Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

FAKE Flash Player Update Notification


  • Please log in to reply
14 replies to this topic

#1 viknesh

viknesh

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:12:21 AM

Posted 09 May 2014 - 02:30 PM

Please help me. Some bloody virus spread through my two laptops and one pc which used same router :( This problem persists from this morning.

 

Whenever I go to website like Facebook of Youtube a popup shows a flash player update notification. And I can never get inside the original website

 

GzhhmiK.png

 

 

6mkxy8y.png

 

 

I didn't click any link from that popup till now. My internet speed completely slowed down. I followed the steps given in the previous threads and here are my results. Malware bytes found no threats. I have AVG Internet security installed and updated. When scanning in safemode It found a BOOTKIT on each of my partitions. And the problem still persists even after all this cleaning measures. I am yet to scan with ESET.

 

Mini Toolbox Log

 

MiniToolBox by Farbar  Version: 23-01-2014
Ran by Viknesh (administrator) on 09-05-2014 at 23:40:14
Running from "D:\"
Microsoft Windows 7 Ultimate  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1                   www.happy-digital.com

========================= IP Configuration: ================================

Atheros AR9285 Wireless Network Adapter = Wireless Network Connection (Connected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : Viknesh-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : 16-E5-43-1E-1F-00
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Atheros AR9285 Wireless Network Adapter
   Physical Address. . . . . . . . . : 74-E5-43-1E-1F-00
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::59b8:5bd4:e174:e414%13(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.3(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : 09 May 2014 11:29:46:PM
   Lease Expires . . . . . . . . . . : 10 May 2014 11:05:19:AM
   Default Gateway . . . . . . . . . : fe80::9e8e:dcff:fe1d:16a8%13
                                       192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DNS Servers . . . . . . . . . . . : 23.253.94.129
                                       8.8.8.8
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{5CBCC849-3824-4D7B-ADBF-142D2984816E}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:204e:99b0:8a27:8ecf(Preferred)
   Link-local IPv6 Address . . . . . : fe80::204e:99b0:8a27:8ecf%14(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{FAA6715B-7846-49B0-A657-E34783E46394}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  UnKnown
Address:  23.253.94.129

Name:    google.com
Addresses:  37.59.45.163
      192.99.14.132
      173.234.241.50


Pinging google.com [74.125.236.37] with 32 bytes of data:
Reply from 74.125.236.37: bytes=32 time=23ms TTL=57
Request timed out.

Ping statistics for 74.125.236.37:
    Packets: Sent = 2, Received = 1, Lost = 1 (50% loss),
Approximate round trip times in milli-seconds:
    Minimum = 23ms, Maximum = 23ms, Average = 23ms
Server:  UnKnown
Address:  23.253.94.129

Name:    yahoo.com
Addresses:  173.234.241.50
      37.59.45.163


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=306ms TTL=45
Reply from 98.139.183.24: bytes=32 time=300ms TTL=45

Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 300ms, Maximum = 306ms, Average = 303ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 15...16 e5 43 1e 1f 00 ......Microsoft Virtual WiFi Miniport Adapter
 13...74 e5 43 1e 1f 00 ......Atheros AR9285 Wireless Network Adapter
  1...........................Software Loopback Interface 1
 16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1      192.168.1.3     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link       192.168.1.3    281
      192.168.1.3  255.255.255.255         On-link       192.168.1.3    281
    192.168.1.255  255.255.255.255         On-link       192.168.1.3    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.1.3    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.1.3    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 13    281 ::/0                     fe80::9e8e:dcff:fe1d:16a8
 14     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 14     58 2001::/32                On-link
 14    306 2001:0:9d38:6ab8:204e:99b0:8a27:8ecf/128
                                    On-link
 13    281 fe80::/64                On-link
 14    306 fe80::/64                On-link
 14    306 fe80::204e:99b0:8a27:8ecf/128
                                    On-link
 13    281 fe80::59b8:5bd4:e174:e414/128
                                    On-link
  1    306 ff00::/8                 On-link
 14    306 ff00::/8                 On-link
 13    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/09/2014 11:29:49 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/09/2014 11:29:13 PM) (Source: BstHdAndroidSvc) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (05/09/2014 11:28:48 PM) (Source: ActiveLock Server) (User: )
Description: Exception thrown acquiring lock.  Exception message: Software Version has not been set.

Error: (05/09/2014 11:28:48 PM) (Source: ActiveLock Server) (User: )
Description: Exception thrown acquiring lock.  Exception message: Software Version has not been set.

Error: (05/09/2014 11:28:48 PM) (Source: ActiveLock Server) (User: )
Description: Exception thrown acquiring lock.  Exception message: Software Version has not been set.

Error: (05/09/2014 11:15:02 PM) (Source: Application Error) (User: )
Description: Faulting application name: WSCommCntr4.exe, version: 4.0.3.0, time stamp: 0x50dcb523
Faulting module name: ntdll.dll, version: 6.1.7601.22436, time stamp: 0x521eb03f
Exception code: 0xc0000005
Fault offset: 0x000000000004d774
Faulting process id: 0x1b24
Faulting application start time: 0xWSCommCntr4.exe0
Faulting application path: WSCommCntr4.exe1
Faulting module path: WSCommCntr4.exe2
Report Id: WSCommCntr4.exe3

Error: (05/09/2014 11:07:45 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/09/2014 11:05:10 PM) (Source: ActiveLock Server) (User: )
Description: Exception thrown acquiring lock.  Exception message: Software Version has not been set.

Error: (05/09/2014 11:05:10 PM) (Source: ActiveLock Server) (User: )
Description: Exception thrown acquiring lock.  Exception message: Software Version has not been set.

Error: (05/09/2014 11:05:10 PM) (Source: ActiveLock Server) (User: )
Description: Exception thrown acquiring lock.  Exception message: Software Version has not been set.


System errors:
=============
Error: (05/09/2014 11:29:13 PM) (Source: Service Control Manager) (User: )
Description: The BlueStacks Android Service service terminated with the following error:
%%1064

Error: (05/09/2014 11:28:23 PM) (Source: BTHUSB) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.

Error: (05/09/2014 11:28:40 PM) (Source: BugCheck) (User: )
Description: 0x0000001e (0x0000000000000000, 0x0000000000000000, 0x0000000000000000, 0x0000000000000000)C:\Windows\MEMORY.DMP050914-44990-01

Error: (05/09/2014 11:28:33 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 23:25:54 on ?09-?05-?2014 was unexpected.

Error: (05/09/2014 11:05:57 PM) (Source: Service Control Manager) (User: )
Description: The MBAMScheduler service failed to start due to the following error:
%%1053

Error: (05/09/2014 11:05:57 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the MBAMScheduler service to connect.

Error: (05/09/2014 11:04:52 PM) (Source: BTHUSB) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.

Error: (05/09/2014 10:56:33 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (05/09/2014 10:56:33 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (05/09/2014 10:56:33 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068


Microsoft Office Sessions:
=========================
Error: (05/09/2014 11:29:49 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/09/2014 11:29:13 PM) (Source: BstHdAndroidSvc)(User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (05/09/2014 11:28:48 PM) (Source: ActiveLock Server)(User: )
Description: Exception thrown acquiring lock.  Exception message: Software Version has not been set.

Error: (05/09/2014 11:28:48 PM) (Source: ActiveLock Server)(User: )
Description: Exception thrown acquiring lock.  Exception message: Software Version has not been set.

Error: (05/09/2014 11:28:48 PM) (Source: ActiveLock Server)(User: )
Description: Exception thrown acquiring lock.  Exception message: Software Version has not been set.

Error: (05/09/2014 11:15:02 PM) (Source: Application Error)(User: )
Description: WSCommCntr4.exe4.0.3.050dcb523ntdll.dll6.1.7601.22436521eb03fc0000005000000000004d7741b2401cf6bae6577c602C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\WSCommCntr4.exeC:\Windows\SYSTEM32\ntdll.dlla5a0db8d-d7a1-11e3-9af4-abea28c322e9

Error: (05/09/2014 11:07:45 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/09/2014 11:05:10 PM) (Source: ActiveLock Server)(User: )
Description: Exception thrown acquiring lock.  Exception message: Software Version has not been set.

Error: (05/09/2014 11:05:10 PM) (Source: ActiveLock Server)(User: )
Description: Exception thrown acquiring lock.  Exception message: Software Version has not been set.

Error: (05/09/2014 11:05:10 PM) (Source: ActiveLock Server)(User: )
Description: Exception thrown acquiring lock.  Exception message: Software Version has not been set.


=========================== Installed Programs ============================

µTorrent (Version: 3.4.1.30768)
64 Bit HP CIO Components Installer (Version: 6.2.1)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Adobe After Effects CC (Version: 12)
Adobe Flash Player 13 ActiveX (Version: 13.0.0.206)
Adobe Flash Player 13 Plugin (Version: 13.0.0.206)
AIO_Scan (Version: 130.0.365.000)
Apple Application Support (Version: 2.3.4)
Atheros WLAN Client Installation Program (Version: 7.0)
Autodesk 3ds Max 2014 (Version: 16.0.420.0)
Autodesk 3ds Max 2014 64-bit Populate Data (Version: 1.0.0.1)
Autodesk Backburner 2014 (Version: 14.0.0.0)
Autodesk Composite 2014 (Version: 9.0.0.0)
Autodesk DirectConnect 2014 64-bit (Version: 8.0.56.1)
Autodesk Essential Skills Movies for 3ds Max 2014 64-bit (Version: 1.2.0.0)
Autodesk Inventor Server Engine for 3ds Max 2014 64-bit (Version: 16.0)
Autodesk Material Library 2014 (Version: 4.0.32.600)
Autodesk Material Library Base Resolution Image Library 2014 (Version: 4.0.32.600)
Autodesk Material Library Medium Resolution Image Library 2014 (Version: 4.0.32.600)
Autodesk Revit Interoperability for 3ds Max 2014 (Version: 13.02.15161)
AVG 2014 (Version: 14.0.3931)
AVG 2014 (Version: 14.0.4577)
AVG 2014 (Version: 2014.0.4577)
AVS Video Converter 8 (Version: 8.4.1.540)
BlueStacks App Player (Version: 0.7.16.910)
BufferChm (Version: 130.0.331.000)
CCleaner (Version: 4.11)
CloudReading (Version: 1.1.47.1220)
Copy (Version: 130.0.428.000)
Destinations (Version: 130.0.0.0)
DeviceDiscovery (Version: 130.0.465.000)
DJ_AIO_ProductContext (Version: 130.0.365.000)
DJ_AIO_Software (Version: 130.0.365.000)
DJ_AIO_Software_min (Version: 130.0.365.000)
Dolby Home Theater v4 (Version: 7.2.7000.7)
doPDF 7.3 printer
Energy Management (Version: 7.0.3.9)
F2100 (Version: 130.0.365.000)
Facebook Video Calling 2.0.0.447 (Version: 2.0.447)
Flatiron 1.71 (Version: 1.71)
Forest Pack Pro 4.0.2.352
Foxit Reader (Version: 6.1.2.1224)
Freemake Video Downloader (Version: 3.6.4)
GeForce Experience NvStream Client Components (Version: 1.6.28)
Google Chrome (Version: 34.0.1847.131)
Google Input Tamil
Google Input Tools
Google Update Helper (Version: 1.3.24.7)
GPBaseService2 (Version: 130.0.371.000)
GPL Ghostscript (Version: 9.05)
HP Customer Participation Program 13.0 (Version: 13.0)
HP Deskjet All-In-One Driver Software 13.0 Rel. 1 (Version: 13.0)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP Photosmart Essential 3.5 (Version: 3.5)
HP Smart Web Printing 4.51 (Version: 4.51)
HP Solution Center 13.0 (Version: 13.0)
HP Update (Version: 4.000.011.006)
HPPhotoGadget (Version: 130.0.282.000)
HPPhotoSmartDiscLabelContent1 (Version: 2.04.0000)
HPPhotosmartEssential (Version: 2.04.0000)
HPProductAssistant (Version: 130.0.371.000)
Intel® OpenCL CPU Runtime
Intel® Processor Graphics (Version: 8.15.10.2626)
Intel® USB 3.0 eXtensible Host Controller Driver (Version: 1.0.3.214)
Internet Download Manager
IrfanView (remove only) (Version: 4.37)
Java 7 Update 45 (64-bit) (Version: 7.0.450)
K-Lite Mega Codec Pack 10.2.0 (Version: 10.2.0)
Lenovo EasyCamera (Version: 1.11.1214.1)
Lenovo MuteSync (Version: 1.0.10)
Malwarebytes Anti-Malware version 2.0.1.1004 (Version: 2.0.1.1004)
MarketResearch (Version: 130.0.374.000)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4734.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.4734.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.4734.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.4734.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Visual C++ 2005 Redistributable - x64 8.0.50727.42 False (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable - x64 8.0.51011 False (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable - x64 8.0.56336 False (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable - x64 8.0.58298 False (Version: 8.0.58298)
Microsoft Visual C++ 2005 Redistributable - x64 8.0.59192 False (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (Version: 8.0.61000)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.50727.42 False (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.51011 False (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.56336 False (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.58299 False (Version: 8.0.58299)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.59193 False (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 False (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.0 False (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.218 False (Version: 9.0.21022.218)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30411 False (Version: 9.0.30411)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 False (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 False (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4048 False (Version: 9.0.30729.4048)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 False (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.5570 False (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 False (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.0 False (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 False (Version: 9.0.21022.218)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 False (Version: 9.0.30411)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 False (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 False (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 False (Version: 9.0.30729.4048)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 False (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.5570 False (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.30319 False (Version: 10.0.30319)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.30319 False (Version: 10.0.30319)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 False (Version: 11.0.50727.1)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 False (Version: 11.0.51106.1)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (Version: 11.0.60610.1)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 False (Version: 11.0.50727.1)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 False (Version: 11.0.51106.1)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (Version: 11.0.60610.1)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 False (Version: 11.0.50727)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 False (Version: 11.0.51106)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 False (Version: 11.0.50727)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 False (Version: 11.0.51106)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 False (Version: 11.0.50727)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 False (Version: 11.0.51106)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (Version: 11.0.60610)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 False (Version: 11.0.50727)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 False (Version: 11.0.51106)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (Version: 11.0.60610)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (Version: 12.0.21005.1)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (Version: 12.0.21005.1)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005)
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (Version: 12.0.21005)
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (Version: 12.0.21005)
Mozilla Firefox 29.0 (x86 en-US) (Version: 29.0)
Mozilla Maintenance Service (Version: 29.0)
NEF Codec (Version: 1.00.0000)
NVIDIA Control Panel 335.23 (Version: 335.23)
NVIDIA GeForce Experience 1.8.2.1 (Version: 1.8.2.1)
NVIDIA Graphics Driver 335.23 (Version: 335.23)
NVIDIA Install Application (Version: 2.1002.147.1067)
NVIDIA LED Visualizer 1.0 (Version: 1.0)
NVIDIA Network Service (Version: 1.0)
NVIDIA Optimus Update 11.10.13 (Version: 11.10.13)
NVIDIA PhysX (Version: 9.13.1220)
NVIDIA PhysX System Software 9.13.1220 (Version: 9.13.1220)
NVIDIA ShadowPlay 11.10.13 (Version: 11.10.13)
NVIDIA Update 11.10.13 (Version: 11.10.13)
NVIDIA Update Core (Version: 11.10.13)
NVIDIA Virtual Audio 1.2.20 (Version: 1.2.20)
PowerISO (Version: 5.8)
QuickTime (Version: 7.74.80.86)
Realtek High Definition Audio Driver (Version: 6.0.1.6559)
Scan (Version: 13.0.0.0)
SHIELD Streaming (Version: 1.7.321)
Skype™ 5.10 (Version: 5.10.116)
SmartWebPrinting (Version: 130.0.457.000)
SolutionCenter (Version: 130.0.373.000)
Status (Version: 130.0.469.000)
Synaptics Pointing Device Driver (Version: 16.2.10.5)
TeraCopy 2.3
The KMPlayer (Version: 3.8.0.119)
Toolbox (Version: 130.0.648.000)
TrayApp (Version: 130.0.422.000)
TuneUp Utilities 2014 (en-US) (Version: 14.0.1000.221)
TuneUp Utilities 2014 (Version: 14.0.1000.221)
UnloadSupport (Version: 11.0.0)
USB Disk Security
Viber 3.0.0.5751
Visual Studio 2012 x64 Redistributables (Version: 14.0.0.1)
Visual Studio 2012 x86 Redistributables (Version: 14.0.0.1)
V-Ray for 3dsmax 2014 for x64 (Version: 2.40.04)
WebReg (Version: 130.0.132.017)
WibuKey Setup (WibuKey Remove) (Version: Version 6.11 of 2013-Feb-27 (Build 1057) (Setup))
Windows Driver Package - Lenovo (ACPIVPC) System  (12/15/2011 7.1.0.1) (Version: 12/15/2011 7.1.0.1)
WinPcap 4.1.2 (Version: 4.1.0.2001)

========================= Memory info: ===================================

Percentage of memory in use: 50%
Total physical RAM: 3959.38 MB
Available physical RAM: 1967.61 MB
Total Pagefile: 7916.95 MB
Available Pagefile: 5645.46 MB
Total Virtual: 4095.88 MB
Available Virtual: 3974.93 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:100 GB) (Free:19.27 GB) NTFS
2 Drive d: (Softwares) (Fixed) (Total:100 GB) (Free:6.07 GB) NTFS
3 Drive e: (Movies, Songs, Pics) (Fixed) (Total:100 GB) (Free:9.99 GB) NTFS
4 Drive f: (Viknesh) (Fixed) (Total:59.96 GB) (Free:1.37 GB) NTFS
5 Drive g: (Photography) (Fixed) (Total:105.59 GB) (Free:0.1 GB) NTFS

========================= Users: ========================================

User accounts for \\VIKNESH-PC

Administrator            Guest                    Viknesh                  

========================= Minidump Files ==================================

No minidump file found


**** End of log ****
 

 

TDSS Killer Log

 

23:40:59.0636 0x0f04  TDSS rootkit removing tool 3.0.0.34 Apr 29 2014 18:20:10
23:41:03.0973 0x0f04  ============================================================
23:41:03.0973 0x0f04  Current date / time: 2014/05/09 23:41:03.0973
23:41:03.0973 0x0f04  SystemInfo:
23:41:03.0973 0x0f04  
23:41:03.0973 0x0f04  OS Version: 6.1.7601 ServicePack: 1.0
23:41:03.0973 0x0f04  Product type: Workstation
23:41:03.0973 0x0f04  ComputerName: VIKNESH-PC
23:41:03.0973 0x0f04  UserName: Viknesh
23:41:03.0973 0x0f04  Windows directory: C:\Windows
23:41:03.0973 0x0f04  System windows directory: C:\Windows
23:41:03.0973 0x0f04  Running under WOW64
23:41:03.0973 0x0f04  Processor architecture: Intel x64
23:41:03.0973 0x0f04  Number of processors: 4
23:41:03.0973 0x0f04  Page size: 0x1000
23:41:03.0973 0x0f04  Boot type: Normal boot
23:41:03.0973 0x0f04  ============================================================
23:41:05.0596 0x0f04  KLMD registered as C:\Windows\system32\drivers\46106541.sys
23:41:05.0736 0x0f04  System UUID: {45D2682F-EC9C-D584-9F96-4DBBA4E380B0}
23:41:06.0282 0x0f04  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:41:06.0298 0x0f04  ============================================================
23:41:06.0298 0x0f04  \Device\Harddisk0\DR0:
23:41:06.0298 0x0f04  MBR partitions:
23:41:06.0298 0x0f04  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x64000
23:41:06.0298 0x0f04  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64800, BlocksNum 0xC801800
23:41:06.0298 0x0f04  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xC866800, BlocksNum 0xC800000
23:41:06.0313 0x0f04  \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x19067000, BlocksNum 0xC802000
23:41:06.0344 0x0f04  \Device\Harddisk0\DR0\Partition5: MBR, Type 0x7, StartLBA 0x25869800, BlocksNum 0x77EE000
23:41:06.0360 0x0f04  \Device\Harddisk0\DR0\Partition6: MBR, Type 0x7, StartLBA 0x2D058000, BlocksNum 0xD32E000
23:41:06.0360 0x0f04  ============================================================
23:41:06.0391 0x0f04  C: <-> \Device\Harddisk0\DR0\Partition2
23:41:06.0438 0x0f04  D: <-> \Device\Harddisk0\DR0\Partition3
23:41:06.0469 0x0f04  E: <-> \Device\Harddisk0\DR0\Partition4
23:41:06.0516 0x0f04  F: <-> \Device\Harddisk0\DR0\Partition5
23:41:06.0563 0x0f04  G: <-> \Device\Harddisk0\DR0\Partition6
23:41:06.0563 0x0f04  ============================================================
23:41:06.0563 0x0f04  Initialize success
23:41:06.0563 0x0f04  ============================================================
23:41:10.0712 0x0cc4  ============================================================
23:41:10.0712 0x0cc4  Scan started
23:41:10.0712 0x0cc4  Mode: Manual; TDLFS;
23:41:10.0712 0x0cc4  ============================================================
23:41:10.0712 0x0cc4  KSN ping started
23:41:14.0519 0x0cc4  KSN ping finished: true
23:41:15.0299 0x0cc4  ================ Scan system memory ========================
23:41:15.0299 0x0cc4  System memory - ok
23:41:15.0299 0x0cc4  ================ Scan services =============================
23:41:15.0455 0x0cc4  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
23:41:15.0455 0x0cc4  1394ohci - ok
23:41:15.0580 0x0cc4  [ 4F60636FE6022C23FC5C01EF51533D28, CAD3BAFDCF259D98953A07C6416AD6E20457DE1F1509E8483C698BEC1D4C23F3 ] 3d-io License Server v2.0 C:\Program Files (x86)\3d-io plugins\licensing_v2\ActiveLockServerV2.exe
23:41:15.0580 0x0cc4  3d-io License Server v2.0 - ok
23:41:15.0611 0x0cc4  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
23:41:15.0626 0x0cc4  ACPI - ok
23:41:15.0642 0x0cc4  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
23:41:15.0642 0x0cc4  AcpiPmi - ok
23:41:15.0689 0x0cc4  [ 5E813B11629007309E4FC0F0FD2B7C30, A8FDC3994D236248B7FAEA572E987C8D5903AF5305E06D624909DE786FA811BA ] ACPIVPC         C:\Windows\system32\DRIVERS\AcpiVpc.sys
23:41:15.0689 0x0cc4  ACPIVPC - ok
23:41:15.0798 0x0cc4  [ 7C7E868E1D8096ED08D80FF7712BB9D8, EB4438F3CC377728173E018A763F0D0A8D5BBA4A289F554036D06B24030D2D62 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
23:41:15.0798 0x0cc4  AdobeFlashPlayerUpdateSvc - ok
23:41:15.0860 0x0cc4  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
23:41:15.0876 0x0cc4  adp94xx - ok
23:41:15.0907 0x0cc4  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
23:41:15.0923 0x0cc4  adpahci - ok
23:41:15.0938 0x0cc4  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
23:41:15.0938 0x0cc4  adpu320 - ok
23:41:15.0970 0x0cc4  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
23:41:15.0970 0x0cc4  AeLookupSvc - ok
23:41:16.0016 0x0cc4  [ 50AB05903CBEF298D135A943D4432E3C, CD00C2E03848937078E8DB3AD8E66E96D51099C7CB657AC10BC061741E95AC2A ] AFD             C:\Windows\system32\drivers\afd.sys
23:41:16.0032 0x0cc4  AFD - ok
23:41:16.0063 0x0cc4  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
23:41:16.0063 0x0cc4  agp440 - ok
23:41:16.0063 0x0cc4  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
23:41:16.0079 0x0cc4  ALG - ok
23:41:16.0094 0x0cc4  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
23:41:16.0094 0x0cc4  aliide - ok
23:41:16.0110 0x0cc4  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
23:41:16.0110 0x0cc4  amdide - ok
23:41:16.0141 0x0cc4  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
23:41:16.0141 0x0cc4  AmdK8 - ok
23:41:16.0141 0x0cc4  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
23:41:16.0141 0x0cc4  AmdPPM - ok
23:41:16.0172 0x0cc4  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
23:41:16.0172 0x0cc4  amdsata - ok
23:41:16.0204 0x0cc4  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
23:41:16.0219 0x0cc4  amdsbs - ok
23:41:16.0219 0x0cc4  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
23:41:16.0219 0x0cc4  amdxata - ok
23:41:16.0250 0x0cc4  [ 9C4444FACE3B6A11C613186878A75D8E, 40111E19BD0DD256B4A41E6F0905148762D33BCA0A5308DA7FB0BA641CD9F77F ] AppID           C:\Windows\system32\drivers\appid.sys
23:41:16.0266 0x0cc4  AppID - ok
23:41:16.0282 0x0cc4  [ B30533293343B79785CC00891BB776A5, CFE4C6CF01083FA2BC7579D8D2862E21388D597D346CB0EF1F3334C9D328E706 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
23:41:16.0282 0x0cc4  AppIDSvc - ok
23:41:16.0297 0x0cc4  [ 9651B55594F10F65D6D4498B89E5A4C5, 0726F44A81298116E61DCF720383C2E295EA96C79364A19B1ED1C274D20B3D77 ] Appinfo         C:\Windows\System32\appinfo.dll
23:41:16.0297 0x0cc4  Appinfo - ok
23:41:16.0328 0x0cc4  [ 4D0AA539EFBECC4114031FC1C33F7345, 3D118504FAEE76BA5CE83650409C9BBD472D129B9CDBDBB7C27A5376D76A923F ] AppMgmt         C:\Windows\System32\appmgmts.dll
23:41:16.0344 0x0cc4  AppMgmt - ok
23:41:16.0360 0x0cc4  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
23:41:16.0360 0x0cc4  arc - ok
23:41:16.0391 0x0cc4  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
23:41:16.0391 0x0cc4  arcsas - ok
23:41:16.0484 0x0cc4  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
23:41:16.0500 0x0cc4  aspnet_state - ok
23:41:16.0531 0x0cc4  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
23:41:16.0531 0x0cc4  AsyncMac - ok
23:41:16.0547 0x0cc4  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
23:41:16.0547 0x0cc4  atapi - ok
23:41:16.0656 0x0cc4  [ 3660381F5EA18E14A06C98591B533AD6, F94E7D73989480CF37EDE0710A0111E9A5E51A527EAE6B8D4C84810958107EBE ] athr            C:\Windows\system32\DRIVERS\athrx.sys
23:41:16.0765 0x0cc4  athr - ok
23:41:16.0812 0x0cc4  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:41:16.0843 0x0cc4  AudioEndpointBuilder - ok
23:41:16.0859 0x0cc4  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
23:41:16.0874 0x0cc4  AudioSrv - ok
23:41:16.0937 0x0cc4  [ 2D5E8A35808FDA50274CFD22000DAB53, 3C11CCD0162DD5D036527D7DBEC8159CCB60E84C16F9ADA84773EC3302BEB4A5 ] Avgdiska        C:\Windows\system32\DRIVERS\avgdiska.sys
23:41:16.0937 0x0cc4  Avgdiska - ok
23:41:16.0984 0x0cc4  [ CA10D51653068DB6A0ADEEDDC4946C47, 6E731B28C38ED2BA48CF4855EBBF8B548D45C8DB8ABD9521E5516227CA68072B ] Avgfwfd         C:\Windows\system32\DRIVERS\avgfwd6a.sys
23:41:16.0984 0x0cc4  Avgfwfd - ok
23:41:17.0062 0x0cc4  [ FD57CC9F627CCED94B5E59F2FCE6A78A, 1C0C993DC99B76C448B4A0D1647E262C0599349B0CCDBB575A37B1C8A534966F ] avgfws          C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
23:41:17.0077 0x0cc4  avgfws - ok
23:41:17.0186 0x0cc4  [ 792C8CDADE8C92629752E56A03F0FF1C, A39B6913402DB3A1CBD51E54C0C84434E14DC57B2F7E5CA7C58EBC2B21B7BBAB ] AVGIDSAgent     C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
23:41:17.0311 0x0cc4  AVGIDSAgent - ok
23:41:17.0342 0x0cc4  [ B7E17B7733C4266F140DD356817E5678, CBDD48476811C3B0D66528DD5A0E69A5F1D8070C68EBD8AA5170A8A2C4B22A8D ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdrivera.sys
23:41:17.0342 0x0cc4  AVGIDSDriver - ok
23:41:17.0389 0x0cc4  [ F6CE2F1B6E890FB5EBC04A11A2E31DC1, 7F1442D6EDF18D089C7DBB00AF03BB4376A59006187D29D05402B2830E84F7E7 ] AVGIDSHA        C:\Windows\system32\DRIVERS\avgidsha.sys
23:41:17.0389 0x0cc4  AVGIDSHA - ok
23:41:17.0420 0x0cc4  [ B323DE78E0C75F3605C7A200F3CF350F, 1CBBB65E9E91E0C787530B6B21D89771083C20604E6F8447FAA9BC5FAE1CA895 ] Avgldx64        C:\Windows\system32\DRIVERS\avgldx64.sys
23:41:17.0420 0x0cc4  Avgldx64 - ok
23:41:17.0467 0x0cc4  [ 6E381AFF06BC6ABFAEF70405014D7A37, 887D6B766E27B18406BA30C02F46B5015A4BF9C9947462F75D87956BA4F61745 ] Avgloga         C:\Windows\system32\DRIVERS\avgloga.sys
23:41:17.0467 0x0cc4  Avgloga - ok
23:41:17.0498 0x0cc4  [ DBFB9BEAE2816FDB4B4EF8C89AFA3DF0, 840C5015960904090298D820F526A1A333A4E88C56FA932D1E80F10BF62040E4 ] Avgmfx64        C:\Windows\system32\DRIVERS\avgmfx64.sys
23:41:17.0514 0x0cc4  Avgmfx64 - ok
23:41:17.0514 0x0cc4  [ 9C6CD518AE78D532FB33240DE11C765D, 3532FB7D5434A5488C7513105B51734A27C1D95C8A7ADF1A5DE18A35FE8CE5A6 ] Avgrkx64        C:\Windows\system32\DRIVERS\avgrkx64.sys
23:41:17.0514 0x0cc4  Avgrkx64 - ok
23:41:17.0545 0x0cc4  [ F86A506DA0BF61402E19DB8AF0684C9A, A4AB8FE25B3A27E7351ABFF6A8B7120C722E797BE38708A1C5E38211672C6AE8 ] Avgtdia         C:\Windows\system32\DRIVERS\avgtdia.sys
23:41:17.0545 0x0cc4  Avgtdia - ok
23:41:17.0561 0x0cc4  [ DBAEB3D23C653018629A76E53260E122, DF402D83206EDA77818D3B59456240E66C69D307FCC7419354BF363413BC7963 ] avgwd           C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
23:41:17.0576 0x0cc4  avgwd - ok
23:41:17.0592 0x0cc4  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
23:41:17.0592 0x0cc4  AxInstSV - ok
23:41:17.0654 0x0cc4  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
23:41:17.0654 0x0cc4  b06bdrv - ok
23:41:17.0686 0x0cc4  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
23:41:17.0686 0x0cc4  b57nd60a - ok
23:41:17.0732 0x0cc4  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
23:41:17.0732 0x0cc4  BDESVC - ok
23:41:17.0764 0x0cc4  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
23:41:17.0764 0x0cc4  Beep - ok
23:41:17.0810 0x0cc4  [ F513F0CE75F873A0050A34379A8E76B5, CB1329CCAE7B8EBB711772F4A4C5ABBC47347C948BBBDEE011A8A25872B0C17D ] BFE             C:\Windows\System32\bfe.dll
23:41:17.0810 0x0cc4  BFE - ok
23:41:17.0857 0x0cc4  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
23:41:17.0888 0x0cc4  BITS - ok
23:41:17.0920 0x0cc4  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
23:41:17.0920 0x0cc4  blbdrive - ok
23:41:17.0951 0x0cc4  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
23:41:17.0951 0x0cc4  bowser - ok
23:41:17.0982 0x0cc4  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
23:41:17.0982 0x0cc4  BrFiltLo - ok
23:41:17.0982 0x0cc4  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
23:41:17.0982 0x0cc4  BrFiltUp - ok
23:41:18.0029 0x0cc4  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
23:41:18.0029 0x0cc4  Browser - ok
23:41:18.0044 0x0cc4  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
23:41:18.0060 0x0cc4  Brserid - ok
23:41:18.0060 0x0cc4  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
23:41:18.0060 0x0cc4  BrSerWdm - ok
23:41:18.0060 0x0cc4  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
23:41:18.0076 0x0cc4  BrUsbMdm - ok
23:41:18.0076 0x0cc4  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
23:41:18.0076 0x0cc4  BrUsbSer - ok
23:41:18.0122 0x0cc4  [ 565042698F48738D4E62AAE8473B9300, C126621833A5E6AB0BD8FE5CD39CA1D7DDF09971AB7B5C3D637356C0BA29CB86 ] BstHdAndroidSvc C:\Program Files (x86)\BlueStacks\HD-Service.exe
23:41:18.0138 0x0cc4  BstHdAndroidSvc - ok
23:41:18.0169 0x0cc4  [ E9030B35175CAA68F96F4F73DB9E4902, CB19B343B5A631FD06ED3320DBF3E08C2EA33A3A4DEE5B29E8742B34C44FBF4F ] BstHdDrv        C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys
23:41:18.0169 0x0cc4  BstHdDrv - ok
23:41:18.0185 0x0cc4  [ 5D723B3E6F8C6857B4D40BF05E3143D4, 909007AEB964066523DECA0469435D1FBAAA26BD69C42C4A519243EBCC9C0866 ] BstHdLogRotatorSvc C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
23:41:18.0200 0x0cc4  BstHdLogRotatorSvc - ok
23:41:18.0232 0x0cc4  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
23:41:18.0232 0x0cc4  BthEnum - ok
23:41:18.0263 0x0cc4  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
23:41:18.0263 0x0cc4  BTHMODEM - ok
23:41:18.0278 0x0cc4  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
23:41:18.0278 0x0cc4  BthPan - ok
23:41:18.0310 0x0cc4  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
23:41:18.0341 0x0cc4  BTHPORT - ok
23:41:18.0372 0x0cc4  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
23:41:18.0372 0x0cc4  bthserv - ok
23:41:18.0388 0x0cc4  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
23:41:18.0388 0x0cc4  BTHUSB - ok
23:41:18.0434 0x0cc4  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
23:41:18.0434 0x0cc4  cdfs - ok
23:41:18.0481 0x0cc4  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
23:41:18.0481 0x0cc4  cdrom - ok
23:41:18.0528 0x0cc4  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
23:41:18.0528 0x0cc4  CertPropSvc - ok
23:41:18.0559 0x0cc4  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
23:41:18.0559 0x0cc4  circlass - ok
23:41:18.0590 0x0cc4  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
23:41:18.0590 0x0cc4  CLFS - ok
23:41:18.0653 0x0cc4  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:41:18.0653 0x0cc4  clr_optimization_v2.0.50727_32 - ok
23:41:18.0684 0x0cc4  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:41:18.0684 0x0cc4  clr_optimization_v2.0.50727_64 - ok
23:41:18.0746 0x0cc4  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:41:18.0762 0x0cc4  clr_optimization_v4.0.30319_32 - ok
23:41:18.0762 0x0cc4  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:41:18.0762 0x0cc4  clr_optimization_v4.0.30319_64 - ok
23:41:18.0809 0x0cc4  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
23:41:18.0809 0x0cc4  CmBatt - ok
23:41:18.0824 0x0cc4  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
23:41:18.0824 0x0cc4  cmdide - ok
23:41:18.0871 0x0cc4  [ 29F5E6D593ED5CAC96B0889FD6CF555B, 1A0807F57DD83CAADED8BF96E6FF3A1DAB8C38E4A377D26D60E55C9B814D40AF ] CNG             C:\Windows\system32\Drivers\cng.sys
23:41:18.0871 0x0cc4  CNG - ok
23:41:18.0902 0x0cc4  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
23:41:18.0934 0x0cc4  Compbatt - ok
23:41:18.0980 0x0cc4  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
23:41:18.0980 0x0cc4  CompositeBus - ok
23:41:18.0996 0x0cc4  COMSysApp - ok
23:41:19.0136 0x0cc4  [ 53A8F93D2A84149E8AF03720FC66DA20, 4B03B94C15B467A0A93F8F36A84D62517FE7F89E006D8F44993F454D5FF6C19F ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
23:41:19.0152 0x0cc4  cphs - ok
23:41:19.0168 0x0cc4  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
23:41:19.0183 0x0cc4  crcdisk - ok
23:41:19.0199 0x0cc4  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
23:41:19.0214 0x0cc4  CryptSvc - ok
23:41:19.0246 0x0cc4  [ 5B0D28D7072499817A56527670F5C4B3, 47BC116DA2FD228AFBBCC942458BDE02ACFBFD0F88CBB610160177448B162BD0 ] CSC             C:\Windows\system32\drivers\csc.sys
23:41:19.0261 0x0cc4  CSC - ok
23:41:19.0292 0x0cc4  [ 13E7EB404B935ED29D5D63242BC15675, F785B0C56996BFCCA71F0C62FDC7B2E4589A3A26DA3087D335961636AC426222 ] CscService      C:\Windows\System32\cscsvc.dll
23:41:19.0324 0x0cc4  CscService - ok
23:41:19.0386 0x0cc4  [ F3EF088F45BE326B4EDAC8C1C5A35105, 6A8F992981AB68F811E3EF51545A0B0572A88C746472D24042646329B581F519 ] DcomLaunch      C:\Windows\system32\rpcss.dll
23:41:19.0386 0x0cc4  DcomLaunch - ok
23:41:19.0417 0x0cc4  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
23:41:19.0417 0x0cc4  defragsvc - ok
23:41:19.0448 0x0cc4  [ A61E76AA38582730CEFA51B78B3184B2, 1E7B401E9765C18CA17F26D796CC77601FC06220C4B88FE5727215B0446BE8BB ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
23:41:19.0448 0x0cc4  DfsC - ok
23:41:19.0480 0x0cc4  [ 3249F4E4DBF1BD24B40DFF385F2511D4, BFDF544580127CE07FCF01DE6A011C478F7D5948569B649BB5B0AAD85B2188F2 ] Dhcp            C:\Windows\system32\dhcpcore.dll
23:41:19.0495 0x0cc4  Dhcp - ok
23:41:19.0511 0x0cc4  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
23:41:19.0511 0x0cc4  discache - ok
23:41:19.0542 0x0cc4  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
23:41:19.0542 0x0cc4  Disk - ok
23:41:19.0573 0x0cc4  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
23:41:19.0589 0x0cc4  dmvsc - ok
23:41:19.0636 0x0cc4  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
23:41:19.0636 0x0cc4  Dnscache - ok
23:41:19.0651 0x0cc4  [ 8DA62036CC6192959D675142A3084916, BA97989D8E047872C54BC517697366741AFBB483906185EDED67C7C5854FCB4F ] dot3svc         C:\Windows\System32\dot3svc.dll
23:41:19.0667 0x0cc4  dot3svc - ok
23:41:19.0714 0x0cc4  [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
23:41:19.0714 0x0cc4  Dot4 - ok
23:41:19.0745 0x0cc4  [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
23:41:19.0745 0x0cc4  Dot4Print - ok
23:41:19.0760 0x0cc4  [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
23:41:19.0776 0x0cc4  dot4usb - ok
23:41:19.0807 0x0cc4  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
23:41:19.0807 0x0cc4  DPS - ok
23:41:19.0838 0x0cc4  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
23:41:19.0838 0x0cc4  drmkaud - ok
23:41:19.0901 0x0cc4  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
23:41:19.0932 0x0cc4  DXGKrnl - ok
23:41:19.0963 0x0cc4  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
23:41:19.0963 0x0cc4  EapHost - ok
23:41:20.0072 0x0cc4  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
23:41:20.0166 0x0cc4  ebdrv - ok
23:41:20.0197 0x0cc4  [ F021DAFB1F87616FCEBA159C2ED7042F, 87F4C80B0C490CFE0CE68E17F3D9FC2EC1ECF498C094AE1967F35FE12AEDC478 ] EFS             C:\Windows\System32\lsass.exe
23:41:20.0197 0x0cc4  EFS - ok
23:41:20.0260 0x0cc4  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
23:41:20.0291 0x0cc4  ehRecvr - ok
23:41:20.0291 0x0cc4  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
23:41:20.0306 0x0cc4  ehSched - ok
23:41:20.0353 0x0cc4  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
23:41:20.0369 0x0cc4  elxstor - ok
23:41:20.0384 0x0cc4  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
23:41:20.0384 0x0cc4  ErrDev - ok
23:41:20.0416 0x0cc4  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
23:41:20.0431 0x0cc4  EventSystem - ok
23:41:20.0447 0x0cc4  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
23:41:20.0447 0x0cc4  exfat - ok
23:41:20.0478 0x0cc4  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
23:41:20.0478 0x0cc4  fastfat - ok
23:41:20.0525 0x0cc4  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
23:41:20.0556 0x0cc4  Fax - ok
23:41:20.0587 0x0cc4  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
23:41:20.0587 0x0cc4  fdc - ok
23:41:20.0618 0x0cc4  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
23:41:20.0618 0x0cc4  fdPHost - ok
23:41:20.0634 0x0cc4  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
23:41:20.0634 0x0cc4  FDResPub - ok
23:41:20.0650 0x0cc4  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
23:41:20.0650 0x0cc4  FileInfo - ok
23:41:20.0665 0x0cc4  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
23:41:20.0665 0x0cc4  Filetrace - ok
23:41:20.0774 0x0cc4  [ ECC329F6104EE208C24C4A8C1B4A9D14, E120DAAB58C4083577A8445230DBB841984818188BFD0609576BC704C836DF3F ] FlexNet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
23:41:20.0790 0x0cc4  FlexNet Licensing Service 64 - ok
23:41:20.0821 0x0cc4  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
23:41:20.0821 0x0cc4  flpydisk - ok
23:41:20.0852 0x0cc4  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
23:41:20.0852 0x0cc4  FltMgr - ok
23:41:20.0915 0x0cc4  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
23:41:20.0946 0x0cc4  FontCache - ok
23:41:20.0993 0x0cc4  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:41:21.0008 0x0cc4  FontCache3.0.0.0 - ok
23:41:21.0102 0x0cc4  [ B0B4102BEF8522AE0DF1AA6700DDF714, 2ED9F7064F08D83AF209FA8D4C7F1CADCC92F2BDCD2610738CE2FB0C92F6BAC3 ] FreemakeVideoCapture C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
23:41:21.0102 0x0cc4  FreemakeVideoCapture - ok
23:41:21.0118 0x0cc4  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
23:41:21.0118 0x0cc4  FsDepends - ok
23:41:21.0133 0x0cc4  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
23:41:21.0133 0x0cc4  Fs_Rec - ok
23:41:21.0164 0x0cc4  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
23:41:21.0180 0x0cc4  fvevol - ok
23:41:21.0211 0x0cc4  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
23:41:21.0211 0x0cc4  gagp30kx - ok
23:41:21.0258 0x0cc4  [ 78AF384F14F01009EFB10A31AFEC51F4, B44477AFBBFAD2812181E9A7A02E3899DC60F52B22D7CF439848647F07D81BC1 ] GoogleInputService C:\Program Files (x86)\Google\Google Input Tools\GoogleInputService.exe
23:41:21.0258 0x0cc4  GoogleInputService - ok
23:41:21.0305 0x0cc4  [ 030B778F4272DF185E4E2E8EC49D162E, 702E884DC9C56D67A250F2DE4C293A878054F0F0A3BB64944A204445D9D5357F ] gpsvc           C:\Windows\System32\gpsvc.dll
23:41:21.0336 0x0cc4  gpsvc - ok
23:41:21.0352 0x0cc4  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:41:21.0352 0x0cc4  gupdate - ok
23:41:21.0367 0x0cc4  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:41:21.0367 0x0cc4  gupdatem - ok
23:41:21.0383 0x0cc4  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
23:41:21.0398 0x0cc4  hcw85cir - ok
23:41:21.0445 0x0cc4  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:41:21.0445 0x0cc4  HdAudAddService - ok
23:41:21.0476 0x0cc4  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
23:41:21.0492 0x0cc4  HDAudBus - ok
23:41:21.0508 0x0cc4  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
23:41:21.0508 0x0cc4  HidBatt - ok
23:41:21.0523 0x0cc4  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
23:41:21.0523 0x0cc4  HidBth - ok
23:41:21.0539 0x0cc4  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
23:41:21.0539 0x0cc4  HidIr - ok
23:41:21.0570 0x0cc4  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
23:41:21.0570 0x0cc4  hidserv - ok
23:41:21.0617 0x0cc4  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
23:41:21.0617 0x0cc4  HidUsb - ok
23:41:21.0632 0x0cc4  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
23:41:21.0632 0x0cc4  hkmsvc - ok
23:41:21.0679 0x0cc4  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:41:21.0679 0x0cc4  HomeGroupListener - ok
23:41:21.0710 0x0cc4  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:41:21.0710 0x0cc4  HomeGroupProvider - ok
23:41:21.0788 0x0cc4  [ 1DAE5C46D42B02A6D5862E1482EFB390, 90B14E0A8376AE51872D89C141E88AE144B742805F94B4F7948E295322C78B9D ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
23:41:21.0788 0x0cc4  hpqcxs08 - ok
23:41:21.0804 0x0cc4  [ 99E8EEF42FE2F4AF29B08C3355DD7685, D57BC2148653DA5596FB49F1086D165B11C9F6C644608202C08305D3C8499CFE ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
23:41:21.0804 0x0cc4  hpqddsvc - ok
23:41:21.0835 0x0cc4  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
23:41:21.0835 0x0cc4  HpSAMD - ok
23:41:21.0882 0x0cc4  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
23:41:21.0898 0x0cc4  HTTP - ok
23:41:21.0929 0x0cc4  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
23:41:21.0929 0x0cc4  hwpolicy - ok
23:41:21.0976 0x0cc4  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
23:41:21.0976 0x0cc4  i8042prt - ok
23:41:22.0022 0x0cc4  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
23:41:22.0022 0x0cc4  iaStorV - ok
23:41:22.0054 0x0cc4  [ 929DF302F15BFE24AC66EF45D858C413, 7FC0142EABEB74344D85D3912BC311F37D4136F24C93572E5199E25B40646615 ] IDMWFP          C:\Windows\system32\DRIVERS\idmwfp.sys
23:41:22.0054 0x0cc4  IDMWFP - ok
23:41:22.0116 0x0cc4  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:41:22.0147 0x0cc4  idsvc - ok
23:41:22.0147 0x0cc4  IEEtwCollectorService - ok
23:41:22.0568 0x0cc4  [ 11BA677667432A99CA261A472A2C29B8, EFC8D490E4971A5E944C5E1F849179AB46423EE664322780DA57BB7C3714A2EF ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
23:41:22.0958 0x0cc4  igfx - ok
23:41:23.0005 0x0cc4  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
23:41:23.0005 0x0cc4  iirsp - ok
23:41:23.0052 0x0cc4  [ 1E2A51DB8B28CD431D2B5C76A71AAEE3, A356E381C155DF7D3E905696D63A652D1C01D524B6B866C2288ECC5F3B3D4AB9 ] IKEEXT          C:\Windows\System32\ikeext.dll
23:41:23.0083 0x0cc4  IKEEXT - ok
23:41:23.0224 0x0cc4  [ F242E36CDA231701CFA702641C20FAEC, 47350EF8474F83249A9126AB6894145732CA0B68DA2EE001940C9E4AEF128B88 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
23:41:23.0364 0x0cc4  IntcAzAudAddService - ok
23:41:23.0411 0x0cc4  [ 6C9FFFECA9FED31347D211C5D1FFBD2D, 36CF8B847FAED0D978B3169ED550CC958025902CAC1D7D304E2684B2483E72B8 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
23:41:23.0426 0x0cc4  IntcDAud - ok
23:41:23.0442 0x0cc4  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
23:41:23.0442 0x0cc4  intelide - ok
23:41:23.0473 0x0cc4  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
23:41:23.0473 0x0cc4  intelppm - ok
23:41:23.0504 0x0cc4  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
23:41:23.0520 0x0cc4  IPBusEnum - ok
23:41:23.0536 0x0cc4  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:41:23.0536 0x0cc4  IpFilterDriver - ok
23:41:23.0551 0x0cc4  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
23:41:23.0582 0x0cc4  iphlpsvc - ok
23:41:23.0582 0x0cc4  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
23:41:23.0582 0x0cc4  IPMIDRV - ok
23:41:23.0598 0x0cc4  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
23:41:23.0598 0x0cc4  IPNAT - ok
23:41:23.0614 0x0cc4  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
23:41:23.0629 0x0cc4  IRENUM - ok
23:41:23.0629 0x0cc4  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
23:41:23.0629 0x0cc4  isapnp - ok
23:41:23.0660 0x0cc4  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
23:41:23.0676 0x0cc4  iScsiPrt - ok
23:41:23.0707 0x0cc4  [ 6BCEF45131C8B8E1C558BE540B190B3C, DFFED7FD9DCC15808184E65065DE6138FE010AC01217E5016B2D20A5B89AC570 ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
23:41:23.0723 0x0cc4  iusb3hcs - ok
23:41:23.0738 0x0cc4  [ F080EADA8715F811B58BD35BB774F2F9, 06D5A70CBA89561A71B9CB64D7A298767F098395411A7022F414C7D0AC89A44D ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
23:41:23.0738 0x0cc4  iusb3hub - ok
23:41:23.0785 0x0cc4  [ 0F1756D9396740F053221FA6260FCE66, 0B722BF6BCF66BBD49DE0E92555742976AB33319CF504461A50181BF7A77E886 ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
23:41:23.0816 0x0cc4  iusb3xhc - ok
23:41:23.0832 0x0cc4  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
23:41:23.0832 0x0cc4  kbdclass - ok
23:41:23.0863 0x0cc4  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
23:41:23.0863 0x0cc4  kbdhid - ok
23:41:23.0879 0x0cc4  [ F021DAFB1F87616FCEBA159C2ED7042F, 87F4C80B0C490CFE0CE68E17F3D9FC2EC1ECF498C094AE1967F35FE12AEDC478 ] KeyIso          C:\Windows\system32\lsass.exe
23:41:23.0879 0x0cc4  KeyIso - ok
23:41:23.0894 0x0cc4  [ 7E60C7882EB896B1E4991181C3975F93, 044F46566566299FB8D75CA22D159444EC567861A6386E91E49C7B2E20D92AB0 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
23:41:23.0910 0x0cc4  KSecDD - ok
23:41:23.0910 0x0cc4  [ 6C45E4B6331C614EFB401DA74CCF849E, 147A93CD41A25FAD6D5898A02629F1206B14E16CA4BB62B1B901FBF746A1EF65 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
23:41:23.0910 0x0cc4  KSecPkg - ok
23:41:23.0926 0x0cc4  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
23:41:23.0926 0x0cc4  ksthunk - ok
23:41:23.0957 0x0cc4  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
23:41:23.0972 0x0cc4  KtmRm - ok
23:41:24.0004 0x0cc4  [ 5CE3ADEF1C7203DCC0467E084ACE5643, E8A26479F296451310D42215E3E280C80A18BD6E537A854D1702873AC4162382 ] LanmanServer    C:\Windows\system32\srvsvc.dll
23:41:24.0004 0x0cc4  LanmanServer - ok
23:41:24.0050 0x0cc4  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:41:24.0050 0x0cc4  LanmanWorkstation - ok
23:41:24.0160 0x0cc4  [ BE166935083F9C38EDFDC21B9A7A679B, 89C64DBE58E1B974208AAAA5CC757C599B1439C205C3C48BF16BA054A06DBC94 ] LHDmgr          C:\Windows\system32\DRIVERS\LhdX64.sys
23:41:24.0160 0x0cc4  LHDmgr - ok
23:41:24.0191 0x0cc4  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
23:41:24.0191 0x0cc4  lltdio - ok
23:41:24.0206 0x0cc4  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
23:41:24.0222 0x0cc4  lltdsvc - ok
23:41:24.0238 0x0cc4  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
23:41:24.0238 0x0cc4  lmhosts - ok
23:41:24.0269 0x0cc4  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
23:41:24.0269 0x0cc4  LSI_FC - ok
23:41:24.0300 0x0cc4  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
23:41:24.0316 0x0cc4  LSI_SAS - ok
23:41:24.0316 0x0cc4  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
23:41:24.0316 0x0cc4  LSI_SAS2 - ok
23:41:24.0347 0x0cc4  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
23:41:24.0347 0x0cc4  LSI_SCSI - ok
23:41:24.0362 0x0cc4  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
23:41:24.0362 0x0cc4  luafv - ok
23:41:24.0409 0x0cc4  [ 4A1356200B82B852E137B687F03E8054, 54BAA2726BD19B61F694D316C1F0127ABFF66D06913668A2FAF044F09ADC4287 ] mbamchameleon   C:\Windows\system32\drivers\mbamchameleon.sys
23:41:24.0409 0x0cc4  mbamchameleon - ok
23:41:24.0456 0x0cc4  [ FD5465B876D55534117963FAAA4B9DFC, 63A822A1EEEC42C30CCC9477431E310E3D360489A68BBCD805124681F21C0B6B ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
23:41:24.0456 0x0cc4  MBAMProtector - ok
23:41:24.0534 0x0cc4  [ 0E08BDD7326E657D59DB40BAD23D8169, 428C6CCCC0BB540DFD35847776140D60C186B9D2D14F0ACCD1A4D42A8877BD98 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
23:41:24.0596 0x0cc4  MBAMScheduler - ok
23:41:24.0643 0x0cc4  [ A8E7F3DB083EB0839DFC1C763CDD2594, BDF416E360A52130B23B029C89E6406A97FB0516C52C7E63B94CAECEEB431A2E ] MBAMService     C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
23:41:24.0690 0x0cc4  MBAMService - ok
23:41:24.0752 0x0cc4  [ 6140163BFE9D8F2DFDBA088ED5521C13, B7B501F0D1527A15B1610D133E97AB431574502F0553734009627488D0007595 ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
23:41:24.0752 0x0cc4  MBAMSwissArmy - ok
23:41:24.0768 0x0cc4  [ C49915271600CFC2305FAA4271D0002F, 8412989C50579C79F27E4F9B178B2FF944C8F221AD70D213279D888F5449F868 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
23:41:24.0768 0x0cc4  MBAMWebAccessControl - ok
23:41:24.0784 0x0cc4  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
23:41:24.0784 0x0cc4  Mcx2Svc - ok
23:41:24.0815 0x0cc4  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
23:41:24.0815 0x0cc4  megasas - ok
23:41:24.0846 0x0cc4  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
23:41:24.0862 0x0cc4  MegaSR - ok
23:41:24.0893 0x0cc4  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
23:41:24.0908 0x0cc4  MEIx64 - ok
23:41:24.0986 0x0cc4  [ 0AF89452A8CE3928168F4E5B2208C68B, 571F1A9F1F0B31DB5FFAE7FB7F98C16958439D6666A9F2131B0F2E496BF3D2AC ] mi-raysat_3dsmax2014_64 C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe
23:41:24.0986 0x0cc4  mi-raysat_3dsmax2014_64 - ok
23:41:25.0064 0x0cc4  Microsoft SharePoint Workspace Audit Service - ok
23:41:25.0080 0x0cc4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
23:41:25.0080 0x0cc4  MMCSS - ok
23:41:25.0096 0x0cc4  [ BFFB0C93D9FB43CA42EF11C9240BFF7F, E1E98C55DF9A56316050A21AC5A7D764338DA55F6124B52A52E71B5B0089C3FA ] Modem           C:\Windows\system32\drivers\modem.sys
23:41:25.0096 0x0cc4  Modem - ok
23:41:25.0127 0x0cc4  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
23:41:25.0127 0x0cc4  monitor - ok
23:41:25.0158 0x0cc4  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
23:41:25.0158 0x0cc4  mouclass - ok
23:41:25.0189 0x0cc4  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
23:41:25.0189 0x0cc4  mouhid - ok
23:41:25.0205 0x0cc4  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
23:41:25.0205 0x0cc4  mountmgr - ok
23:41:25.0267 0x0cc4  [ 4F65CBD93B9807BFD4C95598CAA390EE, 1AB3332F401A98A7E3CE99E6126D63E103B360C947BD73735B32C24FCD673D25 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
23:41:25.0267 0x0cc4  MozillaMaintenance - ok
23:41:25.0283 0x0cc4  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
23:41:25.0283 0x0cc4  mpio - ok
23:41:25.0298 0x0cc4  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
23:41:25.0298 0x0cc4  mpsdrv - ok
23:41:25.0345 0x0cc4  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
23:41:25.0376 0x0cc4  MpsSvc - ok
23:41:25.0408 0x0cc4  [ 83A296715A67D696F101130AB44B92A7, 365D984745C38CA6AD2EE038834A02BE03AAAF02BCEB40B4E60E4309C01C3BE2 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
23:41:25.0408 0x0cc4  MRxDAV - ok
23:41:25.0423 0x0cc4  [ 631EC673CD9115AA5A3570E7C092A410, 2FD8525D0BAE43C7D0E8858B65EC2E707734CC59CB642617712C2AA62CF10B04 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
23:41:25.0423 0x0cc4  mrxsmb - ok
23:41:25.0439 0x0cc4  [ B10A0DF47FB6A1B807617A8EB8CF1045, 6EAD4CD5B6325718143AF46B100E0122C254A7E3EECF87AE8590A783D60DD2D0 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:41:25.0439 0x0cc4  mrxsmb10 - ok
23:41:25.0439 0x0cc4  [ B7D1933C1835A39B55BB59A2190DC858, B594BDEA0FB8CE1C736A2F8487A7EC5353AFB1B2DF80178F21897EFDD6D6C4C5 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:41:25.0439 0x0cc4  mrxsmb20 - ok
23:41:25.0454 0x0cc4  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
23:41:25.0454 0x0cc4  msahci - ok
23:41:25.0470 0x0cc4  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
23:41:25.0486 0x0cc4  msdsm - ok
23:41:25.0501 0x0cc4  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
23:41:25.0517 0x0cc4  MSDTC - ok
23:41:25.0532 0x0cc4  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
23:41:25.0532 0x0cc4  Msfs - ok
23:41:25.0548 0x0cc4  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
23:41:25.0548 0x0cc4  mshidkmdf - ok
23:41:25.0564 0x0cc4  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
23:41:25.0564 0x0cc4  msisadrv - ok
23:41:25.0595 0x0cc4  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
23:41:25.0595 0x0cc4  MSiSCSI - ok
23:41:25.0610 0x0cc4  msiserver - ok
23:41:25.0626 0x0cc4  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
23:41:25.0626 0x0cc4  MSKSSRV - ok
23:41:25.0626 0x0cc4  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
23:41:25.0626 0x0cc4  MSPCLOCK - ok
23:41:25.0642 0x0cc4  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
23:41:25.0642 0x0cc4  MSPQM - ok
23:41:25.0657 0x0cc4  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
23:41:25.0657 0x0cc4  MsRPC - ok
23:41:25.0673 0x0cc4  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
23:41:25.0673 0x0cc4  mssmbios - ok
23:41:25.0688 0x0cc4  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
23:41:25.0688 0x0cc4  MSTEE - ok
23:41:25.0704 0x0cc4  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
23:41:25.0704 0x0cc4  MTConfig - ok
23:41:25.0720 0x0cc4  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
23:41:25.0720 0x0cc4  Mup - ok
23:41:25.0751 0x0cc4  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
23:41:25.0782 0x0cc4  napagent - ok
23:41:25.0829 0x0cc4  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
23:41:25.0829 0x0cc4  NativeWifiP - ok
23:41:25.0860 0x0cc4  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
23:41:25.0891 0x0cc4  NDIS - ok
23:41:25.0907 0x0cc4  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
23:41:25.0907 0x0cc4  NdisCap - ok
23:41:25.0922 0x0cc4  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
23:41:25.0922 0x0cc4  NdisTapi - ok
23:41:25.0954 0x0cc4  [ 662CBFAA835FFF1A935DD01890AAFC62, 41CD715EF77446E2ECD70A512BF2A5DC8C32C0F38E56F48621461784C28CF914 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
23:41:25.0954 0x0cc4  Ndisuio - ok
23:41:25.0954 0x0cc4  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
23:41:25.0969 0x0cc4  NdisWan - ok
23:41:25.0969 0x0cc4  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
23:41:25.0969 0x0cc4  NDProxy - ok
23:41:26.0000 0x0cc4  [ D5AC41AE382738483FAFFBD7E373D49A, 68793D15566F387650E9C5010E1CA73BDE3EB4BA431EA0A1673004CAE08413B0 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
23:41:26.0000 0x0cc4  Net Driver HPZ12 - ok
23:41:26.0016 0x0cc4  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
23:41:26.0016 0x0cc4  NetBIOS - ok
23:41:26.0032 0x0cc4  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
23:41:26.0032 0x0cc4  NetBT - ok
23:41:26.0063 0x0cc4  [ F021DAFB1F87616FCEBA159C2ED7042F, 87F4C80B0C490CFE0CE68E17F3D9FC2EC1ECF498C094AE1967F35FE12AEDC478 ] Netlogon        C:\Windows\system32\lsass.exe
23:41:26.0063 0x0cc4  Netlogon - ok
23:41:26.0094 0x0cc4  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
23:41:26.0094 0x0cc4  Netman - ok
23:41:26.0172 0x0cc4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:41:26.0188 0x0cc4  NetMsmqActivator - ok
23:41:26.0188 0x0cc4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:41:26.0188 0x0cc4  NetPipeActivator - ok
23:41:26.0219 0x0cc4  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
23:41:26.0219 0x0cc4  netprofm - ok
23:41:26.0234 0x0cc4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:41:26.0234 0x0cc4  NetTcpActivator - ok
23:41:26.0234 0x0cc4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:41:26.0234 0x0cc4  NetTcpPortSharing - ok
23:41:26.0297 0x0cc4  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
23:41:26.0297 0x0cc4  nfrd960 - ok
23:41:26.0328 0x0cc4  [ 843E337C1CDD282545ED7515345E263B, B0E485856FC1C28DA6C453BF60A04F603BA15D7B0D84896E878049198F2FD1C9 ] NlaSvc          C:\Windows\System32\nlasvc.dll
23:41:26.0328 0x0cc4  NlaSvc - ok
23:41:26.0359 0x0cc4  [ 351533ACC2A069B94E80BBFC177E8FDF, 54B2749E0496ECC94CE65657627762B485CBC825767BAEDDAD0D2598820FFB9E ] npf             C:\Windows\system32\drivers\npf.sys
23:41:26.0359 0x0cc4  npf - ok
23:41:26.0375 0x0cc4  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
23:41:26.0375 0x0cc4  Npfs - ok
23:41:26.0375 0x0cc4  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
23:41:26.0375 0x0cc4  nsi - ok
23:41:26.0390 0x0cc4  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
23:41:26.0390 0x0cc4  nsiproxy - ok
23:41:26.0453 0x0cc4  [ 48B6047F82D5A8D0AEC71593F4ACD79B, A96F91C1DFD1CBB17C05B5DAAC4956169380E988FB4223E4588FEF34C2BC5249 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
23:41:26.0515 0x0cc4  Ntfs - ok
23:41:26.0531 0x0cc4  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
23:41:26.0531 0x0cc4  Null - ok
23:41:26.0905 0x0cc4  [ 757ACE4D4C9FF0571F86AA5D586B45E8, E7F23CC1DE26E2DAA690B78B05FC001EE0051F0ED9B9BCE9E7FA4E9684D4F3D4 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
23:41:27.0233 0x0cc4  nvlddmkm - ok
23:41:27.0326 0x0cc4  [ D2FE0376285A783693469422678E878B, 9F0B1A6694CA7BDAAA3B26BE1D344A3FC7B98162518A259C273360EFF075CD75 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
23:41:27.0373 0x0cc4  NvNetworkService - ok
23:41:27.0404 0x0cc4  [ 445422B928D2FE322BB6B956EA77DC7B, 101D940D323BE6086FE0743B34C8717C573B07566334843E571CE6365BEE16D4 ] nvpciflt        C:\Windows\system32\DRIVERS\nvpciflt.sys
23:41:27.0404 0x0cc4  nvpciflt - ok
23:41:27.0420 0x0cc4  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
23:41:27.0420 0x0cc4  nvraid - ok
23:41:27.0436 0x0cc4  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
23:41:27.0451 0x0cc4  nvstor - ok
23:41:27.0919 0x0cc4  [ 4F0E2990DB12849D428DE7B0AC5D92B9, 77A058EFFE07E46F0DFF419DC1C204C245598E6A6F6EDFF545802D9C1573EAA0 ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
23:41:28.0153 0x0cc4  NvStreamSvc - ok
23:41:28.0200 0x0cc4  [ 1C7CC708AC4A02A3BE8915539780534A, 0EBDE100880963BF1EC05002BA244CA7700693E958D1974CDD2AC3927D93224F ] nvsvc           C:\Windows\system32\nvvsvc.exe
23:41:28.0247 0x0cc4  nvsvc - ok
23:41:28.0278 0x0cc4  [ 939C0FAE9CC0CDD69E6508BDE4C11FE5, 1E82FF4A8797A0EC5DF0E54DE7F358542C73FFFBECADDF86ED66839182E3B55D ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
23:41:28.0278 0x0cc4  nvvad_WaveExtensible - ok
23:41:28.0294 0x0cc4  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
23:41:28.0294 0x0cc4  nv_agp - ok
23:41:28.0309 0x0cc4  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
23:41:28.0309 0x0cc4  ohci1394 - ok
23:41:28.0356 0x0cc4  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:41:28.0356 0x0cc4  ose - ok
23:41:28.0512 0x0cc4  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
23:41:28.0652 0x0cc4  osppsvc - ok
23:41:28.0684 0x0cc4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
23:41:28.0699 0x0cc4  p2pimsvc - ok
23:41:28.0715 0x0cc4  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
23:41:28.0730 0x0cc4  p2psvc - ok
23:41:28.0746 0x0cc4  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
23:41:28.0746 0x0cc4  Parport - ok
23:41:28.0762 0x0cc4  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
23:41:28.0762 0x0cc4  partmgr - ok
23:41:28.0793 0x0cc4  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
23:41:28.0793 0x0cc4  PcaSvc - ok
23:41:28.0824 0x0cc4  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
23:41:28.0824 0x0cc4  pci - ok
23:41:28.0840 0x0cc4  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
23:41:28.0840 0x0cc4  pciide - ok
23:41:28.0855 0x0cc4  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
23:41:28.0871 0x0cc4  pcmcia - ok
23:41:28.0871 0x0cc4  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
23:41:28.0871 0x0cc4  pcw - ok
23:41:28.0902 0x0cc4  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
23:41:28.0918 0x0cc4  PEAUTH - ok
23:41:28.0980 0x0cc4  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
23:41:29.0027 0x0cc4  PeerDistSvc - ok
23:41:29.0120 0x0cc4  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
23:41:29.0120 0x0cc4  PerfHost - ok
23:41:29.0167 0x0cc4  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
23:41:29.0230 0x0cc4  pla - ok
23:41:29.0276 0x0cc4  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
23:41:29.0308 0x0cc4  PlugPlay - ok
23:41:29.0339 0x0cc4  [ 37F6046CDC630442D7DC087501FF6FC6, EFC0F3DA49839CA263CD95AE5015F4FC554D9D845A58A699C542C8C96E70ED3C ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
23:41:29.0339 0x0cc4  Pml Driver HPZ12 - ok
23:41:29.0339 0x0cc4  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
23:41:29.0354 0x0cc4  PNRPAutoReg - ok
23:41:29.0370 0x0cc4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
23:41:29.0370 0x0cc4  PNRPsvc - ok
23:41:29.0401 0x0cc4  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
23:41:29.0432 0x0cc4  PolicyAgent - ok
23:41:29.0464 0x0cc4  [ B2392DBB9085E39AAB5204BE92FB3AB0, BB7741859C9FB5B3DCA98DDC2869C05AD06DA896F5B0CA821D433C46463F8536 ] Power           C:\Windows\system32\umpo.dll
23:41:29.0464 0x0cc4  Power - ok
23:41:29.0510 0x0cc4  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
23:41:29.0510 0x0cc4  PptpMiniport - ok
23:41:29.0526 0x0cc4  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
23:41:29.0526 0x0cc4  Processor - ok
23:41:29.0557 0x0cc4  [ 5CCDC5AECAC81371CCCB77F0556C757F, A7A195C20B7316BDA795B03A1166DAE1892F96F471FBD9595AAACBDF035F42B4 ] ProfSvc         C:\Windows\system32\profsvc.dll
23:41:29.0557 0x0cc4  ProfSvc - ok
23:41:29.0573 0x0cc4  [ F021DAFB1F87616FCEBA159C2ED7042F, 87F4C80B0C490CFE0CE68E17F3D9FC2EC1ECF498C094AE1967F35FE12AEDC478 ] ProtectedStorage C:\Windows\system32\lsass.exe
23:41:29.0573 0x0cc4  ProtectedStorage - ok
23:41:29.0604 0x0cc4  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
23:41:29.0604 0x0cc4  Psched - ok
23:41:29.0666 0x0cc4  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
23:41:29.0729 0x0cc4  ql2300 - ok
23:41:29.0744 0x0cc4  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
23:41:29.0744 0x0cc4  ql40xx - ok
23:41:29.0776 0x0cc4  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
23:41:29.0776 0x0cc4  QWAVE - ok
23:41:29.0791 0x0cc4  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
23:41:29.0791 0x0cc4  QWAVEdrv - ok
23:41:29.0807 0x0cc4  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
23:41:29.0807 0x0cc4  RasAcd - ok
23:41:29.0838 0x0cc4  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
23:41:29.0838 0x0cc4  RasAgileVpn - ok
23:41:29.0869 0x0cc4  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
23:41:29.0869 0x0cc4  RasAuto - ok
23:41:29.0885 0x0cc4  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
23:41:29.0885 0x0cc4  Rasl2tp - ok
23:41:29.0900 0x0cc4  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
23:41:29.0916 0x0cc4  RasMan - ok
23:41:29.0932 0x0cc4  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
23:41:29.0932 0x0cc4  RasPppoe - ok
23:41:29.0947 0x0cc4  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
23:41:29.0947 0x0cc4  RasSstp - ok
23:41:29.0978 0x0cc4  [ DB854D79B792CBDD51F3072B44D724F0, 0FF84D8ECE098C28596B77F71582BC362FB23C671922544F847B659D52B9F8A9 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
23:41:29.0978 0x0cc4  rdbss - ok
23:41:29.0994 0x0cc4  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
23:41:29.0994 0x0cc4  rdpbus - ok
23:41:30.0025 0x0cc4  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
23:41:30.0025 0x0cc4  RDPCDD - ok
23:41:30.0041 0x0cc4  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
23:41:30.0056 0x0cc4  RDPDR - ok
23:41:30.0056 0x0cc4  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
23:41:30.0056 0x0cc4  RDPENCDD - ok
23:41:30.0072 0x0cc4  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
23:41:30.0072 0x0cc4  RDPREFMP - ok
23:41:30.0088 0x0cc4  [ 70CBA1A0C98600A2AA1863479B35CB90, 91A133297921B4955817176251AFC5283DA3C7D2099700C4C92ECC94DBE9A99E ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
23:41:30.0088 0x0cc4  RdpVideoMiniport - ok
23:41:30.0103 0x0cc4  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
23:41:30.0119 0x0cc4  RDPWD - ok
23:41:30.0150 0x0cc4  [ 9500266AFA2548D2812DC59D8C1D7BD3, 25FFD440B02D7D651B57133D94C95EB526F7189F3329060D004F28BA179BF89F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
23:41:30.0150 0x0cc4  rdyboost - ok
23:41:30.0166 0x0cc4  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
23:41:30.0181 0x0cc4  RemoteAccess - ok
23:41:30.0212 0x0cc4  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
23:41:30.0212 0x0cc4  RemoteRegistry - ok
23:41:30.0259 0x0cc4  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
23:41:30.0259 0x0cc4  RFCOMM - ok
23:41:30.0275 0x0cc4  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
23:41:30.0290 0x0cc4  RpcEptMapper - ok
23:41:30.0322 0x0cc4  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
23:41:30.0322 0x0cc4  RpcLocator - ok
23:41:30.0337 0x0cc4  [ F3EF088F45BE326B4EDAC8C1C5A35105, 6A8F992981AB68F811E3EF51545A0B0572A88C746472D24042646329B581F519 ] RpcSs           C:\Windows\system32\rpcss.dll
23:41:30.0353 0x0cc4  RpcSs - ok
23:41:30.0400 0x0cc4  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
23:41:30.0400 0x0cc4  rspndr - ok
23:41:30.0415 0x0cc4  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
23:41:30.0415 0x0cc4  s3cap - ok
23:41:30.0431 0x0cc4  [ F021DAFB1F87616FCEBA159C2ED7042F, 87F4C80B0C490CFE0CE68E17F3D9FC2EC1ECF498C094AE1967F35FE12AEDC478 ] SamSs           C:\Windows\system32\lsass.exe
23:41:30.0431 0x0cc4  SamSs - ok
23:41:30.0446 0x0cc4  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
23:41:30.0446 0x0cc4  sbp2port - ok
23:41:30.0478 0x0cc4  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
23:41:30.0493 0x0cc4  SCardSvr - ok
23:41:30.0509 0x0cc4  [ B41DECEAD362C198F3EA5169658A884E, 801BA4CD256D4CB70D0BE6C8D0235F01FF626A6C38331C8D9AC5ADF96D1C926E ] SCDEmu          C:\Windows\system32\drivers\SCDEmu.sys
23:41:30.0524 0x0cc4  SCDEmu - ok
23:41:30.0524 0x0cc4  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
23:41:30.0524 0x0cc4  scfilter - ok
23:41:30.0571 0x0cc4  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
23:41:30.0602 0x0cc4  Schedule - ok
23:41:30.0634 0x0cc4  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
23:41:30.0634 0x0cc4  SCPolicySvc - ok
23:41:30.0634 0x0cc4  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
23:41:30.0649 0x0cc4  SDRSVC - ok
23:41:30.0665 0x0cc4  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
23:41:30.0665 0x0cc4  secdrv - ok
23:41:30.0680 0x0cc4  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
23:41:30.0680 0x0cc4  seclogon - ok
23:41:30.0696 0x0cc4  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
23:41:30.0696 0x0cc4  SENS - ok
23:41:30.0712 0x0cc4  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
23:41:30.0712 0x0cc4  SensrSvc - ok
23:41:30.0727 0x0cc4  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
23:41:30.0727 0x0cc4  Serenum - ok
23:41:30.0758 0x0cc4  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
23:41:30.0758 0x0cc4  Serial - ok
23:41:30.0774 0x0cc4  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
23:41:30.0774 0x0cc4  sermouse - ok
23:41:30.0790 0x0cc4  [ F8F5016A8021390DFAF8782687B4F226, BF51874E3448F2800DCC74BDDCFD86D55C95B4B076DFAE61DD821A440BB0405E ] SessionEnv      C:\Windows\system32\sessenv.dll
23:41:30.0805 0x0cc4  SessionEnv - ok
23:41:30.0805 0x0cc4  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
23:41:30.0805 0x0cc4  sffdisk - ok
23:41:30.0805 0x0cc4  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
23:41:30.0805 0x0cc4  sffp_mmc - ok
23:41:30.0805 0x0cc4  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
23:41:30.0821 0x0cc4  sffp_sd - ok
23:41:30.0821 0x0cc4  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
23:41:30.0836 0x0cc4  sfloppy - ok
23:41:30.0868 0x0cc4  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
23:41:30.0883 0x0cc4  SharedAccess - ok
23:41:30.0899 0x0cc4  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:41:30.0914 0x0cc4  ShellHWDetection - ok
23:41:30.0930 0x0cc4  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
23:41:30.0946 0x0cc4  SiSRaid2 - ok
23:41:30.0961 0x0cc4  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
23:41:30.0961 0x0cc4  SiSRaid4 - ok
23:41:31.0008 0x0cc4  [ F07AF60B152221472FBDB2FECEC4896D, A18FDCE8462A48429E249C44F0E49F844F2E3A4B5215349DE104F34D935EF983 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
23:41:31.0008 0x0cc4  SkypeUpdate - ok
23:41:31.0039 0x0cc4  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
23:41:31.0039 0x0cc4  Smb - ok
23:41:31.0055 0x0cc4  [ 4A2972573225A2DE4DEC0AD68529DF0F, CA0F7AF29019B18C37AE2C31361C765AB4156F9E7C3E65237C7D68345D22C634 ] SmbDrvI         C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
23:41:31.0055 0x0cc4  SmbDrvI - ok
23:41:31.0086 0x0cc4  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
23:41:31.0102 0x0cc4  SNMPTRAP - ok
23:41:31.0102 0x0cc4  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
23:41:31.0102 0x0cc4  spldr - ok
23:41:31.0133 0x0cc4  [ B98780FA7839BB6B14823C56A7BDA35C, 7EF79A807DE9940A93BDE9E18CD83940773BCA26CA68646C76BC2F96B6DC2E5B ] Spooler         C:\Windows\System32\spoolsv.exe
23:41:31.0164 0x0cc4  Spooler - ok
23:41:31.0273 0x0cc4  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
23:41:31.0382 0x0cc4  sppsvc - ok
23:41:31.0398 0x0cc4  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
23:41:31.0414 0x0cc4  sppuinotify - ok
23:41:31.0445 0x0cc4  [ 20735E269DF367C76EF02DDE9C3FA477, 0D794D191A74406CCD62DCC270F9350981EE935488C61ADF168E98A712EE42B6 ] srv             C:\Windows\system32\DRIVERS\srv.sys
23:41:31.0460 0x0cc4  srv - ok
23:41:31.0476 0x0cc4  [ 6D1173EDC0D5C02ACE4BEA18F48E0746, BCDF818C079B3E90577AEEE7ECDA4DA2E54F0F393F5FFD26FD0D4793CE14038F ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
23:41:31.0492 0x0cc4  srv2 - ok
23:41:31.0492 0x0cc4  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
23:41:31.0492 0x0cc4  srvnet - ok
23:41:31.0507 0x0cc4  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
23:41:31.0523 0x0cc4  SSDPSRV - ok
23:41:31.0523 0x0cc4  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
23:41:31.0523 0x0cc4  SstpSvc - ok
23:41:31.0538 0x0cc4  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
23:41:31.0554 0x0cc4  stexstor - ok
23:41:31.0585 0x0cc4  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
23:41:31.0616 0x0cc4  stisvc - ok
23:41:31.0632 0x0cc4  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
23:41:31.0632 0x0cc4  storflt - ok
23:41:31.0663 0x0cc4  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
23:41:31.0663 0x0cc4  storvsc - ok
23:41:31.0679 0x0cc4  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
23:41:31.0679 0x0cc4  swenum - ok
23:41:31.0710 0x0cc4  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
23:41:31.0710 0x0cc4  swprv - ok
23:41:31.0741 0x0cc4  [ C3A39C4079305480972D29C44B868C78, 8F1BB75C743256F905EAEDE744B6082C53774C49126875FB4E4FBA30F5478B17 ] Synth3dVsc      C:\Windows\system32\drivers\synth3dvsc.sys
23:41:31.0741 0x0cc4  Synth3dVsc - ok
23:41:31.0772 0x0cc4  [ 157DFCD1E83E964A5074742AE2DFA0C1, D6F4567F42402938F54A1E482BAE3B02E1BD5AF3788835A63829A3652E5DDA67 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
23:41:31.0788 0x0cc4  SynTP - ok
23:41:31.0835 0x0cc4  [ 25E0900D1B452EDEB09B1F9B71195153, 96F47A96AA3510EBC67579806A679D82CF85709A1E041D026378E8F6DC0EB374 ] SysMain         C:\Windows\system32\sysmain.dll
23:41:31.0897 0x0cc4  SysMain - ok
23:41:31.0913 0x0cc4  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:41:31.0913 0x0cc4  TabletInputService - ok
23:41:31.0944 0x0cc4  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
23:41:31.0944 0x0cc4  TapiSrv - ok
23:41:31.0960 0x0cc4  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
23:41:31.0960 0x0cc4  TBS - ok
23:41:32.0038 0x0cc4  [ F55B41AA6114568AC558ADBABDA85620, CA41FC097A8661BD14EA599473CD0F5A201D1A4C2C6658668DB9CAA376408149 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
23:41:32.0084 0x0cc4  Tcpip - ok
23:41:32.0162 0x0cc4  [ F55B41AA6114568AC558ADBABDA85620, CA41FC097A8661BD14EA599473CD0F5A201D1A4C2C6658668DB9CAA376408149 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
23:41:32.0194 0x0cc4  TCPIP6 - ok
23:41:32.0209 0x0cc4  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
23:41:32.0209 0x0cc4  tcpipreg - ok
23:41:32.0225 0x0cc4  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
23:41:32.0225 0x0cc4  TDPIPE - ok
23:41:32.0225 0x0cc4  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
23:41:32.0225 0x0cc4  TDTCP - ok
23:41:32.0240 0x0cc4  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
23:41:32.0240 0x0cc4  tdx - ok
23:41:32.0256 0x0cc4  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
23:41:32.0256 0x0cc4  TermDD - ok
23:41:32.0272 0x0cc4  [ 2B5BDFF688EC9871D7EC5837833374E9, BD6C629FA2938987ABF95B790B20F0B7D4D023D5013E575F343A802D6213074E ] terminpt        C:\Windows\system32\drivers\terminpt.sys
23:41:32.0272 0x0cc4  terminpt - ok
23:41:32.0318 0x0cc4  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
23:41:32.0350 0x0cc4  TermService - ok
23:41:32.0350 0x0cc4  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
23:41:32.0365 0x0cc4  Themes - ok
23:41:32.0381 0x0cc4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
23:41:32.0381 0x0cc4  THREADORDER - ok
23:41:32.0396 0x0cc4  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
23:41:32.0412 0x0cc4  TrkWks - ok
23:41:32.0459 0x0cc4  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:41:32.0459 0x0cc4  TrustedInstaller - ok
23:41:32.0474 0x0cc4  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
23:41:32.0474 0x0cc4  tssecsrv - ok
23:41:32.0521 0x0cc4  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
23:41:32.0521 0x0cc4  TsUsbFlt - ok
23:41:32.0521 0x0cc4  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
23:41:32.0521 0x0cc4  TsUsbGD - ok
23:41:32.0537 0x0cc4  [ E1748D04AE40118B62BC18AC86032192, A954B141D1B27272C771D14F3B40C7CC1F572DD72559F2C96182EFBE2B095FDE ] tsusbhub        C:\Windows\system32\drivers\tsusbhub.sys
23:41:32.0552 0x0cc4  tsusbhub - ok
23:41:32.0662 0x0cc4  [ CDAD7034AF9562835F29FB50A5F54832, CEBEAAF387A6B6A7CE20839E29988F47A7CD381BEDD8B127ECD5E0548BCC68FA ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
23:41:32.0693 0x0cc4  TuneUp.UtilitiesSvc - ok
23:41:32.0724 0x0cc4  [ 45427C4B8CAC6B241478F149B935CD80, 7F772D6D00D1ADD394F5907804661C75780EE9F8DF21EF0719D3E4ABA00092B7 ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys
23:41:32.0724 0x0cc4  TuneUpUtilitiesDrv - ok
23:41:32.0771 0x0cc4  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
23:41:32.0771 0x0cc4  tunnel - ok
23:41:32.0802 0x0cc4  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
23:41:32.0802 0x0cc4  uagp35 - ok
23:41:32.0818 0x0cc4  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
23:41:32.0833 0x0cc4  udfs - ok
23:41:32.0864 0x0cc4  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
23:41:32.0864 0x0cc4  UI0Detect - ok
23:41:32.0864 0x0cc4  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
23:41:32.0864 0x0cc4  uliagpkx - ok
23:41:32.0896 0x0cc4  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
23:41:32.0896 0x0cc4  umbus - ok
23:41:32.0896 0x0cc4  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
23:41:32.0896 0x0cc4  UmPass - ok
23:41:32.0911 0x0cc4  [ BEBC13D55C302339B9350D9FF9EEFCB5, E8513D2D23D7F134BB4E3BFC85F87B802F4F2E411CCF33306023E5F8D54C5CFF ] UmRdpService    C:\Windows\System32\umrdp.dll
23:41:32.0911 0x0cc4  UmRdpService - ok
23:41:32.0942 0x0cc4  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
23:41:32.0958 0x0cc4  upnphost - ok
23:41:32.0958 0x0cc4  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
23:41:32.0958 0x0cc4  usbccgp - ok
23:41:32.0989 0x0cc4  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
23:41:32.0989 0x0cc4  usbcir - ok
23:41:33.0005 0x0cc4  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
23:41:33.0005 0x0cc4  usbehci - ok
23:41:33.0036 0x0cc4  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
23:41:33.0052 0x0cc4  usbhub - ok
23:41:33.0067 0x0cc4  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
23:41:33.0067 0x0cc4  usbohci - ok
23:41:33.0083 0x0cc4  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
23:41:33.0083 0x0cc4  usbprint - ok
23:41:33.0130 0x0cc4  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
23:41:33.0130 0x0cc4  usbscan - ok
23:41:33.0145 0x0cc4  [ ED08C252A0041F8FC0237BAB585BABDC, DF5948BCD5CEB5B69E1A0096465C069E233DB81F5524D7364FF3FCD1E5B28880 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:41:33.0161 0x0cc4  USBSTOR - ok
23:41:33.0176 0x0cc4  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
23:41:33.0176 0x0cc4  usbuhci - ok
23:41:33.0223 0x0cc4  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
23:41:33.0223 0x0cc4  usbvideo - ok
23:41:33.0254 0x0cc4  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
23:41:33.0254 0x0cc4  UxSms - ok
23:41:33.0270 0x0cc4  [ F021DAFB1F87616FCEBA159C2ED7042F, 87F4C80B0C490CFE0CE68E17F3D9FC2EC1ECF498C094AE1967F35FE12AEDC478 ] VaultSvc        C:\Windows\system32\lsass.exe
23:41:33.0270 0x0cc4  VaultSvc - ok
23:41:33.0301 0x0cc4  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
23:41:33.0301 0x0cc4  vdrvroot - ok
23:41:33.0332 0x0cc4  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
23:41:33.0348 0x0cc4  vds - ok
23:41:33.0364 0x0cc4  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
23:41:33.0364 0x0cc4  vga - ok
23:41:33.0379 0x0cc4  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
23:41:33.0379 0x0cc4  VgaSave - ok
23:41:33.0379 0x0cc4  VGPU - ok
23:41:33.0410 0x0cc4  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
23:41:33.0410 0x0cc4  vhdmp - ok
23:41:33.0426 0x0cc4  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
23:41:33.0426 0x0cc4  viaide - ok
23:41:33.0488 0x0cc4  [ 9A57B880B0F7AD01155B06741E073FBE, E4E8A6EFB340433012188A1BA763B072A1671796DFCC0336EAC529753BD73A5B ] vm332avs        C:\Windows\system32\Drivers\vm332avs.sys
23:41:33.0520 0x0cc4  vm332avs - ok
23:41:33.0535 0x0cc4  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
23:41:33.0535 0x0cc4  vmbus - ok
23:41:33.0551 0x0cc4  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
23:41:33.0551 0x0cc4  VMBusHID - ok
23:41:33.0566 0x0cc4  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
23:41:33.0582 0x0cc4  volmgr - ok
23:41:33.0598 0x0cc4  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
23:41:33.0613 0x0cc4  volmgrx - ok
23:41:33.0644 0x0cc4  [ DF83AA1C4278E2C0E36C0479C1555A9C, EA082BE4E38E22FD0C7D0A98DC227E2E33C0D87964D87276A2F56044656CD6F0 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
23:41:33.0660 0x0cc4  volsnap - ok
23:41:33.0676 0x0cc4  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
23:41:33.0676 0x0cc4  vsmraid - ok
23:41:33.0754 0x0cc4  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
23:41:33.0769 0x0cc4  VSS - ok
23:41:33.0785 0x0cc4  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
23:41:33.0785 0x0cc4  vwifibus - ok
23:41:33.0800 0x0cc4  [ 274804C8405091526F2AFFDE354D433A, 702E33C998C29A9C448F0C968527C8B769DC1CAB7AFC7D7A1506FBF96741D0FA ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
23:41:33.0800 0x0cc4  vwififlt - ok
23:41:33.0847 0x0cc4  [ FC7784CE50FD5C6A7555F9280B4542ED, B0A73E85C9CF36362E4449D86AE5EAFE6E4B159ABC89F4C9249DB531463710B0 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
23:41:33.0847 0x0cc4  vwifimp - ok
23:41:33.0863 0x0cc4  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
23:41:33.0878 0x0cc4  W32Time - ok
23:41:33.0878 0x0cc4  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
23:41:33.0878 0x0cc4  WacomPen - ok
23:41:33.0910 0x0cc4  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
23:41:33.0910 0x0cc4  WANARP - ok
23:41:33.0925 0x0cc4  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
23:41:33.0925 0x0cc4  Wanarpv6 - ok
23:41:33.0988 0x0cc4  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
23:41:34.0034 0x0cc4  WatAdminSvc - ok
23:41:34.0097 0x0cc4  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
23:41:34.0175 0x0cc4  wbengine - ok
23:41:34.0190 0x0cc4  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
23:41:34.0206 0x0cc4  WbioSrvc - ok
23:41:34.0222 0x0cc4  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
23:41:34.0237 0x0cc4  wcncsvc - ok
23:41:34.0237 0x0cc4  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:41:34.0237 0x0cc4  WcsPlugInService - ok
23:41:34.0268 0x0cc4  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
23:41:34.0268 0x0cc4  Wd - ok
23:41:34.0300 0x0cc4  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
23:41:34.0331 0x0cc4  Wdf01000 - ok
23:41:34.0346 0x0cc4  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
23:41:34.0362 0x0cc4  WdiServiceHost - ok
23:41:34.0362 0x0cc4  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
23:41:34.0362 0x0cc4  WdiSystemHost - ok
23:41:34.0378 0x0cc4  [ 1BABAABCB29B03CFA7BC30833963398E, A354415572EEEB6FD7847F0FAF07BB7772E761EA485CFF3FE7837706515E85A0 ] WebClient       C:\Windows\System32\webclnt.dll
23:41:34.0378 0x0cc4  WebClient - ok
23:41:34.0409 0x0cc4  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
23:41:34.0409 0x0cc4  Wecsvc - ok
23:41:34.0424 0x0cc4  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
23:41:34.0424 0x0cc4  wercplsupport - ok
23:41:34.0440 0x0cc4  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
23:41:34.0440 0x0cc4  WerSvc - ok
23:41:34.0471 0x0cc4  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
23:41:34.0471 0x0cc4  WfpLwf - ok
23:41:34.0502 0x0cc4  [ 10876CF165F20DF1CFE499A110553619, 4FC4A74D51B02AD606DD5BB21788B8945ED6758003C3B09AD834FE8F55174BEB ] WIBUKEY         C:\Windows\system32\DRIVERS\WibuKey64.sys
23:41:34.0502 0x0cc4  WIBUKEY - ok
23:41:34.0518 0x0cc4  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
23:41:34.0518 0x0cc4  WIMMount - ok
23:41:34.0549 0x0cc4  WinDefend - ok
23:41:34.0549 0x0cc4  WinHttpAutoProxySvc - ok
23:41:34.0612 0x0cc4  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
23:41:34.0612 0x0cc4  Winmgmt - ok
23:41:34.0690 0x0cc4  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
23:41:34.0768 0x0cc4  WinRM - ok
23:41:34.0830 0x0cc4  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
23:41:34.0830 0x0cc4  WinUsb - ok
23:41:34.0877 0x0cc4  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
23:41:34.0908 0x0cc4  Wlansvc - ok
23:41:34.0939 0x0cc4  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
23:41:34.0939 0x0cc4  WmiAcpi - ok
23:41:34.0970 0x0cc4  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
23:41:34.0970 0x0cc4  wmiApSrv - ok
23:41:35.0002 0x0cc4  WMPNetworkSvc - ok
23:41:35.0017 0x0cc4  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
23:41:35.0017 0x0cc4  WPCSvc - ok
23:41:35.0048 0x0cc4  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
23:41:35.0048 0x0cc4  WPDBusEnum - ok
23:41:35.0064 0x0cc4  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
23:41:35.0064 0x0cc4  ws2ifsl - ok
23:41:35.0080 0x0cc4  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
23:41:35.0080 0x0cc4  wscsvc - ok
23:41:35.0080 0x0cc4  WSearch - ok
23:41:35.0173 0x0cc4  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
23:41:35.0251 0x0cc4  wuauserv - ok
23:41:35.0298 0x0cc4  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
23:41:35.0298 0x0cc4  WudfPf - ok
23:41:35.0329 0x0cc4  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
23:41:35.0345 0x0cc4  WUDFRd - ok
23:41:35.0345 0x0cc4  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
23:41:35.0360 0x0cc4  wudfsvc - ok
23:41:35.0392 0x0cc4  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
23:41:35.0392 0x0cc4  WwanSvc - ok
23:41:35.0423 0x0cc4  ================ Scan global ===============================
23:41:35.0438 0x0cc4  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
23:41:35.0470 0x0cc4  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
23:41:35.0485 0x0cc4  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
23:41:35.0516 0x0cc4  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
23:41:35.0532 0x0cc4  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
23:41:35.0532 0x0cc4  [ Global ] - ok
23:41:35.0532 0x0cc4  ================ Scan MBR ==================================
23:41:35.0548 0x0cc4  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
23:41:35.0984 0x0cc4  \Device\Harddisk0\DR0 - ok
23:41:35.0984 0x0cc4  ================ Scan VBR ==================================
23:41:35.0984 0x0cc4  [ 7BE51A2E3A2D983CC6EAA22145B6F585 ] \Device\Harddisk0\DR0\Partition1
23:41:35.0984 0x0cc4  \Device\Harddisk0\DR0\Partition1 - ok
23:41:35.0984 0x0cc4  [ 615B8AFFC4D45C0EC2B3E896DA89E245 ] \Device\Harddisk0\DR0\Partition2
23:41:36.0000 0x0cc4  \Device\Harddisk0\DR0\Partition2 - ok
23:41:36.0000 0x0cc4  [ 87728A7BE9B5106861F5796C1EADD013 ] \Device\Harddisk0\DR0\Partition3
23:41:36.0000 0x0cc4  \Device\Harddisk0\DR0\Partition3 - ok
23:41:36.0016 0x0cc4  [ 649EF544858FBDB66001562D6AC43230 ] \Device\Harddisk0\DR0\Partition4
23:41:36.0031 0x0cc4  \Device\Harddisk0\DR0\Partition4 - ok
23:41:36.0047 0x0cc4  [ 92C6D3990682D7A33B710E004B9B3210 ] \Device\Harddisk0\DR0\Partition5
23:41:36.0047 0x0cc4  \Device\Harddisk0\DR0\Partition5 - ok
23:41:36.0062 0x0cc4  [ 02F7CDAE29AA5C06C55EF48791815FB6 ] \Device\Harddisk0\DR0\Partition6
23:41:36.0062 0x0cc4  \Device\Harddisk0\DR0\Partition6 - ok
23:41:36.0062 0x0cc4  Waiting for KSN requests completion. In queue: 316
23:41:37.0076 0x0cc4  Waiting for KSN requests completion. In queue: 316
23:41:38.0106 0x0cc4  Waiting for KSN requests completion. In queue: 316
23:41:39.0120 0x0cc4  Waiting for KSN requests completion. In queue: 316
23:41:40.0134 0x0cc4  Waiting for KSN requests completion. In queue: 316
23:41:41.0148 0x0cc4  Waiting for KSN requests completion. In queue: 316
23:41:42.0162 0x0cc4  Waiting for KSN requests completion. In queue: 316
23:41:43.0176 0x0cc4  Waiting for KSN requests completion. In queue: 316
23:41:44.0190 0x0cc4  Waiting for KSN requests completion. In queue: 316
23:41:45.0204 0x0cc4  Waiting for KSN requests completion. In queue: 306
23:41:46.0218 0x0cc4  Waiting for KSN requests completion. In queue: 306
23:41:47.0232 0x0cc4  Waiting for KSN requests completion. In queue: 306
23:41:48.0246 0x0cc4  Waiting for KSN requests completion. In queue: 306
23:41:49.0260 0x0cc4  Waiting for KSN requests completion. In queue: 306
23:41:50.0274 0x0cc4  Waiting for KSN requests completion. In queue: 306
23:41:51.0288 0x0cc4  Waiting for KSN requests completion. In queue: 306
23:41:52.0302 0x0cc4  Waiting for KSN requests completion. In queue: 306
23:41:53.0316 0x0cc4  Waiting for KSN requests completion. In queue: 306
23:41:54.0424 0x0cc4  AV detected via SS2: AVG Internet Security 2014, C:\Program Files (x86)\AVG\AVG2014\avgwsc.exe ( 14.0.0.4563 ), 0x41000 ( enabled : updated )
23:41:54.0424 0x0cc4  FW detected via SS2: AVG Internet Security 2014, C:\Program Files (x86)\AVG\AVG2014\avgwsc.exe ( 14.0.0.4563 ), 0x41010 ( enabled )
23:41:57.0825 0x0cc4  ============================================================
23:41:57.0825 0x0cc4  Scan finished
23:41:57.0825 0x0cc4  ============================================================
23:41:57.0825 0x0e50  Detected object count: 0
23:41:57.0825 0x0e50  Actual detected object count: 0
23:42:09.0525 0x0d08  Deinitialize success
 

 

Adw Cleaner Log

 

# AdwCleaner v3.207 - Report created 09/05/2014 at 23:48:27
# Updated 05/05/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Viknesh - VIKNESH-PC
# Running from : D:\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files (x86)\SearchProtect
Folder Deleted : C:\Users\Viknesh\AppData\Local\SearchProtect
Folder Deleted : C:\Users\Viknesh\AppData\Local\Software
Folder Deleted : C:\Users\Viknesh\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf
Folder Deleted : C:\Users\Viknesh\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh
File Deleted : C:\Users\Viknesh\AppData\Roaming\Mozilla\Firefox\Profiles\3k3bglp5.default\user.js

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A1CCCE0D-AE21-42A2-BE58-8E6109410995}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\Software\AVG Secure Search

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16521


-\\ Mozilla Firefox v29.0 (en-US)

[ File : C:\Users\Viknesh\AppData\Roaming\Mozilla\Firefox\Profiles\3k3bglp5.default\prefs.js ]


-\\ Google Chrome v

[ File : C:\Users\Viknesh\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Extension] : bpegkgagfojjbcpkihigfmkojdmmimdf
Deleted [Extension] : ehgldbbpchgpcfagfpfjgoomddhccfgh

*************************

AdwCleaner[R0].txt - [1869 octets] - [09/05/2014 23:46:50]
AdwCleaner[S0].txt - [1816 octets] - [09/05/2014 23:48:27]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1876 octets] ##########
 

 

JRT Log

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Ultimate x64
Ran by Viknesh on 09-05-2014 at 23:54:36.85
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Successfully deleted: [File] C:\Users\Viknesh\AppData\Roaming\mozilla\firefox\profiles\3k3bglp5.default\searchplugins\youtube-video-search.xml
Emptied folder: C:\Users\Viknesh\AppData\Roaming\mozilla\firefox\profiles\3k3bglp5.default\minidumps [6 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 10-05-2014 at  0:12:05.24
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

Malware Bytes found NO THREATS and its LOG

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 10-05-2014
Scan Time: 12:34:39:AM
Logfile: MBAM.txt
Administrator: Yes

Version: 2.00.1.1004
Malware Database: v2014.05.09.10
Rootkit Database: v2014.03.27.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Chameleon: Enabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Viknesh

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 288954
Time Elapsed: 20 min, 43 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

 

 



BC AdBot (Login to Remove)

 


m

#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,246 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:51 PM

Posted 09 May 2014 - 03:37 PM

Welcome, go into Control Panel.. Uninstall and remove any of these found.

Java 7 Update 45 (64-bit) (Version: 7.0.450)
flash-Enhancer, SafeSaver
Video Player
Convert Files for Free
Plus-HD 1.3
BetterSurf
Media Player 1.1
PassShow
LyricsBuddy-1
YutubeAdBlock 1.2
Media Player 1.1
Savings Bull

And anything elso you do not recocognize.

Restart


You will also need to go into your Browser's Add-ons or extentions and remove or Disable them there.



Download RogueKiller from one of the following links and save it to your desktop:
  • Link 1
  • Link 2
    • Close all programs and disconnect any USB or external drives before running the tool.
    • Double-click RogueKiller.exe to run the tool (Vista or 7 users: Right-click and select Run As Administrator).
    • Once the Prescan has finished, click Scan.
    • Once the Status box shows "Scan Finished", click the Delete button.
    • Copy and paste the report that opens into your next reply.
      • The log can also be found on your desktop labeled (RKreport[X]_D_xxdatexx_xtimex)
      • The highest number of [X], is the most recent Delete

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 viknesh

viknesh
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:12:21 AM

Posted 09 May 2014 - 11:37 PM

Thank you for your reply. I removed Java update 45 and I didn't find any other unwanted programes or addons listed.

 

Here is my RogueKiller report

 

RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Viknesh [Admin rights]
Mode : Scan -- Date : 05/10/2014 10:03:03
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 14 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> FOUND
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowUser (0) -> FOUND
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyPics (0) -> FOUND
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> FOUND
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowHelp (0) -> FOUND
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection :  ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1                   www.happy-digital.com


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST9500325AS ATA Device +++++
--- User ---
[MBR] 7d844ae4fbafeb998d9905fb564fe3a2
[BSP] 298218646bcee8f6399e4a1166b9869b : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 200 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 411648 | Size: 102403 MB
2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 210134977 | Size: 374335 MB
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[0]_S_05102014_100303.txt >>



 



#4 viknesh

viknesh
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:12:21 AM

Posted 09 May 2014 - 11:51 PM

boopme awaiting your reply. This crazy little thing is now showing update notification for this website also :( Firefox not working anymore. Chrome is working but facebook is not loading. Several unknown processes are going on in taskmgr, Please help  :killcomp:


Edited by viknesh, 10 May 2014 - 08:46 AM.


#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,246 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:51 PM

Posted 10 May 2014 - 09:53 AM

I would like to see this now.

Please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 viknesh

viknesh
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:12:21 AM

Posted 10 May 2014 - 11:49 AM

New Update. A torjan horse zbot.g found by avg in system volume information folder in C drive in my desktop computer. But it couldn't remove it. And the boot kits are found in each scan. Here is my farbar service scanner log... 

 

 

Farbar Service Scanner Version: 03-05-2014
Ran by Viknesh (administrator) on 10-05-2014 at 22:18:21
Running from "D:\"
Microsoft Windows 7 Ultimate  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
 
System Restore Disabled Policy: 
========================
 
 
Action Center:
============
 
 
Windows Update:
============
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.
 
 
Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
 
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll
[2014-01-26 18:40] - [2014-01-26 18:40] - 0317952 ____A (Microsoft Corporation) 3249F4E4DBF1BD24B40DFF385F2511D4
 
C:\Windows\System32\drivers\afd.sys
[2014-01-26 18:30] - [2014-01-26 18:30] - 0496128 ____A (Microsoft Corporation) 50AB05903CBEF298D135A943D4432E3C
 
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2014-01-26 18:48] - [2014-01-26 18:48] - 1897408 ____A (Microsoft Corporation) F55B41AA6114568AC558ADBABDA85620
 
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll
[2014-01-26 20:14] - [2014-01-26 20:14] - 0706560 ____A (Microsoft Corporation) F513F0CE75F873A0050A34379A8E76B5
 
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe
[2014-01-26 18:42] - [2014-01-26 18:42] - 0027136 ____A (Microsoft Corporation) DFDE777FAF31DC25E3624E8071073146
 
C:\Windows\System32\rpcss.dll => MD5 is legit
 
 
**** End of log ****


#7 Randomizer

Randomizer

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:02:51 PM

Posted 10 May 2014 - 03:10 PM

Hello:

 

first time poster

 

had the same problem.  flashing firmware and changing admin password on the router helped but still getting popups on one machine.



#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,246 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:51 PM

Posted 10 May 2014 - 08:23 PM

Ok let's do this....

Empty your temp folders using TFC (Temporary File Cleaner)
  • Please download TFC by Old Timer and save it to your desktop.
    alternate download link
  • Save any unsaved work. (TFC will close ALL open programs including your browser!)
  • Double-click on TFC.exe to run it. (If you are using Vista, right-click on the file and choose "Run As Administrator".)
  • Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
  • Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway allowing Windows to load normally (not into Safe Mode) to ensure a complete clean.
Again..

Download RogueKiller from one of the following links and save it to your desktop:
  • Link 1
  • Link 2
    • Close all programs and disconnect any USB or external drives before running the tool.
    • Double-click RogueKiller.exe to run the tool (Vista or 7 users: Right-click and select Run As Administrator).
    • Once the Prescan has finished, click Scan.
    • Once the Status box shows "Scan Finished", just close the program. <--Don't fix anything!
    • Copy and paste the report that opens into your next reply.
      • The log can also be found on your desktop labeled (RKreport[X]_S_xxdatexx_xtimex)
      • The highest number of [X], is the most recent Scan

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 viknesh

viknesh
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:12:21 AM

Posted 11 May 2014 - 01:06 AM

Ok. Usually I will clean my computer with ccleaner every night. Now I also cleaned it with Temp File Cleaner.

 

Rogue Killer Report

 

RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software

 
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Viknesh [Admin rights]
Mode : Scan -- Date : 05/11/2014 11:30:54
| ARK || FAK || MBR |
 
¤¤¤ Bad processes : 0 ¤¤¤
 
¤¤¤ Registry Entries : 11 ¤¤¤
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyDocs (0) -> FOUND
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowUser (0) -> FOUND
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyPics (0) -> FOUND
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> FOUND
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowControlPanel (0) -> FOUND
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowHelp (0) -> FOUND
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowPrinters (0) -> FOUND
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> FOUND
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
 
¤¤¤ Scheduled tasks : 0 ¤¤¤
 
¤¤¤ Startup Entries : 0 ¤¤¤
 
¤¤¤ Web browsers : 0 ¤¤¤
 
¤¤¤ Browser Addons : 0 ¤¤¤
 
¤¤¤ Particular Files / Folders: ¤¤¤
 
¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
 
¤¤¤ External Hives: ¤¤¤
 
¤¤¤ Infection :  ¤¤¤
 
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
 
 
127.0.0.1 localhost
 
 
¤¤¤ MBR Check: ¤¤¤
 
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST9500325AS ATA Device +++++
--- User ---
[MBR] 7d844ae4fbafeb998d9905fb564fe3a2
[BSP] 298218646bcee8f6399e4a1166b9869b : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 200 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 411648 | Size: 102403 MB
2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 210134977 | Size: 374335 MB
User = LL1 ... OK!
User = LL2 ... OK!
 
Finished : << RKreport[0]_S_05112014_113054.txt >>


#10 viknesh

viknesh
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:12:21 AM

Posted 12 May 2014 - 12:13 PM

Thank for your help so far boopme :) I believe that you couldn't figure out my infections from my logs. But I have managed to remove the malwares :) Seems like desktop is the source of infection :) After trying your steps I scanned with Unhack me and Hiitman pro. Unhackme found truesight.sys on my desktop computer. I removed it and deleted some more suspisions. I also resetted my modem and changed the password. Its one day now and no redirects till now. I will update if I get anymore redirects :) Thank you again :) :bananas: :bananas:

 

Now my only problem is that I have UAC enabled in Windows 7 and AVG, Malware Bytes, Hitman Pro and Unhack Me running in starup. Is it necessary to have all these in start up? and may I disable the UAC? I hate it :) :guitar: :guitar:


Edited by viknesh, 12 May 2014 - 12:47 PM.


#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,246 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:51 PM

Posted 13 May 2014 - 11:52 AM

Hi Sorry A personal issue came up... Lets just also run the Roguekiller clean. just to be sure.
  • Close all programs and disconnect any USB or external drives before running the tool.
  • Double-click RogueKiller.exe to run the tool again (Vista or 7 users: Right-click and select Run As Administrator).
  • Once the Prescan has finished, click Scan.
  • Once the Status box shows "Scan Finished", this time click the Delete button.
  • Copy and paste the report that opens into your next reply.
    • The log can also be found on your desktop labeled (RKreport[X]_D_xxdatexx_xtimex)
    • The highest number of [X], is the most recent Delete
Well AVG is your Antivirus so you may want that.. The rest /.. If you uninstall them in Control Panel it will remove the start up..
 
Turn User Account Control on or off
These types of changes can affect the security of your computer or can affect settings for other people that use the computer.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#12 viknesh

viknesh
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:12:21 AM

Posted 14 May 2014 - 11:01 AM

Here it is :)

 

 

RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Viknesh [Admin rights]
Mode : Scan -- Date : 05/14/2014 08:42:25
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 8 ¤¤¤
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowUser (0) -> FOUND
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyPics (0) -> FOUND
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> FOUND
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowHelp (0) -> FOUND
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowPrinters (0) -> FOUND
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> FOUND
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection :  ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1    localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST9500325AS ATA Device +++++
--- User ---
[MBR] 7d844ae4fbafeb998d9905fb564fe3a2
[BSP] 298218646bcee8f6399e4a1166b9869b : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 200 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 411648 | Size: 102403 MB
2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 210134977 | Size: 374335 MB
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[0]_S_05142014_084225.txt >>



 



#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,246 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:51 PM

Posted 14 May 2014 - 12:07 PM

Hi, are you doing this step as it is not showing cleaned?
 
Once the Status box shows "Scan Finished", this time click the Delete button.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#14 scarso

scarso

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:08:51 PM

Posted 24 May 2014 - 02:36 AM

hi there, first time poster and totally computer noob, but here is my 2 cents: check your DNS server, that address u put (23.253.94.129) seems to be a DNS used by a recent routers attack. 

As i know (i don't know much about computers and routers) you should change it and put pubblic DNS or other trsusty ones...

cheers



#15 smk1926

smk1926

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:09:51 PM

Posted 28 May 2014 - 08:46 AM

Hi all,

 

All started from here. 

 

Wireless LAN adapter Wireless Network Connection:

 

..................

 

 

   DNS Servers . . . . . . . . . . . : 23.253.94.129

                                       8.8.8.8

 

 

The first entry is your primary DNS server and the second is your secondary one. The 23.253.94.129 is a malicious DNS server that resolves what ever sites the atacker chooses to whatever IP he likes. Those fake site IPs distribute malware such as the one that pops up in your screen. The other one is the  open Google DNS server that exists there in the case that the attackers decide temporarily to  go offline or to resolve other sites that attackers do not target.

 

I am glad that you do not have any issues since you took the above steps however I would like to stress out that it sounds that you have a serious router security flaw. That means that even if you have changedd your admin password there are exploits that can retrieve the new one and all will happen again. 

 

The most crucial thing is to disable the access to your router 's web interface from the internet and take actions either to update your firmware or give some temporary but effective solution to the problem.

 

Could you please post your router's model

 

Stergios


Edited by smk1926, 28 May 2014 - 08:52 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users