Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

jmp9 / interyield virus


  • Please log in to reply
5 replies to this topic

#1 EGuidoSoda

EGuidoSoda

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:26 PM

Posted 28 May 2014 - 06:49 PM

Hi - Ben M. here; new to the group and my computer is infected with the jmp9 virus (interyield).  What's so damn frustratng about it is that I got it from StubHub while looking for tickets to a Braves game.  WTF?!?

 

Per the instructions from a previous poster, below are the logs I got from running TDSSKILLER, ESET and MiniToolBox.  Please let me know as it seems to be going from relatively benign to hijacking after almost every couple of mouse clicks.  Thanks!:

 

 

MiniToolBox by Farbar  Version: 23-01-2014
Ran by BM9984 (administrator) on 28-05-2014 at 18:19:03
Running from "C:\Users\bm9984\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6OIK922I"
Microsoft Windows 7 Professional  Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

10.201.103.106  bhlusbip  bhlusbip.na.bidbw.com
10.201.100.115  bid-us
10.163.5.25 SPEECHACCESS
10.163.6.3      CLTNT
10.163.4.4      S10A6755
10.163.4.4      QS10A6755
10.163.6.7 NOTES01
10.163.6.10 fastiron
10.163.6.11 NAS
10.163.6.12     PAYROLLNT
10.163.6.13     SVLNOTES
10.163.6.14 kpicubes
10.163.6.15 EOMP
10.163.6.16 cognos
10.163.6.18 LUCY
10.163.6.19 SERVICE
10.163.6.22     SISNT
10.163.6.27 ipswitch
10.163.6.58 bluecoat
10.163.6.109 BOSS
10.163.6.109 securityboss
10.163.7.5 SALESLINK
10.163.7.6 SALESWEB
10.163.7.8 IMAGESERVER
10.163.7.9 IMAGEWEB
10.163.7.11 SALESTEST
10.163.6.26     SALESQA
10.200.7.62 SECURITY-CLT
10.163.6.28 NASBACKUP
10.163.11.2     GBONT
10.163.12.2     ASHNT
10.163.13.2     COLNT
10.163.14.2     HKYNT
10.163.15.2 GVLNT
10.163.19.2 MONNT
10.163.20.2 GBOLIFT
10.163.24.2 SVLNT
10.163.27.2 ROANT
10.163.32.2 CLTLIFT
10.163.32.6 GM-SERVER
10.163.33.2 DILNT
10.163.34.2     SVLPAINT
10.163.61.2 ghostsrv
10.163.63.250 cat504.sc.cat.com
10.163.4.30 cats68.sc.cat.com
10.163.63.250 d09-p.sc.cat.com
192.56.231.131  CAROLINATRACTOR.COM
192.56.231.131  www.CAROLINATRACTOR.COM
10.163.63.250   dbsprod
10.201.100.116 USBHCHAP009
10.201.100.118 NABHCHAP07
10.201.100.117 NABHCHAP08
10.201.100.111 NABHCHDC01
10.201.100.112 USBHCHDC002
10.201.100.122 USBHCHDC001
10.201.100.113 USBHCHDC003
10.201.100.114 USBHCHAP001
10.201.100.93 USBHCHIXOS001

10.201.103.67 BHLUSCMD BHLUSCMD.NA.BIDBW.COM
10.201.103.102  bhluscmt  bhluscmt.na.bidbw.com
10.201.103.105 BHLUSCMP BHLUSCMP.NA.BIDBW.COM
10.201.103.66 BHLUSCA1 BHLUSCA1.NA.BIDBW.COM
10.201.103.86 BHLUSCA2 BHLUSCA2.NA.BIDBW.COM
10.201.103.100 BHLUSBIS BHLUSBIS.NA.BIDBW.COM
10.201.103.98   bhlusbid        bhlusbid.na.bidbw.com
10.201.103.103  bhlusbit        bhlusbit.na.bidbw.com 
10.201.103.106  bhlusbip        bhlusbip.na.bidbw.com
10.201.100.99 bhlusdv1 bhlusdv1.na.bidbw.com
10.201.100.100 bhlustt1 bhlustt1.na.bidbw.com
10.201.100.101 sappr1  sappr1.na.bidbw.com
10.201.103.68 bhlusmmd bhlusmmd.na.bidbw.com
10.201.103.104  bhlusmmt bhlusmmt.na.bidbw.com
10.201.103.101  bhlusmmp bhlusmmp.na.bidbw.com

127.0.0.1       localhost
127.0.0.1 localhosts

========================= IP Configuration: ================================

Dell Wireless 1506 802.11b/g/n (2.4GHz) = Wireless Network Connection 4 (Connected)
Cisco AnyConnect VPN Virtual Miniport Adapter for Windows = Local Area Connection 2 (Hardware not present)
Intel® Ethernet Connection I217-LM = Local Area Connection 3 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 5 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 6 (Media disconnected)
Dell Wireless 5630 (EVDO-HSPA) Mobile Broadband Mini-Card (Composite WWAN Device) Network Adapter = Mobile Broadband Connection 3 (Media disconnected)

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set interface interface="Local Area Connection 2" forwarding=enabled advertise=enabled metric=1 nud=enabled

popd
# End of IPv4 configuration

 

Windows IP Configuration

   Host Name . . . . . . . . . . . . :
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : 
                                       launchmodem.com

Mobile Broadband adapter Mobile Broadband Connection 3:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Dell Wireless 5630 (EVDO-HSPA) Mobile Broadband Mini-Card (Composite WWAN Device) Network Adapter #3
   Physical Address. . . . . . . . . : 00-A0-C6-00-00-00
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 6:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
   Physical Address. . . . . . . . . : 2A-EE-65-0D-73-52
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 5:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : 3A-EE-65-0D-73-52
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 4:

   Connection-specific DNS Suffix  . : launchmodem.com
   Description . . . . . . . . . . . : Dell Wireless 1506 802.11b/g/n (2.4GHz)
   Physical Address. . . . . . . . . : B8-EE-65-0D-73-52
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::80:a028:d694:e778%21(Preferred)
   IPv4 Address. . . . . . . . . . . : 10.10.10.1(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Monday, May 26, 2014 10:07:33 AM
   Lease Expires . . . . . . . . . . : Thursday, May 29, 2014 8:39:23 AM
   Default Gateway . . . . . . . . . : 10.10.10.101
   DHCP Server . . . . . . . . . . . : 10.10.10.101
   DHCPv6 IAID . . . . . . . . . . . : 489218887
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-B7-F5-97-D4-BE-D9-4C-C9-72
   DNS Servers . . . . . . . . . . . : 192.168.1.254
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection 3:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Intel® Ethernet Connection I217-LM
   Physical Address. . . . . . . . . : EC-F4-BB-28-6E-57
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.carolinatractor.com:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{09F53624-6A0A-48A5-887C-69EFF62D8699}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:90d7:8bd:39a4:b50d:cc0e(Preferred)
   Link-local IPv6 Address . . . . . : fe80::8bd:39a4:b50d:cc0e%13(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{223A6312-D5B5-463C-B9F1-2D17DB4A0DCE}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{8B73B7CF-AEC0-4CA6-8907-445CDDAE12D4}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.launchmodem.com:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : launchmodem.com
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  launchmodem
Address:  192.168.1.254

Name:    google.com
Addresses:  2607:f8b0:4002:c01::71
   173.194.37.39
   173.194.37.36
   173.194.37.35
   173.194.37.33
   173.194.37.41
   173.194.37.37
   173.194.37.40
   173.194.37.38
   173.194.37.32
   173.194.37.46
   173.194.37.34

Pinging google.com [173.194.37.39] with 32 bytes of data:
Reply from 173.194.37.39: bytes=32 time=35ms TTL=50
Reply from 173.194.37.39: bytes=32 time=35ms TTL=50

Ping statistics for 173.194.37.39:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 35ms, Maximum = 35ms, Average = 35ms
Server:  launchmodem
Address:  192.168.1.254

Name:    yahoo.com
Addresses:  206.190.36.45
   98.139.183.24
   98.138.253.109

Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=143ms TTL=43
Reply from 206.190.36.45: bytes=32 time=144ms TTL=43

Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 143ms, Maximum = 144ms, Average = 143ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 24...00 a0 c6 00 00 00 ......Dell Wireless 5630 (EVDO-HSPA) Mobile Broadband Mini-Card (Composite WWAN Device) Network Adapter #3
 23...2a ee 65 0d 73 52 ......Microsoft Virtual WiFi Miniport Adapter #2
 22...3a ee 65 0d 73 52 ......Microsoft Virtual WiFi Miniport Adapter
 21...b8 ee 65 0d 73 52 ......Dell Wireless 1506 802.11b/g/n (2.4GHz)
 20...ec f4 bb 28 6e 57 ......Intel® Ethernet Connection I217-LM
  1...........................Software Loopback Interface 1
 43...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 28...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 26...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
 29...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
 44...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0     10.10.10.101       10.10.10.1     25
       10.10.10.0    255.255.255.0         On-link        10.10.10.1    281
       10.10.10.1  255.255.255.255         On-link        10.10.10.1    281
     10.10.10.255  255.255.255.255         On-link        10.10.10.1    281
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link        10.10.10.1    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link        10.10.10.1    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 13     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 13     58 2001::/32                On-link
 13    306 2001:0:9d38:90d7:8bd:39a4:b50d:cc0e/128
                                    On-link
 21    281 fe80::/64                On-link
 13    306 fe80::/64                On-link
 21    281 fe80::80:a028:d694:e778/128
                                    On-link
 13    306 fe80::8bd:39a4:b50d:cc0e/128
                                    On-link
  1    306 ff00::/8                 On-link
 13    306 ff00::/8                 On-link
 21    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 32 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 33 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 34 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 35 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 36 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 37 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 38 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 39 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 40 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 41 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 42 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 43 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 44 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 45 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 46 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 47 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 48 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 49 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 50 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 51 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 52 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 53 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 54 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 55 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 56 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 57 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 58 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 59 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 60 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 61 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 62 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 63 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 64 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 65 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 66 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 67 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 68 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/28/2014 11:12:19 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (05/27/2014 09:07:00 AM) (Source: dwmrcs) (User: )
Description: Error:
DameWare Mini Remote Control
Error setsockopt (IP_DROP_MEMBERSHIP)

System Error: 10049
System Message: The requested address is not valid in its context.

 (srv 32 bit)

Error: (05/27/2014 09:07:00 AM) (Source: dwmrcs) (User: )
Description: Error:
DameWare Mini Remote Control
Error setsockopt (IP_ADD_MEMBERSHIP)

System Error: 10022
System Message: An invalid argument was supplied.

 (srv 32 bit)

Error: (05/27/2014 04:47:11 AM) (Source: dwmrcs) (User: )
Description: Error:
DameWare Mini Remote Control
Error setsockopt (IP_DROP_MEMBERSHIP)

System Error: 10049
System Message: The requested address is not valid in its context.

 (srv 32 bit)

Error: (05/27/2014 04:47:08 AM) (Source: dwmrcs) (User: )
Description: Error:
DameWare Mini Remote Control
Error setsockopt (IP_ADD_MEMBERSHIP)

System Error: 10022
System Message: An invalid argument was supplied.

 (srv 32 bit)

Error: (05/23/2014 07:34:36 PM) (Source: dwmrcs) (User: )
Description: Error:
DameWare Mini Remote Control
Error setsockopt (IP_DROP_MEMBERSHIP)

System Error: 10049
System Message: The requested address is not valid in its context.

 (srv 32 bit)

Error: (05/23/2014 05:18:16 PM) (Source: dwmrcs) (User: )
Description: Error:
DameWare Mini Remote Control
Error setsockopt (IP_ADD_MEMBERSHIP)

System Error: 10065
System Message: A socket operation was attempted to an unreachable host.

 (srv 32 bit)

Error: (05/22/2014 07:46:54 AM) (Source: dwmrcs) (User: )
Description: Error:
DameWare Mini Remote Control
Error setsockopt (IPV6_ADD_MEMBERSHIP)

System Error: 10022
System Message: An invalid argument was supplied.

 (srv 32 bit)

Error: (05/21/2014 09:36:57 AM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 9.0.8112.16545, time stamp: 0x531a4f73
Faulting module name: AcroRd32.dll_unloaded, version: 0.0.0.0, time stamp: 0x4c9b259e
Exception code: 0xc0000005
Fault offset: 0x125dcc37
Faulting process id: 0x16e0
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (05/19/2014 09:30:37 AM) (Source: Brother BrLog) (User: )
Description: WDLMW BrtWDLMW: [2014/05/19 09:30:37.653]: [00005080]: lperrcode->api = 1 , lperrcode->code = 2

System errors:
=============
Error: (05/28/2014 03:34:50 PM) (Source: Microsoft-Windows-GroupPolicy) (User: CLTD1)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.

Error: (05/28/2014 02:13:47 PM) (Source: Microsoft-Windows-GroupPolicy) (User: NT AUTHORITY)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.

Error: (05/28/2014 00:18:23 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

 New Signature Version:

 Previous Signature Version: 1.173.2417.0

 Update Source: %NT AUTHORITY51

 Update Stage: 4.4.0304.00

 Source Path: 4.4.0304.01

 Signature Type: %NT AUTHORITY602

 Update Type: %NT AUTHORITY604

 User: NT AUTHORITY\NETWORK SERVICE

 Current Engine Version: %NT AUTHORITY605

 Previous Engine Version: %NT AUTHORITY606

 Error code: %NT AUTHORITY607

 Error description: %NT AUTHORITY608

Error: (05/28/2014 00:18:23 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

 New Signature Version:

 Previous Signature Version: 1.173.2417.0

 Update Source: %NT AUTHORITY51

 Update Stage: 4.4.0304.00

 Source Path: 4.4.0304.01

 Signature Type: %NT AUTHORITY602

 Update Type: %NT AUTHORITY604

 User: NT AUTHORITY\NETWORK SERVICE

 Current Engine Version: %NT AUTHORITY605

 Previous Engine Version: %NT AUTHORITY606

 Error code: %NT AUTHORITY607

 Error description: %NT AUTHORITY608

Error: (05/28/2014 00:17:53 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

 New Signature Version:

 Previous Signature Version: 1.173.2417.0

 Update Source: %NT AUTHORITY59

 Update Stage: 4.4.0304.00

 Source Path: 4.4.0304.01

 Signature Type: %NT AUTHORITY602

 Update Type: %NT AUTHORITY604

 User: NT AUTHORITY\SYSTEM

 Current Engine Version: %NT AUTHORITY605

 Previous Engine Version: %NT AUTHORITY606

 Error code: %NT AUTHORITY607

 Error description: %NT AUTHORITY608

Error: (05/28/2014 00:08:11 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

 New Signature Version:

 Previous Signature Version: 1.173.2417.0

 Update Source: %NT AUTHORITY51

 Update Stage: 4.4.0304.00

 Source Path: 4.4.0304.01

 Signature Type: %NT AUTHORITY602

 Update Type: %NT AUTHORITY604

 User: NT AUTHORITY\NETWORK SERVICE

 Current Engine Version: %NT AUTHORITY605

 Previous Engine Version: %NT AUTHORITY606

 Error code: %NT AUTHORITY607

 Error description: %NT AUTHORITY608

Error: (05/28/2014 00:08:11 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

 New Signature Version:

 Previous Signature Version: 1.173.2417.0

 Update Source: %NT AUTHORITY51

 Update Stage: 4.4.0304.00

 Source Path: 4.4.0304.01

 Signature Type: %NT AUTHORITY602

 Update Type: %NT AUTHORITY604

 User: NT AUTHORITY\NETWORK SERVICE

 Current Engine Version: %NT AUTHORITY605

 Previous Engine Version: %NT AUTHORITY606

 Error code: %NT AUTHORITY607

 Error description: %NT AUTHORITY608

Error: (05/28/2014 00:07:41 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

 New Signature Version:

 Previous Signature Version: 1.173.2417.0

 Update Source: %NT AUTHORITY59

 Update Stage: 4.4.0304.00

 Source Path: 4.4.0304.01

 Signature Type: %NT AUTHORITY602

 Update Type: %NT AUTHORITY604

 User: NT AUTHORITY\SYSTEM

 Current Engine Version: %NT AUTHORITY605

 Previous Engine Version: %NT AUTHORITY606

 Error code: %NT AUTHORITY607

 Error description: %NT AUTHORITY608

Error: (05/28/2014 08:59:37 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

 New Signature Version:

 Previous Signature Version: 1.173.2417.0

 Update Source: %NT AUTHORITY51

 Update Stage: 4.4.0304.00

 Source Path: 4.4.0304.01

 Signature Type: %NT AUTHORITY602

 Update Type: %NT AUTHORITY604

 User: NT AUTHORITY\NETWORK SERVICE

 Current Engine Version: %NT AUTHORITY605

 Previous Engine Version: %NT AUTHORITY606

 Error code: %NT AUTHORITY607

 Error description: %NT AUTHORITY608

Error: (05/28/2014 08:59:37 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

 New Signature Version:

 Previous Signature Version: 1.173.2417.0

 Update Source: %NT AUTHORITY51

 Update Stage: 4.4.0304.00

 Source Path: 4.4.0304.01

 Signature Type: %NT AUTHORITY602

 Update Type: %NT AUTHORITY604

 User: NT AUTHORITY\NETWORK SERVICE

 Current Engine Version: %NT AUTHORITY605

 Previous Engine Version: %NT AUTHORITY606

 Error code: %NT AUTHORITY607

 Error description: %NT AUTHORITY608

Microsoft Office Sessions:
=========================
Error: (05/28/2014 11:12:19 AM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\ati technologies\ATI.ACE\core-static\SLSTaskbar64.exe

Error: (05/27/2014 09:07:00 AM) (Source: dwmrcs)(User: )
Description: DameWare Mini Remote Control
Error setsockopt (IP_DROP_MEMBERSHIP)

System Error: 10049
System Message: The requested address is not valid in its context.

 (srv 32 bit)

Error: (05/27/2014 09:07:00 AM) (Source: dwmrcs)(User: )
Description: DameWare Mini Remote Control
Error setsockopt (IP_ADD_MEMBERSHIP)

System Error: 10022
System Message: An invalid argument was supplied.

 (srv 32 bit)

Error: (05/27/2014 04:47:11 AM) (Source: dwmrcs)(User: )
Description: DameWare Mini Remote Control
Error setsockopt (IP_DROP_MEMBERSHIP)

System Error: 10049
System Message: The requested address is not valid in its context.

 (srv 32 bit)

Error: (05/27/2014 04:47:08 AM) (Source: dwmrcs)(User: )
Description: DameWare Mini Remote Control
Error setsockopt (IP_ADD_MEMBERSHIP)

System Error: 10022
System Message: An invalid argument was supplied.

 (srv 32 bit)

Error: (05/23/2014 07:34:36 PM) (Source: dwmrcs)(User: )
Description: DameWare Mini Remote Control
Error setsockopt (IP_DROP_MEMBERSHIP)

System Error: 10049
System Message: The requested address is not valid in its context.

 (srv 32 bit)

Error: (05/23/2014 05:18:16 PM) (Source: dwmrcs)(User: )
Description: DameWare Mini Remote Control
Error setsockopt (IP_ADD_MEMBERSHIP)

System Error: 10065
System Message: A socket operation was attempted to an unreachable host.

 (srv 32 bit)

Error: (05/22/2014 07:46:54 AM) (Source: dwmrcs)(User: )
Description: DameWare Mini Remote Control
Error setsockopt (IPV6_ADD_MEMBERSHIP)

System Error: 10022
System Message: An invalid argument was supplied.

 (srv 32 bit)

Error: (05/21/2014 09:36:57 AM) (Source: Application Error)(User: )
Description: iexplore.exe9.0.8112.16545531a4f73AcroRd32.dll_unloaded0.0.0.04c9b259ec0000005125dcc3716e001cf74aa212ad352C:\Program Files\Internet Explorer\iexplore.exeAcroRd32.dll5c26ae8d-e0f5-11e3-b45e-00a0c6000000

Error: (05/19/2014 09:30:37 AM) (Source: Brother BrLog)(User: )
Description: WDLMWBrtWDLMW: [2014/05/19 09:30:37.653]: [00005080]: lperrcode->api = 1 , lperrcode->code = 2

=========================== Installed Programs ============================

Adobe Flash Player 12 ActiveX (Version: 12.0.0.70)
Adobe Reader 9.4.0 (Version: 9.4.0)
Adobe Shockwave Player 12.0 (Version: 12.0.9.149)
AMD Accelerated Video Transcoding (Version: 12.10.100.30722)
AMD Catalyst Install Manager (Version: 8.0.911.0)
Brother MFL-Pro Suite MFC-295CN (Version: 2.0.0.0)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center (Version: 2013.0722.2226.38431)
Catalyst Control Center InstallProxy (Version: 2013.0722.2226.38431)
Catalyst Control Center Localization All (Version: 2013.0722.2226.38431)
Catalyst Control Center Profiles Mobile (Version: 2013.0722.2226.38431)
CCC Help Chinese Standard (Version: 2013.0722.2225.38431)
CCC Help Chinese Traditional (Version: 2013.0722.2225.38431)
CCC Help Danish (Version: 2013.0722.2225.38431)
CCC Help Dutch (Version: 2013.0722.2225.38431)
CCC Help English (Version: 2013.0722.2225.38431)
CCC Help Finnish (Version: 2013.0722.2225.38431)
CCC Help French (Version: 2013.0722.2225.38431)
CCC Help German (Version: 2013.0722.2225.38431)
CCC Help Italian (Version: 2013.0722.2225.38431)
CCC Help Japanese (Version: 2013.0722.2225.38431)
CCC Help Korean (Version: 2013.0722.2225.38431)
CCC Help Norwegian (Version: 2013.0722.2225.38431)
CCC Help Portuguese (Version: 2013.0722.2225.38431)
CCC Help Russian (Version: 2013.0722.2225.38431)
CCC Help Spanish (Version: 2013.0722.2225.38431)
CCC Help Swedish (Version: 2013.0722.2225.38431)
ccc-utility (Version: 2013.0722.2226.38431)
Cisco AnyConnect VPN Client (Version: 2.4.1012)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell Mobile Broadband Utility (Version: 3.00.77.006)
Dell Touchpad (Version: 8.1200.101.134)
Dell Unified Wireless Suite (Version: 1.00.0000)
Dell Wireless 5630 Mobile Broadband Drivers (Version: 2.02.07.003.1)
DHTML Editing Component (Version: 6.02.0001)
DW WLAN Card Utility (Version: 5.100.82.142)
Google Earth (Version: 7.1.2.2041)
Highlightly (Version: 1.9.0.3)
IBM iSeries Access for Windows
InstallVC90Support (Version: 1.01.0000)
Intel® Network Connections 16.8.45.02 (Version: 16.8.45.02)
Intel® OpenCL CPU Runtime
Intel® Processor Graphics (Version: 10.18.10.3412)
Intel® Rapid Storage Technology (Version: 12.8.2.1000)
Intel® USB 3.0 eXtensible Host Controller Driver (Version: 2.0.0.102)
Java 7 Update 51 (Version: 7.0.510)
Java Auto Updater (Version: 2.1.9.8)
Lotus Notes 8.5.2 (Basic) (Version: 8.52.10222)
McAfee Agent (Version: 4.8.0.641)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Lync 2010 (Version: 4.0.7577.4419)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft redistributable runtime DLLs VS2008 SP1(x86) (Version: 9.0)
Microsoft redistributable runtime DLLs VS2010 SP1 (x86) (Version: 10.0.40219.1)
Microsoft Security Client (Version: 4.4.0304.0)
Microsoft Security Essentials (Version: 4.4.304.0)
Microsoft Silverlight (Version: 5.1.30214.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML4.0 redistributable (Version: 4.0.0.0)
MyPC Backup  (Version: )
NVIDIA 3D Vision Driver 311.00 (Version: 311.00)
NVIDIA Control Panel 311.00 (Version: 311.00)
NVIDIA Graphics Driver 311.00 (Version: 311.00)
NVIDIA HD Audio Driver 1.3.16.0 (Version: 1.3.16.0)
NVIDIA Install Application (Version: 2.1002.108.688)
NVIDIA nView 136.53 (Version: 136.53)
NVIDIA Optimus 1.11.3 (Version: 1.11.3)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.1100)
NVIDIA Update Components (Version: 1.11.3)
OEM Application Profile (Version: 1.00.0000)
Open Text Imaging Windows Viewer 9.7.0 (Version: 9.7.0)
PowerXpressHybrid (Version: 1.00.0000)
PX Profile Update (Version: 1.00.1.)
Realtek Audio COM Components (Version: 1.0.2)
Realtek High Definition Audio Driver (Version: 6.0.1.5988)
SAP Business Explorer (Version: 7.30)
SAP GUI for Windows 7.30 (Version: 7.30 Compilation 1)
Search Protect (Version: 2.13.2.14)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
SES Driver (Version: 1.0.0)
Shared Add-in Support Update for Microsoft .NET Framework 2.0 (KB908002) (Version: 1.0.0)
ST Microelectronics 3 Axis Digital Accelerometer Solution (Version: 4.10.0046)
swMSM (Version: 12.0.0.1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition
vcredist_x86 (Version: 1.0.0)

========================= Memory info: ===================================

Percentage of memory in use: 69%
Total physical RAM: 3251.4 MB
Available physical RAM: 1004 MB
Total Pagefile: 6501.09 MB
Available Pagefile: 3064.06 MB
Total Virtual: 2047.88 MB
Available Virtual: 1919.29 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:297.81 GB) (Free:243.07 GB) NTFS

========================= Users: ========================================

User accounts for \\BMILLERE6440

Administrator            Guest                    IS USER                 
UpdatusUser             

**** End of log ****

 

18:28:18.0962 0x2398  TDSS rootkit removing tool 3.0.0.35 May 23 2014 07:32:03
18:28:24.0437 0x2398  ============================================================
18:28:24.0437 0x2398  Current date / time: 2014/05/28 18:28:24.0437
18:28:24.0437 0x2398  SystemInfo:
18:28:24.0437 0x2398 
18:28:24.0437 0x2398  OS Version: 6.1.7601 ServicePack: 1.0
18:28:24.0437 0x2398  Product type: Workstation
18:28:24.0437 0x2398  ComputerName: BMILLERE6440
18:28:24.0437 0x2398  UserName: BM9984
18:28:24.0437 0x2398  Windows directory: C:\Windows
18:28:24.0437 0x2398  System windows directory: C:\Windows
18:28:24.0437 0x2398  Processor architecture: Intel x86
18:28:24.0437 0x2398  Number of processors: 4
18:28:24.0437 0x2398  Page size: 0x1000
18:28:24.0437 0x2398  Boot type: Normal boot
18:28:24.0437 0x2398  ============================================================
18:28:27.0807 0x2398  KLMD registered as C:\Windows\system32\drivers\90134193.sys
18:28:27.0916 0x2398  System UUID: {4DF0F823-F8AF-7342-E01B-95555D337261}
18:28:28.0306 0x2398  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
18:28:28.0306 0x2398  ============================================================
18:28:28.0306 0x2398  \Device\Harddisk0\DR0:
18:28:28.0306 0x2398  MBR partitions:
18:28:28.0306 0x2398  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x8D800
18:28:28.0306 0x2398  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x8E000, BlocksNum 0x253A02B0
18:28:28.0306 0x2398  ============================================================
18:28:28.0337 0x2398  C: <-> \Device\Harddisk0\DR0\Partition2
18:28:28.0337 0x2398  ============================================================
18:28:28.0337 0x2398  Initialize success
18:28:28.0337 0x2398  ============================================================
18:28:30.0381 0x07d0  ============================================================
18:28:30.0381 0x07d0  Scan started
18:28:30.0381 0x07d0  Mode: Manual;
18:28:30.0381 0x07d0  ============================================================
18:28:30.0381 0x07d0  KSN ping started
18:28:33.0017 0x07d0  KSN ping finished: true
18:28:34.0733 0x07d0  ================ Scan system memory ========================
18:28:34.0733 0x07d0  System memory - ok
18:28:34.0733 0x07d0  ================ Scan services =============================
18:28:34.0858 0x07d0  [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
18:28:34.0858 0x07d0  1394ohci - ok
18:28:34.0905 0x07d0  [ EDC50031D6AB9180B3B3BD1C547C7D0A, E9AB4DDF6CF64974C5DE217BCABD232A9612621527B484E1FC7B4317A49FBB05 ] Acceler         C:\Windows\system32\DRIVERS\accelern.sys
18:28:34.0920 0x07d0  Acceler - ok
18:28:34.0952 0x07d0  [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI            C:\Windows\system32\drivers\ACPI.sys
18:28:34.0967 0x07d0  ACPI - ok
18:28:34.0998 0x07d0  [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
18:28:35.0014 0x07d0  AcpiPmi - ok
18:28:35.0061 0x07d0  [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
18:28:35.0076 0x07d0  adp94xx - ok
18:28:35.0123 0x07d0  [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
18:28:35.0139 0x07d0  adpahci - ok
18:28:35.0154 0x07d0  [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
18:28:35.0170 0x07d0  adpu320 - ok
18:28:35.0201 0x07d0  [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
18:28:35.0201 0x07d0  AeLookupSvc - ok
18:28:35.0248 0x07d0  [ F81BB7E487EDCEAB630A7EE66CF23913, 7D1638FD7E388EF670FA0A421762E0413351058A20DDF0F9988A383F05395A68 ] AFD             C:\Windows\system32\drivers\afd.sys
18:28:35.0279 0x07d0  AFD - ok
18:28:35.0295 0x07d0  [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\Windows\system32\drivers\agp440.sys
18:28:35.0295 0x07d0  agp440 - ok
18:28:35.0342 0x07d0  [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys
18:28:35.0342 0x07d0  aic78xx - ok
18:28:35.0388 0x07d0  [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG             C:\Windows\System32\alg.exe
18:28:35.0388 0x07d0  ALG - ok
18:28:35.0420 0x07d0  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide          C:\Windows\system32\drivers\aliide.sys
18:28:35.0420 0x07d0  aliide - ok
18:28:35.0451 0x07d0  [ 7888E9D8E56FC469BA5570CA6056BF0D, BBEB61710D3BD40161A28EB4F57024BB930E85C6E3FDC32BABB3EC80AA3C111F ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
18:28:35.0466 0x07d0  AMD External Events Utility - ok
18:28:35.0482 0x07d0  [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
18:28:35.0482 0x07d0  amdagp - ok
18:28:35.0529 0x07d0  [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide          C:\Windows\system32\drivers\amdide.sys
18:28:35.0529 0x07d0  amdide - ok
18:28:35.0560 0x07d0  [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
18:28:35.0560 0x07d0  AmdK8 - ok
18:28:35.0872 0x07d0  [ 31811468AA6BDF84865289A7D5092455, 480FBFD931F5CACFD523A3A15535407D70688E070EEFE7A50BCB93F094004088 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
18:28:36.0122 0x07d0  amdkmdag - ok
18:28:36.0168 0x07d0  [ 15EBF313A3E46FB88D7C071A31BE988C, 7F3E0302A565C03F8F81787A973A6169937516B9CA559D8D5A8CA2F944D9CCA3 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
18:28:36.0168 0x07d0  amdkmdap - ok
18:28:36.0200 0x07d0  [ 07BDEFDB8A9ECA0E5A157579035AE815, 468A89B5D65AF9CBBC7CC73350FCD2216484E3398F4D87EE3A6378F0C8C96D26 ] amdkmpfd        C:\Windows\system32\DRIVERS\amdkmpfd.sys
18:28:36.0200 0x07d0  amdkmpfd - ok
18:28:36.0231 0x07d0  [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
18:28:36.0231 0x07d0  AmdPPM - ok
18:28:36.0262 0x07d0  [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
18:28:36.0278 0x07d0  amdsata - ok
18:28:36.0293 0x07d0  [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
18:28:36.0309 0x07d0  amdsbs - ok
18:28:36.0324 0x07d0  [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
18:28:36.0324 0x07d0  amdxata - ok
18:28:36.0387 0x07d0  [ D6CE94DFAC294BCA84463922FB4D73D0, AF2DE8FE0E0FAAF477A00F2B228B1817ACE2976E2048448AE8794D87B673AE7C ] ApfiltrService  C:\Windows\system32\DRIVERS\Apfiltr.sys
18:28:36.0402 0x07d0  ApfiltrService - ok
18:28:36.0434 0x07d0  [ AEA177F783E20150ACE5383EE368DA19, 8FA9EE27AA1F22E8B8FE33A21028CA1E0062BAA95CB132C20D55B98C03B4254F ] AppID           C:\Windows\system32\drivers\appid.sys
18:28:36.0434 0x07d0  AppID - ok
18:28:36.0449 0x07d0  [ 62A9C86CB6085E20DB4823E4E97826F5, E0F840B49710022C4FB437002AD06F64B0F6B5D628B32D00F2B66765E6B97E4B ] AppIDSvc        C:\Windows\System32\appidsvc.dll
18:28:36.0449 0x07d0  AppIDSvc - ok
18:28:36.0480 0x07d0  [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo         C:\Windows\System32\appinfo.dll
18:28:36.0480 0x07d0  Appinfo - ok
18:28:36.0496 0x07d0  [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt         C:\Windows\System32\appmgmts.dll
18:28:36.0496 0x07d0  AppMgmt - ok
18:28:36.0527 0x07d0  [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc             C:\Windows\system32\DRIVERS\arc.sys
18:28:36.0527 0x07d0  arc - ok
18:28:36.0543 0x07d0  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
18:28:36.0543 0x07d0  arcsas - ok
18:28:36.0574 0x07d0  [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
18:28:36.0574 0x07d0  AsyncMac - ok
18:28:36.0605 0x07d0  [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi           C:\Windows\system32\drivers\atapi.sys
18:28:36.0605 0x07d0  atapi - ok
18:28:36.0761 0x07d0  [ CC407D8606B95F5386D0CDB5B63B3A84, B448F5608410D007EC50E2E286BE30AF10078CC9DF6C1D008E5FE12ABC442D8B ] athr            C:\Windows\system32\DRIVERS\athr.sys
18:28:36.0855 0x07d0  athr - ok
18:28:36.0886 0x07d0  [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:28:36.0902 0x07d0  AudioEndpointBuilder - ok
18:28:36.0902 0x07d0  [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] Audiosrv        C:\Windows\System32\Audiosrv.dll
18:28:36.0917 0x07d0  Audiosrv - ok
18:28:36.0933 0x07d0  [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV        C:\Windows\System32\AxInstSV.dll
18:28:36.0948 0x07d0  AxInstSV - ok
18:28:36.0980 0x07d0  [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
18:28:36.0980 0x07d0  b06bdrv - ok
18:28:36.0995 0x07d0  [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
18:28:37.0011 0x07d0  b57nd60x - ok
18:28:37.0058 0x07d0  [ E465525E1CBB92780AAC5AD7D3F1CBBF, 503840AA0A15E607C95D15457F99047264B1CE7B5CCEE95E37DDF311A3D7660C ] BackupStack     C:\Program Files\MyPC Backup\BackupStack.exe
18:28:37.0058 0x07d0  BackupStack - ok
18:28:37.0089 0x07d0  [ 938A47FD018BF236DB37876408D431F0, 89414A3EBFA3EDE1E1D30941AD8B6B8B5AE055D1FF11C8981679DC6AC03931EB ] BCM42RLY        C:\Windows\system32\drivers\BCM42RLY.sys
18:28:37.0089 0x07d0  BCM42RLY - ok
18:28:37.0276 0x07d0  [ F44E26FB791012A4354FA9FE701B93B6, D721D408AB649A23A6AE84D4EC8A1DE616D9EBB33A024EA05090167451606036 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl6.sys
18:28:37.0401 0x07d0  BCM43XX - ok
18:28:37.0448 0x07d0  [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC          C:\Windows\System32\bdesvc.dll
18:28:37.0448 0x07d0  BDESVC - ok
18:28:37.0463 0x07d0  [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep            C:\Windows\system32\drivers\Beep.sys
18:28:37.0463 0x07d0  Beep - ok
18:28:37.0494 0x07d0  [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE             C:\Windows\System32\bfe.dll
18:28:37.0510 0x07d0  BFE - ok
18:28:37.0526 0x07d0  [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS            C:\Windows\System32\qmgr.dll
18:28:37.0557 0x07d0  BITS - ok
18:28:37.0572 0x07d0  [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
18:28:37.0588 0x07d0  blbdrive - ok
18:28:37.0604 0x07d0  [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
18:28:37.0604 0x07d0  bowser - ok
18:28:37.0619 0x07d0  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:28:37.0619 0x07d0  BrFiltLo - ok
18:28:37.0635 0x07d0  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:28:37.0635 0x07d0  BrFiltUp - ok
18:28:37.0666 0x07d0  [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser         C:\Windows\System32\browser.dll
18:28:37.0666 0x07d0  Browser - ok
18:28:37.0744 0x07d0  [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
18:28:37.0822 0x07d0  Brserid - ok
18:28:37.0884 0x07d0  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
18:28:37.0947 0x07d0  BrSerWdm - ok
18:28:38.0009 0x07d0  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
18:28:38.0009 0x07d0  BrUsbMdm - ok
18:28:38.0009 0x07d0  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
18:28:38.0009 0x07d0  BrUsbSer - ok
18:28:38.0025 0x07d0  [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
18:28:38.0040 0x07d0  BTHMODEM - ok
18:28:38.0072 0x07d0  [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv         C:\Windows\system32\bthserv.dll
18:28:38.0087 0x07d0  bthserv - ok
18:28:38.0103 0x07d0  [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
18:28:38.0103 0x07d0  cdfs - ok
18:28:38.0150 0x07d0  [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
18:28:38.0150 0x07d0  cdrom - ok
18:28:38.0196 0x07d0  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc     C:\Windows\System32\certprop.dll
18:28:38.0196 0x07d0  CertPropSvc - ok
18:28:38.0228 0x07d0  [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
18:28:38.0228 0x07d0  circlass - ok
18:28:38.0259 0x07d0  [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS            C:\Windows\system32\CLFS.sys
18:28:38.0274 0x07d0  CLFS - ok
18:28:38.0306 0x07d0  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:28:38.0306 0x07d0  clr_optimization_v2.0.50727_32 - ok
18:28:38.0368 0x07d0  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:28:38.0368 0x07d0  clr_optimization_v4.0.30319_32 - ok
18:28:38.0493 0x07d0  [ BA4527370F13008A5AC4B7C826088125, 6C12C65D578E1554748BE70D4514B8ACF575C94511031F2DC7456E71422FAE77 ] CltMngSvc       C:\PROGRA~1\SearchProtect\Main\bin\CltMngSvc.exe
18:28:38.0633 0x07d0  CltMngSvc - ok
18:28:38.0664 0x07d0  [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
18:28:38.0664 0x07d0  CmBatt - ok
18:28:38.0680 0x07d0  [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
18:28:38.0680 0x07d0  cmdide - ok
18:28:38.0727 0x07d0  [ 85449EEBE8F8EBD6481EFBF0F352B4EB, E6FF04970C5A5BFDE7297A86C1C7B9BFE2E0F976A1A1AFB874CEB488DC6151CC ] CNG             C:\Windows\system32\Drivers\cng.sys
18:28:38.0758 0x07d0  CNG - ok
18:28:38.0774 0x07d0  [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
18:28:38.0774 0x07d0  Compbatt - ok
18:28:38.0820 0x07d0  [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
18:28:38.0820 0x07d0  CompositeBus - ok
18:28:38.0836 0x07d0  COMSysApp - ok
18:28:38.0883 0x07d0  [ 769EF9A9262D60EF793D979F8F803AF1, 1EE6BCBE11727C1D79CD2CEC7F58F4A931794B3E01769FC900EDCF92DB3DACEA ] cphs            C:\Windows\system32\IntelCpHeciSvc.exe
18:28:38.0883 0x07d0  cphs - ok
18:28:38.0914 0x07d0  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
18:28:38.0914 0x07d0  crcdisk - ok
18:28:38.0945 0x07d0  [ 7CA1BECEA5DE2643ADDAD32670E7A4C9, E3AB4CC52A97E3855D7EAB87363F807FDD2162ED8C76A036CD71549ED64E7797 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
18:28:38.0961 0x07d0  CryptSvc - ok
18:28:39.0008 0x07d0  [ 3C2177A897B4CA2788C6FB0C3FD81D4B, 98575CBD0664586E6211D02E71BDD52CBAA149A1658573550E29E74E5F7B1553 ] CSC             C:\Windows\system32\drivers\csc.sys
18:28:39.0023 0x07d0  CSC - ok
18:28:39.0070 0x07d0  [ 15F93B37F6801943360D9EB42485D5D3, DD6838C6496CB15F8BB57A6596F6A64ADD9C36B09F062295699131232712B558 ] CscService      C:\Windows\System32\cscsvc.dll
18:28:39.0101 0x07d0  CscService - ok
18:28:39.0132 0x07d0  [ D1697063E2CDB6575AA46D668FFEE825, EE5492AD955B6F637DB8516D7EB6D89E239259AE4CE0A4A25DB320548BF267B5 ] cvusbdrv        C:\Windows\system32\Drivers\cvusbdrv.sys
18:28:39.0132 0x07d0  cvusbdrv - ok
18:28:39.0210 0x07d0  [ 4DDC8ACC8207D02A93CCFB9D95B256D3, 8AC5A1ABB0916E445B756C9B6FFA17FA11D1CD9B5E1212F24C3776004EC27EB0 ] DCDhcpService   C:\Program Files\Dell\Dell Unified Wireless Suite\DirectConnect\DCDhcpService.exe
18:28:39.0226 0x07d0  DCDhcpService - ok
18:28:39.0288 0x07d0  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch      C:\Windows\system32\rpcss.dll
18:28:39.0304 0x07d0  DcomLaunch - ok
18:28:39.0335 0x07d0  [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc       C:\Windows\System32\defragsvc.dll
18:28:39.0335 0x07d0  defragsvc - ok
18:28:39.0366 0x07d0  [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
18:28:39.0366 0x07d0  DfsC - ok
18:28:39.0413 0x07d0  [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
18:28:39.0429 0x07d0  Dhcp - ok
18:28:39.0444 0x07d0  [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache        C:\Windows\system32\drivers\discache.sys
18:28:39.0444 0x07d0  discache - ok
18:28:39.0476 0x07d0  [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
18:28:39.0476 0x07d0  Disk - ok
18:28:39.0522 0x07d0  [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache        C:\Windows\System32\dnsrslvr.dll
18:28:39.0522 0x07d0  Dnscache - ok
18:28:39.0554 0x07d0  [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc         C:\Windows\System32\dot3svc.dll
18:28:39.0569 0x07d0  dot3svc - ok
18:28:39.0616 0x07d0  [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS             C:\Windows\system32\dps.dll
18:28:39.0616 0x07d0  DPS - ok
18:28:39.0663 0x07d0  [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
18:28:39.0663 0x07d0  drmkaud - ok
18:28:39.0710 0x07d0  [ 383182215A2C238E76B86E3B5EDE40EB, 432898D8F122C269723D1612202C6B639F03FAACD65B41A6873A6477B6F4F3D2 ] DwMirror        C:\Windows\system32\DRIVERS\DamewareMini.sys
18:28:39.0710 0x07d0  DwMirror - ok
18:28:39.0741 0x07d0  dwmrcs - ok
18:28:39.0756 0x07d0  [ 5A402C57F621114C99F813C6AE7BC37A, F4F8FD392EFCD544DA9D2945AF780986CD231E27CAFDB9BC0E5ADA2EBA21E628 ] dwvkbd          C:\Windows\system32\DRIVERS\dwvkbd.sys
18:28:39.0756 0x07d0  dwvkbd - ok
18:28:39.0819 0x07d0  [ 71BC35067CABC02C9453AEAA42B2E43E, 713B19F2C08EA5E4C087F7A74A8856932CF33E19D63384823DD4E02ED8798619 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
18:28:39.0866 0x07d0  DXGKrnl - ok
18:28:39.0912 0x07d0  [ 884870CD3BF7BA07E57605685AAC3785, 407419F6EC3EDBAEC853E9745EACFE0606377022F15DC1BE778BDD7B02A0CA1C ] e1cexpress      C:\Windows\system32\DRIVERS\e1c6232.sys
18:28:39.0944 0x07d0  e1cexpress - ok
18:28:39.0990 0x07d0  [ 8B0E76F8F247C4EF3463B2BBC16BDBAF, 2EDADF4A6D5D8E882C82A970E0BCD3614077ECED4E173C3CBE26BFB0902755AC ] e1dexpress      C:\Windows\system32\DRIVERS\e1d6232.sys
18:28:39.0990 0x07d0  e1dexpress - ok
18:28:40.0022 0x07d0  [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost         C:\Windows\System32\eapsvc.dll
18:28:40.0022 0x07d0  EapHost - ok
18:28:40.0178 0x07d0  [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
18:28:40.0349 0x07d0  ebdrv - ok
18:28:40.0427 0x07d0  [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] EFS             C:\Windows\System32\lsass.exe
18:28:40.0427 0x07d0  EFS - ok
18:28:40.0458 0x07d0  [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
18:28:40.0490 0x07d0  ehRecvr - ok
18:28:40.0505 0x07d0  [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched         C:\Windows\ehome\ehsched.exe
18:28:40.0505 0x07d0  ehSched - ok
18:28:40.0536 0x07d0  [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
18:28:40.0536 0x07d0  elxstor - ok
18:28:40.0568 0x07d0  [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
18:28:40.0568 0x07d0  ErrDev - ok
18:28:40.0599 0x07d0  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem     C:\Windows\system32\es.dll
18:28:40.0599 0x07d0  EventSystem - ok
18:28:40.0630 0x07d0  [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat           C:\Windows\system32\drivers\exfat.sys
18:28:40.0630 0x07d0  exfat - ok
18:28:40.0646 0x07d0  [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
18:28:40.0646 0x07d0  fastfat - ok
18:28:40.0692 0x07d0  [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax             C:\Windows\system32\fxssvc.exe
18:28:40.0708 0x07d0  Fax - ok
18:28:40.0724 0x07d0  [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
18:28:40.0724 0x07d0  fdc - ok
18:28:40.0739 0x07d0  [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost         C:\Windows\system32\fdPHost.dll
18:28:40.0739 0x07d0  fdPHost - ok
18:28:40.0739 0x07d0  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub        C:\Windows\system32\fdrespub.dll
18:28:40.0739 0x07d0  FDResPub - ok
18:28:40.0755 0x07d0  [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
18:28:40.0755 0x07d0  FileInfo - ok
18:28:40.0755 0x07d0  [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
18:28:40.0755 0x07d0  Filetrace - ok
18:28:40.0770 0x07d0  [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
18:28:40.0770 0x07d0  flpydisk - ok
18:28:40.0786 0x07d0  [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
18:28:40.0802 0x07d0  FltMgr - ok
18:28:40.0833 0x07d0  [ E12C4928B32ACE04610259647F072635, B71B9C2DF45F33C4DAC88435129B08B0BCDBBE82E8C3AD0A95F00137CC8B619F ] FontCache       C:\Windows\system32\FntCache.dll
18:28:40.0864 0x07d0  FontCache - ok
18:28:40.0895 0x07d0  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
18:28:40.0895 0x07d0  FontCache3.0.0.0 - ok
18:28:40.0895 0x07d0  [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
18:28:40.0895 0x07d0  FsDepends - ok
18:28:40.0926 0x07d0  [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
18:28:40.0926 0x07d0  Fs_Rec - ok
18:28:40.0942 0x07d0  [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
18:28:40.0958 0x07d0  fvevol - ok
18:28:40.0973 0x07d0  [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
18:28:40.0973 0x07d0  gagp30kx - ok
18:28:41.0004 0x07d0  [ FE42CD5FDE5DCE942F8407EFC7B85FDE, 875DD5A5067E7363CAC3904509BB71F68287AD36ED9C28FB988E1BA25763588E ] GobiQDLService  C:\Program Files\Novatel Wireless\Gobi\QDLService\GobiQDLService.exe
18:28:41.0020 0x07d0  GobiQDLService - ok
18:28:41.0051 0x07d0  [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc           C:\Windows\System32\gpsvc.dll
18:28:41.0067 0x07d0  gpsvc - ok
18:28:41.0082 0x07d0  [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
18:28:41.0082 0x07d0  hcw85cir - ok
18:28:41.0114 0x07d0  [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:28:41.0114 0x07d0  HdAudAddService - ok
18:28:41.0145 0x07d0  [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
18:28:41.0145 0x07d0  HDAudBus - ok
18:28:41.0145 0x07d0  [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
18:28:41.0145 0x07d0  HidBatt - ok
18:28:41.0160 0x07d0  [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
18:28:41.0160 0x07d0  HidBth - ok
18:28:41.0192 0x07d0  [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
18:28:41.0192 0x07d0  HidIr - ok
18:28:41.0207 0x07d0  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv         C:\Windows\system32\hidserv.dll
18:28:41.0207 0x07d0  hidserv - ok
18:28:41.0238 0x07d0  [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
18:28:41.0254 0x07d0  HidUsb - ok
18:28:41.0254 0x07d0  [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc          C:\Windows\system32\kmsvc.dll
18:28:41.0270 0x07d0  hkmsvc - ok
18:28:41.0301 0x07d0  [ 51596554FC5A9DF82827C806C142C730, 59936E8435E553DC502ADFDCC7F1AEAEAF6B34AE4FB603B33510F190E865D81D ] hlnfd           C:\Windows\system32\drivers\hlnfd.sys
18:28:41.0301 0x07d0  hlnfd - ok
18:28:41.0348 0x07d0  [ B9CA10E2BC1EDE0AB81721099DACDC19, A43E94B82F0B9D4684F4760380154C7E96F0780562FD3F0F0C5EC6D4601A28B2 ] hlsvc           C:\Program Files\Highlightly\Service\hlsvc.exe
18:28:41.0348 0x07d0  hlsvc - ok
18:28:41.0379 0x07d0  [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:28:41.0379 0x07d0  HomeGroupListener - ok
18:28:41.0410 0x07d0  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:28:41.0410 0x07d0  HomeGroupProvider - ok
18:28:41.0441 0x07d0  [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
18:28:41.0441 0x07d0  HpSAMD - ok
18:28:41.0472 0x07d0  [ 871917B07A141BFF43D76D8844D48106, 30C702008D0EE57D63F74864967DD19A55A268E77E42B5B3CC73037AD51D2987 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
18:28:41.0488 0x07d0  HTTP - ok
18:28:41.0519 0x07d0  [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
18:28:41.0519 0x07d0  hwpolicy - ok
18:28:41.0550 0x07d0  [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
18:28:41.0550 0x07d0  i8042prt - ok
18:28:41.0582 0x07d0  [ 146A719B71FC6CB7AFF3585CBDD53259, 44B44A433A0B13A010C97CF0D30CF6CBF7332C6E00F33887BDF60ACB3F1887B2 ] iaStorA         C:\Windows\system32\DRIVERS\iaStorA.sys
18:28:41.0582 0x07d0  iaStorA - ok
18:28:41.0660 0x07d0  [ B64E1D5BABD095C13A382838F9DCC77F, D8FF4E1BBA7EF5EE136CC5892C72E0774D0AAE40CD9EB3368A698DA6C078BBAA ] IAStorDataMgrSvc C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
18:28:41.0660 0x07d0  IAStorDataMgrSvc - ok
18:28:41.0675 0x07d0  [ B0EDD3C789CD3393CB1FA59657D901F2, CB606F1A91D779324275A88FC0BFFA61E1552596BF08BB9A3455772BC867FC4F ] iaStorF         C:\Windows\system32\DRIVERS\iaStorF.sys
18:28:41.0675 0x07d0  iaStorF - ok
18:28:41.0706 0x07d0  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
18:28:41.0706 0x07d0  iaStorV - ok
18:28:41.0784 0x07d0  [ C521D7EB6497BB1AF6AFA89E322FB43C, BDDCFCBB5B76A9295669B5AC9F732D6127199ED5C300770B554C4E4794F66BB7 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:28:41.0816 0x07d0  idsvc - ok
18:28:41.0909 0x07d0  [ 2D181F82AB145A4E91329F702736D749, C5CE7D2049EB139B115CE27833AF3DE3CED716D58F80AB492DB444B73B1D583E ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
18:28:41.0987 0x07d0  igfx - ok
18:28:42.0018 0x07d0  [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
18:28:42.0018 0x07d0  iirsp - ok
18:28:42.0050 0x07d0  [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT          C:\Windows\System32\ikeext.dll
18:28:42.0081 0x07d0  IKEEXT - ok
18:28:42.0159 0x07d0  [ 2F23D23B615508DD27D9F6ADE0EC03C4, 5A032F1BD96C18C95AD4A9AFECF6222280FF690783DFBEB0E648E3DA519055FA ] IntcAzAudAddService C:\Windows\system32\drivers\RTDVHDA.sys
18:28:42.0190 0x07d0  IntcAzAudAddService - ok
18:28:42.0237 0x07d0  [ 386F3F1AD783F3312C057FB8699AE09B, 8C046B9300C981EFEDA7EB0606BE3D527D243C390AD683EA0C571702F2ED7BF3 ] Intel® PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
18:28:42.0237 0x07d0  Intel® PROSet Monitoring Service - ok
18:28:42.0252 0x07d0  [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide        C:\Windows\system32\drivers\intelide.sys
18:28:42.0252 0x07d0  intelide - ok
18:28:42.0284 0x07d0  [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
18:28:42.0284 0x07d0  intelppm - ok
18:28:42.0299 0x07d0  [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
18:28:42.0315 0x07d0  IPBusEnum - ok
18:28:42.0330 0x07d0  [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:28:42.0330 0x07d0  IpFilterDriver - ok
18:28:42.0362 0x07d0  [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
18:28:42.0377 0x07d0  iphlpsvc - ok
18:28:42.0393 0x07d0  [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
18:28:42.0393 0x07d0  IPMIDRV - ok
18:28:42.0408 0x07d0  [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
18:28:42.0408 0x07d0  IPNAT - ok
18:28:42.0424 0x07d0  [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
18:28:42.0424 0x07d0  IRENUM - ok
18:28:42.0440 0x07d0  [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
18:28:42.0440 0x07d0  isapnp - ok
18:28:42.0455 0x07d0  [ CB7A9ABB12B8415BCE5D74994C7BA3AE, 464BFF3F5EEE985BE075E23E1813F5CB82A9A0771A92C6D889B13B867BCDF647 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
18:28:42.0471 0x07d0  iScsiPrt - ok
18:28:42.0486 0x07d0  [ 50533776535C34CA23B206BF829316DF, 4266DB22B42DE090D49CEFE29D387CF904C10A0BCB2775E412924BBF9B9F5839 ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
18:28:42.0486 0x07d0  iusb3hcs - ok
18:28:42.0518 0x07d0  [ 0496308AB2AC910828794E7A6866FFF6, 160949C7E7A3E884BE545610646AD5FDB9566C650DC9DE3247B5017C330A7089 ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
18:28:42.0518 0x07d0  iusb3hub - ok
18:28:42.0549 0x07d0  [ 46AF600752DFCCCBE4AE1DAA5DF07348, 60994EBCB309E2617FFD2C19CE23482D8BE7ABDC2DE16F07EB9F3082224592A6 ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
18:28:42.0580 0x07d0  iusb3xhc - ok
18:28:42.0596 0x07d0  [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
18:28:42.0596 0x07d0  kbdclass - ok
18:28:42.0611 0x07d0  [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
18:28:42.0611 0x07d0  kbdhid - ok
18:28:42.0627 0x07d0  [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] KeyIso          C:\Windows\system32\lsass.exe
18:28:42.0627 0x07d0  KeyIso - ok
18:28:42.0658 0x07d0  [ 4120DA10AA42A9996F4575DB9E3E6E6E, 1C6E790772EA327ACB885D731A030408160534997DD56FEE4D6CEE6929873BB8 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
18:28:42.0658 0x07d0  KSecDD - ok
18:28:42.0674 0x07d0  [ D3964885F0A11ACF51DA3AAA776973B2, 417ED5A3201FC50FBC0D646F8F2114A1E8A91E7919A62508DCBC156C0BFB2FBA ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
18:28:42.0674 0x07d0  KSecPkg - ok
18:28:42.0705 0x07d0  [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm           C:\Windows\system32\msdtckrm.dll
18:28:42.0705 0x07d0  KtmRm - ok
18:28:42.0752 0x07d0  [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer    C:\Windows\system32\srvsvc.dll
18:28:42.0752 0x07d0  LanmanServer - ok
18:28:42.0767 0x07d0  [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:28:42.0767 0x07d0  LanmanWorkstation - ok
18:28:42.0798 0x07d0  [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
18:28:42.0798 0x07d0  lltdio - ok
18:28:42.0830 0x07d0  [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
18:28:42.0845 0x07d0  lltdsvc - ok
18:28:42.0861 0x07d0  [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts         C:\Windows\System32\lmhsvc.dll
18:28:42.0861 0x07d0  lmhosts - ok
18:28:42.0876 0x07d0  Lotus Notes Diagnostics - ok
18:28:42.0892 0x07d0  [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
18:28:42.0892 0x07d0  LSI_FC - ok
18:28:42.0908 0x07d0  [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
18:28:42.0908 0x07d0  LSI_SAS - ok
18:28:42.0923 0x07d0  [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:28:42.0923 0x07d0  LSI_SAS2 - ok
18:28:42.0923 0x07d0  [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:28:42.0939 0x07d0  LSI_SCSI - ok
18:28:42.0939 0x07d0  [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv           C:\Windows\system32\drivers\luafv.sys
18:28:42.0939 0x07d0  luafv - ok
18:28:42.0986 0x07d0  [ 7F5E41699BFF2903EE7A16CA2C8CE29D, 1F83E0E98D3D3F01545C908F5EA01680CA93505735842940D20365C777B105D8 ] McAfeeFramework C:\Program Files\McAfee\Common Framework\FrameworkService.exe
18:28:42.0986 0x07d0  McAfeeFramework - ok
18:28:43.0032 0x07d0  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
18:28:43.0032 0x07d0  Mcx2Svc - ok
18:28:43.0110 0x07d0  [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
18:28:43.0110 0x07d0  megasas - ok
18:28:43.0188 0x07d0  [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
18:28:43.0204 0x07d0  MegaSR - ok
18:28:43.0235 0x07d0  [ F053F1D48C8A92BDFA72654D0DCDF5AB, A9FD181ECCAD08118DA39D59158171C8D1D9BF67285D6766D2DA03B861CAD512 ] MEI             C:\Windows\system32\DRIVERS\HECI.sys
18:28:43.0235 0x07d0  MEI - ok
18:28:43.0282 0x07d0  Microsoft SharePoint Workspace Audit Service - ok
18:28:43.0298 0x07d0  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS           C:\Windows\system32\mmcss.dll
18:28:43.0298 0x07d0  MMCSS - ok
18:28:43.0313 0x07d0  [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem           C:\Windows\system32\drivers\modem.sys
18:28:43.0313 0x07d0  Modem - ok
18:28:43.0329 0x07d0  [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
18:28:43.0329 0x07d0  monitor - ok
18:28:43.0329 0x07d0  [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
18:28:43.0329 0x07d0  mouclass - ok
18:28:43.0344 0x07d0  [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
18:28:43.0344 0x07d0  mouhid - ok
18:28:43.0360 0x07d0  [ FC8771F45ECCCFD89684E38842539B9B, 806DDF2B4830CA866582FE74A521BB7DF26CA0E19013DAF584D3677FB48CC77A ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
18:28:43.0360 0x07d0  mountmgr - ok
18:28:43.0407 0x07d0  [ E77DC03DD3C8E5A388BF9EED2A28F3D1, ED0DAA975D1EC35CE036F02596218E15CC6A054167628D12A0A5AD91B841F422 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
18:28:43.0407 0x07d0  MpFilter - ok
18:28:43.0438 0x07d0  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio            C:\Windows\system32\drivers\mpio.sys
18:28:43.0438 0x07d0  mpio - ok
18:28:43.0532 0x07d0  [ 65C34426C83EFA32D48380A97717997B, CD7EB6BFBB0BE382BA21055460D9A72323F09AF3194A22D8EDB28D5DB3BAE8E7 ] MpKsl32c80a1e   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{17EB35C5-9BD9-44D4-9F0A-FE3C333ABD93}\MpKsl32c80a1e.sys
18:28:43.0532 0x07d0  MpKsl32c80a1e - ok
18:28:43.0563 0x07d0  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
18:28:43.0563 0x07d0  mpsdrv - ok
18:28:43.0610 0x07d0  [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc          C:\Windows\system32\mpssvc.dll
18:28:43.0641 0x07d0  MpsSvc - ok
18:28:43.0672 0x07d0  [ CEB46AB7C01C9F825F8CC6BABC18166A, AA98898204FC58878502C170FE6ED8BA681396DDD8BF3689D0C3642DEA87BEF8 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
18:28:43.0672 0x07d0  MRxDAV - ok
18:28:43.0703 0x07d0  [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
18:28:43.0703 0x07d0  mrxsmb - ok
18:28:43.0703 0x07d0  [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:28:43.0719 0x07d0  mrxsmb10 - ok
18:28:43.0734 0x07d0  [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:28:43.0734 0x07d0  mrxsmb20 - ok
18:28:43.0750 0x07d0  [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci          C:\Windows\system32\drivers\msahci.sys
18:28:43.0750 0x07d0  msahci - ok
18:28:43.0766 0x07d0  [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
18:28:43.0766 0x07d0  msdsm - ok
18:28:43.0781 0x07d0  [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC           C:\Windows\System32\msdtc.exe
18:28:43.0797 0x07d0  MSDTC - ok
18:28:43.0844 0x07d0  [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs            C:\Windows\system32\drivers\Msfs.sys
18:28:43.0844 0x07d0  Msfs - ok
18:28:43.0859 0x07d0  [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
18:28:43.0859 0x07d0  mshidkmdf - ok
18:28:43.0875 0x07d0  [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
18:28:43.0875 0x07d0  msisadrv - ok
18:28:43.0890 0x07d0  [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
18:28:43.0890 0x07d0  MSiSCSI - ok
18:28:43.0890 0x07d0  msiserver - ok
18:28:43.0922 0x07d0  [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
18:28:43.0922 0x07d0  MSKSSRV - ok
18:28:43.0968 0x07d0  [ B0F49DA36F30922F5DDC3B623B778FCE, EE025AEFA4A2095AFEABFB3A49639DA77D78068A3F5EEDA6C15D34853AFD5609 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
18:28:43.0984 0x07d0  MsMpSvc - ok
18:28:43.0984 0x07d0  [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
18:28:43.0984 0x07d0  MSPCLOCK - ok
18:28:43.0984 0x07d0  [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
18:28:43.0984 0x07d0  MSPQM - ok
18:28:44.0000 0x07d0  [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
18:28:44.0000 0x07d0  MsRPC - ok
18:28:44.0015 0x07d0  [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
18:28:44.0015 0x07d0  mssmbios - ok
18:28:44.0015 0x07d0  [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
18:28:44.0015 0x07d0  MSTEE - ok
18:28:44.0031 0x07d0  [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
18:28:44.0031 0x07d0  MTConfig - ok
18:28:44.0078 0x07d0  [ 94FCCF0F38471D07B204FE731B9EB27B, 20C54804E6C986166E6E7645344545D0EBC728237DC4613AD27348D3CDDD9883 ] Multi-user Cleanup Service C:\Notes\ntmulti.exe
18:28:44.0078 0x07d0  Multi-user Cleanup Service - ok
18:28:44.0078 0x07d0  [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup             C:\Windows\system32\Drivers\mup.sys
18:28:44.0078 0x07d0  Mup - ok
18:28:44.0109 0x07d0  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent        C:\Windows\system32\qagentRT.dll
18:28:44.0109 0x07d0  napagent - ok
18:28:44.0140 0x07d0  [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
18:28:44.0140 0x07d0  NativeWifiP - ok
18:28:44.0202 0x07d0  [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS            C:\Windows\system32\drivers\ndis.sys
18:28:44.0234 0x07d0  NDIS - ok
18:28:44.0265 0x07d0  [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
18:28:44.0265 0x07d0  NdisCap - ok
18:28:44.0265 0x07d0  [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
18:28:44.0265 0x07d0  NdisTapi - ok
18:28:44.0296 0x07d0  [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
18:28:44.0296 0x07d0  Ndisuio - ok
18:28:44.0312 0x07d0  [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
18:28:44.0312 0x07d0  NdisWan - ok
18:28:44.0343 0x07d0  [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
18:28:44.0343 0x07d0  NDProxy - ok
18:28:44.0343 0x07d0  [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
18:28:44.0343 0x07d0  NetBIOS - ok
18:28:44.0358 0x07d0  [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
18:28:44.0358 0x07d0  NetBT - ok
18:28:44.0374 0x07d0  [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] Netlogon        C:\Windows\system32\lsass.exe
18:28:44.0374 0x07d0  Netlogon - ok
18:28:44.0405 0x07d0  [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman          C:\Windows\System32\netman.dll
18:28:44.0405 0x07d0  Netman - ok
18:28:44.0421 0x07d0  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm        C:\Windows\System32\netprofm.dll
18:28:44.0421 0x07d0  netprofm - ok
18:28:44.0452 0x07d0  [ F476EC40033CDB91EFBE73EB99B8362D, B17535037BC070F9AE1F6B381C2DBEE27658A8FDE15FB0E061F485EA7C7CBE59 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:28:44.0452 0x07d0  NetTcpPortSharing - ok
18:28:44.0483 0x07d0  [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
18:28:44.0483 0x07d0  nfrd960 - ok
18:28:44.0546 0x07d0  [ 32FF06EC6D946EF791D98D6C838A3090, 319BDD491CB22D0CCCCE76A2854CF469D7AF046289F9C56CD03AE3D3CBC0275E ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
18:28:44.0546 0x07d0  NisDrv - ok
18:28:44.0561 0x07d0  [ 42D33042371BFB1A7D40834590CAFD30, 53DA3618EC10293B2DF686E291A4EF6ACBBD41D116EC762D54106D201A784E87 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
18:28:44.0561 0x07d0  NisSrv - ok
18:28:44.0577 0x07d0  [ 374071043F9E4231EE43BE2BB48DD36D, C4FA3FC40CC49DBBB91901D14210A55D3831FAC9F9B3FF45FCA7F5CF242C9E92 ] NlaSvc          C:\Windows\System32\nlasvc.dll
18:28:44.0592 0x07d0  NlaSvc - ok
18:28:44.0592 0x07d0  [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
18:28:44.0592 0x07d0  Npfs - ok
18:28:44.0624 0x07d0  [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi             C:\Windows\system32\nsisvc.dll
18:28:44.0624 0x07d0  nsi - ok
18:28:44.0624 0x07d0  [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
18:28:44.0624 0x07d0  nsiproxy - ok
18:28:44.0670 0x07d0  [ 5E43D2B0EE64123D4880DFA6626DEFDE, 164413A22DE58B19EA2B4120034B46D6BE1F424B80C3421E10BE5C81153D049F ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
18:28:44.0717 0x07d0  Ntfs - ok
18:28:44.0717 0x07d0  [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null            C:\Windows\system32\drivers\Null.sys
18:28:44.0717 0x07d0  Null - ok
18:28:44.0748 0x07d0  [ A0A9E53B4AAC3C6534A063ABA69BC19F, 4195D1A94B5AF37D8D89DE989AD7CAC1B7123EF8281707C3088152DD77EE9686 ] NVHDA           C:\Windows\system32\drivers\nvhda32v.sys
18:28:44.0748 0x07d0  NVHDA - ok
18:28:44.0811 0x07d0  [ 56B1EF0D8D6EC46E49B26EFBDFBF7C6E, 1579879C054EC2D109FA14FA6DCF09BEE0723C49540CE59E9C8E32B9496FDC92 ] nvkflt          C:\Windows\system32\DRIVERS\nvkflt.sys
18:28:44.0811 0x07d0  nvkflt - ok
18:28:45.0060 0x07d0  [ 1CCE9097830775F447DD78BD1B35FC8E, B60A7C631D3CCE74CA6C951D6A3A5D1F346A8524462500E4A39B4E868B3FF750 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:28:45.0310 0x07d0  nvlddmkm - ok
18:28:45.0341 0x07d0  [ 80E3F760122817A8750AEE02999C8148, EBEBAD441DF0F0643478159786799A672BE4D90CCBE3CCA4EB4C11569192FEA5 ] nvpciflt        C:\Windows\system32\DRIVERS\nvpciflt.sys
18:28:45.0341 0x07d0  nvpciflt - ok
18:28:45.0357 0x07d0  [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
18:28:45.0357 0x07d0  nvraid - ok
18:28:45.0388 0x07d0  [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
18:28:45.0388 0x07d0  nvstor - ok
18:28:45.0419 0x07d0  [ 0136C91BBD22751D79940E62AC95195F, 287B701EEF5564F3E442D639F7CC8D524E963896552EB2EB6A60D1F2ED42EF66 ] nvsvc           C:\Windows\system32\nvvsvc.exe
18:28:45.0435 0x07d0  nvsvc - ok
18:28:45.0466 0x07d0  [ 7DCB9CA236A1A64F3D4F0AD3115F7E22, 8F6BF729B96947563B8C3819723A5E7C77ACB58D792ACD44DA0B1CDEA6BCCA6E ] NvtlService     C:\Program Files\Novatel Wireless\Novacore\Server\NvtlSrvr.exe
18:28:45.0482 0x07d0  NvtlService - ok
18:28:45.0560 0x07d0  [ 3D0A45F8F033B4DAE58D96601991A3AE, 5740439ECE5A4CF97FBC523FD009179F27A32A5D607B3523035A3A7CEAE119FB ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
18:28:45.0606 0x07d0  nvUpdatusService - ok
18:28:45.0622 0x07d0  [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
18:28:45.0638 0x07d0  nv_agp - ok
18:28:45.0669 0x07d0  [ 964DCA751E562806DABA33EA1E364B55, 17526997819A2D77759DF7D645ABD4DB094D13E02E4C154D3324B9B2347FC673 ] nwdelgobi3kfilter C:\Windows\system32\DRIVERS\nwdelgobi3kfilter.sys
18:28:45.0669 0x07d0  nwdelgobi3kfilter - ok
18:28:45.0684 0x07d0  [ EBEF5D731D3A0D1819F9335719D84253, 5F435FA1DE2C3407B71D36DBE2D5B1A7AC8C3A544BE91A3A2B92DE1DC1A5F3B6 ] nwdelgobimbb    C:\Windows\system32\DRIVERS\nwdelgobimbb.sys
18:28:45.0684 0x07d0  nwdelgobimbb - ok
18:28:45.0716 0x07d0  [ B9A3E8509295805802ED3652719E7837, A51FE443EC967448ABD9B95B33F23B4BD1AB72B0BE3692E2FC667DC393A360FA ] nwdelserial     C:\Windows\system32\DRIVERS\nwdelserial.sys
18:28:45.0716 0x07d0  nwdelserial - ok
18:28:45.0747 0x07d0  [ 4E37455DB16AEC75862B1D0BC35B589E, F60FCE0C3E6C1559B0A8E0A032AFD30216E1DE2142E8E4C181C43DB6C4B5A443 ] O2FLASH         C:\Windows\system32\DRIVERS\o2flash.exe
18:28:45.0747 0x07d0  O2FLASH - ok
18:28:45.0762 0x07d0  [ 5F63917FCC257ED11E828230BE594194, 25CE216077DF06F00FB3EE996A4833868670EC4ACC66DFF1BDAF5830D83F7218 ] O2MDFRDR        C:\Windows\system32\DRIVERS\O2MDFw7.sys
18:28:45.0762 0x07d0  O2MDFRDR - ok
18:28:45.0778 0x07d0  [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
18:28:45.0778 0x07d0  ohci1394 - ok
18:28:45.0825 0x07d0  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:28:45.0825 0x07d0  ose - ok
18:28:45.0965 0x07d0  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7, F342100E2E9001F11FDF93F856B50FA43F9B85D2C6B5706EC0433E77206498DA ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:28:46.0090 0x07d0  osppsvc - ok
18:28:46.0137 0x07d0  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
18:28:46.0137 0x07d0  p2pimsvc - ok
18:28:46.0152 0x07d0  [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc          C:\Windows\system32\p2psvc.dll
18:28:46.0152 0x07d0  p2psvc - ok
18:28:46.0184 0x07d0  [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport         C:\Windows\system32\DRIVERS\parport.sys
18:28:46.0184 0x07d0  Parport - ok
18:28:46.0215 0x07d0  [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
18:28:46.0215 0x07d0  partmgr - ok
18:28:46.0215 0x07d0  [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
18:28:46.0215 0x07d0  Parvdm - ok
18:28:46.0230 0x07d0  [ 358AB7956D3160000726574083DFC8A6, 6CAFD4D1B8AB8C1D167ADC018985DDAB5AC2CBFFB3434FE6390F14AF50C19025 ] PcaSvc          C:\Windows\System32\pcasvc.dll
18:28:46.0246 0x07d0  PcaSvc - ok
18:28:46.0246 0x07d0  [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci             C:\Windows\system32\drivers\pci.sys
18:28:46.0262 0x07d0  pci - ok
18:28:46.0277 0x07d0  [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide          C:\Windows\system32\drivers\pciide.sys
18:28:46.0277 0x07d0  pciide - ok
18:28:46.0293 0x07d0  [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
18:28:46.0293 0x07d0  pcmcia - ok
18:28:46.0308 0x07d0  [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw             C:\Windows\system32\drivers\pcw.sys
18:28:46.0308 0x07d0  pcw - ok
18:28:46.0340 0x07d0  [ 9E0104BA49F4E6973749A02BF41344ED, B32F39F38DB48D77FBA884DEE34112BAB81CCEF5DD2EAAA12D9589D73D2BB116 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
18:28:46.0340 0x07d0  PEAUTH - ok
18:28:46.0371 0x07d0  [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
18:28:46.0402 0x07d0  PeerDistSvc - ok
18:28:46.0496 0x07d0  [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla             C:\Windows\system32\pla.dll
18:28:46.0527 0x07d0  pla - ok
18:28:46.0558 0x07d0  [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
18:28:46.0574 0x07d0  PlugPlay - ok
18:28:46.0574 0x07d0  [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
18:28:46.0574 0x07d0  PNRPAutoReg - ok
18:28:46.0589 0x07d0  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
18:28:46.0605 0x07d0  PNRPsvc - ok
18:28:46.0620 0x07d0  [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
18:28:46.0620 0x07d0  PolicyAgent - ok
18:28:46.0636 0x07d0  [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power           C:\Windows\system32\umpo.dll
18:28:46.0652 0x07d0  Power - ok
18:28:46.0667 0x07d0  [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
18:28:46.0667 0x07d0  PptpMiniport - ok
18:28:46.0683 0x07d0  [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
18:28:46.0683 0x07d0  Processor - ok
18:28:46.0698 0x07d0  [ CADEFAC453040E370A1BDFF3973BE00D, 2E3DD8DA702468D8AB0F3CE27188B1991D4CB015FB36BAE4C6E7996B61CF49B8 ] ProfSvc         C:\Windows\system32\profsvc.dll
18:28:46.0698 0x07d0  ProfSvc - ok
18:28:46.0714 0x07d0  [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:28:46.0714 0x07d0  ProtectedStorage - ok
18:28:46.0730 0x07d0  [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
18:28:46.0730 0x07d0  Psched - ok
18:28:46.0792 0x07d0  [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
18:28:46.0823 0x07d0  ql2300 - ok
18:28:46.0839 0x07d0  [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
18:28:46.0839 0x07d0  ql40xx - ok
18:28:46.0870 0x07d0  [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE           C:\Windows\system32\qwave.dll
18:28:46.0886 0x07d0  QWAVE - ok
18:28:46.0886 0x07d0  [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
18:28:46.0886 0x07d0  QWAVEdrv - ok
18:28:46.0901 0x07d0  [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
18:28:46.0901 0x07d0  RasAcd - ok
18:28:46.0932 0x07d0  [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
18:28:46.0932 0x07d0  RasAgileVpn - ok
18:28:46.0932 0x07d0  [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto         C:\Windows\System32\rasauto.dll
18:28:46.0948 0x07d0  RasAuto - ok
18:28:46.0948 0x07d0  [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
18:28:46.0948 0x07d0  Rasl2tp - ok
18:28:46.0964 0x07d0  [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan          C:\Windows\System32\rasmans.dll
18:28:46.0979 0x07d0  RasMan - ok
18:28:46.0979 0x07d0  [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
18:28:46.0979 0x07d0  RasPppoe - ok
18:28:46.0979 0x07d0  [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
18:28:46.0979 0x07d0  RasSstp - ok
18:28:47.0010 0x07d0  [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
18:28:47.0026 0x07d0  rdbss - ok
18:28:47.0026 0x07d0  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
18:28:47.0026 0x07d0  rdpbus - ok
18:28:47.0042 0x07d0  [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
18:28:47.0042 0x07d0  RDPCDD - ok
18:28:47.0057 0x07d0  [ B973FCFC50DC1434E1970A146F7E3885, BE797E5F5AE34D37F8DA1134CE94DD14DBE36D2BC405B97E992E2257848B7CA9 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
18:28:47.0057 0x07d0  RDPDR - ok
18:28:47.0073 0x07d0  [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
18:28:47.0073 0x07d0  RDPENCDD - ok
18:28:47.0073 0x07d0  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
18:28:47.0073 0x07d0  RDPREFMP - ok
18:28:47.0120 0x07d0  [ 65375DF758CA1872AB7EBBBA457FD5E6, 8AC7681F51277E799C22FF95FA0B833E9E260D37C0416319FF05B66FB3948005 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
18:28:47.0120 0x07d0  RdpVideoMiniport - ok
18:28:47.0151 0x07d0  [ F031683E6D1FEA157ABB2FF260B51E61, 83B552819A5964152882C527E1421DBCEAACC74DEB897E3C4B53F52F1467FED3 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
18:28:47.0151 0x07d0  RDPWD - ok
18:28:47.0198 0x07d0  [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
18:28:47.0198 0x07d0  rdyboost - ok
18:28:47.0213 0x07d0  [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess    C:\Windows\System32\mprdim.dll
18:28:47.0229 0x07d0  RemoteAccess - ok
18:28:47.0244 0x07d0  [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry  C:\Windows\system32\regsvc.dll
18:28:47.0244 0x07d0  RemoteRegistry - ok
18:28:47.0260 0x07d0  [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
18:28:47.0260 0x07d0  RpcEptMapper - ok
18:28:47.0276 0x07d0  [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator      C:\Windows\system32\locator.exe
18:28:47.0276 0x07d0  RpcLocator - ok
18:28:47.0291 0x07d0  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs           C:\Windows\system32\rpcss.dll
18:28:47.0291 0x07d0  RpcSs - ok
18:28:47.0307 0x07d0  [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
18:28:47.0307 0x07d0  rspndr - ok
18:28:47.0354 0x07d0  [ 4813ABBDF20D5C43B8A054FAF2F4FB05, 51D5996B0B69D226EF77B897228BCC12A7928AB0927DA01F67D4DEBB567579B2 ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe
18:28:47.0354 0x07d0  RtkAudioService - ok
18:28:47.0369 0x07d0  [ 7FA7F2E249A5DCBB7970630E15E1F482, 9633B193F3FDA67BC551C6DCA4788AB83E9F45F77763EE579D02FE5D6B80DEDF ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
18:28:47.0369 0x07d0  s3cap - ok
18:28:47.0385 0x07d0  [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] SamSs           C:\Windows\system32\lsass.exe
18:28:47.0385 0x07d0  SamSs - ok
18:28:47.0416 0x07d0  [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
18:28:47.0416 0x07d0  sbp2port - ok
18:28:47.0447 0x07d0  [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
18:28:47.0447 0x07d0  SCardSvr - ok
18:28:47.0478 0x07d0  [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
18:28:47.0478 0x07d0  scfilter - ok
18:28:47.0510 0x07d0  [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule        C:\Windows\system32\schedsvc.dll
18:28:47.0541 0x07d0  Schedule - ok
18:28:47.0572 0x07d0  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc     C:\Windows\System32\certprop.dll
18:28:47.0572 0x07d0  SCPolicySvc - ok
18:28:47.0603 0x07d0  [ 0328BE1C7F1CBA23848179F8762E391C, EA80853F04BAE6F46F658B3EFED34BFDDE20E6F2BDA349EBC17EC75DFF19855D ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
18:28:47.0603 0x07d0  sdbus - ok
18:28:47.0634 0x07d0  [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
18:28:47.0634 0x07d0  SDRSVC - ok
18:28:47.0650 0x07d0  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
18:28:47.0666 0x07d0  secdrv - ok
18:28:47.0681 0x07d0  [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon        C:\Windows\system32\seclogon.dll
18:28:47.0681 0x07d0  seclogon - ok
18:28:47.0697 0x07d0  [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS            C:\Windows\System32\sens.dll
18:28:47.0697 0x07d0  SENS - ok
18:28:47.0712 0x07d0  [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
18:28:47.0712 0x07d0  SensrSvc - ok
18:28:47.0728 0x07d0  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
18:28:47.0728 0x07d0  Serenum - ok
18:28:47.0744 0x07d0  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial          C:\Windows\system32\DRIVERS\serial.sys
18:28:47.0744 0x07d0  Serial - ok
18:28:47.0775 0x07d0  [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
18:28:47.0775 0x07d0  sermouse - ok
18:28:47.0790 0x07d0  [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv      C:\Windows\system32\sessenv.dll
18:28:47.0790 0x07d0  SessionEnv - ok
18:28:47.0822 0x07d0  [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
18:28:47.0822 0x07d0  sffdisk - ok
18:28:47.0822 0x07d0  [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
18:28:47.0822 0x07d0  sffp_mmc - ok
18:28:47.0822 0x07d0  [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
18:28:47.0822 0x07d0  sffp_sd - ok
18:28:47.0822 0x07d0  [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
18:28:47.0822 0x07d0  sfloppy - ok
18:28:47.0884 0x07d0  [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
18:28:47.0884 0x07d0  SharedAccess - ok
18:28:47.0931 0x07d0  [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:28:47.0931 0x07d0  ShellHWDetection - ok
18:28:47.0962 0x07d0  [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp          C:\Windows\system32\drivers\sisagp.sys
18:28:47.0962 0x07d0  sisagp - ok
18:28:47.0978 0x07d0  [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:28:47.0978 0x07d0  SiSRaid2 - ok
18:28:47.0993 0x07d0  [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
18:28:47.0993 0x07d0  SiSRaid4 - ok
18:28:48.0009 0x07d0  [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
18:28:48.0009 0x07d0  Smb - ok
18:28:48.0040 0x07d0  [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
18:28:48.0040 0x07d0  SNMPTRAP - ok
18:28:48.0056 0x07d0  [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr           C:\Windows\system32\drivers\spldr.sys
18:28:48.0056 0x07d0  spldr - ok
18:28:48.0071 0x07d0  [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler         C:\Windows\System32\spoolsv.exe
18:28:48.0087 0x07d0  Spooler - ok
18:28:48.0165 0x07d0  [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc          C:\Windows\system32\sppsvc.exe
18:28:48.0243 0x07d0  sppsvc - ok
18:28:48.0258 0x07d0  [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify     C:\Windows\system32\sppuinotify.dll
18:28:48.0258 0x07d0  sppuinotify - ok
18:28:48.0274 0x07d0  [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv             C:\Windows\system32\DRIVERS\srv.sys
18:28:48.0290 0x07d0  srv - ok
18:28:48.0305 0x07d0  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
18:28:48.0305 0x07d0  srv2 - ok
18:28:48.0336 0x07d0  [ E00FDFAFF025E94F9821153750C35A6D, 6ECDC5F314A29B859B0DCB7FF114CACE0718612556299B16412C21F9539DC9B5 ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL3.SYS
18:28:48.0336 0x07d0  SrvHsfHDA - ok
18:28:48.0368 0x07d0  [ CEB4E3B6890E1E42DCA6694D9E59E1A0, 00D841690A88F1051A238F67AACCE905E8A59C86070F215A8D31FA3E68C6BF35 ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV3.SYS
18:28:48.0383 0x07d0  SrvHsfV92 - ok
18:28:48.0414 0x07d0  [ BC0C7EA89194C299F051C24119000E17, F5FB21F7AD7370F3D5DF7C23F33118ECF19865B995AF12E9A8A8D893E7E6264F ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
18:28:48.0430 0x07d0  SrvHsfWinac - ok
18:28:48.0446 0x07d0  [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
18:28:48.0461 0x07d0  srvnet - ok
18:28:48.0477 0x07d0  [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
18:28:48.0492 0x07d0  SSDPSRV - ok
18:28:48.0524 0x07d0  [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
18:28:48.0524 0x07d0  SstpSvc - ok
18:28:48.0539 0x07d0  [ D8FC8D47FBFCB3852E40F5D5058ABC6A, C460EAC21443F73E5102E3891A06715E3E7DF82268E03786D53580F2C12CFF8E ] stdcfltn        C:\Windows\system32\DRIVERS\stdcfltn.sys
18:28:48.0539 0x07d0  stdcfltn - ok
18:28:48.0570 0x07d0  [ 17FC2EAD763F0237457817A753A5A676, CDA2EFE4AC5A7BE034FF1A5A6469CF7C4B295BF5E1D995C9A289AD9E8FBD3740 ] Stereo Service  C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
18:28:48.0570 0x07d0  Stereo Service - ok
18:28:48.0617 0x07d0  [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
18:28:48.0617 0x07d0  stexstor - ok
18:28:48.0633 0x07d0  [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc          C:\Windows\System32\wiaservc.dll
18:28:48.0648 0x07d0  StiSvc - ok
18:28:48.0664 0x07d0  [ 472AF0311073DCECEAA8FA18BA2BDF89, 089414057EB2047E42C96C1ACE79D509967461DC5A4D2836F63C04268637A3FC ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
18:28:48.0664 0x07d0  storflt - ok
18:28:48.0664 0x07d0  [ 0BF669F0A910BEDA4A32258D363AF2A5, 83EEBACDE4F69A2866B69CAA633F5C8B3CB01D88CEDB01B6EA5988E0A25CEE47 ] StorSvc         C:\Windows\system32\storsvc.dll
18:28:48.0664 0x07d0  StorSvc - ok
18:28:48.0711 0x07d0  [ DCAFFD62259E0BDB433DD67B5BB37619, CBD12FF9BBF33D18B0F3D322B12EC62E7DF3BF45C6AD43D2E91FF4C4762E05D0 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
18:28:48.0711 0x07d0  storvsc - ok
18:28:48.0758 0x07d0  [ D64D025FAB91BE8C0E34C23AEFCB3857, 2DC55A19924555CE4BA575FFAF8085172E8A17ED21C6697CB160E6CEC0D0F1DF ] ST_ACCEL        C:\Windows\system32\DRIVERS\ST_ACCEL.sys
18:28:48.0758 0x07d0  ST_ACCEL - ok
18:28:48.0758 0x07d0  [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum          C:\Windows\system32\drivers\swenum.sys
18:28:48.0758 0x07d0  swenum - ok
18:28:48.0773 0x07d0  [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv           C:\Windows\System32\swprv.dll
18:28:48.0773 0x07d0  swprv - ok
18:28:48.0820 0x07d0  [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain         C:\Windows\system32\sysmain.dll
18:28:48.0851 0x07d0  SysMain - ok
18:28:48.0867 0x07d0  [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
18:28:48.0882 0x07d0  TabletInputService - ok
18:28:48.0898 0x07d0  [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv         C:\Windows\System32\tapisrv.dll
18:28:48.0898 0x07d0  TapiSrv - ok
18:28:48.0914 0x07d0  [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS             C:\Windows\System32\tbssvc.dll
18:28:48.0914 0x07d0  TBS - ok
18:28:48.0960 0x07d0  [ CA59F7C570AF70BC174F477CFE2D9EE3, F09E4E14207A2AC6957D2C0AC8707D0E356A9087FA6DC703373242D8EEB026BD ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
18:28:48.0992 0x07d0  Tcpip - ok
18:28:49.0023 0x07d0  [ CA59F7C570AF70BC174F477CFE2D9EE3, F09E4E14207A2AC6957D2C0AC8707D0E356A9087FA6DC703373242D8EEB026BD ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
18:28:49.0038 0x07d0  TCPIP6 - ok
18:28:49.0054 0x07d0  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
18:28:49.0054 0x07d0  tcpipreg - ok
18:28:49.0085 0x07d0  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
18:28:49.0085 0x07d0  TDPIPE - ok
18:28:49.0101 0x07d0  [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
18:28:49.0101 0x07d0  TDTCP - ok
18:28:49.0132 0x07d0  [ B459575348C20E8121D6039DA063C704, 1B4328A9EA39FF5A57F258E02254D04B73455F1DF7C997C13702A8B2F12D0347 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
18:28:49.0132 0x07d0  tdx - ok
18:28:49.0148 0x07d0  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD          C:\Windows\system32\drivers\termdd.sys
18:28:49.0148 0x07d0  TermDD - ok
18:28:49.0179 0x07d0  [ 382C804C92811BE57829D8E550A900E2, 5F52C2E7902024CF1C9CC0069F411C3F19CCA3DB209F437FA0F3932D4898EB50 ] TermService     C:\Windows\System32\termsrv.dll
18:28:49.0194 0x07d0  TermService - ok
18:28:49.0210 0x07d0  [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes          C:\Windows\system32\themeservice.dll
18:28:49.0210 0x07d0  Themes - ok
18:28:49.0226 0x07d0  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER     C:\Windows\system32\mmcss.dll
18:28:49.0226 0x07d0  THREADORDER - ok
18:28:49.0241 0x07d0  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks          C:\Windows\System32\trkwks.dll
18:28:49.0241 0x07d0  TrkWks - ok
18:28:49.0288 0x07d0  [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:28:49.0288 0x07d0  TrustedInstaller - ok
18:28:49.0304 0x07d0  [ B37B08F2E5EEB1A37E448E09BACE1101, 32CC9E06B88BAB6FAB4696B744548DFCE9199A7FD2BA8B019F269CA75895852C ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
18:28:49.0304 0x07d0  tssecsrv - ok
18:28:49.0319 0x07d0  [ 9CE253214ACAA5A7D323327D2055EFAA, 15E7DB578EDF36DD2FD5BA960C3941B2353037323B6B96702CDCDC07588EA724 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
18:28:49.0335 0x07d0  TsUsbFlt - ok
18:28:49.0350 0x07d0  [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
18:28:49.0366 0x07d0  tunnel - ok
18:28:49.0382 0x07d0  [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
18:28:49.0382 0x07d0  uagp35 - ok
18:28:49.0397 0x07d0  [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
18:28:49.0397 0x07d0  udfs - ok
18:28:49.0428 0x07d0  [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect       C:\Windows\system32\UI0Detect.exe
18:28:49.0428 0x07d0  UI0Detect - ok
18:28:49.0444 0x07d0  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
18:28:49.0444 0x07d0  uliagpkx - ok
18:28:49.0475 0x07d0  [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus           C:\Windows\system32\drivers\umbus.sys
18:28:49.0475 0x07d0  umbus - ok
18:28:49.0491 0x07d0  [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
18:28:49.0491 0x07d0  UmPass - ok
18:28:49.0506 0x07d0  [ 409994A8EACEEE4E328749C0353527A0, FFC57B647147DE2957A7DE4B330CC534DE7AC892A2FCE3BB164F7A516CAB1B56 ] UmRdpService    C:\Windows\System32\umrdp.dll
18:28:49.0522 0x07d0  UmRdpService - ok
18:28:49.0538 0x07d0  [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost        C:\Windows\System32\upnphost.dll
18:28:49.0538 0x07d0  upnphost - ok
18:28:49.0569 0x07d0  [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
18:28:49.0569 0x07d0  usbccgp - ok
18:28:49.0600 0x07d0  [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir          C:\Windows\system32\drivers\usbcir.sys
18:28:49.0600 0x07d0  usbcir - ok
18:28:49.0616 0x07d0  [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
18:28:49.0616 0x07d0  usbehci - ok
18:28:49.0631 0x07d0  [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
18:28:49.0631 0x07d0  usbhub - ok
18:28:49.0647 0x07d0  [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
18:28:49.0647 0x07d0  usbohci - ok
18:28:49.0678 0x07d0  [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
18:28:49.0694 0x07d0  usbprint - ok
18:28:49.0709 0x07d0  [ FC6B21DB4B5B398AB93DBE59CBF11036, A94094C208F376405C07822A6143001EF1B12AE93205CD8002E87F6EB45F6374 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
18:28:49.0709 0x07d0  usbscan - ok
18:28:49.0725 0x07d0  [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:28:49.0725 0x07d0  USBSTOR - ok
18:28:49.0725 0x07d0  [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
18:28:49.0725 0x07d0  usbuhci - ok
18:28:49.0740 0x07d0  [ DE014425522610BEDCA3821BB8C0F1D5, D6FEA0DF07F89834AEEE8C02CC7FD41068D758B6CCECE2EEE5CF4B9DB646FA1E ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
18:28:49.0756 0x07d0  usbvideo - ok
18:28:49.0772 0x07d0  [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms           C:\Windows\System32\uxsms.dll
18:28:49.0772 0x07d0  UxSms - ok
18:28:49.0772 0x07d0  [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] VaultSvc        C:\Windows\system32\lsass.exe
18:28:49.0787 0x07d0  VaultSvc - ok
18:28:49.0787 0x07d0  [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
18:28:49.0803 0x07d0  vdrvroot - ok
18:28:49.0818 0x07d0  [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds             C:\Windows\System32\vds.exe
18:28:49.0834 0x07d0  vds - ok
18:28:49.0850 0x07d0  [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
18:28:49.0850 0x07d0  vga - ok
18:28:49.0850 0x07d0  [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave         C:\Windows\System32\drivers\vga.sys
18:28:49.0850 0x07d0  VgaSave - ok
18:28:49.0881 0x07d0  [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
18:28:49.0881 0x07d0  vhdmp - ok
18:28:49.0881 0x07d0  [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
18:28:49.0881 0x07d0  viaagp - ok
18:28:49.0896 0x07d0  [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys
18:28:49.0896 0x07d0  ViaC7 - ok
18:28:49.0928 0x07d0  [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide          C:\Windows\system32\drivers\viaide.sys
18:28:49.0928 0x07d0  viaide - ok
18:28:49.0943 0x07d0  [ C2F2911156FDC7817C52829C86DA494E, FE499F189B5016FCE0018AA3DE3970B72275B7B15F3D4D608117F6DDEC6B90DC ] vmbus           C:\Windows\system32\drivers\vmbus.sys
18:28:49.0943 0x07d0  vmbus - ok
18:28:49.0959 0x07d0  [ D4D77455211E204F370D08F4963063CE, 2018B2A84C73E0834200A594C02A9D28C74906F126DAD3CCDDFC9CD9A61669E2 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
18:28:49.0959 0x07d0  VMBusHID - ok
18:28:49.0959 0x07d0  [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
18:28:49.0959 0x07d0  volmgr - ok
18:28:49.0974 0x07d0  [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
18:28:49.0974 0x07d0  volmgrx - ok
18:28:50.0006 0x07d0  [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
18:28:50.0006 0x07d0  volsnap - ok
18:28:50.0052 0x07d0  [ 5EA22CB6B100212837A97F281EDB3C47, CEE872580971FF1BE4341B1BA633318FA50D269A8469BD4E7FBF35AF528E5A65 ] vpnagent        C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
18:28:50.0068 0x07d0  vpnagent - ok
18:28:50.0099 0x07d0  [ E1F2333A88EC4A5C8EA6BE357323B72D, E1B8D734E36620647BFF2C7EF8984B8460D0A55519ABA18E409C4A0BE6820C56 ] vpnva           C:\Windows\system32\DRIVERS\vpnva.sys
18:28:50.0099 0x07d0  vpnva - ok
18:28:50.0130 0x07d0  [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
18:28:50.0130 0x07d0  vsmraid - ok
18:28:50.0177 0x07d0  [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS             C:\Windows\system32\vssvc.exe
18:28:50.0193 0x07d0  VSS - ok
18:28:50.0208 0x07d0  [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
18:28:50.0208 0x07d0  vwifibus - ok
18:28:50.0208 0x07d0  [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
18:28:50.0208 0x07d0  vwififlt - ok
18:28:50.0208 0x07d0  [ A3F04CBEA6C2A10E6CB01F8B47611882, 32AFE18B07FECA30BC95831A5DC94C784E543784DF16165334A777DC84E91EF3 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
18:28:50.0208 0x07d0  vwifimp - ok
18:28:50.0255 0x07d0  [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time         C:\Windows\system32\w32time.dll
18:28:50.0255 0x07d0  W32Time - ok
18:28:50.0271 0x07d0  [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
18:28:50.0271 0x07d0  WacomPen - ok
18:28:50.0302 0x07d0  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
18:28:50.0302 0x07d0  WANARP - ok
18:28:50.0302 0x07d0  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
18:28:50.0302 0x07d0  Wanarpv6 - ok
18:28:50.0349 0x07d0  [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
18:28:50.0396 0x07d0  WatAdminSvc - ok
18:28:50.0427 0x07d0  [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine        C:\Windows\system32\wbengine.exe
18:28:50.0442 0x07d0  wbengine - ok
18:28:50.0458 0x07d0  [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
18:28:50.0458 0x07d0  WbioSrvc - ok
18:28:50.0474 0x07d0  [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc         C:\Windows\System32\wcncsvc.dll
18:28:50.0489 0x07d0  wcncsvc - ok
18:28:50.0489 0x07d0  [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:28:50.0489 0x07d0  WcsPlugInService - ok
18:28:50.0505 0x07d0  [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
18:28:50.0505 0x07d0  Wd - ok
18:28:50.0536 0x07d0  [ D6EFAF429FD30C5DF613D220E344CCE7, 807D4563E8AD4073688691078EB13AF240E14BA5E0C8506A48B3060A20B90082 ] WDC_SAM         C:\Windows\system32\DRIVERS\wdcsam.sys
18:28:50.0536 0x07d0  WDC_SAM - ok
18:28:50.0552 0x07d0  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
18:28:50.0567 0x07d0  Wdf01000 - ok
18:28:50.0583 0x07d0  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost  C:\Windows\system32\wdi.dll
18:28:50.0583 0x07d0  WdiServiceHost - ok
18:28:50.0583 0x07d0  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost   C:\Windows\system32\wdi.dll
18:28:50.0583 0x07d0  WdiSystemHost - ok
18:28:50.0614 0x07d0  [ A9D880F97530D5B8FEE278923349929D, 6A293E2DB9B7C434EA8B4CD4861E11905D46BD60E014AE27B74DC8C4B2DDF834 ] WebClient       C:\Windows\System32\webclnt.dll
18:28:50.0614 0x07d0  WebClient - ok
18:28:50.0614 0x07d0  [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc          C:\Windows\system32\wecsvc.dll
18:28:50.0630 0x07d0  Wecsvc - ok
18:28:50.0630 0x07d0  [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
18:28:50.0630 0x07d0  wercplsupport - ok
18:28:50.0645 0x07d0  [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc          C:\Windows\System32\WerSvc.dll
18:28:50.0645 0x07d0  WerSvc - ok
18:28:50.0661 0x07d0  [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
18:28:50.0661 0x07d0  WfpLwf - ok
18:28:50.0676 0x07d0  [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
18:28:50.0676 0x07d0  WIMMount - ok
18:28:50.0739 0x07d0  [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
18:28:50.0754 0x07d0  WinDefend - ok
18:28:50.0770 0x07d0  WinHttpAutoProxySvc - ok
18:28:50.0786 0x07d0  [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
18:28:50.0801 0x07d0  Winmgmt - ok
18:28:50.0832 0x07d0  [ 1B91CD34EA3A90AB6A4EF0550174F4CC, 5B6618615EBFBA594C945AD35F5C68DA8C6053892B6D12D626BB6120910D80DC ] WinRM           C:\Windows\system32\WsmSvc.dll
18:28:50.0864 0x07d0  WinRM - ok
18:28:50.0895 0x07d0  [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb          C:\Windows\system32\drivers\WinUSB.sys
18:28:50.0895 0x07d0  WinUsb - ok
18:28:50.0926 0x07d0  [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc         C:\Windows\System32\wlansvc.dll
18:28:50.0942 0x07d0  Wlansvc - ok
18:28:50.0988 0x07d0  [ 1265C9D5B2303AAC6DA2EA4C07D0BB1D, 2B44314F71F0C658E06B4DCEB401DD55D0B2D6A2CDE0E3EB3E92AD5A4D768D80 ] wltrysvc        C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
18:28:50.0988 0x07d0  wltrysvc - ok
18:28:51.0020 0x07d0  [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
18:28:51.0020 0x07d0  WmiAcpi - ok
18:28:51.0035 0x07d0  [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
18:28:51.0035 0x07d0  wmiApSrv - ok
18:28:51.0098 0x07d0  [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
18:28:51.0129 0x07d0  WMPNetworkSvc - ok
18:28:51.0144 0x07d0  [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
18:28:51.0144 0x07d0  WPCSvc - ok
18:28:51.0160 0x07d0  [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
18:28:51.0160 0x07d0  WPDBusEnum - ok
18:28:51.0191 0x07d0  [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
18:28:51.0191 0x07d0  ws2ifsl - ok
18:28:51.0207 0x07d0  [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc          C:\Windows\System32\wscsvc.dll
18:28:51.0207 0x07d0  wscsvc - ok
18:28:51.0207 0x07d0  WSearch - ok
18:28:51.0269 0x07d0  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll
18:28:51.0316 0x07d0  wuauserv - ok
18:28:51.0332 0x07d0  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
18:28:51.0332 0x07d0  WudfPf - ok
18:28:51.0363 0x07d0  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
18:28:51.0363 0x07d0  WUDFRd - ok
18:28:51.0394 0x07d0  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
18:28:51.0394 0x07d0  wudfsvc - ok
18:28:51.0394 0x07d0  [ 3C5E51C05BE9B56EAFF4E388C3AB25E4, 10D9FDEDAB1FB2E76D54661AFA5C1A6B1B0980525F38F5D061537077841C6AEE ] WwanSvc         C:\Windows\System32\wwansvc.dll
18:28:51.0410 0x07d0  WwanSvc - ok
18:28:51.0503 0x07d0  [ DD0042F0C3B606A6A8B92D49AFB18AD6, 8D3BE4C93D02AF5F42EC46AF598D6DA40C61D467CB2FEE5E222F9C1E7A84B852 ] YahooAUService  C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
18:28:51.0503 0x07d0  YahooAUService - ok
18:28:51.0550 0x07d0  ================ Scan global ===============================
18:28:51.0581 0x07d0  [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll
18:28:51.0597 0x07d0  [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
18:28:51.0612 0x07d0  [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
18:28:51.0628 0x07d0  [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
18:28:51.0659 0x07d0  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\Windows\system32\services.exe
18:28:51.0659 0x07d0  [ Global ] - ok
18:28:51.0659 0x07d0  ================ Scan MBR ==================================
18:28:51.0675 0x07d0  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:28:51.0846 0x07d0  \Device\Harddisk0\DR0 - ok
18:28:51.0846 0x07d0  ================ Scan VBR ==================================
18:28:51.0846 0x07d0  [ 888D1A8BC9505306AC028E43A591E70A ] \Device\Harddisk0\DR0\Partition1
18:28:51.0846 0x07d0  \Device\Harddisk0\DR0\Partition1 - ok
18:28:51.0846 0x07d0  [ D117CA7FE70C7A174A17E00021C8E1E4 ] \Device\Harddisk0\DR0\Partition2
18:28:51.0846 0x07d0  \Device\Harddisk0\DR0\Partition2 - ok
18:28:51.0846 0x07d0  Waiting for KSN requests completion. In queue: 395
18:28:52.0860 0x07d0  Waiting for KSN requests completion. In queue: 395
18:28:53.0874 0x07d0  Waiting for KSN requests completion. In queue: 395
18:28:54.0888 0x07d0  Waiting for KSN requests completion. In queue: 308
18:28:55.0934 0x07d0  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.4.304.0 ), 0x61010 ( enabled : outofdate )
18:28:55.0934 0x07d0  Win FW state via NFP2: disabled
18:28:58.0726 0x07d0  ============================================================
18:28:58.0726 0x07d0  Scan finished
18:28:58.0726 0x07d0  ============================================================
18:28:58.0742 0x2078  Detected object count: 0
18:28:58.0742 0x2078  Actual detected object count: 0
 

****End*****

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Professional x86
Ran by BM9984 on Wed 05/28/2014 at 18:33:59.32
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

Successfully stopped: [Service] backupstack
Successfully deleted: [Service] backupstack
Successfully stopped: [Service] cltmngsvc
Successfully deleted: [Service] cltmngsvc

 

~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs

 

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yt.ytnavassistplugin
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yt.ytnavassistplugin.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\searchprotect
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\mypc backup
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\searchprotect
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

 

~~~ Files

Successfully deleted: [File] "C:\end"

 

~~~ Folders

Successfully deleted: [Folder] "C:\Users\bm9984\Local Settings\Application Data\searchprotect"
Successfully deleted: [Folder] "C:\Users\bm9984\Local Settings\Application Data\visi_coupon"
Successfully deleted: [Folder] "C:\Program Files\file type helper"
Successfully deleted: [Folder] "C:\Program Files\mypc backup"
Successfully deleted: [Folder] "C:\Program Files\searchprotect"
Successfully deleted: [Folder] "C:\Users\bm9984\AppData\Roaming\microsoft\windows\start menu\programs\mypc backup"

 

~~~ Event Viewer Logs were cleared

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 05/28/2014 at 18:35:19.52
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Edited by EGuidoSoda, 28 May 2014 - 07:32 PM.


BC AdBot (Login to Remove)

 


#2 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:12:26 PM

Posted 28 May 2014 - 08:03 PM

Hello EGuidoSoda -

 

All logs were posted except Malwarebytes Anti-Malware. The ones you posted all now look clean -

 

If you have Malwarebytes Anti-Malware installed, just Update and Scan with it, if not, follow these directions .....

 

Malwarebytes Anti-Malware Free version 1.75.0.1300 has now been upgraded to Version 2.0.

Please follow Free version removal methods. (link is to Malwarebytes site) if required -

 

 

* Download Malwarebytes Anti-Malware Free and save it to your desktop
* Double click the desktop icon, click Run, then OK
* Click Next
* Select I accept the agreement then continue to click Next then finally click Install
** Uncheck Enable free trial of Malwarebytes Anti-Malware Premium if you do not want the free trial of the paid version, then click Finish
* If you are notified the Database is out of date click Update Now
* Click Scan Now >>
----------
** Note: If Malwarebytes will not launch please do the following to launch Malwarebytes Chameleon:
* Click Start (Start, Search, All files and folders for Windows XP) then type mbam
* Double click one of the four following files (if one does not work try the next one, and so on) - A black command window will open. Follow those instructions until the Malwarebytes program starts the scan

mbam-chameleon.scr
mbam-chameleon
mbam-chameleon.exe
mbam-chameleon.com
----------
** When completed click the down arrow on Export Log and select Text file (*.txt)
* Save the file to your desktop as MBAM
* Click Apply Actions then restart your computer if requested
* Copy and past the contents of MBAM.txt in your reply



#3 EGuidoSoda

EGuidoSoda
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:26 PM

Posted 28 May 2014 - 08:31 PM

 

 

Thanks Aussie Addict.  On inspection of the log and after reboot, it seems to have worked, though here is the requested log:

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 5/28/2014
Scan Time: 8:14:49 PM
Logfile: Malware Bytes Log.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.05.28.09
Rootkit Database: v2014.05.21.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: BM9984

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 360306
Time Elapsed: 8 min, 3 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 3
PUP.Optional.FreeFileConverter.A, C:\Program Files\Convert Files for Free\ConvertFilesforFreeUpdt.exe, 11548, , [eadf8accbac1a195d9bb04e6748f5aa6]
PUP.Optional.Highlightly, C:\Program Files\Highlightly\Service\hlsvc.exe, 5828, , [07c292c4265594a289a6bf1628dbb947]
PUP.Optional.InstallX, C:\Users\bm9984\AppData\Roaming\InstallX Search Protect for Yahoo\searchprotector.exe, 2500, , [e8e1acaac0bb2c0a184c712737cb7c84]

Modules: 3
PUP.Optional.FreeFileConverter.A, C:\Program Files\Convert Files for Free\ConvertFilesforFree.dll, , [a128df7790ebc274ff543f2d08f9b54b],
PUP.Optional.FreeFileConverter.A, C:\Program Files\Convert Files for Free\ConvertFilesforFree.dll, , [a128df7790ebc274ff543f2d08f9b54b],
PUP.Optional.FreeFileConverter.A, C:\Program Files\Convert Files for Free\ConvertFilesforFree.dll, , [a128df7790ebc274ff543f2d08f9b54b],

Registry Keys: 25
PUP.Optional.FreeFileConverter.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\ConvertFilesforFreeUpdt, , [eadf8accbac1a195d9bb04e6748f5aa6],
PUP.Optional.FreeFileConverter.A, HKLM\SOFTWARE\CLASSES\CLSID\{59A062A1-5ECA-4a1a-BC44-B2A9283A8ACB}, , [a128df7790ebc274ff543f2d08f9b54b],
PUP.Optional.FreeFileConverter.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{22B58425-A384-436c-A334-BB9255664D10}, , [a128df7790ebc274ff543f2d08f9b54b],
PUP.Optional.FreeFileConverter.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{951F4658-6461-46AD-AB13-F73E7FCBE6DB}, , [a128df7790ebc274ff543f2d08f9b54b],
PUP.Optional.FreeFileConverter.A, HKLM\SOFTWARE\CLASSES\ConvertFilesforFree.1, , [a128df7790ebc274ff543f2d08f9b54b],
PUP.Optional.FreeFileConverter.A, HKLM\SOFTWARE\CLASSES\ConvertFilesforFree, , [a128df7790ebc274ff543f2d08f9b54b],
PUP.Optional.FreeFileConverter.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{59A062A1-5ECA-4A1A-BC44-B2A9283A8ACB}, , [a128df7790ebc274ff543f2d08f9b54b],
PUP.Optional.FreeFileConverter.A, HKU\S-1-5-21-1995453514-828196172-2145397984-29155-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{59A062A1-5ECA-4A1A-BC44-B2A9283A8ACB}, , [a128df7790ebc274ff543f2d08f9b54b],
PUP.Optional.FreeFileConverter.A, HKU\S-1-5-21-1995453514-828196172-2145397984-29155-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{59A062A1-5ECA-4A1A-BC44-B2A9283A8ACB}, , [a128df7790ebc274ff543f2d08f9b54b],
PUP.Optional.FreeFileConverter.A, HKLM\SOFTWARE\CLASSES\CLSID\{59A062A1-5ECA-4A1A-BC44-B2A9283A8ACB}\INPROCSERVER32, , [a128df7790ebc274ff543f2d08f9b54b],
PUP.Optional.Highlightly, HKLM\SOFTWARE\CLASSES\CLSID\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE}, , [5079b0a63e3d3bfbac362e02b64c6898],
PUP.Optional.Highlightly, HKLM\SOFTWARE\CLASSES\TYPELIB\{EA3802D2-C00A-4478-9319-34075A31C28F}, , [5079b0a63e3d3bfbac362e02b64c6898],
PUP.Optional.Highlightly, HKLM\SOFTWARE\CLASSES\INTERFACE\{483F56D2-1D67-44A5-A4C5-67DBB724F7A0}, , [5079b0a63e3d3bfbac362e02b64c6898],
PUP.Optional.Highlightly, HKLM\SOFTWARE\CLASSES\CLSID\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE}\INPROCSERVER32, , [5079b0a63e3d3bfbac362e02b64c6898],
PUP.Optional.Highlightly, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE}, , [5079b0a63e3d3bfbac362e02b64c6898],
PUP.Optional.Highlightly, HKU\S-1-5-21-1995453514-828196172-2145397984-29155-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE}, , [5079b0a63e3d3bfbac362e02b64c6898],
PUP.Optional.Highlightly, HKU\S-1-5-21-1995453514-828196172-2145397984-29155-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE}, , [5079b0a63e3d3bfbac362e02b64c6898],
PUP.Optional.Highlightly, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE}, , [5079b0a63e3d3bfbac362e02b64c6898],
PUP.Optional.FreeFileConverter.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Convert Files for Free, , [a920173f304bba7cebef98033dc5be42],
PUP.Optional.Highlightly, HKLM\SOFTWARE\Highlightly, , [3198d87ee3986cca31fba035db28d22e],
PUP.Optional.Highlightly, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\HIGHLIGHTLY, , [0dbc451136450f27f9348154ed16aa56],
PUP.Optional.FreeFileConverter.A, HKLM\SOFTWARE\ZUPDATER\ConvertFilesforFreeUpdt.exe, , [6e5b0a4c611a35019646d3c8d42ed729],
PUP.Optional.Highlightly, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\HLNFD, , [e4e57bdb7b00a294c16db3227c8727d9],
PUP.Optional.Highlightly, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\HLSVC, , [07c292c4265594a289a6bf1628dbb947],
PUP.Optional.InstallX, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Yahoo! Companion, , [e8e1acaac0bb2c0a184c712737cb7c84],

Registry Values: 8
PUP.Optional.Highlightly, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\HIGHLIGHTLY|UninstallString, C:\Program Files\Highlightly\Uninstall.exe, , [0dbc451136450f27f9348154ed16aa56]
PUP.Optional.Highlightly, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\HLNFD|DisplayName, hlnfd, , [e4e57bdb7b00a294c16db3227c8727d9]
PUP.Optional.Highlightly, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\HLSVC|DisplayName, Highlightly Client Service, , [07c292c4265594a289a6bf1628dbb947]
Hijack.ControlPanelStyle, HKU\S-1-5-21-1788412029-1560579069-2301796709-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER|ForceClassicControlPanel, 1, , [f2d72c2a3447b086609458c142c11ee2]
Hijack.ControlPanelStyle, HKU\S-1-5-21-1788412029-1560579069-2301796709-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER|ForceClassicControlPanel, 1, , [5c6d104687f493a3589c54c5d231e61a]
Hijack.ControlPanelStyle, HKU\S-1-5-21-1788412029-1560579069-2301796709-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER|ForceClassicControlPanel, 1, , [616875e1631859ddba3a2cedeb18ba46]
Hijack.ControlPanelStyle, HKU\S-1-5-21-1995453514-828196172-2145397984-29155-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER|ForceClassicControlPanel, 1, , [2b9e4412cab15dd98a6a2feab94adc24]
PUP.Optional.InstallX, HKU\S-1-5-21-1995453514-828196172-2145397984-29155-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|InstallX Search Protect for Yahoo, "C:\Users\bm9984\AppData\Roaming\InstallX Search Protect for Yahoo\searchprotector.exe", , [e8e1acaac0bb2c0a184c712737cb7c84]

Registry Data: 4
Hijack.Homepage, HKU\S-1-5-21-1788412029-1560579069-2301796709-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, file:///C:/HomePage/intranetHomePage.html, Good: (http://www.Google.com/), Bad: (file:///C:/HomePage/intranetHomePage.html),,[5574d581bdbe89ada5f35501857fa45c]
Hijack.Homepage, HKU\S-1-5-21-1788412029-1560579069-2301796709-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, file:///C:/HomePage/intranetHomePage.html, Good: (http://www.Google.com/), Bad: (file:///C:/HomePage/intranetHomePage.html),,[00c9173f67145bdb22765204b3516b95]
Hijack.Homepage, HKU\S-1-5-21-1788412029-1560579069-2301796709-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, file:///C:/HomePage/intranetHomePage.html, Good: (http://www.Google.com/), Bad: (file:///C:/HomePage/intranetHomePage.html),,[ac1d81d52f4c3006deba4016d430bb45]
PUM.Hijack.HomePageControl, HKU\S-1-5-21-1995453514-828196172-2145397984-29155-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\POLICIES\MICROSOFT\INTERNET EXPLORER\CONTROL PANEL|HomePage, 1, Good: (0), Bad: (1),,[b811ff57483379bd2d79ce87758f6799]

Folders: 6
PUP.Optional.FreeFileConverter.A, C:\Program Files\Convert Files for Free, , [a920173f304bba7cebef98033dc5be42],
PUP.Optional.Highlightly.A, C:\Program Files\Highlightly, , [c60363f3710aa69041411a64778bd729],
PUP.Optional.Highlightly.A, C:\Program Files\Highlightly\3rd Party Licenses, , [c60363f3710aa69041411a64778bd729],
PUP.Optional.Highlightly.A, C:\Program Files\Highlightly\IE, , [c60363f3710aa69041411a64778bd729],
PUP.Optional.Highlightly.A, C:\Program Files\Highlightly\Service, , [c60363f3710aa69041411a64778bd729],
PUP.Optional.InstallX.A, C:\Users\bm9984\AppData\Roaming\InstallX Search Protect for Yahoo, , [9435c6904f2c33034248df9faf537888],

Files: 22
PUP.Optional.FreeFileConverter.A, C:\Program Files\Convert Files for Free\ConvertFilesforFreeUpdt.exe, , [eadf8accbac1a195d9bb04e6748f5aa6],
PUP.Optional.FreeFileConverter.A, C:\Program Files\Convert Files for Free\ConvertFilesforFree.dll, , [a128df7790ebc274ff543f2d08f9b54b],
PUP.Optional.Highlightly, C:\Program Files\Highlightly\IE\HighlightlyClientIE.dll, , [5079b0a63e3d3bfbac362e02b64c6898],
PUP.Optional.HighLightly.A, C:\Users\bm9984\AppData\Local\Temp\1398321858_highlightly_setup_1.9.0.3.exe, , [98311640f388142208d881ed5da412ee],
PUP.Optional.Conduit.A, C:\Users\bm9984\AppData\Local\Temp\1399625705_sp_downloader.exe, , [9e2bdd79fc7f6ccaec8457c6669bd62a],
PUP.Optional.AirAdInstaller, C:\Users\bm9984\AppData\Local\Temp\setup.exe, , [6762a2b4fb8066d010facc6e30d0cb35],
PUP.Optional.FastFreeConverter.A, C:\Users\bm9984\AppData\Local\Temp\airEB1D.exe, , [29a093c399e26cca5e787e92ea179967],
PUP.Optional.InstallIQ, C:\Users\bm9984\AppData\Local\Temp\airEC81.exe, , [23a6c98d017a9d9945f875b7a759df21],
PUP.Optional.FreeFileConverter.A, C:\Program Files\Convert Files for Free\install.ico, , [a920173f304bba7cebef98033dc5be42],
PUP.Optional.FreeFileConverter.A, C:\Program Files\Convert Files for Free\uninstall.exe, , [a920173f304bba7cebef98033dc5be42],
PUP.Optional.Highlightly, C:\Windows\System32\drivers\hlnfd.sys, , [e4e57bdb7b00a294c16db3227c8727d9],
PUP.Optional.Highlightly, C:\Program Files\Highlightly\Service\hlsvc.exe, , [07c292c4265594a289a6bf1628dbb947],
PUP.Optional.InstallX, C:\Users\bm9984\AppData\Roaming\InstallX Search Protect for Yahoo\searchprotector.exe, , [e8e1acaac0bb2c0a184c712737cb7c84],
PUP.Optional.Highlightly.A, C:\Program Files\Highlightly\terms-of-service.rtf, , [c60363f3710aa69041411a64778bd729],
PUP.Optional.Highlightly.A, C:\Program Files\Highlightly\Uninstall.exe, , [c60363f3710aa69041411a64778bd729],
PUP.Optional.Highlightly.A, C:\Program Files\Highlightly\3rd Party Licenses\buildcrx-license.txt, , [c60363f3710aa69041411a64778bd729],
PUP.Optional.Highlightly.A, C:\Program Files\Highlightly\3rd Party Licenses\Info-ZIP-license.txt, , [c60363f3710aa69041411a64778bd729],
PUP.Optional.Highlightly.A, C:\Program Files\Highlightly\3rd Party Licenses\nsJSON-license.txt, , [c60363f3710aa69041411a64778bd729],
PUP.Optional.Highlightly.A, C:\Program Files\Highlightly\3rd Party Licenses\UAC-license.txt, , [c60363f3710aa69041411a64778bd729],
PUP.Optional.InstallX.A, C:\Users\bm9984\AppData\Roaming\InstallX Search Protect for Yahoo\config.xml, , [9435c6904f2c33034248df9faf537888],
PUP.Optional.InstallX.A, C:\Users\bm9984\AppData\Roaming\InstallX Search Protect for Yahoo\searchprotector.zip, , [9435c6904f2c33034248df9faf537888],
PUP.Optional.InstallX.A, C:\Users\bm9984\AppData\Roaming\InstallX Search Protect for Yahoo\SearchProtectorMonitor.log, , [9435c6904f2c33034248df9faf537888],

Physical Sectors: 0
(No malicious items detected)

(end)

 


Edited by EGuidoSoda, 28 May 2014 - 08:41 PM.


#4 EGuidoSoda

EGuidoSoda
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:26 PM

Posted 28 May 2014 - 08:38 PM

Now, the ultimate question is this - how did I pick this up?  I can hear it now: porn, buddy.  Nope, this is my work computer...not that I'm above all that, but not on this rig!  ;) 

 

I was looking at ticket pricing and seating on Stubhub and all the suddden the pop-ups and redirects kicked in.  I might have accidentally clicked on a sponsored link, I don't recall, but that's definitely where it started... 

 

At any rate, thanks for the help.

 

-B



#5 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:12:26 PM

Posted 29 May 2014 - 04:57 AM

Registry Keys: 25
This shows that there was not just 1 problem, but a series of problems had built up.

 

What are ads / problems / redirects caused by Interyield.jmp9.com??
Interyield.jmp9.com does not take responsibility for the privacy policy of those websites that Interyield.jmp9.com may bring tracing cookies for tracing your personal information including important financial information.

 

A tracker placed in a site like StubHub is the easiest way to "infect" you.

 

This is not a Virus as such, but more of a tracking Malware or Adware program, and as such it needs a mix of malware removers and adware cleaners.

 

A bit of detail on StubHub is also included, as this is Not a safe site.

 

 

Since StubHub is a 3rd party site that only "on sells tickets", it is like any P2P / Torrent site, and as such any small infection can be planted on this site.

 

Where do these tickets come from ??

StubHub is a marketplace, which means we give people a safe, convenient place to buy and sell tickets. We don't buy or sell the tickets you purchase on our site.

 

Who are the sellers ??
Sellers may be individuals, businesses, ticket brokers, corporate sponsors, promoters, fan club members, contest winners, or just about anyone who wishes to see their tickets end up in the hands of another fan, including:
• Fans with season tickets who cannot attend every game
• Licensed ticket brokers
• Ticket holders who have changed their plans
• Ticket holders who are unable to attend an event
• Ticket holders with extra tickets to sellSellers may be individuals, businesses, ticket brokers, corporate sponsors, promoters, fan club members, contest winners, or just about anyone who wishes to see their tickets end up in the hands of another fan.

 

Why isn't my name printed on these tickets?
Keep in mind, since you're buying these tickets from someone else, his or her name may appear on the tickets.

 

 

Not always from the places that you would suspect as the obvious sites, but many uncontrolled sites have these "infections".

 

There may also be a dozen other places that you could pick this up from.

But you mentioned this one, so I followed it - - -



#6 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:12:26 PM

Posted 29 May 2014 - 05:41 AM

As a finisher -

Once you reset your home page, please run this temp file cleaner -

 

Please download Temp File Cleaner by Old Timer
* Close ALL running applications as TFC will terminate them before attempting to clean up the temporary files.
* Double-click on the TFC icon.
* Vista / Windows 7 & 8 users Right click on the icon and select Run as Administrator
* When the program opens, click on the Start button. 
* TFC will terminate the Explorer process and all running applications and then begin the process of cleaning out all of your temp folders.
* When done, press Exit and reboot your computer to finish the cleanup.

Do not include any logfile -

 

 

 

This final step will remove all cleaning tools used, it will reset restore points (so you won't get reinfected by accidentally using some older restore point) and will make some other minor adjustments...

 

This is also very crucial Clean-up step so make sure you don't skip it.

 

Download DelFix by Xplode to your desktop. Delfix will delete all the used tools and old logfiles.

Double-click Delfix.exe to start the tool.
Make sure the following items are checked:

  • Activate UAC (optional; some users prefer to keep it off)
  • Remove disinfection tools
  • Create registry backup
  • Purge System Restore
  • Reset system settings

Now click "Run" and wait patiently.
Once finished a logfile will be created. You don't have to attach it to your next reply.

 

 

Keep Malwarebytes Anti-Malware, Update it at least once every week and run a scan with it.

This will Not replace your Antivirus, but it should be used along side it, as an Antimalware tool.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users