0487 0x10e4  [ E6F3FB1B86AA519E7698AD05E58B04E5, 2C4B45DDD3B980C9DAA6F039CAEFCD6E84A4D5BB43AFBA73C0C42B5556C1303C ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
16:40:01.0503 0x10e4  pcmcia - ok
16:40:01.0565 0x10e4  [ C1C3BAF078BE5A14384A4BA2D730817D, 6E4D2F73A1CB250B3EE270CCE806A37EB2140E34EAF9F48C45CC12D2A451AA16 ] PDFProFiltSrvPP C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe
16:40:01.0565 0x10e4  PDFProFiltSrvPP - ok
16:40:01.0597 0x10e4  [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
16:40:01.0643 0x10e4  PEAUTH - ok
16:40:01.0721 0x10e4  [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla             C:\Windows\system32\pla.dll
16:40:01.0768 0x10e4  pla - ok
16:40:01.0815 0x10e4  [ 875E4E0661F3A5994DF9E5E3A0A4F96B, 7198C02935B3714C455EE94305D2A21D900D72AC67049C11A1E842572AD6C5E1 ] PLFlash DeviceIoControl Service C:\Windows\system32\IoctlSvc.exe
16:40:01.0815 0x10e4  PLFlash DeviceIoControl Service - ok
16:40:01.0877 0x10e4  [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
16:40:01.0877 0x10e4  PlugPlay - ok
16:40:01.0909 0x10e4  [ A1DD33D16F277CE34124EE52AB2C0F14, DB5215409D0B6C378567A6399C0170226CB1E2FE74D96B16C97A761D487C613F ] PnkBstrA        C:\Windows\system32\PnkBstrA.exe
16:40:01.0924 0x10e4  PnkBstrA - ok
16:40:01.0924 0x10e4  [ 9A386EC60A166DF66205343CA12C6B86, E67A39E0D39996FBF75850E41AF359ABD22A5BF02DDAA2515F4430BE4CF44701 ] PnkBstrB        C:\Windows\system32\PnkBstrB.exe
16:40:01.0940 0x10e4  PnkBstrB - ok
16:40:01.0987 0x10e4  [ 10BE25C04613B70D8CE1F412E14D9454, 8ABBD79D85E4020D7E3054F350559FD3F24A29A221638F90DD6209AAB439C018 ] PnkBstrK        C:\Windows\system32\drivers\PnkBstrK.sys
16:40:01.0987 0x10e4  PnkBstrK - ok
16:40:02.0002 0x10e4  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
16:40:02.0018 0x10e4  PNRPAutoReg - ok
16:40:02.0049 0x10e4  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
16:40:02.0065 0x10e4  PNRPsvc - ok
16:40:02.0080 0x10e4  [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
16:40:02.0096 0x10e4  PolicyAgent - ok
16:40:02.0111 0x10e4  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
16:40:02.0111 0x10e4  PptpMiniport - ok
16:40:02.0111 0x10e4  [ 2027293619DD0F047C584CF2E7DF4FFD, B7C172CCD08D8A30483D27536355ED1E5009B33629355B426470AFBA8542B394 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
16:40:02.0111 0x10e4  Processor - ok
16:40:02.0143 0x10e4  [ 0508FAA222D28835310B7BFCA7A77346, 3AE2340C6E365F137CC00D9560069501DD2724756EA9EBF7A6CDFFC91B43709C ] ProfSvc         C:\Windows\system32\profsvc.dll
16:40:02.0143 0x10e4  ProfSvc - ok
16:40:02.0158 0x10e4  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] ProtectedStorage C:\Windows\system32\lsass.exe
16:40:02.0158 0x10e4  ProtectedStorage - ok
16:40:02.0189 0x10e4  [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
16:40:02.0205 0x10e4  PSched - ok
16:40:02.0252 0x10e4  [ 0A6DB55AFB7820C99AA1F3A1D270F4F6, 8B7D44A7698B95FE34CBBE4FAB2F01EC1F5BA86C2B19672F99767E650E99BF1C ] ql2300          C:\Windows\system32\drivers\ql2300.sys
16:40:02.0283 0x10e4  ql2300 - ok
16:40:02.0283 0x10e4  [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
16:40:02.0283 0x10e4  ql40xx - ok
16:40:02.0299 0x10e4  [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE           C:\Windows\system32\qwave.dll
16:40:02.0314 0x10e4  QWAVE - ok
16:40:02.0314 0x10e4  [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
16:40:02.0314 0x10e4  QWAVEdrv - ok
16:40:02.0314 0x10e4  [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
16:40:02.0330 0x10e4  RasAcd - ok
16:40:02.0330 0x10e4  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto         C:\Windows\System32\rasauto.dll
16:40:02.0345 0x10e4  RasAuto - ok
16:40:02.0345 0x10e4  [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
16:40:02.0345 0x10e4  Rasl2tp - ok
16:40:02.0377 0x10e4  [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan          C:\Windows\System32\rasmans.dll
16:40:02.0392 0x10e4  RasMan - ok
16:40:02.0423 0x10e4  [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
16:40:02.0423 0x10e4  RasPppoe - ok
16:40:02.0439 0x10e4  [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
16:40:02.0439 0x10e4  RasSstp - ok
16:40:02.0486 0x10e4  [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
16:40:02.0486 0x10e4  rdbss - ok
16:40:02.0501 0x10e4  [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
16:40:02.0501 0x10e4  RDPCDD - ok
16:40:02.0517 0x10e4  [ FBC0BACD9C3D7F6956853F64A66E252D, 7672B10C7039295B152C02C96903E869FF2C0A88A2C3FA89BAE9F1D593B43569 ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
16:40:02.0533 0x10e4  rdpdr - ok
16:40:02.0533 0x10e4  [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
16:40:02.0533 0x10e4  RDPENCDD - ok
16:40:02.0579 0x10e4  [ C127EBD5AFAB31524662C48DFCEB773A, 40A6B88FEAFF02D1B5C0CA32F290CF3D9B48B85D248C7532F30CC5C09BAA4D89 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
16:40:02.0579 0x10e4  RDPWD - ok
16:40:02.0611 0x10e4  [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess    C:\Windows\System32\mprdim.dll
16:40:02.0611 0x10e4  RemoteAccess - ok
16:40:02.0642 0x10e4  [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
16:40:02.0657 0x10e4  RemoteRegistry - ok
16:40:02.0673 0x10e4  [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator      C:\Windows\system32\locator.exe
16:40:02.0673 0x10e4  RpcLocator - ok
16:40:02.0704 0x10e4  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] RpcSs           C:\Windows\system32\rpcss.dll
16:40:02.0720 0x10e4  RpcSs - ok
16:40:02.0735 0x10e4  [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
16:40:02.0735 0x10e4  rspndr - ok
16:40:02.0751 0x10e4  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] SamSs           C:\Windows\system32\lsass.exe
16:40:02.0751 0x10e4  SamSs - ok
16:40:02.0751 0x10e4  [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
16:40:02.0767 0x10e4  sbp2port - ok
16:40:02.0782 0x10e4  [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
16:40:02.0782 0x10e4  SCardSvr - ok
16:40:02.0829 0x10e4  [ 1A58069DB21D05EB2AB58EE5753EBE8D, EED8111EB613F4C93D1638C74FDB0A6DC6694E1B108DCD0D794B5B5F9B8C6EE4 ] Schedule        C:\Windows\system32\schedsvc.dll
16:40:02.0845 0x10e4  Schedule - ok
16:40:02.0891 0x10e4  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc     C:\Windows\System32\certprop.dll
16:40:02.0891 0x10e4  SCPolicySvc - ok
16:40:02.0938 0x10e4  [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
16:40:02.0938 0x10e4  SDRSVC - ok
16:40:02.0954 0x10e4  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
16:40:02.0954 0x10e4  secdrv - ok
16:40:02.0954 0x10e4  [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon        C:\Windows\system32\seclogon.dll
16:40:02.0969 0x10e4  seclogon - ok
16:40:02.0969 0x10e4  [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS            C:\Windows\system32\sens.dll
16:40:02.0985 0x10e4  SENS - ok
16:40:02.0985 0x10e4  [ CE9EC966638EF0B10B864DDEDF62A099, 2DEC5A8C947D87C12B342F15B8A552A0D49B979A2AC32D2C97FC7A3A76C34524 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
16:40:02.0985 0x10e4  Serenum - ok
16:40:03.0001 0x10e4  [ 6D663022DB3E7058907784AE14B69898, 54263888C64A7F010D3B5E399369B0F3FF3AF0A0DE8ADB502B98277533E4D45F ] Serial          C:\Windows\system32\DRIVERS\serial.sys
16:40:03.0016 0x10e4  Serial - ok
16:40:03.0032 0x10e4  [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
16:40:03.0032 0x10e4  sermouse - ok
16:40:03.0047 0x10e4  [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv      C:\Windows\system32\sessenv.dll
16:40:03.0047 0x10e4  SessionEnv - ok
16:40:03.0063 0x10e4  [ 3EFA810BDCA87F6ECC24F9832243FE86, E50FEA94DB9851A46A8A71A8C061AC953A9D5B14585382B3F0FFC84931A0A68F ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
16:40:03.0063 0x10e4  sffdisk - ok
16:40:03.0063 0x10e4  [ E95D451F7EA3E583AEC75F3B3EE42DC5, B014BE4F9B0C79ECCE2537D1CF4AAD48ACB4C5AD3DACAC4444F0F465B9689921 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
16:40:03.0063 0x10e4  sffp_mmc - ok
16:40:03.0063 0x10e4  [ 3D0EA348784B7AC9EA9BD9F317980979, 2500CE188C9B71C50E966FA575303AEFE50934E376C530AECEC7C7533C15EF08 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
16:40:03.0079 0x10e4  sffp_sd - ok
16:40:03.0079 0x10e4  [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
16:40:03.0079 0x10e4  sfloppy - ok
16:40:03.0094 0x10e4  [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
16:40:03.0110 0x10e4  SharedAccess - ok
16:40:03.0141 0x10e4  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:40:03.0157 0x10e4  ShellHWDetection - ok
16:40:03.0172 0x10e4  [ 1D76624A09A054F682D746B924E2DBC3, DC903DD466AB8899883253F09477B02E4E93A31C8B279F9F02BD555F1AA083B7 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
16:40:03.0172 0x10e4  sisagp - ok
16:40:03.0172 0x10e4  [ 43CB7AA756C7DB280D01DA9B676CFDE2, 08484CAEA0518C0A4CCCD292D8C803B27FEC453537EE1E4CEE74A7208356A474 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
16:40:03.0188 0x10e4  SiSRaid2 - ok
16:40:03.0188 0x10e4  [ A99C6C8B0BAA970D8AA59DDC50B57F94, 97AC9DD6DC4F58AC60E819B999BB157663EE7C1739521D16768AA9AC00DAD012 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
16:40:03.0188 0x10e4  SiSRaid4 - ok
16:40:03.0235 0x10e4  [ A4FAB5F7818A69DA6E740943CB8F7CA9, 6FA24FD46AD6642B21EF3BE4212FF22F3645EC7B0056859FCA184177F5C85AA2 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
16:40:03.0235 0x10e4  SkypeUpdate - ok
16:40:03.0359 0x10e4  [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc           C:\Windows\system32\SLsvc.exe
16:40:03.0469 0x10e4  slsvc - ok
16:40:03.0484 0x10e4  [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify      C:\Windows\system32\SLUINotify.dll
16:40:03.0500 0x10e4  SLUINotify - ok
16:40:03.0500 0x10e4  [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb             C:\Windows\system32\DRIVERS\smb.sys
16:40:03.0515 0x10e4  Smb - ok
16:40:03.0531 0x10e4  [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
16:40:03.0531 0x10e4  SNMPTRAP - ok
16:40:03.0531 0x10e4  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr           C:\Windows\system32\drivers\spldr.sys
16:40:03.0531 0x10e4  spldr - ok
16:40:03.0562 0x10e4  [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler         C:\Windows\System32\spoolsv.exe
16:40:03.0578 0x10e4  Spooler - ok
16:40:03.0625 0x10e4  [ 41987F9FC0E61ADF54F581E15029AD91, A46E718648C2DD3B43FC3798932C966315893A59442A0686CE46C605B9E4641E ] srv             C:\Windows\system32\DRIVERS\srv.sys
16:40:03.0625 0x10e4  srv - ok
16:40:03.0656 0x10e4  [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
16:40:03.0671 0x10e4  srv2 - ok
16:40:03.0687 0x10e4  [ 7605C0E1D01A08F3ECD743F38B834A44, 83A77E31004BCF83443F30EFC290E04BB1A2F332E8DFD614AB6E25B527C92299 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
16:40:03.0687 0x10e4  srvnet - ok
16:40:03.0703 0x10e4  [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
16:40:03.0718 0x10e4  SSDPSRV - ok
16:40:03.0718 0x10e4  [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc         C:\Windows\system32\sstpsvc.dll
16:40:03.0718 0x10e4  SstpSvc - ok
16:40:03.0749 0x10e4  Steam Client Service - ok
16:40:03.0812 0x10e4  [ 5A19667A580B1CE886EAF968B9743F45, 0A9EBE4057A0A6EF4732623794C2416A6BD8B87356DA46652BD92762505F57C7 ] Stereo Service  C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
16:40:03.0827 0x10e4  Stereo Service - ok
16:40:03.0874 0x10e4  [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc          C:\Windows\System32\wiaservc.dll
16:40:03.0890 0x10e4  stisvc - ok
16:40:03.0905 0x10e4  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
16:40:03.0905 0x10e4  swenum - ok
16:40:03.0937 0x10e4  [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv           C:\Windows\System32\swprv.dll
16:40:03.0952 0x10e4  swprv - ok
16:40:03.0968 0x10e4  [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
16:40:03.0968 0x10e4  Symc8xx - ok
16:40:03.0983 0x10e4  [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
16:40:03.0983 0x10e4  Sym_hi - ok
16:40:03.0983 0x10e4  [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
16:40:03.0983 0x10e4  Sym_u3 - ok
16:40:04.0030 0x10e4  [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain         C:\Windows\system32\sysmain.dll
16:40:04.0046 0x10e4  SysMain - ok
16:40:04.0077 0x10e4  [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:40:04.0077 0x10e4  TabletInputService - ok
16:40:04.0124 0x10e4  [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv         C:\Windows\System32\tapisrv.dll
16:40:04.0124 0x10e4  TapiSrv - ok
16:40:04.0155 0x10e4  [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS             C:\Windows\System32\tbssvc.dll
16:40:04.0155 0x10e4  TBS - ok
16:40:04.0217 0x10e4  [ 6D0D344F643E28B31262AC2682109A3C, 276736661876CE69A30CEED117AFCF26677221F278E234B9C7D03B85869B2C92 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
16:40:04.0233 0x10e4  Tcpip - ok
16:40:04.0264 0x10e4  [ 6D0D344F643E28B31262AC2682109A3C, 276736661876CE69A30CEED117AFCF26677221F278E234B9C7D03B85869B2C92 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
16:40:04.0280 0x10e4  Tcpip6 - ok
16:40:04.0311 0x10e4  [ 5877A786EF27E42C4E84D1356F922302, 1CDCC7D91086DC0FE80057EE8E1AE609A38DD9D241BC17145E7811C916E662C3 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
16:40:04.0311 0x10e4  tcpipreg - ok
16:40:04.0327 0x10e4  [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
16:40:04.0327 0x10e4  TDPIPE - ok
16:40:04.0342 0x10e4  [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
16:40:04.0342 0x10e4  TDTCP - ok
16:40:04.0358 0x10e4  [ 76B06EB8A01FC8624D699E7045303E54, EC30F244B48A35622ED3EE91792F6A1517C5A50770FAB3945E7A945EB7AF28A8 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
16:40:04.0358 0x10e4  tdx - ok
16:40:04.0389 0x10e4  [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
16:40:04.0389 0x10e4  TermDD - ok
16:40:04.0420 0x10e4  [ BB95DA09BEF6E7A131BFF3BA5032090D, BAF6997F8D944F85F0553957677866C7F22E72AA434BA45FFFB6CC41041070DC ] TermService     C:\Windows\System32\termsrv.dll
16:40:04.0436 0x10e4  TermService - ok
16:40:04.0451 0x10e4  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes          C:\Windows\system32\shsvcs.dll
16:40:04.0451 0x10e4  Themes - ok
16:40:04.0483 0x10e4  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER     C:\Windows\system32\mmcss.dll
16:40:04.0483 0x10e4  THREADORDER - ok
16:40:04.0498 0x10e4  [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks          C:\Windows\System32\trkwks.dll
16:40:04.0498 0x10e4  TrkWks - ok
16:40:04.0545 0x10e4  [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:40:04.0545 0x10e4  TrustedInstaller - ok
16:40:04.0561 0x10e4  [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3, 1CBB5106A32362ABDEE73BF170E205FE64DDBF826C5F6DFFCCD229F220B9C85E ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
16:40:04.0576 0x10e4  tssecsrv - ok
16:40:04.0576 0x10e4  [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
16:40:04.0576 0x10e4  tunmp - ok
16:40:04.0607 0x10e4  [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
16:40:04.0607 0x10e4  tunnel - ok
16:40:04.0623 0x10e4  [ 7D33C4DB2CE363C8518D2DFCF533941F, C6A539AD31B0BD9F895E0A537783AA75D5760C8590D83BA832D59A9B090CA0E9 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
16:40:04.0623 0x10e4  uagp35 - ok
16:40:04.0670 0x10e4  [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
16:40:04.0670 0x10e4  udfs - ok
16:40:04.0685 0x10e4  [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
16:40:04.0685 0x10e4  UI0Detect - ok
16:40:04.0701 0x10e4  [ B0ACFDC9E4AF279E9116C03E014B2B27, 455D30859E381361FF6EE8B01EDC22A2E66CD5EC22CA9F314E88009DB77A8BAF ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
16:40:04.0701 0x10e4  uliagpkx - ok
16:40:04.0717 0x10e4  [ 9224BB254F591DE4CA8D572A5F0D635C, C5E7B24587AC5A28ECA63300307AD95B8A846833340126AE378840A40E53C056 ] uliahci         C:\Windows\system32\drivers\uliahci.sys
16:40:04.0732 0x10e4  uliahci - ok
16:40:04.0732 0x10e4  [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata          C:\Windows\system32\drivers\ulsata.sys
16:40:04.0732 0x10e4  UlSata - ok
16:40:04.0748 0x10e4  [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
16:40:04.0748 0x10e4  ulsata2 - ok
16:40:04.0748 0x10e4  [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
16:40:04.0763 0x10e4  umbus - ok
16:40:04.0779 0x10e4  [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost        C:\Windows\System32\upnphost.dll
16:40:04.0779 0x10e4  upnphost - ok
16:40:04.0841 0x10e4  [ EAFE1E00739AFE6C51487A050E772E17, C005E635470AEB68131D922CAFFE2703626EAB4612932237B35F5562E559258A ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
16:40:04.0841 0x10e4  USBAAPL - ok
16:40:04.0873 0x10e4  [ 1114579556DB85E9FAF9590DBC64CD62, 10479A3C12BBBB9B5759082358FE11AC20BAEFA6B4977C8AE6E60AA17BE6C7FA ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
16:40:04.0904 0x10e4  usbaudio - ok
16:40:04.0935 0x10e4  [ AAB0B5F72D2D726FBFDC895A2902DE1D, 7824AF6E2ADEA23F208526F3A62AD1BACDBBDB23E58EB5806890B0761529C50F ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
16:40:04.0935 0x10e4  usbccgp - ok
16:40:04.0951 0x10e4  [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
16:40:04.0951 0x10e4  usbcir - ok
16:40:04.0982 0x10e4  [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266401431169DAE14 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
16:40:04.0997 0x10e4  usbehci - ok
16:40:05.0013 0x10e4  [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F146507603535CEBF0BA4684A4 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
16:40:05.0013 0x10e4  usbhub - ok
16:40:05.0029 0x10e4  [ D457EBD0C3A8B3A3A144355B5EE91CBC, 6AD52BDBB1607A48F0B02E663B97C3A00E3345B1B12C259608A5AE728C1C06B2 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
16:40:05.0029 0x10e4  usbohci - ok
16:40:05.0075 0x10e4  [ E75C4B5269091D15A2E7DC0B6D35F2F5, B0A4141B69B66276890836DE98EB8BC790D35CE59FA503060593E8CC12AA106B ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
16:40:05.0075 0x10e4  usbprint - ok
16:40:05.0091 0x10e4  [ 1D714B8497CD68307806D5D3F60A5169, 1914D92ECE39995168E3C8F5A7694B7A94954DB299410A2781D1321C8E60C3D9 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
16:40:05.0091 0x10e4  usbscan - ok
16:40:05.0107 0x10e4  [ BE3DA31C191BC222D9AD503C5224F2AD, 201FB0FDBF423342202686DC0D8A3221B7798AE04C04A649D3441C257C733CE8 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:40:05.0107 0x10e4  USBSTOR - ok
16:40:05.0122 0x10e4  [ 814D653EFC4D48BE3B04A307ECEFF56F, D73D62F51AEFE2F8F2B938B20107C246F2AC2F62ED49112DBD092A5D2E4024B3 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
16:40:05.0122 0x10e4  usbuhci - ok
16:40:05.0138 0x10e4  [ 73FF24E21B690625A58109637DDA0DF7, 62B1F9CD82678E2110D4BB5CC86EE8A7AB0757681443916620B6AAA1EF0DECEB ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
16:40:05.0153 0x10e4  usbvideo - ok
16:40:05.0185 0x10e4  [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms           C:\Windows\System32\uxsms.dll
16:40:05.0185 0x10e4  UxSms - ok
16:40:05.0216 0x10e4  [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds             C:\Windows\System32\vds.exe
16:40:05.0216 0x10e4  vds - ok
16:40:05.0231 0x10e4  [ 87B06E1F30B749A114F74622D013F8D4, 06C06EF87F7DC668D23B50AA5F419F62474ACF90E325E167491BF290286D6594 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
16:40:05.0231 0x10e4  vga - ok
16:40:05.0231 0x10e4  [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave         C:\Windows\System32\drivers\vga.sys
16:40:05.0231 0x10e4  VgaSave - ok
16:40:05.0247 0x10e4  [ 5D7159DEF58A800D5781BA3A879627BC, 499A8E51FDE61AE0D7C1812D1E5B331211A36BD095A4992C629B93DE6D80F4E6 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
16:40:05.0263 0x10e4  viaagp - ok
16:40:05.0263 0x10e4  [ C4F3A691B5BAD343E6249BD8C2D45DEE, 19DE07AD6CD51036FA8A6B8EE82F34D7F5264FF3A12CBE6E52BD036D0303E319 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
16:40:05.0263 0x10e4  ViaC7 - ok
16:40:05.0263 0x10e4  [ AADF5587A4063F52C2C3FED7887426FC, 0A74791A236FDAFCD045CFB79A159245B94F7C2033E0CD830C1B76F0F994E06D ] viaide          C:\Windows\system32\drivers\viaide.sys
16:40:05.0263 0x10e4  viaide - ok
16:40:05.0278 0x10e4  [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
16:40:05.0278 0x10e4  volmgr - ok
16:40:05.0309 0x10e4  [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
16:40:05.0309 0x10e4  volmgrx - ok
16:40:05.0356 0x10e4  [ 786DB5771F05EF300390399F626BF30A, 4A07BE5AEDBA4C15C2F9A91250F0488A0B0305C67BB7A037508D5CBF86D4E1B7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
16:40:05.0356 0x10e4  volsnap - ok
16:40:05.0372 0x10e4  [ 587253E09325E6BF226B299774B728A9, C9F46197819C2A095456393C518A9B00B59ECDC54F464D038AA7F8DCCDB93CCF ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
16:40:05.0372 0x10e4  vsmraid - ok
16:40:05.0419 0x10e4  [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS             C:\Windows\system32\vssvc.exe
16:40:05.0450 0x10e4  VSS - ok
16:40:05.0481 0x10e4  [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time         C:\Windows\system32\w32time.dll
16:40:05.0481 0x10e4  W32Time - ok
16:40:05.0497 0x10e4  [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
16:40:05.0497 0x10e4  WacomPen - ok
16:40:05.0497 0x10e4  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
16:40:05.0497 0x10e4  Wanarp - ok
16:40:05.0512 0x10e4  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
16:40:05.0512 0x10e4  Wanarpv6 - ok
16:40:05.0528 0x10e4  [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
16:40:05.0543 0x10e4  wcncsvc - ok
16:40:05.0575 0x10e4  [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:40:05.0590 0x10e4  WcsPlugInService - ok
16:40:05.0590 0x10e4  [ 78FE9542363F297B18C027B2D7E7C07F, 6BC3ED2A48EF41E1EE597FD58271DB12256EC013518663331CD0FBCB3FC415EE ] Wd              C:\Windows\system32\drivers\wd.sys
16:40:05.0590 0x10e4  Wd - ok
16:40:05.0637 0x10e4  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
16:40:05.0653 0x10e4  Wdf01000 - ok
16:40:05.0668 0x10e4  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost  C:\Windows\system32\wdi.dll
16:40:05.0668 0x10e4  WdiServiceHost - ok
16:40:05.0668 0x10e4  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost   C:\Windows\system32\wdi.dll
16:40:05.0668 0x10e4  WdiSystemHost - ok
16:40:05.0699 0x10e4  [ 04C37D8107320312FBAE09926103D5E2, 1C6726A9871CBACB240AFA93E57781515F01758D43693DDA395EA683D97234F0 ] WebClient       C:\Windows\System32\webclnt.dll
16:40:05.0699 0x10e4  WebClient - ok
16:40:05.0731 0x10e4  [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
16:40:05.0746 0x10e4  Wecsvc - ok
16:40:05.0746 0x10e4  [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport   C:\Windows\System32\wercplsupport.dll
16:40:05.0762 0x10e4  wercplsupport - ok
16:40:05.0777 0x10e4  [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc          C:\Windows\System32\WerSvc.dll
16:40:05.0777 0x10e4  WerSvc - ok
16:40:05.0840 0x10e4  [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
16:40:05.0840 0x10e4  WinDefend - ok
16:40:05.0840 0x10e4  WinHttpAutoProxySvc - ok
16:40:05.0871 0x10e4  [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
16:40:05.0887 0x10e4  Winmgmt - ok
16:40:05.0933 0x10e4  [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM           C:\Windows\system32\WsmSvc.dll
16:40:05.0980 0x10e4  WinRM - ok
16:40:06.0058 0x10e4  [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc         C:\Windows\System32\wlansvc.dll
16:40:06.0058 0x10e4  Wlansvc - ok
16:40:06.0089 0x10e4  [ 2E7255D172DF0B8283CDFB7B433B864E, 60C786CF0EA4A29B309B9457F0496D5A0AF1F093FC2C5D88078865814B7DBBA3 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
16:40:06.0089 0x10e4  WmiAcpi - ok
16:40:06.0121 0x10e4  [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
16:40:06.0136 0x10e4  wmiApSrv - ok
16:40:06.0167 0x10e4  [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
16:40:06.0199 0x10e4  WMPNetworkSvc - ok
16:40:06.0245 0x10e4  [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
16:40:06.0245 0x10e4  WPCSvc - ok
16:40:06.0277 0x10e4  [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
16:40:06.0292 0x10e4  WPDBusEnum - ok
16:40:06.0323 0x10e4  [ DE9D36F91A4DF3D911626643DEBF11EA, 8029ECE76E29276BFB6ED3387AC560A9A779AAF683A4416E96334FAF7BDBADA0 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
16:40:06.0323 0x10e4  WpdUsb - ok
16:40:06.0417 0x10e4  [ 15673BD0B86150CB8E27766059C72A9B, 56C23289A8BFF4945EE532CF6D62D3EC81B827CA15A359F30A327789F9FE9CAF ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
16:40:06.0433 0x10e4  WPFFontCache_v0400 - ok
16:40:06.0448 0x10e4  [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
16:40:06.0464 0x10e4  ws2ifsl - ok
16:40:06.0479 0x10e4  [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc          C:\Windows\system32\wscsvc.dll
16:40:06.0479 0x10e4  wscsvc - ok
16:40:06.0495 0x10e4  WSearch - ok
16:40:06.0573 0x10e4  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll
16:40:06.0651 0x10e4  wuauserv - ok
16:40:06.0713 0x10e4  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
16:40:06.0713 0x10e4  WudfPf - ok
16:40:06.0745 0x10e4  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
16:40:06.0745 0x10e4  WUDFRd - ok
16:40:06.0760 0x10e4  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
16:40:06.0776 0x10e4  wudfsvc - ok
16:40:06.0776 0x10e4  ================ Scan global ===============================
16:40:06.0838 0x10e4  [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\system32\basesrv.dll
16:40:06.0885 0x10e4  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
16:40:06.0901 0x10e4  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
16:40:06.0947 0x10e4  [ D4E6D91C1349B7BFB3599A6ADA56851B, 8748091BF27F05D28D45688E04DD9229A4B2E159209A64F457703F66A8CECE4D ] C:\Windows\system32\services.exe
16:40:06.0947 0x10e4  [ Global ] - ok
16:40:06.0947 0x10e4  ================ Scan MBR ==================================
16:40:06.0963 0x10e4  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
16:40:07.0244 0x10e4  \Device\Harddisk0\DR0 - ok
16:40:07.0259 0x10e4  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk1\DR1
16:40:07.0447 0x10e4  \Device\Harddisk1\DR1 - ok
16:40:07.0447 0x10e4  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk3\DR4
16:40:07.0462 0x10e4  \Device\Harddisk3\DR4 - ok
16:40:07.0462 0x10e4  ================ Scan VBR ==================================
16:40:07.0462 0x10e4  [ B063DBDCCF777F2A15A78E8234C36148 ] \Device\Harddisk0\DR0\Partition1
16:40:07.0525 0x10e4  \Device\Harddisk0\DR0\Partition1 - ok
16:40:07.0525 0x10e4  [ 0315AC50E267DE43E6DDCE7494105E83 ] \Device\Harddisk1\DR1\Partition1
16:40:07.0556 0x10e4  \Device\Harddisk1\DR1\Partition1 - ok
16:40:07.0556 0x10e4  [ 61ABBC2AA2D8939374DAB04A4520873C ] \Device\Harddisk3\DR4\Partition1
16:40:07.0556 0x10e4  \Device\Harddisk3\DR4\Partition1 - ok
16:40:07.0556 0x10e4  Waiting for KSN requests completion. In queue: 272
16:40:08.0570 0x10e4  Waiting for KSN requests completion. In queue: 272
16:40:09.0584 0x10e4  Waiting for KSN requests completion. In queue: 272
16:40:10.0613 0x10e4  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.4.304.0 ), 0x61000 ( enabled : updated )
16:40:10.0613 0x10e4  Win FW state via NFP2: enabled
16:40:13.0390 0x10e4  ============================================================
16:40:13.0390 0x10e4  Scan finished
16:40:13.0390 0x10e4  ============================================================
16:40:13.0390 0x1580  Detected object count: 0
16:40:13.0390 0x1580  Actual detected object count: 0
16:40:36.0151 0x1514  Deinitialize success


#4 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:02 AM

Posted 12 February 2014 - 07:14 AM

Add-/remove programms

Click on start-->control panel.

Vista/7: Open Programs and Features
XP: Open add/remove programs

Search for and remove the following programs

Ask Toolbar
Google Toolbar for Internet Explorer
McAfee Security Scan Plus


Close the window.

 

 

 

Combofix

Combofix should only be run when adviced by a team member!

Link


Important - Save the file to your desktop!


  • Deactivate any and all of your antivirus programs /spyware scanners - they can prevent CF from doing its work.
  • Run Combofix.exe


When finished, Combofix creates a log file named C:\Combofix.txt. Please post its content in your next reply.

Note: When receiving an error message containing ""Illegal operation attempted on a registry key that has been marked for deletion" simply restart your computer to fix this.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#5 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:02 AM

Posted 17 February 2014 - 09:20 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users