Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Explorer.exe 20% cpu usage when idle, am I infected?


  • Please log in to reply
9 replies to this topic

#1 HDLO

HDLO

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:03:03 PM

Posted 08 May 2014 - 06:05 PM

Hello I have a Windows 7 and from time to time my computer get kind of slow and the internet don't work (the internet connection is ok) and when I check the taskbar the explorer.exe using 20% of the CPU even when I'm not using any program. Sometimes it gets normal, but this problem keep hapening. A days ago I had a Malware.packer.gen but it was deleted with Malwarebytes Anti-Malware, it may have some relation? May I still have a virus?



BC AdBot (Login to Remove)

 


m

#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,240 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:03 PM

Posted 08 May 2014 - 09:39 PM

Welcome HDLO, lets look at these logs and see if it is improved after.

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



    Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .
    ADW Cleaner

    Please download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
  • -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on each one and uncheck any items you want to keep (except you cannot uncheck Chrome and Firefox preferences lines).


    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • .
    .
    .
    .
  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 HDLO

HDLO
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:03:03 PM

Posted 09 May 2014 - 03:02 PM

Thanks for helping! Here are the logs, they are in portugue, so if you want or help, I can translate them to english.  I must say that before I asked for help, I used the ADWCleaner, so if you need i can post the old log. 

 

MiniToolBox by Farbar  Version: 23-01-2014
Ran by Henrique (administrator) on 09-05-2014 at 13:08:36
Running from "C:\Users\Henrique\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Configura‡Æo de IP do Windows
 
Libera‡Æo do Cache do DNS Resolver bem-sucedida.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
 
127.0.0.1       localhost
 
========================= IP Configuration: ================================
 
Realtek PCIe GBE Family Controller = Conexão local (Connected)
DW1525 (802.11n) WLAN PCIe Card = Conexão de Rede sem Fio (Connected)
Hamachi Network Interface = Hamachi (Connected)
TAP-Win32 Adapter V9 (Tunngle) = Tunngle (Media disconnected)
 
 
# ----------------------------------
# Configura‡Æo de IPv4
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
add route prefix=0.0.0.0/0 interface="Hamachi" nexthop=25.0.0.1 publish=Sim
set interface interface="Hamachi-TM NDIS Sample LightWeight Filter-0000" forwarding=disabled advertise=disabled metric=9000 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
set interface interface="Hamachi" forwarding=disabled advertise=disabled metric=9000 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
 
 
popd
# Final da configura‡Æo IPv4
 
 
 
Configura‡Æo de IP do Windows
 
   Nome do host. . . . . . . . . . . . . . . . : Henrique-PC
   Sufixo DNS prim rio . . . . . . . . . . . . : 
   Tipo de n¢. . . . . . . . . . . . . . . . . : desconhecido
   Roteamento de IP ativado. . . . . . . . . . : nÆo
   Proxy WINS ativado. . . . . . . . . . . . . : nÆo
   Lista de pesquisa de sufixo DNS . . . . . . : lan
 
Adaptador Ethernet Tunngle:
 
   Estado da m¡dia. . . . . . . . . . . . . .  : m¡dia desconectada
   Sufixo DNS espec¡fico de conexÆo. . . . . . : 
   Descri‡Æo . . . . . . . . . . . . . . . . . : TAP-Win32 Adapter V9 (Tunngle)
   Endere‡o F¡sico . . . . . . . . . . . . . . : 00-FF-45-6A-E8-11
   DHCP Habilitado . . . . . . . . . . . . . . : Sim
   Configura‡Æo Autom tica Habilitada. . . . . : Sim
 
Adaptador de Rede sem Fio ConexÆo de Rede sem Fio:
 
   Sufixo DNS espec¡fico de conexÆo. . . . . . : lan
   Descri‡Æo . . . . . . . . . . . . . . . . . : DW1525 (802.11n) WLAN PCIe Card
   Endere‡o F¡sico . . . . . . . . . . . . . . : 60-D8-19-40-43-30
   DHCP Habilitado . . . . . . . . . . . . . . : Sim
   Configura‡Æo Autom tica Habilitada. . . . . : Sim
   Endere‡o IPv6 de link local . . . . . . . . : fe80::1546:5fb9:f119:179f%13(Preferencial) 
   Endere‡o IPv4. . . . . . . .  . . . . . . . : 192.168.1.108(Preferencial) 
   M scara de Sub-rede . . . . . . . . . . . . : 255.255.255.0
   ConcessÆo Obtida. . . . . . . . . . . . . . : sexta-feira, 9 de maio de 2014 13:04:06
   ConcessÆo Expira. . . . . . . . . . . . . . : s bado, 10 de maio de 2014 13:04:06
   Gateway PadrÆo. . . . . . . . . . . . . . . : 192.168.1.1
   Servidor DHCP . . . . . . . . . . . . . . . : 192.168.1.1
   IAID de DHCPv6. . . . . . . . . . . . . . . : 241227801
   DUID de Cliente DHCPv6. . . . . . . . . . . : 00-01-00-01-16-B2-02-6C-78-2B-CB-C3-56-EE
   Servidores DNS. . . . . . . . . . . . . . . : 200.204.0.10
                                                 200.204.0.138
   NetBIOS em Tcpip. . . . . . . . . . . . . . : Habilitado
 
Adaptador Ethernet ConexÆo local:
 
   Sufixo DNS espec¡fico de conexÆo. . . . . . : lan
   Descri‡Æo . . . . . . . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Endere‡o F¡sico . . . . . . . . . . . . . . : 78-2B-CB-C3-56-EE
   DHCP Habilitado . . . . . . . . . . . . . . : Sim
   Configura‡Æo Autom tica Habilitada. . . . . : Sim
   Endere‡o IPv6 de link local . . . . . . . . : fe80::2542:37e:196d:8748%11(Preferencial) 
   Endere‡o IPv4. . . . . . . .  . . . . . . . : 192.168.1.106(Preferencial) 
   M scara de Sub-rede . . . . . . . . . . . . : 255.255.255.0
   ConcessÆo Obtida. . . . . . . . . . . . . . : sexta-feira, 9 de maio de 2014 13:04:01
   ConcessÆo Expira. . . . . . . . . . . . . . : s bado, 10 de maio de 2014 13:04:01
   Gateway PadrÆo. . . . . . . . . . . . . . . : 192.168.1.1
   Servidor DHCP . . . . . . . . . . . . . . . : 192.168.1.1
   IAID de DHCPv6. . . . . . . . . . . . . . . : 242756555
   DUID de Cliente DHCPv6. . . . . . . . . . . : 00-01-00-01-16-B2-02-6C-78-2B-CB-C3-56-EE
   Servidores DNS. . . . . . . . . . . . . . . : 200.204.0.10
                                                 200.204.0.138
   NetBIOS em Tcpip. . . . . . . . . . . . . . : Habilitado
 
Adaptador Ethernet Hamachi:
 
   Sufixo DNS espec¡fico de conexÆo. . . . . . : 
   Descri‡Æo . . . . . . . . . . . . . . . . . : Hamachi Network Interface
   Endere‡o F¡sico . . . . . . . . . . . . . . : 7A-79-19-18-6C-48
   DHCP Habilitado . . . . . . . . . . . . . . : Sim
   Configura‡Æo Autom tica Habilitada. . . . . : Sim
   Endere‡o IPv6 . . . . . . . . . . . . . . . : 2620:9b::1918:6c48(Preferencial) 
   Endere‡o IPv6 de link local . . . . . . . . : fe80::998b:eb5f:8713:657%16(Preferencial) 
   Endere‡o IPv4. . . . . . . .  . . . . . . . : 25.24.108.72(Preferencial) 
   M scara de Sub-rede . . . . . . . . . . . . : 255.0.0.0
   ConcessÆo Obtida. . . . . . . . . . . . . . : sexta-feira, 9 de maio de 2014 13:04:01
   ConcessÆo Expira. . . . . . . . . . . . . . : s bado, 9 de maio de 2015 13:06:07
   Gateway PadrÆo. . . . . . . . . . . . . . . : 2620:9b::1900:1
                                                 25.0.0.1
   Servidor DHCP . . . . . . . . . . . . . . . : 25.0.0.1
   IAID de DHCPv6. . . . . . . . . . . . . . . : 578451948
   DUID de Cliente DHCPv6. . . . . . . . . . . : 00-01-00-01-16-B2-02-6C-78-2B-CB-C3-56-EE
   Servidores DNS. . . . . . . . . . . . . . . : fec0:0:0:ffff::1%1
                                                 fec0:0:0:ffff::2%1
                                                 fec0:0:0:ffff::3%1
   NetBIOS em Tcpip. . . . . . . . . . . . . . : Habilitado
 
Adaptador de t£nel isatap.lan:
 
   Estado da m¡dia. . . . . . . . . . . . . .  : m¡dia desconectada
   Sufixo DNS espec¡fico de conexÆo. . . . . . : lan
   Descri‡Æo . . . . . . . . . . . . . . . . . : Adaptador do Microsoft ISATAP
   Endere‡o F¡sico . . . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Habilitado . . . . . . . . . . . . . . : NÆo
   Configura‡Æo Autom tica Habilitada. . . . . : Sim
 
Adaptador de t£nel ConexÆo Local* 9:
 
   Sufixo DNS espec¡fico de conexÆo. . . . . . : 
   Descri‡Æo . . . . . . . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Endere‡o F¡sico . . . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Habilitado . . . . . . . . . . . . . . : NÆo
   Configura‡Æo Autom tica Habilitada. . . . . : Sim
   Endere‡o IPv6 . . . . . . . . . . . . . . . : 2001:0:9d38:6abd:308a:17b4:42ed:7f7b(Preferencial) 
   Endere‡o IPv6 de link local . . . . . . . . : fe80::308a:17b4:42ed:7f7b%12(Preferencial) 
   Gateway PadrÆo. . . . . . . . . . . . . . . : 
   NetBIOS em Tcpip. . . . . . . . . . . . . . : Desabilitado
 
Adaptador de t£nel isatap.{456AE811-0B09-439A-A92F-A043C567AAFA}:
 
   Estado da m¡dia. . . . . . . . . . . . . .  : m¡dia desconectada
   Sufixo DNS espec¡fico de conexÆo. . . . . . : 
   Descri‡Æo . . . . . . . . . . . . . . . . . : Adaptador do Microsoft ISATAP #2
   Endere‡o F¡sico . . . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Habilitado . . . . . . . . . . . . . . : NÆo
   Configura‡Æo Autom tica Habilitada. . . . . : Sim
 
Adaptador de t£nel isatap.{8AC94DED-12CC-4289-B34E-6B185F83C8DD}:
 
   Estado da m¡dia. . . . . . . . . . . . . .  : m¡dia desconectada
   Sufixo DNS espec¡fico de conexÆo. . . . . . : 
   Descri‡Æo . . . . . . . . . . . . . . . . . : Adaptador do Microsoft ISATAP #4
   Endere‡o F¡sico . . . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Habilitado . . . . . . . . . . . . . . : NÆo
   Configura‡Æo Autom tica Habilitada. . . . . : Sim
Servidor:  resolver1.telesp.net.br
Address:  200.204.0.10
 
Nome:    google.com
Addresses:  2800:3f0:4001:816::1006
 173.194.118.98
 173.194.118.100
 173.194.118.99
 173.194.118.101
 173.194.118.104
 173.194.118.97
 173.194.118.110
 173.194.118.102
 173.194.118.96
 173.194.118.103
 173.194.118.105
 
 
Disparando google.com [173.194.118.66] com 32 bytes de dados:
Resposta de 173.194.118.66: bytes=32 tempo=34ms TTL=55
Resposta de 173.194.118.66: bytes=32 tempo=34ms TTL=55
 
Estat¡sticas do Ping para 173.194.118.66:
    Pacotes: Enviados = 2, Recebidos = 2, Perdidos = 0 (0% de
             perda),
Aproximar um n£mero redondo de vezes em milissegundos:
    M¡nimo = 34ms, M ximo = 34ms, M‚dia = 34ms
Servidor:  resolver1.telesp.net.br
Address:  200.204.0.10
 
Nome:    yahoo.com
Addresses:  98.139.183.24
 206.190.36.45
 98.138.253.109
 
 
Disparando yahoo.com [206.190.36.45] com 32 bytes de dados:
Resposta de 206.190.36.45: bytes=32 tempo=238ms TTL=49
Resposta de 206.190.36.45: bytes=32 tempo=248ms TTL=49
 
Estat¡sticas do Ping para 206.190.36.45:
    Pacotes: Enviados = 2, Recebidos = 2, Perdidos = 0 (0% de
             perda),
Aproximar um n£mero redondo de vezes em milissegundos:
    M¡nimo = 238ms, M ximo = 248ms, M‚dia = 243ms
 
Disparando 127.0.0.1 com 32 bytes de dados:
Resposta de 127.0.0.1: bytes=32 tempo<1ms TTL=128
Resposta de 127.0.0.1: bytes=32 tempo<1ms TTL=128
 
Estat¡sticas do Ping para 127.0.0.1:
    Pacotes: Enviados = 2, Recebidos = 2, Perdidos = 0 (0% de
             perda),
Aproximar um n£mero redondo de vezes em milissegundos:
    M¡nimo = 0ms, M ximo = 0ms, M‚dia = 0ms
===========================================================================
Lista de interfaces
 22...00 ff 45 6a e8 11 ......TAP-Win32 Adapter V9 (Tunngle)
 13...60 d8 19 40 43 30 ......DW1525 (802.11n) WLAN PCIe Card
 11...78 2b cb c3 56 ee ......Realtek PCIe GBE Family Controller
 16...7a 79 19 18 6c 48 ......Hamachi Network Interface
  1...........................Software Loopback Interface 1
 17...00 00 00 00 00 00 00 e0 Adaptador do Microsoft ISATAP
 12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 18...00 00 00 00 00 00 00 e0 Adaptador do Microsoft ISATAP #2
 15...00 00 00 00 00 00 00 e0 Adaptador do Microsoft ISATAP #4
===========================================================================
 
Tabela de rotas IPv4
===========================================================================
Rotas ativas:
Endere‡o de rede          M scara   Ender. gateway       Interface   Custo
          0.0.0.0          0.0.0.0         25.0.0.1     25.24.108.72   9256
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.106     20
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.108     25
         25.0.0.0        255.0.0.0      No v¡nculo      25.24.108.72   9256
     25.24.108.72  255.255.255.255      No v¡nculo      25.24.108.72   9256
   25.255.255.255  255.255.255.255      No v¡nculo      25.24.108.72   9256
        127.0.0.0        255.0.0.0      No v¡nculo         127.0.0.1    306
        127.0.0.1  255.255.255.255      No v¡nculo         127.0.0.1    306
  127.255.255.255  255.255.255.255      No v¡nculo         127.0.0.1    306
      192.168.1.0    255.255.255.0      No v¡nculo     192.168.1.106    276
      192.168.1.0    255.255.255.0      No v¡nculo     192.168.1.108    281
    192.168.1.106  255.255.255.255      No v¡nculo     192.168.1.106    276
    192.168.1.108  255.255.255.255      No v¡nculo     192.168.1.108    281
    192.168.1.255  255.255.255.255      No v¡nculo     192.168.1.106    276
    192.168.1.255  255.255.255.255      No v¡nculo     192.168.1.108    281
        224.0.0.0        240.0.0.0      No v¡nculo         127.0.0.1    306
        224.0.0.0        240.0.0.0      No v¡nculo     192.168.1.106    276
        224.0.0.0        240.0.0.0      No v¡nculo      25.24.108.72   9256
        224.0.0.0        240.0.0.0      No v¡nculo     192.168.1.108    281
  255.255.255.255  255.255.255.255      No v¡nculo         127.0.0.1    306
  255.255.255.255  255.255.255.255      No v¡nculo     192.168.1.106    276
  255.255.255.255  255.255.255.255      No v¡nculo      25.24.108.72   9256
  255.255.255.255  255.255.255.255      No v¡nculo     192.168.1.108    281
===========================================================================
Rotas persistentes:
  Endere‡o de rede         M scara  Ender. gateway    Custo
          0.0.0.0          0.0.0.0         25.0.0.1  PadrÆo 
===========================================================================
 
Tabela de rotas IPv6
===========================================================================
Rotas ativas:
 Se destino de rede de m‚trica      Gateway
 16   9020 ::/0                     2620:9b::1900:1
  1    306 ::1/128                  No v¡nculo
 12     58 2001::/32                No v¡nculo
 12    306 2001:0:9d38:6abd:308a:17b4:42ed:7f7b/128
                                    No v¡nculo
 16    276 2620:9b::/96             No v¡nculo
 16    276 2620:9b::1918:6c48/128   No v¡nculo
 11    276 fe80::/64                No v¡nculo
 16    276 fe80::/64                No v¡nculo
 13    281 fe80::/64                No v¡nculo
 12    306 fe80::/64                No v¡nculo
 13    281 fe80::1546:5fb9:f119:179f/128
                                    No v¡nculo
 11    276 fe80::2542:37e:196d:8748/128
                                    No v¡nculo
 12    306 fe80::308a:17b4:42ed:7f7b/128
                                    No v¡nculo
 16    276 fe80::998b:eb5f:8713:657/128
                                    No v¡nculo
  1    306 ff00::/8                 No v¡nculo
 12    306 ff00::/8                 No v¡nculo
 11    276 ff00::/8                 No v¡nculo
 16    276 ff00::/8                 No v¡nculo
 13    281 ff00::/8                 No v¡nculo
===========================================================================
Rotas persistentes:
 Se destino de rede de m‚trica      Gateway
  0 4294967295 2620:9b::/96             No v¡nculo
  0   9000 ::/0                     2620:9b::1900:1
  0   9000 ::/0                     2620:9b::500:1
  0 4294967295 2620:9b::/96             No v¡nculo
  0   9000 ::/0                     2620:9b::1900:1
  0 4294967295 2620:9b::/96             No v¡nculo
  0   9000 ::/0                     2620:9b::1900:1
===========================================================================
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (05/09/2014 01:05:50 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/09/2014 01:05:37 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall
 
Error: (05/08/2014 09:57:14 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9969
 
Error: (05/08/2014 09:57:14 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9969
 
Error: (05/08/2014 09:57:14 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
 
System errors:
=============
Error: (05/09/2014 01:26:08 AM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
 
 
Microsoft Office Sessions:
=========================
Error: (05/09/2014 01:05:50 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/09/2014 01:05:37 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall
 
Error: (05/08/2014 09:57:14 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9969
 
Error: (05/08/2014 09:57:14 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9969
 
Error: (05/08/2014 09:57:14 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-03-05 19:13:03.824
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-03-05 19:13:03.778
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-03-05 19:13:03.626
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-03-05 19:13:03.576
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-03-04 16:52:53.381
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-03-04 16:52:53.319
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-03-04 16:52:53.256
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-03-04 16:52:53.209
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-02-26 15:51:28.096
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-02-26 15:51:28.046
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
=========================== Installed Programs ============================
 
µTorrent (Version: 3.2.0)
8BitMMO
Adobe AIR (Version: 3.1.0.4880)
Adobe Download Assistant (Version: 1.0.6)
Adobe Flash Player 13 ActiveX (Version: 13.0.0.206)
Adobe Flash Player 13 Plugin (Version: 13.0.0.206)
Adobe Reader XI (11.0.06) - Português (Version: 11.0.06)
Age of Empires II - The Conquerors - 1.0e Patch FINAL (Version: 1.0e)
Age of Empires® III: Complete Collection
Alan Wake
AMD APP SDK Runtime (Version: 2.4.650.9)
APB Reloaded (Hoplon) (Version: 1.6.2.607756)
APB Reloaded (Version: 1.3.9.569452)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
ATI AVIVO64 Codecs (Version: 11.6.0.10628)
ATI Catalyst Install Manager (Version: 3.0.829.0)
Bonjour (Version: 3.0.0.10)
Borderlands.2.Incl.All.24.DLC.[1.7].W.B.Repack
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center (Version: 2011.0628.2340.40663)
Catalyst Control Center InstallProxy (Version: 2011.0628.2340.40663)
Catalyst Control Center Localization All (Version: 2011.0628.2340.40663)
CCC Help Chinese Standard (Version: 2011.0628.2339.40663)
CCC Help Chinese Traditional (Version: 2011.0628.2339.40663)
CCC Help Czech (Version: 2011.0628.2339.40663)
CCC Help Danish (Version: 2011.0628.2339.40663)
CCC Help Dutch (Version: 2011.0628.2339.40663)
CCC Help English (Version: 2011.0628.2339.40663)
CCC Help Finnish (Version: 2011.0628.2339.40663)
CCC Help French (Version: 2011.0628.2339.40663)
CCC Help German (Version: 2011.0628.2339.40663)
CCC Help Greek (Version: 2011.0628.2339.40663)
CCC Help Hungarian (Version: 2011.0628.2339.40663)
CCC Help Italian (Version: 2011.0628.2339.40663)
CCC Help Japanese (Version: 2011.0628.2339.40663)
CCC Help Korean (Version: 2011.0628.2339.40663)
CCC Help Norwegian (Version: 2011.0628.2339.40663)
CCC Help Polish (Version: 2011.0628.2339.40663)
CCC Help Portuguese (Version: 2011.0628.2339.40663)
CCC Help Russian (Version: 2011.0628.2339.40663)
CCC Help Spanish (Version: 2011.0628.2339.40663)
CCC Help Swedish (Version: 2011.0628.2339.40663)
CCC Help Thai (Version: 2011.0628.2339.40663)
CCC Help Turkish (Version: 2011.0628.2339.40663)
ccc-utility64 (Version: 2011.0628.2340.40663)
CCleaner (Version: 4.10)
Combat Arms
Conexant HD Audio (Version: 8.50.4.0)
Controle ActiveX do Windows Live Mesh para Conexões Remotas (Version: 15.4.5722.2)
Counter-Strike: Source
D3DX10 (Version: 15.4.2368.0902)
Dark Souls: Prepare to Die Edition
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell Backup and Recovery Manager (Version: 1.3.1)
Dell Edoc Viewer (Version: 1.0.0)
DirectX 9 Runtime (Version: 1.00.0000)
ESET Online Scanner v3
Face of Mankind
Freecorder 5 (Version: 5.11)
Gameforge Live 1.10.0 "Legend" (Version: 1.10.0)
GamersFirst LIVE!
Gerenciador de Downloads (Version: 0.9.3.40)
Google Chrome (Version: 34.0.1847.131)
Google Update Helper (Version: 1.3.23.9)
iCloud (Version: 3.1.0.40)
iTunes (Version: 11.0.2.26)
Java 7 Update 51 (Version: 7.0.510)
Java Auto Updater (Version: 2.1.9.8)
Java™ 7 Update 1 (64-bit) (Version: 7.0.10)
JavaFX 2.1.0 (Version: 2.1.0)
Junk Mail filter update (Version: 15.4.3502.0922)
Last.fm Scrobbler 2.1.36
Loadout
LogMeIn Hamachi (Version: 2.2.0.188)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938)
Microsoft Age of Empires II
Microsoft Age of Empires II: The Conquerors Expansion
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft Office Access MUI (Portuguese (Brazil)) 2010 (Version: 14.0.7015.1000)
Microsoft Office Excel MUI (Portuguese (Brazil)) 2010 (Version: 14.0.7015.1000)
Microsoft Office Home and Student 2010 (Version: 14.0.7015.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000)
Microsoft Office OneNote MUI (Portuguese (Brazil)) 2010 (Version: 14.0.7015.1000)
Microsoft Office Outlook MUI (Portuguese (Brazil)) 2010 (Version: 14.0.7015.1000)
Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (Portuguese (Brazil)) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proofing (Portuguese (Brazil)) 2010 (Version: 14.0.7015.1000)
Microsoft Office Publisher MUI (Portuguese (Brazil)) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared 64-bit MUI (Portuguese (Brazil)) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared MUI (Portuguese (Brazil)) 2010 (Version: 14.0.7015.1000)
Microsoft Office Single Image 2010 (Version: 14.0.7015.1000)
Microsoft Office Word MUI (Portuguese (Brazil)) 2010 (Version: 14.0.7015.1000)
Microsoft Silverlight (Version: 5.1.30214.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (Version: 11.0.51106.1)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (Version: 11.0.51106)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (Version: 11.0.51106)
Microsoft XNA Framework Redistributable 4.0 (Version: 4.0.20823.0)
Mirror's Edge
MotioninJoy Gamepad tool 0.7.0000 (Version: 0.7.0000)
Mount & Blade: Warband
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
My Dell (Version: 3.5.6426.22)
NVIDIA PhysX (Version: 9.12.1031)
Origin (Version: 9.3.1.4482)
Paint XP version 1.2 (Version: 1.2)
Pando Media Booster (Version: 2.6.0.8)
Path of Exile (Version: 1.1.3.32881)
PhotoShowExpress (Version: 2.0.063)
PunkBuster Services (Version: 0.993)
QuickTime (Version: 7.73.80.64)
RBVirtualFolder64Inst (Version: 1.00.0000)
Remere's Map Editor (Version: 1.1.10)
Roxio Activation Module (Version: 1.0)
Roxio BackOnTrack (Version: 1.3.3)
Roxio Burn (Version: 1.8)
Roxio Creator Starter (Version: 1.0.439)
Roxio Creator Starter (Version: 12.1.77.0)
Roxio Creator Starter (Version: 5.0.0)
Roxio Express Labeler 3 (Version: 3.2.2)
Roxio File Backup (Version: 1.3.2)
Samsung ML-1865W Series
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
Skype™ 6.14 (Version: 6.14.104)
Sonic CinePlayer Decoder Pack (Version: 4.3.0)
Steam (Version: 1.0.0.0)
Suporte para Aplicativos Apple (Version: 2.3.3)
System Requirements Lab CYRI (Version: 6.0.8.0)
TeamSpeak 3 Client (Version: 3.0.14)
Terraria
The Sims™ 3 (Version: 1.55.4)
Tibia (Version: 8.60)
Tibia MULTI-ip changer
Trend Micro Titanium Internet Security (Version: 3.00)
Trend Micro Titanium Internet Security (Version: 3.1)
Tunngle beta
Unity Web Player (Version: )
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition
Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition
Update for Microsoft Visio 2010 (KB2553444) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
VLC media player 2.0.2 (Version: 2.0.2)
War of the Triple Alliance
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live Galeria de Fotos (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinRAR 4.10 (32-bit) (Version: 4.10.0)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 56%
Total physical RAM: 4078.64 MB
Available physical RAM: 1767.61 MB
Total Pagefile: 8155.47 MB
Available Pagefile: 5800.74 MB
Total Virtual: 4095.88 MB
Available Virtual: 3974.87 MB
 
========================= Partitions: =====================================
 
1 Drive c: (OS) (Fixed) (Total:452.57 GB) (Free:232.44 GB) NTFS
 
========================= Users: ========================================
 
Contas de usu rio para \\HENRIQUE-PC
 
Administrador            Convidado                Henrique                 
Comando conclu¡do com ˆxito.
 
 
**** End of log ****
__________________________________________________________________________________________________________________
TDSSKiller log:
 
13:13:26.0723 0x09c4  TDSS rootkit removing tool 3.0.0.34 Apr 29 2014 18:20:10
13:13:33.0408 0x09c4  ============================================================
13:13:33.0408 0x09c4  Current date / time: 2014/05/09 13:13:33.0408
13:13:33.0408 0x09c4  SystemInfo:
13:13:33.0408 0x09c4  
13:13:33.0408 0x09c4  OS Version: 6.1.7601 ServicePack: 1.0
13:13:33.0408 0x09c4  Product type: Workstation
13:13:33.0408 0x09c4  ComputerName: HENRIQUE-PC
13:13:33.0409 0x09c4  UserName: Henrique
13:13:33.0409 0x09c4  Windows directory: C:\Windows
13:13:33.0409 0x09c4  System windows directory: C:\Windows
13:13:33.0409 0x09c4  Running under WOW64
13:13:33.0409 0x09c4  Processor architecture: Intel x64
13:13:33.0409 0x09c4  Number of processors: 4
13:13:33.0409 0x09c4  Page size: 0x1000
13:13:33.0409 0x09c4  Boot type: Normal boot
13:13:33.0409 0x09c4  ============================================================
13:13:36.0729 0x09c4  KLMD registered as C:\Windows\system32\drivers\87996307.sys
13:13:37.0034 0x09c4  System UUID: {3E96AD79-BED7-AE6C-2183-DC9474BA28B5}
13:13:37.0916 0x09c4  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:13:37.0924 0x09c4  ============================================================
13:13:37.0924 0x09c4  \Device\Harddisk0\DR0:
13:13:37.0924 0x09c4  MBR partitions:
13:13:37.0924 0x09c4  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1A4D000
13:13:37.0924 0x09c4  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1A61000, BlocksNum 0x38924800
13:13:37.0924 0x09c4  ============================================================
13:13:37.0951 0x09c4  C: <-> \Device\Harddisk0\DR0\Partition2
13:13:37.0951 0x09c4  ============================================================
13:13:37.0951 0x09c4  Initialize success
13:13:37.0951 0x09c4  ============================================================
13:13:42.0969 0x07c8  ============================================================
13:13:42.0969 0x07c8  Scan started
13:13:42.0969 0x07c8  Mode: Manual; 
13:13:42.0969 0x07c8  ============================================================
13:13:42.0969 0x07c8  KSN ping started
13:14:19.0090 0x07c8  KSN ping finished: true
13:14:19.0778 0x07c8  ================ Scan system memory ========================
13:14:19.0778 0x07c8  System memory - ok
13:14:19.0778 0x07c8  ================ Scan services =============================
13:14:19.0884 0x07c8  1394hub - ok
13:14:19.0920 0x07c8  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
13:14:19.0951 0x07c8  1394ohci - ok
13:14:19.0983 0x07c8  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
13:14:19.0988 0x07c8  ACPI - ok
13:14:19.0991 0x07c8  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
13:14:20.0004 0x07c8  AcpiPmi - ok
13:14:20.0096 0x07c8  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:14:20.0140 0x07c8  AdobeARMservice - ok
13:14:20.0258 0x07c8  [ 7C7E868E1D8096ED08D80FF7712BB9D8, EB4438F3CC377728173E018A763F0D0A8D5BBA4A289F554036D06B24030D2D62 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:14:20.0304 0x07c8  AdobeFlashPlayerUpdateSvc - ok
13:14:20.0331 0x07c8  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
13:14:20.0366 0x07c8  adp94xx - ok
13:14:20.0386 0x07c8  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
13:14:20.0418 0x07c8  adpahci - ok
13:14:20.0424 0x07c8  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
13:14:20.0449 0x07c8  adpu320 - ok
13:14:20.0464 0x07c8  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
13:14:20.0498 0x07c8  AeLookupSvc - ok
13:14:20.0560 0x07c8  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\Windows\system32\drivers\afd.sys
13:14:20.0568 0x07c8  AFD - ok
13:14:20.0571 0x07c8  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
13:14:20.0591 0x07c8  agp440 - ok
13:14:20.0610 0x07c8  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
13:14:20.0634 0x07c8  ALG - ok
13:14:20.0686 0x07c8  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
13:14:20.0713 0x07c8  aliide - ok
13:14:20.0733 0x07c8  [ 310F88A93C3B02E3D1F906FB57B9E01E, C12CF7005F681305FA4A945C77E0C6C6AD674037187030FA506EA85DB37CA68C ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
13:14:20.0762 0x07c8  AMD External Events Utility - ok
13:14:20.0788 0x07c8  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
13:14:20.0802 0x07c8  amdide - ok
13:14:20.0806 0x07c8  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
13:14:20.0825 0x07c8  AmdK8 - ok
13:14:21.0061 0x07c8  [ 62DDF55680F8C53E4B8DDE4189ADA0B8, 0840DC0F30430C708896859ABEFEBB9802EE6544F0BEE7C16EFCBC991B49C43C ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
13:14:21.0452 0x07c8  amdkmdag - ok
13:14:21.0475 0x07c8  [ 51F027DFFEDFB8D763FABFFA06B56E6D, 85C6173B910E90C399A0AE3000C6527E390B72B8550618FA91D4E979793DB19C ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
13:14:21.0501 0x07c8  amdkmdap - ok
13:14:21.0531 0x07c8  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
13:14:21.0560 0x07c8  AmdPPM - ok
13:14:21.0599 0x07c8  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
13:14:21.0621 0x07c8  amdsata - ok
13:14:21.0627 0x07c8  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
13:14:21.0652 0x07c8  amdsbs - ok
13:14:21.0663 0x07c8  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
13:14:21.0679 0x07c8  amdxata - ok
13:14:21.0745 0x07c8  [ E8494519BCB9E3B1B72E5604993A76E3, 5599ACE200014F89A94AD34096EC008491A82A047742CD085C88153B67FEBF28 ] Amsp            C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
13:14:21.0771 0x07c8  Amsp - ok
13:14:21.0788 0x07c8  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
13:14:21.0824 0x07c8  AppID - ok
13:14:21.0844 0x07c8  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
13:14:21.0872 0x07c8  AppIDSvc - ok
13:14:21.0909 0x07c8  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
13:14:21.0945 0x07c8  Appinfo - ok
13:14:22.0000 0x07c8  [ 4FE5C6D40664AE07BE5105874357D2ED, 70DD05EE80B77EB2F781E0919885D1BBB1119EA1A8955935AF5AECD05E30F14A ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:14:22.0037 0x07c8  Apple Mobile Device - ok
13:14:22.0057 0x07c8  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
13:14:22.0094 0x07c8  arc - ok
13:14:22.0105 0x07c8  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
13:14:22.0126 0x07c8  arcsas - ok
13:14:22.0207 0x07c8  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
13:14:22.0244 0x07c8  aspnet_state - ok
13:14:22.0266 0x07c8  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
13:14:22.0297 0x07c8  AsyncMac - ok
13:14:22.0335 0x07c8  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
13:14:22.0337 0x07c8  atapi - ok
13:14:22.0417 0x07c8  [ 195786ED7A26E1913A4F9799FDBC2C71, FF37757AC50301D29FFAF3EC3C853B11353B4FD21731B112E7FAA31AF7D0659D ] athr            C:\Windows\system32\DRIVERS\athrx.sys
13:14:22.0486 0x07c8  athr - ok
13:14:22.0531 0x07c8  [ DBB487D09F56C674430AC454FD8BCAB9, CF6413DD5D4876CE1F65E40115994423804AA5EA5CBDEB433DB751B445C17BB8 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
13:14:22.0572 0x07c8  AtiHDAudioService - ok
13:14:22.0636 0x07c8  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:14:22.0681 0x07c8  AudioEndpointBuilder - ok
13:14:22.0697 0x07c8  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
13:14:22.0707 0x07c8  AudioSrv - ok
13:14:22.0735 0x07c8  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
13:14:22.0758 0x07c8  AxInstSV - ok
13:14:22.0812 0x07c8  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
13:14:22.0855 0x07c8  b06bdrv - ok
13:14:22.0878 0x07c8  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
13:14:22.0908 0x07c8  b57nd60a - ok
13:14:22.0930 0x07c8  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
13:14:22.0966 0x07c8  BDESVC - ok
13:14:22.0981 0x07c8  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
13:14:22.0991 0x07c8  Beep - ok
13:14:23.0048 0x07c8  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
13:14:23.0088 0x07c8  BFE - ok
13:14:23.0136 0x07c8  [ FC3CDE435C7F52F02AA191741BB159DA, F9FB520268823D4FDD4161E046A2A53E264F9739A6A80CF3C581E419C29202E9 ] Bfilter         C:\Windows\System32\drivers\Bfilter.sys
13:14:23.0169 0x07c8  Bfilter - ok
13:14:23.0183 0x07c8  [ 7CD8A8C19B39863BAFEA6C044DE2883D, 7763B194E356031FED580E9B0A5B014FEEAF83CD5D2F1BC572A46CCA10B1F3ED ] Bfmon           C:\Windows\System32\drivers\Bfmon.sys
13:14:23.0200 0x07c8  Bfmon - ok
13:14:23.0255 0x07c8  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\system32\qmgr.dll
13:14:23.0271 0x07c8  BITS - ok
13:14:23.0302 0x07c8  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
13:14:23.0322 0x07c8  blbdrive - ok
13:14:23.0350 0x07c8  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:14:23.0357 0x07c8  Bonjour Service - ok
13:14:23.0381 0x07c8  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
13:14:23.0404 0x07c8  bowser - ok
13:14:23.0443 0x07c8  [ 9C8993161130FF238C70410CA3FE39E3, 0A2D62F1CFCB1D4260AA1C7D40436ED2E58D787A9366A9381E9B6A52ECFB97B1 ] Bprotect        C:\Windows\System32\drivers\Bprotect.sys
13:14:23.0480 0x07c8  Bprotect - ok
13:14:23.0491 0x07c8  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
13:14:23.0507 0x07c8  BrFiltLo - ok
13:14:23.0514 0x07c8  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
13:14:23.0526 0x07c8  BrFiltUp - ok
13:14:23.0578 0x07c8  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
13:14:23.0622 0x07c8  BridgeMP - ok
13:14:23.0651 0x07c8  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
13:14:23.0688 0x07c8  Browser - ok
13:14:23.0696 0x07c8  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
13:14:23.0727 0x07c8  Brserid - ok
13:14:23.0730 0x07c8  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
13:14:23.0751 0x07c8  BrSerWdm - ok
13:14:23.0754 0x07c8  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
13:14:23.0769 0x07c8  BrUsbMdm - ok
13:14:23.0772 0x07c8  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
13:14:23.0787 0x07c8  BrUsbSer - ok
13:14:23.0790 0x07c8  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
13:14:23.0812 0x07c8  BTHMODEM - ok
13:14:23.0841 0x07c8  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
13:14:23.0862 0x07c8  bthserv - ok
13:14:23.0885 0x07c8  catchme - ok
13:14:23.0889 0x07c8  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
13:14:23.0927 0x07c8  cdfs - ok
13:14:23.0936 0x07c8  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
13:14:23.0960 0x07c8  cdrom - ok
13:14:23.0984 0x07c8  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
13:14:24.0018 0x07c8  CertPropSvc - ok
13:14:24.0021 0x07c8  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
13:14:24.0040 0x07c8  circlass - ok
13:14:24.0069 0x07c8  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
13:14:24.0080 0x07c8  CLFS - ok
13:14:24.0125 0x07c8  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:14:24.0166 0x07c8  clr_optimization_v2.0.50727_32 - ok
13:14:24.0202 0x07c8  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:14:24.0205 0x07c8  clr_optimization_v2.0.50727_64 - ok
13:14:24.0254 0x07c8  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:14:24.0258 0x07c8  clr_optimization_v4.0.30319_32 - ok
13:14:24.0280 0x07c8  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:14:24.0284 0x07c8  clr_optimization_v4.0.30319_64 - ok
13:14:24.0299 0x07c8  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
13:14:24.0321 0x07c8  CmBatt - ok
13:14:24.0356 0x07c8  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
13:14:24.0374 0x07c8  cmdide - ok
13:14:24.0439 0x07c8  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
13:14:24.0481 0x07c8  CNG - ok
13:14:24.0556 0x07c8  [ 5C855932E4DF00B1B6F5F6F57E82B6C5, 6E33BC6E079E883837DA7E625DDFC71A3757B9F15C97A46D405823E1FE45932C ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
13:14:24.0607 0x07c8  CnxtHdAudService - ok
13:14:24.0627 0x07c8  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
13:14:24.0643 0x07c8  Compbatt - ok
13:14:24.0658 0x07c8  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
13:14:24.0677 0x07c8  CompositeBus - ok
13:14:24.0685 0x07c8  COMSysApp - ok
13:14:24.0688 0x07c8  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
13:14:24.0705 0x07c8  crcdisk - ok
13:14:24.0738 0x07c8  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
13:14:24.0774 0x07c8  CryptSvc - ok
13:14:24.0805 0x07c8  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
13:14:24.0814 0x07c8  DcomLaunch - ok
13:14:24.0836 0x07c8  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
13:14:24.0864 0x07c8  defragsvc - ok
13:14:24.0895 0x07c8  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
13:14:24.0919 0x07c8  DfsC - ok
13:14:24.0949 0x07c8  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
13:14:24.0987 0x07c8  Dhcp - ok
13:14:25.0010 0x07c8  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
13:14:25.0011 0x07c8  discache - ok
13:14:25.0034 0x07c8  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
13:14:25.0067 0x07c8  Disk - ok
13:14:25.0091 0x07c8  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
13:14:25.0116 0x07c8  Dnscache - ok
13:14:25.0136 0x07c8  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
13:14:25.0165 0x07c8  dot3svc - ok
13:14:25.0179 0x07c8  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
13:14:25.0204 0x07c8  DPS - ok
13:14:25.0253 0x07c8  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
13:14:25.0270 0x07c8  drmkaud - ok
13:14:25.0321 0x07c8  dump_wmimmc - ok
13:14:25.0392 0x07c8  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
13:14:25.0431 0x07c8  DXGKrnl - ok
13:14:25.0447 0x07c8  EagleX64 - ok
13:14:25.0466 0x07c8  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
13:14:25.0491 0x07c8  EapHost - ok
13:14:25.0600 0x07c8  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
13:14:25.0820 0x07c8  ebdrv - ok
13:14:25.0855 0x07c8  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS             C:\Windows\System32\lsass.exe
13:14:25.0874 0x07c8  EFS - ok
13:14:25.0954 0x07c8  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
13:14:25.0971 0x07c8  ehRecvr - ok
13:14:25.0990 0x07c8  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
13:14:25.0994 0x07c8  ehSched - ok
13:14:26.0043 0x07c8  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
13:14:26.0080 0x07c8  elxstor - ok
13:14:26.0088 0x07c8  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
13:14:26.0100 0x07c8  ErrDev - ok
13:14:26.0126 0x07c8  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
13:14:26.0133 0x07c8  EventSystem - ok
13:14:26.0150 0x07c8  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
13:14:26.0176 0x07c8  exfat - ok
13:14:26.0194 0x07c8  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
13:14:26.0236 0x07c8  fastfat - ok
13:14:26.0265 0x07c8  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
13:14:26.0307 0x07c8  Fax - ok
13:14:26.0310 0x07c8  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
13:14:26.0329 0x07c8  fdc - ok
13:14:26.0352 0x07c8  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
13:14:26.0381 0x07c8  fdPHost - ok
13:14:26.0390 0x07c8  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
13:14:26.0408 0x07c8  FDResPub - ok
13:14:26.0416 0x07c8  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
13:14:26.0437 0x07c8  FileInfo - ok
13:14:26.0448 0x07c8  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
13:14:26.0467 0x07c8  Filetrace - ok
13:14:26.0470 0x07c8  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
13:14:26.0488 0x07c8  flpydisk - ok
13:14:26.0502 0x07c8  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
13:14:26.0507 0x07c8  FltMgr - ok
13:14:26.0593 0x07c8  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
13:14:26.0651 0x07c8  FontCache - ok
13:14:26.0719 0x07c8  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:14:26.0751 0x07c8  FontCache3.0.0.0 - ok
13:14:26.0768 0x07c8  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
13:14:26.0787 0x07c8  FsDepends - ok
13:14:26.0837 0x07c8  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
13:14:26.0866 0x07c8  Fs_Rec - ok
13:14:26.0902 0x07c8  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
13:14:26.0910 0x07c8  fvevol - ok
13:14:26.0931 0x07c8  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
13:14:26.0962 0x07c8  gagp30kx - ok
13:14:26.0994 0x07c8  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:14:27.0011 0x07c8  GEARAspiWDM - ok
13:14:27.0042 0x07c8  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
13:14:27.0084 0x07c8  gpsvc - ok
13:14:27.0149 0x07c8  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:14:27.0153 0x07c8  gupdate - ok
13:14:27.0160 0x07c8  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:14:27.0164 0x07c8  gupdatem - ok
13:14:27.0202 0x07c8  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
13:14:27.0236 0x07c8  hamachi - ok
13:14:27.0384 0x07c8  [ C57174C191F04B07A9F24320C57888E1, 6FD5CBD10923E13F57D9CC8FD2DF2B009DC82431C3939E37223BEBBA2D1A70DA ] Hamachi2Svc     C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
13:14:27.0448 0x07c8  Hamachi2Svc - ok
13:14:27.0463 0x07c8  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
13:14:27.0481 0x07c8  hcw85cir - ok
13:14:27.0513 0x07c8  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
13:14:27.0516 0x07c8  HDAudBus - ok
13:14:27.0519 0x07c8  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
13:14:27.0552 0x07c8  HidBatt - ok
13:14:27.0560 0x07c8  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
13:14:27.0583 0x07c8  HidBth - ok
13:14:27.0586 0x07c8  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
13:14:27.0606 0x07c8  HidIr - ok
13:14:27.0638 0x07c8  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
13:14:27.0672 0x07c8  hidserv - ok
13:14:27.0717 0x07c8  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
13:14:27.0745 0x07c8  HidUsb - ok
13:14:27.0763 0x07c8  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
13:14:27.0785 0x07c8  hkmsvc - ok
13:14:27.0803 0x07c8  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:14:27.0829 0x07c8  HomeGroupListener - ok
13:14:27.0860 0x07c8  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:14:27.0894 0x07c8  HomeGroupProvider - ok
13:14:27.0907 0x07c8  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
13:14:27.0928 0x07c8  HpSAMD - ok
13:14:27.0955 0x07c8  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
13:14:27.0967 0x07c8  HTTP - ok
13:14:27.0978 0x07c8  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
13:14:27.0979 0x07c8  hwpolicy - ok
13:14:27.0983 0x07c8  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
13:14:28.0007 0x07c8  i8042prt - ok
13:14:28.0029 0x07c8  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
13:14:28.0062 0x07c8  iaStorV - ok
13:14:28.0129 0x07c8  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
13:14:28.0531 0x07c8  IDriverT - ok
13:14:28.0599 0x07c8  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:14:28.0646 0x07c8  idsvc - ok
13:14:28.0715 0x07c8  IEEtwCollectorService - ok
13:14:28.0734 0x07c8  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
13:14:28.0762 0x07c8  iirsp - ok
13:14:28.0815 0x07c8  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
13:14:28.0861 0x07c8  IKEEXT - ok
13:14:28.0899 0x07c8  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
13:14:28.0926 0x07c8  intelide - ok
13:14:28.0959 0x07c8  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
13:14:28.0960 0x07c8  intelppm - ok
13:14:28.0985 0x07c8  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
13:14:29.0025 0x07c8  IPBusEnum - ok
13:14:29.0028 0x07c8  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:14:29.0050 0x07c8  IpFilterDriver - ok
13:14:29.0101 0x07c8  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
13:14:29.0139 0x07c8  iphlpsvc - ok
13:14:29.0143 0x07c8  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
13:14:29.0166 0x07c8  IPMIDRV - ok
13:14:29.0170 0x07c8  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
13:14:29.0194 0x07c8  IPNAT - ok
13:14:29.0245 0x07c8  [ 4EFFC8FF6D349E971E94B1C670C0C66A, E92DA19CE9725BB4CC34DF94873C6B441AE61679A8C615780E1A1E9404C8FA26 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
13:14:29.0287 0x07c8  iPod Service - ok
13:14:29.0306 0x07c8  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
13:14:29.0323 0x07c8  IRENUM - ok
13:14:29.0325 0x07c8  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
13:14:29.0342 0x07c8  isapnp - ok
13:14:29.0374 0x07c8  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
13:14:29.0418 0x07c8  iScsiPrt - ok
13:14:29.0436 0x07c8  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
13:14:29.0471 0x07c8  kbdclass - ok
13:14:29.0493 0x07c8  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
13:14:29.0524 0x07c8  kbdhid - ok
13:14:29.0544 0x07c8  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso          C:\Windows\system32\lsass.exe
13:14:29.0546 0x07c8  KeyIso - ok
13:14:29.0583 0x07c8  [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
13:14:29.0623 0x07c8  KSecDD - ok
13:14:29.0662 0x07c8  [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
13:14:29.0694 0x07c8  KSecPkg - ok
13:14:29.0720 0x07c8  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
13:14:29.0736 0x07c8  ksthunk - ok
13:14:29.0765 0x07c8  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
13:14:29.0811 0x07c8  KtmRm - ok
13:14:29.0856 0x07c8  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
13:14:29.0899 0x07c8  LanmanServer - ok
13:14:29.0924 0x07c8  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:14:29.0960 0x07c8  LanmanWorkstation - ok
13:14:29.0987 0x07c8  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
13:14:30.0019 0x07c8  lltdio - ok
13:14:30.0040 0x07c8  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
13:14:30.0082 0x07c8  lltdsvc - ok
13:14:30.0094 0x07c8  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
13:14:30.0121 0x07c8  lmhosts - ok
13:14:30.0191 0x07c8  [ 03AA719BAAA79AC35B4E115C089FAA79, 3A2439CB08C4F6BB766EBD92F9275D26B4F25A6A5279073D678A0A8B4C67EFCE ] LMIGuardianSvc  C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
13:14:30.0225 0x07c8  LMIGuardianSvc - ok
13:14:30.0244 0x07c8  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
13:14:30.0268 0x07c8  LSI_FC - ok
13:14:30.0280 0x07c8  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
13:14:30.0303 0x07c8  LSI_SAS - ok
13:14:30.0306 0x07c8  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
13:14:30.0327 0x07c8  LSI_SAS2 - ok
13:14:30.0331 0x07c8  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
13:14:30.0353 0x07c8  LSI_SCSI - ok
13:14:30.0365 0x07c8  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
13:14:30.0389 0x07c8  luafv - ok
13:14:30.0413 0x07c8  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
13:14:30.0436 0x07c8  Mcx2Svc - ok
13:14:30.0438 0x07c8  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
13:14:30.0457 0x07c8  megasas - ok
13:14:30.0477 0x07c8  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
13:14:30.0506 0x07c8  MegaSR - ok
13:14:30.0534 0x07c8  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
13:14:30.0535 0x07c8  MEIx64 - ok
13:14:30.0554 0x07c8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
13:14:30.0588 0x07c8  MMCSS - ok
13:14:30.0591 0x07c8  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
13:14:30.0611 0x07c8  Modem - ok
13:14:30.0638 0x07c8  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
13:14:30.0639 0x07c8  monitor - ok
13:14:30.0689 0x07c8  [ C030F9E822A057C1A7A9BB4EA3E8877E, 2CCEC87DEB972B6B0196A08D3781002929E9107137FE3A61F1626D3BEE26630A ] MotioninJoyXFilter C:\Windows\system32\DRIVERS\MijXfilt.sys
13:14:30.0712 0x07c8  MotioninJoyXFilter - ok
13:14:30.0725 0x07c8  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
13:14:30.0745 0x07c8  mouclass - ok
13:14:30.0747 0x07c8  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
13:14:30.0766 0x07c8  mouhid - ok
13:14:30.0790 0x07c8  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
13:14:30.0793 0x07c8  mountmgr - ok
13:14:30.0812 0x07c8  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
13:14:30.0857 0x07c8  mpio - ok
13:14:30.0880 0x07c8  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
13:14:30.0917 0x07c8  mpsdrv - ok
13:14:30.0964 0x07c8  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
13:14:31.0004 0x07c8  MpsSvc - ok
13:14:31.0042 0x07c8  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
13:14:31.0075 0x07c8  MRxDAV - ok
13:14:31.0099 0x07c8  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
13:14:31.0123 0x07c8  mrxsmb - ok
13:14:31.0135 0x07c8  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:14:31.0165 0x07c8  mrxsmb10 - ok
13:14:31.0174 0x07c8  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:14:31.0198 0x07c8  mrxsmb20 - ok
13:14:31.0226 0x07c8  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
13:14:31.0244 0x07c8  msahci - ok
13:14:31.0250 0x07c8  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
13:14:31.0273 0x07c8  msdsm - ok
13:14:31.0287 0x07c8  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
13:14:31.0313 0x07c8  MSDTC - ok
13:14:31.0329 0x07c8  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
13:14:31.0348 0x07c8  Msfs - ok
13:14:31.0366 0x07c8  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
13:14:31.0378 0x07c8  mshidkmdf - ok
13:14:31.0400 0x07c8  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
13:14:31.0414 0x07c8  msisadrv - ok
13:14:31.0430 0x07c8  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
13:14:31.0454 0x07c8  MSiSCSI - ok
13:14:31.0456 0x07c8  msiserver - ok
13:14:31.0467 0x07c8  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
13:14:31.0481 0x07c8  MSKSSRV - ok
13:14:31.0483 0x07c8  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
13:14:31.0493 0x07c8  MSPCLOCK - ok
13:14:31.0502 0x07c8  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
13:14:31.0512 0x07c8  MSPQM - ok
13:14:31.0527 0x07c8  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
13:14:31.0558 0x07c8  MsRPC - ok
13:14:31.0606 0x07c8  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
13:14:31.0608 0x07c8  mssmbios - ok
13:14:31.0612 0x07c8  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
13:14:31.0632 0x07c8  MSTEE - ok
13:14:31.0641 0x07c8  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
13:14:31.0656 0x07c8  MTConfig - ok
13:14:31.0671 0x07c8  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
13:14:31.0690 0x07c8  Mup - ok
13:14:31.0712 0x07c8  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
13:14:31.0741 0x07c8  napagent - ok
13:14:31.0797 0x07c8  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
13:14:31.0846 0x07c8  NativeWifiP - ok
13:14:31.0911 0x07c8  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
13:14:31.0929 0x07c8  NDIS - ok
13:14:31.0933 0x07c8  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
13:14:31.0953 0x07c8  NdisCap - ok
13:14:31.0974 0x07c8  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
13:14:31.0993 0x07c8  NdisTapi - ok
13:14:32.0008 0x07c8  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
13:14:32.0030 0x07c8  Ndisuio - ok
13:14:32.0043 0x07c8  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
13:14:32.0068 0x07c8  NdisWan - ok
13:14:32.0080 0x07c8  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
13:14:32.0101 0x07c8  NDProxy - ok
13:14:32.0118 0x07c8  [ 6F4607E2333FE21E9E3FF8133A88B35B, F7B7B262D85D03552A8D0F3F91E795B31E3D09020DDA1E3D62A4A3209D916BB6 ] Netaapl         C:\Windows\system32\DRIVERS\netaapl64.sys
13:14:32.0134 0x07c8  Netaapl - ok
13:14:32.0144 0x07c8  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
13:14:32.0165 0x07c8  NetBIOS - ok
13:14:32.0174 0x07c8  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
13:14:32.0178 0x07c8  NetBT - ok
13:14:32.0191 0x07c8  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon        C:\Windows\system32\lsass.exe
13:14:32.0193 0x07c8  Netlogon - ok
13:14:32.0217 0x07c8  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
13:14:32.0247 0x07c8  Netman - ok
13:14:32.0273 0x07c8  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:14:32.0298 0x07c8  NetMsmqActivator - ok
13:14:32.0303 0x07c8  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:14:32.0305 0x07c8  NetPipeActivator - ok
13:14:32.0328 0x07c8  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
13:14:32.0358 0x07c8  netprofm - ok
13:14:32.0362 0x07c8  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:14:32.0365 0x07c8  NetTcpActivator - ok
13:14:32.0370 0x07c8  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:14:32.0372 0x07c8  NetTcpPortSharing - ok
13:14:32.0391 0x07c8  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
13:14:32.0411 0x07c8  nfrd960 - ok
13:14:32.0460 0x07c8  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
13:14:32.0507 0x07c8  NlaSvc - ok
13:14:32.0519 0x07c8  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
13:14:32.0539 0x07c8  Npfs - ok
13:14:32.0548 0x07c8  npggsvc - ok
13:14:32.0563 0x07c8  npkcusb - ok
13:14:32.0566 0x07c8  NPPTNT2 - ok
13:14:32.0583 0x07c8  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
13:14:32.0609 0x07c8  nsi - ok
13:14:32.0625 0x07c8  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
13:14:32.0626 0x07c8  nsiproxy - ok
13:14:32.0704 0x07c8  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
13:14:32.0778 0x07c8  Ntfs - ok
13:14:32.0802 0x07c8  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
13:14:32.0813 0x07c8  Null - ok
13:14:32.0836 0x07c8  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
13:14:32.0863 0x07c8  nvraid - ok
13:14:32.0882 0x07c8  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
13:14:32.0922 0x07c8  nvstor - ok
13:14:32.0941 0x07c8  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
13:14:32.0966 0x07c8  nv_agp - ok
13:14:32.0975 0x07c8  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
13:14:32.0997 0x07c8  ohci1394 - ok
13:14:33.0067 0x07c8  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:14:33.0110 0x07c8  ose - ok
13:14:33.0260 0x07c8  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
13:14:33.0553 0x07c8  osppsvc - ok
13:14:33.0618 0x07c8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
13:14:33.0657 0x07c8  p2pimsvc - ok
13:14:33.0688 0x07c8  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
13:14:33.0737 0x07c8  p2psvc - ok
13:14:33.0753 0x07c8  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
13:14:33.0778 0x07c8  Parport - ok
13:14:33.0805 0x07c8  Partizan - ok
13:14:33.0835 0x07c8  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
13:14:33.0869 0x07c8  partmgr - ok
13:14:33.0880 0x07c8  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
13:14:33.0905 0x07c8  PcaSvc - ok
13:14:33.0933 0x07c8  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
13:14:33.0972 0x07c8  pci - ok
13:14:33.0994 0x07c8  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
13:14:34.0007 0x07c8  pciide - ok
13:14:34.0021 0x07c8  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
13:14:34.0048 0x07c8  pcmcia - ok
13:14:34.0057 0x07c8  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
13:14:34.0076 0x07c8  pcw - ok
13:14:34.0094 0x07c8  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
13:14:34.0133 0x07c8  PEAUTH - ok
13:14:34.0192 0x07c8  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
13:14:34.0221 0x07c8  PerfHost - ok
13:14:34.0272 0x07c8  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
13:14:34.0331 0x07c8  pla - ok
13:14:34.0377 0x07c8  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
13:14:34.0391 0x07c8  PlugPlay - ok
13:14:34.0410 0x07c8  PnkBstrA - ok
13:14:34.0421 0x07c8  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
13:14:34.0453 0x07c8  PNRPAutoReg - ok
13:14:34.0471 0x07c8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
13:14:34.0477 0x07c8  PNRPsvc - ok
13:14:34.0501 0x07c8  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
13:14:34.0551 0x07c8  PolicyAgent - ok
13:14:34.0575 0x07c8  [ A2CCA4FB273E6050F17A0A416CFF2FCD, C42BA18DF0C8E3F7358669A784E51E4DC7A4112096345EA699EDC95F561E0255 ] Power           C:\Windows\system32\umpo.dll
13:14:34.0599 0x07c8  Power - ok
13:14:34.0619 0x07c8  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
13:14:34.0643 0x07c8  PptpMiniport - ok
13:14:34.0677 0x07c8  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
13:14:34.0697 0x07c8  Processor - ok
13:14:34.0732 0x07c8  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
13:14:34.0741 0x07c8  ProfSvc - ok
13:14:34.0747 0x07c8  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
13:14:34.0750 0x07c8  ProtectedStorage - ok
13:14:34.0773 0x07c8  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
13:14:34.0775 0x07c8  Psched - ok
13:14:34.0803 0x07c8  [ 87B04878A6D59D6C79251DC960C674C1, 3EB8DB0624E646F0A65D0381408D35CF9FDC5ABFC30DF6431F4070A8EB68447C ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
13:14:34.0835 0x07c8  PxHlpa64 - ok
13:14:34.0902 0x07c8  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
13:14:34.0993 0x07c8  ql2300 - ok
13:14:35.0014 0x07c8  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
13:14:35.0052 0x07c8  ql40xx - ok
13:14:35.0077 0x07c8  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
13:14:35.0104 0x07c8  QWAVE - ok
13:14:35.0120 0x07c8  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
13:14:35.0141 0x07c8  QWAVEdrv - ok
13:14:35.0147 0x07c8  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
13:14:35.0162 0x07c8  RasAcd - ok
13:14:35.0178 0x07c8  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
13:14:35.0199 0x07c8  RasAgileVpn - ok
13:14:35.0216 0x07c8  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
13:14:35.0238 0x07c8  RasAuto - ok
13:14:35.0251 0x07c8  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
13:14:35.0276 0x07c8  Rasl2tp - ok
13:14:35.0290 0x07c8  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
13:14:35.0320 0x07c8  RasMan - ok
13:14:35.0329 0x07c8  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
13:14:35.0352 0x07c8  RasPppoe - ok
13:14:35.0363 0x07c8  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
13:14:35.0385 0x07c8  RasSstp - ok
13:14:35.0397 0x07c8  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
13:14:35.0427 0x07c8  rdbss - ok
13:14:35.0448 0x07c8  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
13:14:35.0466 0x07c8  rdpbus - ok
13:14:35.0491 0x07c8  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
13:14:35.0492 0x07c8  RDPCDD - ok
13:14:35.0545 0x07c8  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
13:14:35.0547 0x07c8  RDPENCDD - ok
13:14:35.0567 0x07c8  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
13:14:35.0568 0x07c8  RDPREFMP - ok
13:14:35.0732 0x07c8  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
13:14:35.0756 0x07c8  RdpVideoMiniport - ok
13:14:35.0789 0x07c8  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
13:14:35.0823 0x07c8  RDPWD - ok
13:14:35.0846 0x07c8  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
13:14:35.0876 0x07c8  rdyboost - ok
13:14:35.0897 0x07c8  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
13:14:35.0923 0x07c8  RemoteAccess - ok
13:14:35.0942 0x07c8  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
13:14:35.0968 0x07c8  RemoteRegistry - ok
13:14:36.0066 0x07c8  [ 3C957189B31C34D3AD21967B12B6AED7, 878FE6EA03F60592D6D557B905A5119E2CC836C2A6A86ED2867C3C9B0F0FDBA2 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
13:14:36.0128 0x07c8  RoxMediaDB12OEM - ok
13:14:36.0151 0x07c8  [ 2B73088CC2CA757A172B425C9398E5BC, 3D296B4D6F66F7729CC48FE54456E6E6D8207DBA7E31D66653566C128E53163B ] RoxWatch12      C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
13:14:36.0178 0x07c8  RoxWatch12 - ok
13:14:36.0186 0x07c8  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
13:14:36.0207 0x07c8  RpcEptMapper - ok
13:14:36.0217 0x07c8  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
13:14:36.0230 0x07c8  RpcLocator - ok
13:14:36.0252 0x07c8  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
13:14:36.0261 0x07c8  RpcSs - ok
13:14:36.0282 0x07c8  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
13:14:36.0318 0x07c8  rspndr - ok
13:14:36.0359 0x07c8  [ EE082E06A82FF630351D1E0EBBD3D8D0, 537F1A4108BDA72E8DD271466E7B7FCF39D4D55E4129AB35A409AB7AF2E7D219 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
13:14:36.0373 0x07c8  RTL8167 - ok
13:14:36.0386 0x07c8  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs           C:\Windows\system32\lsass.exe
13:14:36.0388 0x07c8  SamSs - ok
13:14:36.0396 0x07c8  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
13:14:36.0418 0x07c8  sbp2port - ok
13:14:36.0432 0x07c8  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
13:14:36.0458 0x07c8  SCardSvr - ok
13:14:36.0465 0x07c8  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
13:14:36.0483 0x07c8  scfilter - ok
13:14:36.0520 0x07c8  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
13:14:36.0579 0x07c8  Schedule - ok
13:14:36.0612 0x07c8  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
13:14:36.0615 0x07c8  SCPolicySvc - ok
13:14:36.0638 0x07c8  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
13:14:36.0645 0x07c8  SDRSVC - ok
13:14:36.0664 0x07c8  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] Secdrv          C:\Windows\system32\drivers\SECDRV.SYS
13:14:36.0698 0x07c8  Secdrv - ok
13:14:36.0713 0x07c8  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
13:14:36.0731 0x07c8  seclogon - ok
13:14:36.0735 0x07c8  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
13:14:36.0756 0x07c8  SENS - ok
13:14:36.0759 0x07c8  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
13:14:36.0777 0x07c8  SensrSvc - ok
13:14:36.0805 0x07c8  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
13:14:36.0823 0x07c8  Serenum - ok
13:14:36.0846 0x07c8  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
13:14:36.0885 0x07c8  Serial - ok
13:14:36.0899 0x07c8  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
13:14:36.0918 0x07c8  sermouse - ok
13:14:36.0933 0x07c8  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
13:14:36.0956 0x07c8  SessionEnv - ok
13:14:36.0970 0x07c8  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
13:14:36.0985 0x07c8  sffdisk - ok
13:14:36.0988 0x07c8  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
13:14:37.0001 0x07c8  sffp_mmc - ok
13:14:37.0004 0x07c8  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
13:14:37.0019 0x07c8  sffp_sd - ok
13:14:37.0021 0x07c8  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
13:14:37.0038 0x07c8  sfloppy - ok
13:14:37.0064 0x07c8  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
13:14:37.0106 0x07c8  SharedAccess - ok
13:14:37.0123 0x07c8  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:14:37.0155 0x07c8  ShellHWDetection - ok
13:14:37.0159 0x07c8  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
13:14:37.0177 0x07c8  SiSRaid2 - ok
13:14:37.0191 0x07c8  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
13:14:37.0212 0x07c8  SiSRaid4 - ok
13:14:37.0261 0x07c8  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
13:14:37.0267 0x07c8  SkypeUpdate - ok
13:14:37.0280 0x07c8  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
13:14:37.0310 0x07c8  Smb - ok
13:14:37.0332 0x07c8  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
13:14:37.0361 0x07c8  SNMPTRAP - ok
13:14:37.0367 0x07c8  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
13:14:37.0382 0x07c8  spldr - ok
13:14:37.0438 0x07c8  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
13:14:37.0477 0x07c8  Spooler - ok
13:14:37.0574 0x07c8  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
13:14:37.0626 0x07c8  sppsvc - ok
13:14:37.0643 0x07c8  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
13:14:37.0664 0x07c8  sppuinotify - ok
13:14:37.0709 0x07c8  [ 74D30C2EF66C2EB19F17ED5423AA8038, F79AB2B2B60620565FB2169255F95F4B37F6113F0AF776D1BAD02681EBE0DB54 ] sptd            C:\Windows\System32\Drivers\sptd.sys
13:14:37.0754 0x07c8  sptd - ok
13:14:37.0783 0x07c8  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
13:14:37.0818 0x07c8  srv - ok
13:14:37.0838 0x07c8  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
13:14:37.0873 0x07c8  srv2 - ok
13:14:37.0884 0x07c8  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
13:14:37.0909 0x07c8  srvnet - ok
13:14:37.0929 0x07c8  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
13:14:37.0969 0x07c8  SSDPSRV - ok
13:14:37.0999 0x07c8  [ 0211AB46B73A2623B86C1CFCB30579AB, 7CC9BA2DF7B9EA6BB17EE342898EDD7F54703B93B6DED6A819E83A7EE9F938B4 ] SSPORT          C:\Windows\system32\Drivers\SSPORT.sys
13:14:38.0022 0x07c8  SSPORT - ok
13:14:38.0034 0x07c8  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
13:14:38.0055 0x07c8  SstpSvc - ok
13:14:38.0126 0x07c8  [ 2F3B5A3567FFB343D8867C3D34C687F1, D01971412506746B2EA1CBB0ACF9472889ABBC23318C1332BEC9C8256011183E ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
13:14:38.0142 0x07c8  Steam Client Service - ok
13:14:38.0166 0x07c8  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
13:14:38.0195 0x07c8  stexstor - ok
13:14:38.0225 0x07c8  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
13:14:38.0276 0x07c8  stisvc - ok
13:14:38.0306 0x07c8  [ 7731F46EC0D687A931CBA063E8F90EF0, 5CF996A209756B901316C4406C7D3E52ECC9C15A1BDB0D4D9C77846AB29FD040 ] stllssvr        C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
13:14:38.0332 0x07c8  stllssvr - ok
13:14:38.0340 0x07c8  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
13:14:38.0355 0x07c8  swenum - ok
13:14:38.0371 0x07c8  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
13:14:38.0407 0x07c8  swprv - ok
13:14:38.0455 0x07c8  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
13:14:38.0482 0x07c8  SysMain - ok
13:14:38.0493 0x07c8  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:14:38.0516 0x07c8  TabletInputService - ok
13:14:38.0543 0x07c8  [ B08740047145B9BCE15BF75CA0F9718A, 3E2A8A5A2A4DC4D0F05E22EA2C0EBD85AA5C7C6854E873D53538D1F54B8F7C63 ] tap0901t        C:\Windows\system32\DRIVERS\tap0901t.sys
13:14:38.0562 0x07c8  tap0901t - ok
13:14:38.0577 0x07c8  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
13:14:38.0606 0x07c8  TapiSrv - ok
13:14:38.0646 0x07c8  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
13:14:38.0682 0x07c8  TBS - ok
13:14:38.0758 0x07c8  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
13:14:38.0871 0x07c8  Tcpip - ok
13:14:38.0932 0x07c8  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
13:14:38.0960 0x07c8  TCPIP6 - ok
13:14:38.0998 0x07c8  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
13:14:39.0018 0x07c8  tcpipreg - ok
13:14:39.0034 0x07c8  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
13:14:39.0050 0x07c8  TDPIPE - ok
13:14:39.0078 0x07c8  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
13:14:39.0096 0x07c8  TDTCP - ok
13:14:39.0107 0x07c8  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
13:14:39.0132 0x07c8  tdx - ok
13:14:39.0143 0x07c8  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
13:14:39.0162 0x07c8  TermDD - ok
13:14:39.0185 0x07c8  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
13:14:39.0224 0x07c8  TermService - ok
13:14:39.0240 0x07c8  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
13:14:39.0259 0x07c8  Themes - ok
13:14:39.0276 0x07c8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
13:14:39.0278 0x07c8  THREADORDER - ok
13:14:39.0304 0x07c8  [ 89DC033F4EE8F171826B1845C2136033, 62779CF449DE2C80D205CB3118F8D1DF7D1F3EB117D3EE3169DDB6FFAEA73F83 ] tmactmon        C:\Windows\system32\DRIVERS\tmactmon.sys
13:14:39.0332 0x07c8  tmactmon - ok
13:14:39.0344 0x07c8  [ 6AF3002BE88C56382CD87AA0884D7D30, 9192D5C97DAA33772319853374A569AE5B58F4700515B38FB9449E4F8DA82A3E ] tmcomm          C:\Windows\system32\DRIVERS\tmcomm.sys
13:14:39.0367 0x07c8  tmcomm - ok
13:14:39.0378 0x07c8  [ 063B2C13F62F873E14C29A223C409AD8, 79BFED05FE71F980E6AE91C45D36A61712C31E54E0BBCC3564EA96373205CAF6 ] tmevtmgr        C:\Windows\system32\DRIVERS\tmevtmgr.sys
13:14:39.0397 0x07c8  tmevtmgr - ok
13:14:39.0439 0x07c8  [ 5922B1F5741BBDBAF7F7B4CBD2B7C4A5, DC296753E3F4660F24E84744AD7E9D2E279D0CD49C71A6B721B6445F859C4DF7 ] tmlwf           C:\Windows\system32\DRIVERS\tmlwf.sys
13:14:39.0473 0x07c8  tmlwf - ok
13:14:39.0499 0x07c8  [ E5021A4A72204C15C52C546F9301BAEF, 0302F0BF65C68263799DBEE399BFDB93D1E7BABD9AA681F7FC39983845768D1A ] tmtdi           C:\Windows\system32\DRIVERS\tmtdi.sys
13:14:39.0519 0x07c8  tmtdi - ok
13:14:39.0544 0x07c8  [ 0A2E3899CC72AD4CC85EA3D50A5331CC, DBA77E3A74C6DDD5A56A4E67A809ED60BEE4509F5F4E26DC497CFAE3E360CB51 ] tmwfp           C:\Windows\system32\DRIVERS\tmwfp.sys
13:14:39.0572 0x07c8  tmwfp - ok
13:14:39.0621 0x07c8  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
13:14:39.0654 0x07c8  TrkWks - ok
13:14:39.0690 0x07c8  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:14:39.0693 0x07c8  TrustedInstaller - ok
13:14:39.0722 0x07c8  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
13:14:39.0761 0x07c8  tssecsrv - ok
13:14:39.0787 0x07c8  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
13:14:39.0823 0x07c8  TsUsbFlt - ok
13:14:39.0856 0x07c8  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
13:14:39.0886 0x07c8  TsUsbGD - ok
13:14:39.0921 0x07c8  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
13:14:39.0955 0x07c8  tunnel - ok
13:14:40.0032 0x07c8  [ 9B67EEB5ECCA7E7A57942D967DD59089, 6CD1575BB52A936875DB6E2EA541C7630CF1B0BC4947A5B12356F7C493316324 ] TunngleService  C:\Program Files (x86)\Tunngle\TnglCtrl.exe
13:14:40.0303 0x07c8  TunngleService - ok
13:14:40.0312 0x07c8  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
13:14:40.0333 0x07c8  uagp35 - ok
13:14:40.0348 0x07c8  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
13:14:40.0379 0x07c8  udfs - ok
13:14:40.0398 0x07c8  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
13:14:40.0418 0x07c8  UI0Detect - ok
13:14:40.0434 0x07c8  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
13:14:40.0454 0x07c8  uliagpkx - ok
13:14:40.0469 0x07c8  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
13:14:40.0488 0x07c8  umbus - ok
13:14:40.0495 0x07c8  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
13:14:40.0507 0x07c8  UmPass - ok
13:14:40.0524 0x07c8  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
13:14:40.0551 0x07c8  upnphost - ok
13:14:40.0568 0x07c8  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
13:14:40.0604 0x07c8  USBAAPL64 - ok
13:14:40.0663 0x07c8  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
13:14:40.0700 0x07c8  usbaudio - ok
13:14:40.0742 0x07c8  [ 91D3C92A44FC682DD791147604E79152, AA0B6799BF9C26C2C1793C91295288A4989AA43EC5E070B650DA7F0A142817CE ] usbccgp         C:\Windows\system32\drivers\usbccgp.sys
13:14:40.0791 0x07c8  usbccgp - ok
13:14:40.0852 0x07c8  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
13:14:40.0931 0x07c8  usbcir - ok
13:14:40.0977 0x07c8  [ F7FFDF2A1D19A76A87759126B244C816, C91F09D77E22D976952A46F7B93F611B719EDAF694D538242FA8FAF1BA9BB2F0 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
13:14:41.0017 0x07c8  usbehci - ok
13:14:41.0070 0x07c8  [ 245FE7FC634D6A993E682E0A9EBA4ABB, F7A536D215EE3A63358EC8B5946D7BB3B56357BF91347B07013E00DAC98775B6 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
13:14:41.0121 0x07c8  usbhub - ok
13:14:41.0150 0x07c8  [ C1A8966E0D09BFB501045105B30D86F2, 5BB95FBA441B898E258A3BFE174FC1042A04C19E25C59DE1FD90594290B11DA9 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
13:14:41.0180 0x07c8  usbohci - ok
13:14:41.0199 0x07c8  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
13:14:41.0217 0x07c8  usbprint - ok
13:14:41.0231 0x07c8  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:14:41.0255 0x07c8  USBSTOR - ok
13:14:41.0281 0x07c8  [ 2E682DCE4319A90E02A327F8A427544A, 3528C5A4669BAD53041085C3E72C64388D308E42AD9D1FAC85B6F2FFD81610FB ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
13:14:41.0302 0x07c8  usbuhci - ok
13:14:41.0356 0x07c8  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
13:14:41.0395 0x07c8  usbvideo - ok
13:14:41.0415 0x07c8  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
13:14:41.0434 0x07c8  UxSms - ok
13:14:41.0439 0x07c8  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc        C:\Windows\system32\lsass.exe
13:14:41.0441 0x07c8  VaultSvc - ok
13:14:41.0481 0x07c8  [ 3C8E2C591345F38149C69FE8E5DF8C90, 9F4BB9BDA09CB2E99A6A888B288F322AE5C460B5D124CD714C6F00FF5029144B ] VClone          C:\Windows\system32\DRIVERS\VClone.sys
13:14:41.0510 0x07c8  VClone - ok
13:14:41.0526 0x07c8  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
13:14:41.0544 0x07c8  vdrvroot - ok
13:14:41.0573 0x07c8  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
13:14:41.0611 0x07c8  vds - ok
13:14:41.0635 0x07c8  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
13:14:41.0655 0x07c8  vga - ok
13:14:41.0695 0x07c8  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
13:14:41.0727 0x07c8  VgaSave - ok
13:14:41.0741 0x07c8  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
13:14:41.0768 0x07c8  vhdmp - ok
13:14:41.0801 0x07c8  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
13:14:41.0831 0x07c8  viaide - ok
13:14:41.0846 0x07c8  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
13:14:41.0866 0x07c8  volmgr - ok
13:14:41.0879 0x07c8  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
13:14:41.0885 0x07c8  volmgrx - ok
13:14:41.0897 0x07c8  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
13:14:41.0928 0x07c8  volsnap - ok
13:14:41.0957 0x07c8  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
13:14:41.0992 0x07c8  vsmraid - ok
13:14:42.0037 0x07c8  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
13:14:42.0109 0x07c8  VSS - ok
13:14:42.0120 0x07c8  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
13:14:42.0137 0x07c8  vwifibus - ok
13:14:42.0158 0x07c8  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
13:14:42.0194 0x07c8  vwififlt - ok
13:14:42.0214 0x07c8  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
13:14:42.0245 0x07c8  W32Time - ok
13:14:42.0254 0x07c8  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
13:14:42.0273 0x07c8  WacomPen - ok
13:14:42.0293 0x07c8  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
13:14:42.0317 0x07c8  WANARP - ok
13:14:42.0321 0x07c8  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
13:14:42.0323 0x07c8  Wanarpv6 - ok
13:14:42.0406 0x07c8  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
13:14:42.0474 0x07c8  WatAdminSvc - ok
13:14:42.0519 0x07c8  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
13:14:42.0591 0x07c8  wbengine - ok
13:14:42.0610 0x07c8  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
13:14:42.0640 0x07c8  WbioSrvc - ok
13:14:42.0659 0x07c8  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
13:14:42.0691 0x07c8  wcncsvc - ok
13:14:42.0698 0x07c8  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:14:42.0718 0x07c8  WcsPlugInService - ok
13:14:42.0733 0x07c8  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
13:14:42.0750 0x07c8  Wd - ok
13:14:42.0793 0x07c8  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
13:14:42.0834 0x07c8  Wdf01000 - ok
13:14:42.0850 0x07c8  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
13:14:42.0872 0x07c8  WdiServiceHost - ok
13:14:42.0875 0x07c8  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
13:14:42.0878 0x07c8  WdiSystemHost - ok
13:14:42.0927 0x07c8  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
13:14:42.0976 0x07c8  WebClient - ok
13:14:42.0983 0x07c8  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
13:14:43.0010 0x07c8  Wecsvc - ok
13:14:43.0022 0x07c8  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
13:14:43.0042 0x07c8  wercplsupport - ok
13:14:43.0067 0x07c8  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
13:14:43.0088 0x07c8  WerSvc - ok
13:14:43.0107 0x07c8  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
13:14:43.0121 0x07c8  WfpLwf - ok
13:14:43.0134 0x07c8  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
13:14:43.0152 0x07c8  WIMMount - ok
13:14:43.0174 0x07c8  WinDefend - ok
13:14:43.0181 0x07c8  WinHttpAutoProxySvc - ok
13:14:43.0243 0x07c8  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
13:14:43.0282 0x07c8  Winmgmt - ok
13:14:43.0362 0x07c8  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
13:14:43.0461 0x07c8  WinRM - ok
13:14:43.0504 0x07c8  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
13:14:43.0535 0x07c8  WinUsb - ok
13:14:43.0574 0x07c8  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
13:14:43.0590 0x07c8  Wlansvc - ok
13:14:43.0645 0x07c8  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
13:14:43.0674 0x07c8  wlcrasvc - ok
13:14:43.0795 0x07c8  [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:14:43.0859 0x07c8  wlidsvc - ok
13:14:43.0879 0x07c8  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
13:14:43.0894 0x07c8  WmiAcpi - ok
13:14:43.0919 0x07c8  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
13:14:43.0971 0x07c8  wmiApSrv - ok
13:14:43.0980 0x07c8  WMPNetworkSvc - ok
13:14:44.0006 0x07c8  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
13:14:44.0020 0x07c8  WPCSvc - ok
13:14:44.0030 0x07c8  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
13:14:44.0054 0x07c8  WPDBusEnum - ok
13:14:44.0063 0x07c8  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
13:14:44.0064 0x07c8  ws2ifsl - ok
13:14:44.0077 0x07c8  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
13:14:44.0080 0x07c8  wscsvc - ok
13:14:44.0082 0x07c8  WSearch - ok
13:14:44.0180 0x07c8  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
13:14:44.0216 0x07c8  wuauserv - ok
13:14:44.0252 0x07c8  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
13:14:44.0274 0x07c8  WudfPf - ok
13:14:44.0329 0x07c8  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
13:14:44.0366 0x07c8  WUDFRd - ok
13:14:44.0400 0x07c8  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
13:14:44.0432 0x07c8  wudfsvc - ok
13:14:44.0457 0x07c8  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
13:14:44.0485 0x07c8  WwanSvc - ok
13:14:44.0549 0x07c8  X6va009 - ok
13:14:44.0599 0x07c8  [ 9176C0822FAA649E45121875BE32F5D2, B7A7A906A7BB0F760ED241F998C647D728C4DB5D8778AFE585DF38331165803F ] xusb21          C:\Windows\system32\DRIVERS\xusb21.sys
13:14:44.0633 0x07c8  xusb21 - ok
13:14:44.0681 0x07c8  ================ Scan global ===============================
13:14:44.0703 0x07c8  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
13:14:44.0782 0x07c8  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
13:14:44.0821 0x07c8  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
13:14:44.0847 0x07c8  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
13:14:44.0893 0x07c8  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
13:14:44.0905 0x07c8  [ Global ] - ok
13:14:44.0906 0x07c8  ================ Scan MBR ==================================
13:14:44.0920 0x07c8  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
13:14:45.0070 0x07c8  \Device\Harddisk0\DR0 - ok
13:14:45.0071 0x07c8  ================ Scan VBR ==================================
13:14:45.0073 0x07c8  [ 3FE3506F11CF66DFC70CBBC948BCBC12 ] \Device\Harddisk0\DR0\Partition1
13:14:45.0074 0x07c8  \Device\Harddisk0\DR0\Partition1 - ok
13:14:45.0076 0x07c8  [ 1D47A8C54CABE31C013E4572D64B4F9B ] \Device\Harddisk0\DR0\Partition2
13:14:45.0077 0x07c8  \Device\Harddisk0\DR0\Partition2 - ok
13:14:45.0077 0x07c8  Waiting for KSN requests completion. In queue: 338
13:14:46.0077 0x07c8  Waiting for KSN requests completion. In queue: 27
13:14:47.0077 0x07c8  Waiting for KSN requests completion. In queue: 27
13:14:48.0077 0x07c8  Waiting for KSN requests completion. In queue: 27
13:14:49.0159 0x07c8  AV detected via SS2: Trend Micro Titanium Internet Security, C:\Program Files\Trend Micro\Titanium\wschandler.exe ( 3.1.0.1174 ), 0x41000 ( enabled : updated )
13:14:49.0159 0x07c8  FW detected via SS2: Trend Micro Firewall Booster,  (  ), 0x40010 ( disabled )
13:14:49.0163 0x07c8  Win FW state via NFP2: enabled
13:14:51.0830 0x07c8  ============================================================
13:14:51.0830 0x07c8  Scan finished
13:14:51.0830 0x07c8  ============================================================
13:14:51.0840 0x0f00  Detected object count: 0
13:14:51.0840 0x0f00  Actual detected object count: 0
13:17:09.0314 0x1574  Deinitialize success
_______________________________________________________________________________________________________________________________
ADWCleaner log:
# AdwCleaner v3.207 - Relatório criado 09/05/2014 às 13:19:10
# Atualizado 05/05/2014 por Xplode
# Sistema Operacional : Windows 7 Home Premium Service Pack 1 (64 bits)
# Usuário : Henrique - HENRIQUE-PC
# Executando de : C:\Users\Henrique\Desktop\AdwCleaner (1).exe
# Opção : Examinar
 
***** [ Serviços ] *****
 
 
***** [ Arquivos / Pastas ] *****
 
 
***** [ Atalhos ] *****
 
 
***** [ Registro ] *****
 
 
***** [ Navegadores ] *****
 
-\\ Internet Explorer v11.0.9600.17041
 
 
-\\ Google Chrome v34.0.1847.131
 
[ Arquivo : C:\Users\Henrique\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [2201 octets] - [08/05/2014 19:21:29]
AdwCleaner[R1].txt - [717 octets] - [09/05/2014 13:19:10]
AdwCleaner[S0].txt - [2227 octets] - [08/05/2014 19:23:25]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [836 octets] ##########
____________________________________________________________________________
Junkware Removal Tool log:
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Henrique on 09/05/2014 at 13:27:27,96
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 09/05/2014 at 13:32:06,86
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
______________________________________________________________________________________________
Eset Online Scanner log:
 
C:\Users\Henrique\APB_Reloaded_Installer.exe Win32/OpenCandy potentially unsafe application deleted - quarantined
_________________________________________________________________________________________________
 
Thanks again for the help, take all the time you need! 
 

Edited by HDLO, 09 May 2014 - 03:04 PM.


#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,240 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:03 PM

Posted 09 May 2014 - 07:54 PM

Did ComboFix run successfully?

Uninstall these in Control Panel

Java 7 Update 51 (Version: 7.0.510)

Java Auto Updater (Version: 2.1.9.8)

Java™ 7 Update 1 (64-bit) (Version: 7.0.10)

JavaFX 2.1.0 (Version: 2.1.0)



Download RogueKiller from one of the following links and save it to your desktop:
  • Link 1
  • Link 2
    • Close all programs and disconnect any USB or external drives before running the tool.
    • Double-click RogueKiller.exe to run the tool (Vista or 7 users: Right-click and select Run As Administrator).
    • Once the Prescan has finished, click Scan.
    • Once the Status box shows "Scan Finished", just close the program. <--Don't fix anything!
    • Copy and paste the report that opens into your next reply.
      • The log can also be found on your desktop labeled (RKreport[X]_S_xxdatexx_xtimex)
      • The highest number of [X], is the most recent Scan

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 HDLO

HDLO
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:03:03 PM

Posted 09 May 2014 - 07:57 PM

I didn't used the combofix, should I used it before run the RogueKiller?



#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,240 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:03 PM

Posted 09 May 2014 - 10:34 PM

No, DO NOT run CombFix.....
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 HDLO

HDLO
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:03:03 PM

Posted 09 May 2014 - 10:36 PM

Here is the RogueKiller log. As you said, I din't run ComboFix.

 

RogueKiller V8.8.15 _x64_ [Mar 27 2014] Por Adlice Software
 
Sistema Operacional : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Iniciado em : Modo Normal
Usuario : Henrique [Privilegios de Admnistrador]
Modo : Verificar -- Data : 05/10/2014 00:32:46
| ARK || FAK || MBR |
 
¤¤¤ Entradas ruins : 0 ¤¤¤
 
¤¤¤ Entradas do Registro : 0 ¤¤¤
 
¤¤¤ As tarefas agendadas : 0 ¤¤¤
 
¤¤¤ entradas de inicialização : 0 ¤¤¤
 
¤¤¤ Os navegadores da Web : 0 ¤¤¤
 
¤¤¤ Browser Addons : 0 ¤¤¤
 
¤¤¤ Arquivos / Pastas Pessoais: ¤¤¤
 
¤¤¤ Driver : [Não Carregado 0x0] ¤¤¤
[Address] EAT @explorer.exe (AsyncGetClassBits) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7D70B0)
[Address] EAT @explorer.exe (AsyncInstallDistributionUnit) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7D7210)
[Address] EAT @explorer.exe (BindAsyncMoniker) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7C1F90)
[Address] EAT @explorer.exe (CDLGetLongPathNameA) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7D78D0)
[Address] EAT @explorer.exe (CDLGetLongPathNameW) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7D78E8)
[Address] EAT @explorer.exe (CORPolicyProvider) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7C1674)
[Address] EAT @explorer.exe (CoGetClassObjectFromURL) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7D73FC)
[Address] EAT @explorer.exe (CoInstall) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7D7460)
[Address] EAT @explorer.exe (CoInternetCanonicalizeIUri) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD785660)
[Address] EAT @explorer.exe (CoInternetCombineIUri) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7880A0)
[Address] EAT @explorer.exe (CoInternetCombineUrl) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7746A4)
[Address] EAT @explorer.exe (CoInternetCombineUrlEx) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7743C0)
[Address] EAT @explorer.exe (CoInternetCompareUrl) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7C5280)
[Address] EAT @explorer.exe (CoInternetCreateSecurityManager) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD741EE0)
[Address] EAT @explorer.exe (CoInternetCreateZoneManager) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD750810)
[Address] EAT @explorer.exe (CoInternetFeatureSettingsChanged) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD800284)
[Address] EAT @explorer.exe (CoInternetGetProtocolFlags) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7C537C)
[Address] EAT @explorer.exe (CoInternetGetSecurityUrl) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7C53D0)
[Address] EAT @explorer.exe (CoInternetGetSecurityUrlEx) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD789CD0)
[Address] EAT @explorer.exe (CoInternetGetSession) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD742460)
[Address] EAT @explorer.exe (CoInternetIsFeatureEnabled) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD788DC0)
[Address] EAT @explorer.exe (CoInternetIsFeatureEnabledForIUri) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7851B8)
[Address] EAT @explorer.exe (CoInternetIsFeatureEnabledForUrl) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD781820)
[Address] EAT @explorer.exe (CoInternetIsFeatureZoneElevationEnabled) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7C586C)
[Address] EAT @explorer.exe (CoInternetParseIUri) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7756A8)
[Address] EAT @explorer.exe (CoInternetParseUrl) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD751490)
[Address] EAT @explorer.exe (CoInternetQueryInfo) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD787C50)
[Address] EAT @explorer.exe (CoInternetSetFeatureEnabled) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7C5AF4)
[Address] EAT @explorer.exe (CompareSecurityIds) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD75D1A4)
[Address] EAT @explorer.exe (CompatFlagsFromClsid) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD784044)
[Address] EAT @explorer.exe (CopyBindInfo) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7D3020)
[Address] EAT @explorer.exe (CopyStgMedium) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD74BA0C)
[Address] EAT @explorer.exe (CreateAsyncBindCtx) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7986C0)
[Address] EAT @explorer.exe (CreateAsyncBindCtxEx) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD783D14)
[Address] EAT @explorer.exe (CreateFormatEnumerator) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7668E0)
[Address] EAT @explorer.exe (CreateIUriBuilder) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD743660)
[Address] EAT @explorer.exe (CreateURLMoniker) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD79CCF4)
[Address] EAT @explorer.exe (CreateURLMonikerEx) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7478D0)
[Address] EAT @explorer.exe (CreateURLMonikerEx2) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7840F0)
[Address] EAT @explorer.exe (CreateUri) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7416F0)
[Address] EAT @explorer.exe (CreateUriFromMultiByteString) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7C1EE4)
[Address] EAT @explorer.exe (CreateUriPriv) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7C1EF8)
[Address] EAT @explorer.exe (CreateUriWithFragment) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7C1F40)
[Address] EAT @explorer.exe (DllCanUnloadNow) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD741600)
[Address] EAT @explorer.exe (DllGetClassObject) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD78AB3C)
[Address] EAT @explorer.exe (DllInstall) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7C2458)
[Address] EAT @explorer.exe (DllRegisterServer) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7C2464)
[Address] EAT @explorer.exe (DllRegisterServerEx) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD79E070)
[Address] EAT @explorer.exe (DllUnregisterServer) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7C2470)
[Address] EAT @explorer.exe (Extract) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7D7F74)
[Address] EAT @explorer.exe (FaultInIEFeature) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7D8FE8)
[Address] EAT @explorer.exe (FileBearsMarkOfTheWeb) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD776B60)
[Address] EAT @explorer.exe (FindMediaType) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7C2E9C)
[Address] EAT @explorer.exe (FindMediaTypeClass) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD766080)
[Address] EAT @explorer.exe (FindMimeFromData) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7850BC)
[Address] EAT @explorer.exe (GetAddSitesFileUrl) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD8002B0)
[Address] EAT @explorer.exe (GetClassFileOrMime) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD79B8EC)
[Address] EAT @explorer.exe (GetClassURL) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7C2074)
[Address] EAT @explorer.exe (GetComponentIDFromCLSSPEC) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7D92E8)
[Address] EAT @explorer.exe (GetIDNFlagsForUri) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD75C7F0)
[Address] EAT @explorer.exe (GetIUriPriv) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7C1F60)
[Address] EAT @explorer.exe (GetIUriPriv2) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7C1F50)
[Address] EAT @explorer.exe (GetLabelsFromNamedHost) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD808B54)
[Address] EAT @explorer.exe (GetMarkOfTheWeb) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7F9390)
[Address] EAT @explorer.exe (GetPortFromUrlScheme) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7C1E94)
[Address] EAT @explorer.exe (GetPropertyFromName) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7C1EA4)
[Address] EAT @explorer.exe (GetPropertyName) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7C1EB4)
[Address] EAT @explorer.exe (GetSoftwareUpdateInfo) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD79E070)
[Address] EAT @explorer.exe (GetUrlmonThreadNotificationHwnd) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD79DEB4)
[Address] EAT @explorer.exe (GetZoneFromAlternateDataStreamEx) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD746D90)
[Address] EAT @explorer.exe (HlinkGoBack) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7F6E78)
[Address] EAT @explorer.exe (HlinkGoForward) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7F6F24)
[Address] EAT @explorer.exe (HlinkNavigateMoniker) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7F6FD0)
[Address] EAT @explorer.exe (HlinkNavigateString) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7F7004)
[Address] EAT @explorer.exe (HlinkSimpleNavigateToMoniker) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7F7038)
[Address] EAT @explorer.exe (HlinkSimpleNavigateToString) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7F75E8)
[Address] EAT @explorer.exe (IECompatLogCSSFix) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7D12FC)
[Address] EAT @explorer.exe (IEDllLoader) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7C26F0)
[Address] EAT @explorer.exe (IEGetUserPrivateNamespaceName) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7D3244)
[Address] EAT @explorer.exe (IEInstallScope) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7D7554)
[Address] EAT @explorer.exe (IntlPercentEncodeNormalize) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7C1F70)
[Address] EAT @explorer.exe (IsAsyncMoniker) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7821FC)
[Address] EAT @explorer.exe (IsDWORDProperty) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7C1EC4)
[Address] EAT @explorer.exe (IsIntranetAvailable) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD800668)
[Address] EAT @explorer.exe (IsJITInProgress) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD75B328)
[Address] EAT @explorer.exe (IsLoggingEnabledA) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7F855C)
[Address] EAT @explorer.exe (IsLoggingEnabledW) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7F8688)
[Address] EAT @explorer.exe (IsStringProperty) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7C1ED4)
[Address] EAT @explorer.exe (IsValidURL) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD777610)
[Address] EAT @explorer.exe (MkParseDisplayNameEx) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7992F0)
[Address] EAT @explorer.exe (ObtainUserAgentString) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7CDCE0)
[Address] EAT @explorer.exe (PrivateCoInstall) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7D7560)
[Address] EAT @explorer.exe (QueryAssociations) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD75E9C0)
[Address] EAT @explorer.exe (QueryClsidAssociation) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7D0A8C)
[Address] EAT @explorer.exe (RegisterBindStatusCallback) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD77F600)
[Address] EAT @explorer.exe (RegisterFormatEnumerator) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD781C6C)
[Address] EAT @explorer.exe (RegisterMediaTypeClass) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7C20C0)
[Address] EAT @explorer.exe (RegisterMediaTypes) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7C2210)
[Address] EAT @explorer.exe (RegisterWebPlatformPermanentSecurityManager) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD778C54)
[Address] EAT @explorer.exe (ReleaseBindInfo) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD747D40)
[Address] EAT @explorer.exe (RevokeBindStatusCallback) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD77FBF0)
[Address] EAT @explorer.exe (RevokeFormatEnumerator) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7C22CC)
[Address] EAT @explorer.exe (SetAccessForIEAppContainer) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7D3258)
[Address] EAT @explorer.exe (SetSoftwareUpdateAdvertisementState) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD79E070)
[Address] EAT @explorer.exe (ShouldDisplayPunycodeForUri) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7CDE50)
[Address] EAT @explorer.exe (ShouldShowIntranetWarningSecband) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD783A3C)
[Address] EAT @explorer.exe (ShowTrustAlertDialog) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD800820)
[Address] EAT @explorer.exe (URLDownloadA) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7C5CC4)
[Address] EAT @explorer.exe (URLDownloadToCacheFileA) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7F7D9C)
[Address] EAT @explorer.exe (URLDownloadToCacheFileW) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD76A0C4)
[Address] EAT @explorer.exe (URLDownloadToFileA) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7F7F10)
[Address] EAT @explorer.exe (URLDownloadToFileW) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD76EFD0)
[Address] EAT @explorer.exe (URLDownloadW) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7C5D78)
[Address] EAT @explorer.exe (URLOpenBlockingStreamA) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7F8058)
[Address] EAT @explorer.exe (URLOpenBlockingStreamW) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7F8138)
[Address] EAT @explorer.exe (URLOpenPullStreamA) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7F821C)
[Address] EAT @explorer.exe (URLOpenPullStreamW) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7F82E0)
[Address] EAT @explorer.exe (URLOpenStreamA) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7F8408)
[Address] EAT @explorer.exe (URLOpenStreamW) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7F84D0)
[Address] EAT @explorer.exe (UnregisterWebPlatformPermanentSecurityManager) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD79C9B4)
[Address] EAT @explorer.exe (UrlMkBuildVersion) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7C2804)
[Address] EAT @explorer.exe (UrlMkGetSessionOption) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD753E60)
[Address] EAT @explorer.exe (UrlMkSetSessionOption) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD77D0E4)
[Address] EAT @explorer.exe (UrlmonCleanupCurrentThread) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD76A27C)
[Address] EAT @explorer.exe (WriteHitLogging) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7F85D0)
[Address] EAT @explorer.exe (ZonesReInit) : NSI.dll -> HOOKED (C:\Windows\system32\urlmon.dll @ 0xFD7F9C30)
 
¤¤¤ Hives externas: ¤¤¤
 
¤¤¤ Infecção :  ¤¤¤
 
¤¤¤ Arquivo de Hosts: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
 
 
127.0.0.1       localhost
 
 
¤¤¤ Verificaçao do MBR: ¤¤¤
 
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST3500413AS ATA Device +++++
--- User ---
[MBR] db2c9d0870164f21d656f7268bcf95c6
[BSP] b4f88e2e8b3dc6d0447d60bd512fa6b3 : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 MB
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 81920 | Size: 13466 MB
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 27660288 | Size: 463433 MB
User = LL1 ... OK!
User = LL2 ... OK!
 
+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) Generic- Multi-Card USB Device +++++
Error reading User MBR! ([0x15] O dispositivo não está pronto. )
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Não há suporte para o pedido. )
 
Concluido : << RKreport[0]_S_05102014_003246.txt >>
RKreport[0]_S_03082014_154252.txt


#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,240 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:03 PM

Posted 09 May 2014 - 11:27 PM

It appears you have deeper infections. We have to start a new topic to remove these.
Name it  "Looks like Rootkits"
 
Post the RogueKiller log and a DDS log from this guide.
 
Please follow this Preparation Guide, do steps 6,7 and 8 and post in a new topic.
Let me know if all went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 HDLO

HDLO
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:03:03 PM

Posted 09 May 2014 - 11:43 PM

The new topic was created. Thank you so much for what you are doing!



#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,240 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:03 PM

Posted 10 May 2014 - 10:25 AM

Thank You!!

Now that your log is properly posted, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a Malware Removal Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.
From this point on the Malware Removal Team should be the only members that you take advice from, until they have verified your log as clean.
Please be patient. It may take a while to get a response because the Malware Removal Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the Malware Removal Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRL Team member is already assisting you and not open the thread to respond.
The current wait time is 1 - 3 days and ALL logs are answered.
If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.
To avoid confusion, I am closing this topic.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users