Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with Rovnix, iexplorer running without IE browser open


  • This topic is locked This topic is locked
9 replies to this topic

#1 moron mike

moron mike

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:02 AM

Posted 05 June 2014 - 01:48 PM

If any network adapters are connected to the internet, "rogue" iexplore.exe files will start hogging resources. I can "end task", and they just come right back.

 

I ran MSE, and it detected rovnix, Zbot.AJB, Zemot, Kuluoz, Sirefef. It isn't able to remove rovnix.

 

Ran DDS, but only the attach.txt file was created. I can't get it to create a dds.txt file.



BC AdBot (Login to Remove)

 


m

#2 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:02 AM

Posted 05 June 2014 - 02:38 PM

Hi there,

can you please post up the log of MSE that shows what exactly was found.
And also run these scans:


Step 1

Please download TDSSKiller and save it to your Desktop.
  • Start tdsskiller.exe with administrator privileges.
  • Accept the EULA and the KSN Statement.
  • Click on Change parameters.
  • Make sure that all available options (except "Loaded modules") are checked and click OK.
  • Click on Start scan.
  • If any threats are found don't delete them but choose the Skip option for all of them.
  • Click on Report to open the log file. (It is also saved at C:\TDSSKiller.<version_date_time>_log.txt).
    Copy and paste its contents in your next reply.


Step 2

Please download Farbar Recovery Scan Tool and save it to your Desktop.
(If you are not sure which version (32-/64-bit) applies to your system, download and try to start both of them as just the right one will run.)
  • Start FRST with administator privileges.
  • Make sure the option Addition.txt is checked and press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
  • Please copy and paste these logs in your next reply.


#3 moron mike

moron mike
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:02 AM

Posted 05 June 2014 - 03:43 PM

Not sure how to get a .txt log from MSE, so I just took a couple screen shots.

mse3.jpg

 

mse2.jpg

 

 



#4 moron mike

moron mike
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:02 AM

Posted 05 June 2014 - 03:46 PM

15:49:49.0909 0x0e5c  TDSS rootkit removing tool 3.0.0.38 Jun  3 2014 17:04:25
15:49:58.0583 0x0e5c  ============================================================
15:49:58.0583 0x0e5c  Current date / time: 2014/06/05 15:49:58.0583
15:49:58.0583 0x0e5c  SystemInfo:
15:49:58.0583 0x0e5c 
15:49:58.0583 0x0e5c  OS Version: 6.1.7601 ServicePack: 1.0
15:49:58.0583 0x0e5c  Product type: Workstation
15:49:58.0583 0x0e5c  ComputerName: DELEON-PC
15:49:58.0583 0x0e5c  UserName: Michael DeLeon
15:49:58.0583 0x0e5c  Windows directory: C:\Windows
15:49:58.0583 0x0e5c  System windows directory: C:\Windows
15:49:58.0583 0x0e5c  Processor architecture: Intel x86
15:49:58.0583 0x0e5c  Number of processors: 2
15:49:58.0583 0x0e5c  Page size: 0x1000
15:49:58.0583 0x0e5c  Boot type: Normal boot
15:49:58.0583 0x0e5c  ============================================================
15:50:04.0823 0x0e5c  KLMD registered as C:\Windows\system32\drivers\87836518.sys
15:50:05.0150 0x0e5c  System UUID: {2A2C9F8C-C196-8387-E118-C01A062FEC2C}
15:50:06.0164 0x0e5c  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:50:06.0242 0x0e5c  Drive \Device\Harddisk1\DR1 - Size: 0x1D7000000 ( 7.36 Gb ), SectorSize: 0x200, Cylinders: 0x3C0, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:50:06.0242 0x0e5c  ============================================================
15:50:06.0242 0x0e5c  \Device\Harddisk0\DR0:
15:50:06.0242 0x0e5c  MBR partitions:
15:50:06.0242 0x0e5c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1A00800, BlocksNum 0x32000
15:50:06.0242 0x0e5c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1A32800, BlocksNum 0x1B792800
15:50:06.0242 0x0e5c  \Device\Harddisk1\DR1:
15:50:06.0258 0x0e5c  MBR partitions:
15:50:06.0258 0x0e5c  ============================================================
15:50:06.0289 0x0e5c  C: <-> \Device\Harddisk0\DR0\Partition2
15:50:06.0289 0x0e5c  ============================================================
15:50:06.0289 0x0e5c  Initialize success
15:50:06.0289 0x0e5c  ============================================================
15:50:31.0670 0x0814  ============================================================
15:50:31.0670 0x0814  Scan started
15:50:31.0670 0x0814  Mode: Manual; SigCheck; TDLFS;
15:50:31.0670 0x0814  ============================================================
15:50:31.0670 0x0814  KSN ping started
15:50:31.0701 0x0814  KSN ping finished: false
15:50:32.0076 0x0814  ================ Scan system memory ========================
15:50:32.0076 0x0814  System memory - ok
15:50:32.0076 0x0814  ================ Scan services =============================
15:50:32.0809 0x0814  [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
15:50:32.0934 0x0814  1394ohci - ok
15:50:33.0012 0x0814  [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI            C:\Windows\system32\drivers\ACPI.sys
15:50:33.0043 0x0814  ACPI - ok
15:50:33.0105 0x0814  [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
15:50:33.0183 0x0814  AcpiPmi - ok
15:50:33.0339 0x0814  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
15:50:33.0386 0x0814  AdobeARMservice - ok
15:50:33.0511 0x0814  [ 09E7C37DF4A911C8A9AA8BF88ACD10AA, E881E0BBDCED58F28E0BA8DC27372EDFFFF2C57EE31CD13A032FDC9F7C831B5A ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
15:50:33.0558 0x0814  AdobeFlashPlayerUpdateSvc - ok
15:50:33.0651 0x0814  [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
15:50:33.0698 0x0814  adp94xx - ok
15:50:33.0729 0x0814  [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
15:50:33.0761 0x0814  adpahci - ok
15:50:33.0792 0x0814  [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
15:50:33.0823 0x0814  adpu320 - ok
15:50:33.0870 0x0814  [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
15:50:33.0932 0x0814  AeLookupSvc - ok
15:50:34.0026 0x0814  [ F81BB7E487EDCEAB630A7EE66CF23913, 7D1638FD7E388EF670FA0A421762E0413351058A20DDF0F9988A383F05395A68 ] AFD             C:\Windows\system32\drivers\afd.sys
15:50:34.0104 0x0814  AFD - ok
15:50:34.0135 0x0814  [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\Windows\system32\drivers\agp440.sys
15:50:34.0166 0x0814  agp440 - ok
15:50:34.0197 0x0814  [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys
15:50:34.0213 0x0814  aic78xx - ok
15:50:34.0260 0x0814  [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG             C:\Windows\System32\alg.exe
15:50:34.0322 0x0814  ALG - ok
15:50:34.0400 0x0814  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide          C:\Windows\system32\drivers\aliide.sys
15:50:34.0431 0x0814  aliide - ok
15:50:34.0494 0x0814  [ B8015284389D81F09B7719223C23AFFF, BC0E0B97892302306960E7ECBBCCDC4755670D44C56A5B270A73D806B312CD2A ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
15:50:34.0556 0x0814  AMD External Events Utility - ok
15:50:34.0619 0x0814  [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
15:50:34.0650 0x0814  amdagp - ok
15:50:34.0697 0x0814  [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide          C:\Windows\system32\drivers\amdide.sys
15:50:34.0728 0x0814  amdide - ok
15:50:34.0759 0x0814  [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
15:50:34.0821 0x0814  AmdK8 - ok
15:50:35.0149 0x0814  [ BA9436ED787DA38B2262A8A05AC085B6, 8C87EFF59E9825F6EEBEFDEEAFA38ED4E350BD9074F63672106A7112B8188373 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
15:50:35.0523 0x0814  amdkmdag - ok
15:50:35.0586 0x0814  [ 61B3986E8DB00087094D3FEE6C0DA298, EF4E51EE06776D788A89B6F76DCE62D2F69D71D60FBC0CCC5F0952E9F09EC9EC ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
15:50:35.0633 0x0814  amdkmdap - ok
15:50:35.0695 0x0814  [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
15:50:35.0726 0x0814  AmdPPM - ok
15:50:35.0773 0x0814  [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
15:50:35.0804 0x0814  amdsata - ok
15:50:35.0851 0x0814  [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
15:50:35.0867 0x0814  amdsbs - ok
15:50:35.0882 0x0814  [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
15:50:35.0898 0x0814  amdxata - ok
15:50:35.0945 0x0814  [ AEA177F783E20150ACE5383EE368DA19, 8FA9EE27AA1F22E8B8FE33A21028CA1E0062BAA95CB132C20D55B98C03B4254F ] AppID           C:\Windows\system32\drivers\appid.sys
15:50:36.0038 0x0814  AppID - ok
15:50:36.0085 0x0814  [ 62A9C86CB6085E20DB4823E4E97826F5, E0F840B49710022C4FB437002AD06F64B0F6B5D628B32D00F2B66765E6B97E4B ] AppIDSvc        C:\Windows\System32\appidsvc.dll
15:50:36.0132 0x0814  AppIDSvc - ok
15:50:36.0210 0x0814  [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo         C:\Windows\System32\appinfo.dll
15:50:36.0257 0x0814  Appinfo - ok
15:50:36.0444 0x0814  [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:50:36.0475 0x0814  Apple Mobile Device - ok
15:50:36.0522 0x0814  [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt         C:\Windows\System32\appmgmts.dll
15:50:36.0569 0x0814  AppMgmt - ok
15:50:36.0615 0x0814  [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc             C:\Windows\system32\DRIVERS\arc.sys
15:50:36.0631 0x0814  arc - ok
15:50:36.0647 0x0814  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
15:50:36.0662 0x0814  arcsas - ok
15:50:36.0787 0x0814  [ 9D768C43FEF254DD50B1DBF8AD5C4C0B, A50854EA5C08605133B8BB4DFDC6090357C5665314AA72E0BFA1E07D4E451F09 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
15:50:36.0818 0x0814  aspnet_state - ok
15:50:36.0849 0x0814  [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
15:50:36.0881 0x0814  AsyncMac - ok
15:50:36.0943 0x0814  [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi           C:\Windows\system32\drivers\atapi.sys
15:50:36.0974 0x0814  atapi - ok
15:50:37.0083 0x0814  [ A0E63FD329ECB4B59908FB229E8A2C0D, 00772664667741ABF43CF46A61B354EC3BC1F1DD9DE3508D4F20E22515C986C4 ] athr            C:\Windows\system32\DRIVERS\athr.sys
15:50:37.0161 0x0814  athr - ok
15:50:37.0224 0x0814  [ C8B17AC82AD2EE9E0E58E3461008C5F7, A5870143F19317B50EF634DB05218E09B8B8087E14F2FC74F1E247E3ED827AA6 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW73.sys
15:50:37.0302 0x0814  AtiHDAudioService - ok
15:50:37.0333 0x0814  [ 4FFE74E33BD9170950116F0CA46EAC89, B69F2DDC63E608E4D53FDB37B720E8C1B4837DDCBA7552B938819B2DA3F701E5 ] AtiPcie         C:\Windows\system32\DRIVERS\AtiPcie.sys
15:50:37.0349 0x0814  AtiPcie - ok
15:50:37.0395 0x0814  [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:50:37.0505 0x0814  AudioEndpointBuilder - ok
15:50:37.0551 0x0814  [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] Audiosrv        C:\Windows\System32\Audiosrv.dll
15:50:37.0598 0x0814  Audiosrv - ok
15:50:37.0629 0x0814  [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV        C:\Windows\System32\AxInstSV.dll
15:50:37.0692 0x0814  AxInstSV - ok
15:50:37.0770 0x0814  [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
15:50:37.0848 0x0814  b06bdrv - ok
15:50:37.0910 0x0814  [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
15:50:37.0957 0x0814  b57nd60x - ok
15:50:38.0004 0x0814  [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC          C:\Windows\System32\bdesvc.dll
15:50:38.0051 0x0814  BDESVC - ok
15:50:38.0082 0x0814  [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep            C:\Windows\system32\drivers\Beep.sys
15:50:38.0175 0x0814  Beep - ok
15:50:38.0253 0x0814  [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE             C:\Windows\System32\bfe.dll
15:50:38.0378 0x0814  BFE - ok
15:50:38.0456 0x0814  [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS            C:\Windows\System32\qmgr.dll
15:50:38.0519 0x0814  BITS - ok
15:50:38.0565 0x0814  [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
15:50:38.0628 0x0814  blbdrive - ok
15:50:38.0721 0x0814  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:50:38.0768 0x0814  Bonjour Service - ok
15:50:38.0815 0x0814  [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:50:38.0862 0x0814  bowser - ok
15:50:38.0893 0x0814  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:50:38.0924 0x0814  BrFiltLo - ok
15:50:38.0971 0x0814  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:50:39.0033 0x0814  BrFiltUp - ok
15:50:39.0096 0x0814  [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser         C:\Windows\System32\browser.dll
15:50:39.0158 0x0814  Browser - ok
15:50:39.0205 0x0814  [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
15:50:39.0299 0x0814  Brserid - ok
15:50:39.0330 0x0814  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
15:50:39.0392 0x0814  BrSerWdm - ok
15:50:39.0408 0x0814  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
15:50:39.0439 0x0814  BrUsbMdm - ok
15:50:39.0455 0x0814  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
15:50:39.0517 0x0814  BrUsbSer - ok
15:50:39.0548 0x0814  [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
15:50:39.0611 0x0814  BTHMODEM - ok
15:50:39.0673 0x0814  [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv         C:\Windows\system32\bthserv.dll
15:50:39.0751 0x0814  bthserv - ok
15:50:39.0798 0x0814  [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:50:39.0907 0x0814  cdfs - ok
15:50:39.0969 0x0814  [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom           C:\Windows\system32\drivers\cdrom.sys
15:50:40.0032 0x0814  cdrom - ok
15:50:40.0079 0x0814  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc     C:\Windows\System32\certprop.dll
15:50:40.0141 0x0814  CertPropSvc - ok
15:50:40.0172 0x0814  [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
15:50:40.0219 0x0814  circlass - ok
15:50:40.0266 0x0814  [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS            C:\Windows\system32\CLFS.sys
15:50:40.0297 0x0814  CLFS - ok
15:50:40.0375 0x0814  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:50:40.0406 0x0814  clr_optimization_v2.0.50727_32 - ok
15:50:40.0469 0x0814  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:50:40.0515 0x0814  clr_optimization_v4.0.30319_32 - ok
15:50:40.0547 0x0814  [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
15:50:40.0578 0x0814  CmBatt - ok
15:50:40.0625 0x0814  [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
15:50:40.0656 0x0814  cmdide - ok
15:50:40.0703 0x0814  [ 85449EEBE8F8EBD6481EFBF0F352B4EB, E6FF04970C5A5BFDE7297A86C1C7B9BFE2E0F976A1A1AFB874CEB488DC6151CC ] CNG             C:\Windows\system32\Drivers\cng.sys
15:50:40.0749 0x0814  CNG - ok
15:50:40.0796 0x0814  [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
15:50:40.0859 0x0814  Compbatt - ok
15:50:40.0905 0x0814  [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
15:50:40.0968 0x0814  CompositeBus - ok
15:50:40.0983 0x0814  COMSysApp - ok
15:50:40.0999 0x0814  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
15:50:41.0030 0x0814  crcdisk - ok
15:50:41.0093 0x0814  [ 7CA1BECEA5DE2643ADDAD32670E7A4C9, E3AB4CC52A97E3855D7EAB87363F807FDD2162ED8C76A036CD71549ED64E7797 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:50:41.0155 0x0814  CryptSvc - ok
15:50:41.0217 0x0814  [ 3C2177A897B4CA2788C6FB0C3FD81D4B, 98575CBD0664586E6211D02E71BDD52CBAA149A1658573550E29E74E5F7B1553 ] CSC             C:\Windows\system32\drivers\csc.sys
15:50:41.0327 0x0814  CSC - ok
15:50:41.0405 0x0814  [ 15F93B37F6801943360D9EB42485D5D3, DD6838C6496CB15F8BB57A6596F6A64ADD9C36B09F062295699131232712B558 ] CscService      C:\Windows\System32\cscsvc.dll
15:50:41.0467 0x0814  CscService - ok
15:50:41.0514 0x0814  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:50:41.0592 0x0814  DcomLaunch - ok
15:50:41.0654 0x0814  [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc       C:\Windows\System32\defragsvc.dll
15:50:41.0763 0x0814  defragsvc - ok
15:50:41.0810 0x0814  [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
15:50:41.0841 0x0814  DfsC - ok
15:50:41.0904 0x0814  [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
15:50:41.0982 0x0814  Dhcp - ok
15:50:42.0013 0x0814  [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache        C:\Windows\system32\drivers\discache.sys
15:50:42.0075 0x0814  discache - ok
15:50:42.0107 0x0814  [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
15:50:42.0138 0x0814  Disk - ok
15:50:42.0169 0x0814  [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:50:42.0216 0x0814  Dnscache - ok
15:50:42.0294 0x0814  [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc         C:\Windows\System32\dot3svc.dll
15:50:42.0372 0x0814  dot3svc - ok
15:50:42.0434 0x0814  [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS             C:\Windows\system32\dps.dll
15:50:42.0543 0x0814  DPS - ok
15:50:42.0606 0x0814  [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
15:50:42.0653 0x0814  drmkaud - ok
15:50:42.0746 0x0814  [ 9CF46FDF163E06B83D03FF929EF2296C, 40BB0226361DEC2E6CBFE79CA092083986BD3D94564ED5F3E54CA2EE9A756837 ] DsiWMIService   C:\Program Files\Launch Manager\dsiwmis.exe
15:50:42.0793 0x0814  DsiWMIService - ok
15:50:42.0887 0x0814  [ 71BC35067CABC02C9453AEAA42B2E43E, 713B19F2C08EA5E4C087F7A74A8856932CF33E19D63384823DD4E02ED8798619 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
15:50:42.0980 0x0814  DXGKrnl - ok
15:50:43.0011 0x0814  [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost         C:\Windows\System32\eapsvc.dll
15:50:43.0105 0x0814  EapHost - ok
15:50:43.0308 0x0814  [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
15:50:43.0511 0x0814  ebdrv - ok
15:50:43.0589 0x0814  edqqovsz - ok
15:50:43.0635 0x0814  [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] EFS             C:\Windows\System32\lsass.exe
15:50:43.0682 0x0814  EFS - ok
15:50:43.0807 0x0814  [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
15:50:43.0947 0x0814  ehRecvr - ok
15:50:43.0979 0x0814  [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched         C:\Windows\ehome\ehsched.exe
15:50:44.0041 0x0814  ehSched - ok
15:50:44.0135 0x0814  [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
15:50:44.0197 0x0814  elxstor - ok
15:50:44.0337 0x0814  [ 2609A5B13DE9B2EEB38F3A83A406D079, 013C5E179EEB62364A80D1C1EBDA791EE3C59B4C8E78CD6EC9C174512001A48F ] ePowerSvc       C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
15:50:44.0400 0x0814  ePowerSvc - ok
15:50:44.0431 0x0814  [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
15:50:44.0462 0x0814  ErrDev - ok
15:50:44.0540 0x0814  [ 7C87DF14552A5E0270DBD906BAFF85FB, C347234DD892E1A769DDB427BEE1A8C47A770BEF70BF7703F20C66F64627890B ] ETD             C:\Windows\system32\DRIVERS\ETD.sys
15:50:44.0649 0x0814  ETD - ok
15:50:44.0696 0x0814  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem     C:\Windows\system32\es.dll
15:50:44.0805 0x0814  EventSystem - ok
15:50:44.0852 0x0814  [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat           C:\Windows\system32\drivers\exfat.sys
15:50:44.0946 0x0814  exfat - ok
15:50:44.0993 0x0814  [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
15:50:45.0102 0x0814  fastfat - ok
15:50:45.0180 0x0814  [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax             C:\Windows\system32\fxssvc.exe
15:50:45.0258 0x0814  Fax - ok
15:50:45.0320 0x0814  [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
15:50:45.0351 0x0814  fdc - ok
15:50:45.0383 0x0814  [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost         C:\Windows\system32\fdPHost.dll
15:50:45.0461 0x0814  fdPHost - ok
15:50:45.0492 0x0814  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub        C:\Windows\system32\fdrespub.dll
15:50:45.0539 0x0814  FDResPub - ok
15:50:45.0570 0x0814  [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:50:45.0601 0x0814  FileInfo - ok
15:50:45.0648 0x0814  [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
15:50:45.0695 0x0814  Filetrace - ok
15:50:45.0710 0x0814  [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
15:50:45.0773 0x0814  flpydisk - ok
15:50:45.0804 0x0814  [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:50:45.0851 0x0814  FltMgr - ok
15:50:46.0007 0x0814  [ E12C4928B32ACE04610259647F072635, B71B9C2DF45F33C4DAC88435129B08B0BCDBBE82E8C3AD0A95F00137CC8B619F ] FontCache       C:\Windows\system32\FntCache.dll
15:50:46.0131 0x0814  FontCache - ok
15:50:46.0225 0x0814  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
15:50:46.0256 0x0814  FontCache3.0.0.0 - ok
15:50:46.0272 0x0814  [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
15:50:46.0287 0x0814  FsDepends - ok
15:50:46.0319 0x0814  [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:50:46.0350 0x0814  Fs_Rec - ok
15:50:46.0412 0x0814  [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
15:50:46.0459 0x0814  fvevol - ok
15:50:46.0506 0x0814  [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
15:50:46.0537 0x0814  gagp30kx - ok
15:50:46.0615 0x0814  [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:50:46.0646 0x0814  GEARAspiWDM - ok
15:50:46.0693 0x0814  [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc           C:\Windows\System32\gpsvc.dll
15:50:46.0802 0x0814  gpsvc - ok
15:50:46.0880 0x0814  [ 0191DEE9B9EB7902AF2CF4F67301095D, 9E2E263E84167E1AD3FFCEA84066AF07CD6A653F5D8266A619E4973BC4B25460 ] GREGService     C:\Program Files\Acer\Registration\GREGsvc.exe
15:50:46.0911 0x0814  GREGService - ok
15:50:46.0989 0x0814  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
15:50:47.0036 0x0814  gupdate - ok
15:50:47.0067 0x0814  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
15:50:47.0099 0x0814  gupdatem - ok
15:50:47.0177 0x0814  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
15:50:47.0223 0x0814  gusvc - ok
15:50:47.0270 0x0814  [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
15:50:47.0317 0x0814  hcw85cir - ok
15:50:47.0395 0x0814  [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:50:47.0489 0x0814  HdAudAddService - ok
15:50:47.0520 0x0814  [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
15:50:47.0582 0x0814  HDAudBus - ok
15:50:47.0629 0x0814  [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
15:50:47.0660 0x0814  HidBatt - ok
15:50:47.0676 0x0814  [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
15:50:47.0707 0x0814  HidBth - ok
15:50:47.0738 0x0814  [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
15:50:47.0769 0x0814  HidIr - ok
15:50:47.0816 0x0814  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv         C:\Windows\system32\hidserv.dll
15:50:47.0863 0x0814  hidserv - ok
15:50:47.0910 0x0814  [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
15:50:47.0957 0x0814  HidUsb - ok
15:50:47.0988 0x0814  [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc          C:\Windows\system32\kmsvc.dll
15:50:48.0035 0x0814  hkmsvc - ok
15:50:48.0066 0x0814  [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:50:48.0097 0x0814  HomeGroupListener - ok
15:50:48.0128 0x0814  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:50:48.0175 0x0814  HomeGroupProvider - ok
15:50:48.0237 0x0814  [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
15:50:48.0284 0x0814  HpSAMD - ok
15:50:48.0362 0x0814  [ 871917B07A141BFF43D76D8844D48106, 30C702008D0EE57D63F74864967DD19A55A268E77E42B5B3CC73037AD51D2987 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:50:48.0409 0x0814  HTTP - ok
15:50:48.0456 0x0814  [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
15:50:48.0471 0x0814  hwpolicy - ok
15:50:48.0534 0x0814  [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
15:50:48.0581 0x0814  i8042prt - ok
15:50:48.0612 0x0814  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
15:50:48.0659 0x0814  iaStorV - ok
15:50:48.0783 0x0814  [ C521D7EB6497BB1AF6AFA89E322FB43C, BDDCFCBB5B76A9295669B5AC9F732D6127199ED5C300770B554C4E4794F66BB7 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:50:48.0861 0x0814  idsvc - ok
15:50:48.0877 0x0814  IEEtwCollectorService - ok
15:50:48.0924 0x0814  iihaspgb - ok
15:50:48.0971 0x0814  [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
15:50:49.0002 0x0814  iirsp - ok
15:50:49.0111 0x0814  [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT          C:\Windows\System32\ikeext.dll
15:50:49.0220 0x0814  IKEEXT - ok
15:50:49.0485 0x0814  [ D887BB07C8DEE2F1CEB50F12FA96EC17, 4B4642CC474A00B018A91B89CEC6327A37188792477DE5DB718C63EC44ABB4DB ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
15:50:49.0704 0x0814  IntcAzAudAddService - ok
15:50:49.0751 0x0814  [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide        C:\Windows\system32\drivers\intelide.sys
15:50:49.0782 0x0814  intelide - ok
15:50:49.0813 0x0814  [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
15:50:49.0875 0x0814  intelppm - ok
15:50:49.0938 0x0814  [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
15:50:50.0016 0x0814  IPBusEnum - ok
15:50:50.0047 0x0814  [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:50:50.0141 0x0814  IpFilterDriver - ok
15:50:50.0203 0x0814  [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
15:50:50.0281 0x0814  iphlpsvc - ok
15:50:50.0312 0x0814  [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
15:50:50.0375 0x0814  IPMIDRV - ok
15:50:50.0421 0x0814  [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
15:50:50.0515 0x0814  IPNAT - ok
15:50:50.0624 0x0814  [ 066F2BBE2EEC9A42B065B552BF356B4E, AE86DB5BFD4748C54C0C224E7FBEA3C032F1071A39303DF35AA04869D3950B7A ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
15:50:50.0655 0x0814  iPod Service - ok
15:50:50.0687 0x0814  [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:50:50.0718 0x0814  IRENUM - ok
15:50:50.0749 0x0814  [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
15:50:50.0765 0x0814  isapnp - ok
15:50:50.0843 0x0814  [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
15:50:50.0874 0x0814  iScsiPrt - ok
15:50:50.0905 0x0814  [ F415A88162D23977B5EDAE4F0410E903, B86FD88B4285ED96BFDB9430E4DB134AC1B09DBB541929C4D6C1EEAF792D444D ] IviRegMgr       C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
15:50:50.0921 0x0814  IviRegMgr - ok
15:50:50.0967 0x0814  iwkjfoqy - ok
15:50:51.0030 0x0814  [ 1F55A632DE2EBBD675529B57D5D3714B, 3D9F0428231FE0CCFB2429100D2C7CFBB8E9C7FAC3435BA0FD53228D5AD8A97F ] k57nd60x        C:\Windows\system32\DRIVERS\k57nd60x.sys
15:50:51.0092 0x0814  k57nd60x - ok
15:50:51.0123 0x0814  [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
15:50:51.0139 0x0814  kbdclass - ok
15:50:51.0170 0x0814  [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
15:50:51.0217 0x0814  kbdhid - ok
15:50:51.0248 0x0814  [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] KeyIso          C:\Windows\system32\lsass.exe
15:50:51.0279 0x0814  KeyIso - ok
15:50:51.0311 0x0814  [ 4120DA10AA42A9996F4575DB9E3E6E6E, 1C6E790772EA327ACB885D731A030408160534997DD56FEE4D6CEE6929873BB8 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:50:51.0342 0x0814  KSecDD - ok
15:50:51.0357 0x0814  [ D3964885F0A11ACF51DA3AAA776973B2, 417ED5A3201FC50FBC0D646F8F2114A1E8A91E7919A62508DCBC156C0BFB2FBA ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
15:50:51.0373 0x0814  KSecPkg - ok
15:50:51.0420 0x0814  [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm           C:\Windows\system32\msdtckrm.dll
15:50:51.0482 0x0814  KtmRm - ok
15:50:51.0529 0x0814  [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer    C:\Windows\system32\srvsvc.dll
15:50:51.0638 0x0814  LanmanServer - ok
15:50:51.0685 0x0814  [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:50:51.0716 0x0814  LanmanWorkstation - ok
15:50:51.0779 0x0814  [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
15:50:51.0810 0x0814  lltdio - ok
15:50:51.0841 0x0814  [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
15:50:51.0935 0x0814  lltdsvc - ok
15:50:51.0966 0x0814  [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts         C:\Windows\System32\lmhsvc.dll
15:50:52.0013 0x0814  lmhosts - ok
15:50:52.0059 0x0814  LMIInfo - ok
15:50:52.0091 0x0814  [ 4477689E2D8AE6B78BA34C9AF4CC1ED1, 0BC8AF546901E6C20611C5250BD65ACD0C4A8613BD8F8835F0D4680B5777F051 ] lmimirr         C:\Windows\system32\DRIVERS\lmimirr.sys
15:50:52.0122 0x0814  lmimirr - ok
15:50:52.0153 0x0814  LMIRfsClientNP - ok
15:50:52.0200 0x0814  [ 3FAA563DDF853320F90259D455A01D79, D81B5FCC0CBCF9CE18E44A31071D357B12F5016159E24954E50E68D80C9F61B8 ] LMIRfsDriver    C:\Windows\system32\drivers\LMIRfsDriver.sys
15:50:52.0231 0x0814  LMIRfsDriver - ok
15:50:52.0262 0x0814  [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
15:50:52.0309 0x0814  LSI_FC - ok
15:50:52.0340 0x0814  [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
15:50:52.0371 0x0814  LSI_SAS - ok
15:50:52.0387 0x0814  [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:50:52.0418 0x0814  LSI_SAS2 - ok
15:50:52.0449 0x0814  [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:50:52.0465 0x0814  LSI_SCSI - ok
15:50:52.0496 0x0814  [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv           C:\Windows\system32\drivers\luafv.sys
15:50:52.0590 0x0814  luafv - ok
15:50:52.0621 0x0814  MBAMSwissArmy - ok
15:50:52.0652 0x0814  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
15:50:52.0683 0x0814  Mcx2Svc - ok
15:50:52.0699 0x0814  [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
15:50:52.0730 0x0814  megasas - ok
15:50:52.0777 0x0814  [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
15:50:52.0839 0x0814  MegaSR - ok
15:50:52.0871 0x0814  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS           C:\Windows\system32\mmcss.dll
15:50:52.0949 0x0814  MMCSS - ok
15:50:52.0980 0x0814  [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem           C:\Windows\system32\drivers\modem.sys
15:50:53.0042 0x0814  Modem - ok
15:50:53.0089 0x0814  [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
15:50:53.0120 0x0814  monitor - ok
15:50:53.0183 0x0814  [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
15:50:53.0214 0x0814  mouclass - ok
15:50:53.0245 0x0814  [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
15:50:53.0307 0x0814  mouhid - ok
15:50:53.0339 0x0814  [ FC8771F45ECCCFD89684E38842539B9B, 806DDF2B4830CA866582FE74A521BB7DF26CA0E19013DAF584D3677FB48CC77A ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
15:50:53.0354 0x0814  mountmgr - ok
15:50:53.0432 0x0814  [ 8072A7BB35D92CC621AC2605EEF79BC4, 68F61BE84A5032CEC24F04C90DACA1AE78F3744016389BE2345256B26E44E09A ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
15:50:53.0463 0x0814  MpFilter - ok
15:50:53.0495 0x0814  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio            C:\Windows\system32\drivers\mpio.sys
15:50:53.0510 0x0814  mpio - ok
15:50:53.0541 0x0814  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:50:53.0619 0x0814  mpsdrv - ok
15:50:53.0697 0x0814  [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc          C:\Windows\system32\mpssvc.dll
15:50:53.0822 0x0814  MpsSvc - ok
15:50:53.0853 0x0814  [ 21F4B24ACFC79A483515BD986DD9043F, 22681907E02E0B723ABE2CEF0602D36C8EF862E7E2B62A9B40A5EF582E58D7BA ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:50:53.0900 0x0814  MRxDAV - ok
15:50:53.0947 0x0814  [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:50:53.0978 0x0814  mrxsmb - ok
15:50:53.0994 0x0814  [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:50:54.0025 0x0814  mrxsmb10 - ok
15:50:54.0041 0x0814  [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:50:54.0072 0x0814  mrxsmb20 - ok
15:50:54.0103 0x0814  [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci          C:\Windows\system32\drivers\msahci.sys
15:50:54.0119 0x0814  msahci - ok
15:50:54.0150 0x0814  [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
15:50:54.0165 0x0814  msdsm - ok
15:50:54.0197 0x0814  [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC           C:\Windows\System32\msdtc.exe
15:50:54.0259 0x0814  MSDTC - ok
15:50:54.0321 0x0814  [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:50:54.0368 0x0814  Msfs - ok
15:50:54.0384 0x0814  [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
15:50:54.0431 0x0814  mshidkmdf - ok
15:50:54.0462 0x0814  [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
15:50:54.0477 0x0814  msisadrv - ok
15:50:54.0524 0x0814  [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
15:50:54.0602 0x0814  MSiSCSI - ok
15:50:54.0618 0x0814  msiserver - ok
15:50:54.0665 0x0814  [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
15:50:54.0727 0x0814  MSKSSRV - ok
15:50:54.0821 0x0814  [ 1EE3643D1AA747222427F63353611AD7, 18465E375485DF4E980121449077D5BA87C25C5FA8D86F40DA3B7BE153306766 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
15:50:54.0852 0x0814  MsMpSvc - ok
15:50:54.0867 0x0814  [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
15:50:54.0930 0x0814  MSPCLOCK - ok
15:50:54.0961 0x0814  [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
15:50:55.0055 0x0814  MSPQM - ok
15:50:55.0101 0x0814  [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
15:50:55.0148 0x0814  MsRPC - ok
15:50:55.0195 0x0814  [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
15:50:55.0226 0x0814  mssmbios - ok
15:50:55.0257 0x0814  [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
15:50:55.0304 0x0814  MSTEE - ok
15:50:55.0320 0x0814  [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
15:50:55.0367 0x0814  MTConfig - ok
15:50:55.0413 0x0814  [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup             C:\Windows\system32\Drivers\mup.sys
15:50:55.0445 0x0814  Mup - ok
15:50:55.0491 0x0814  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent        C:\Windows\system32\qagentRT.dll
15:50:55.0601 0x0814  napagent - ok
15:50:55.0663 0x0814  [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
15:50:55.0772 0x0814  NativeWifiP - ok
15:50:55.0835 0x0814  [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:50:55.0928 0x0814  NDIS - ok
15:50:56.0037 0x0814  [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
15:50:56.0147 0x0814  NdisCap - ok
15:50:56.0193 0x0814  [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:50:56.0256 0x0814  NdisTapi - ok
15:50:56.0287 0x0814  [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
15:50:56.0334 0x0814  Ndisuio - ok
15:50:56.0365 0x0814  [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
15:50:56.0443 0x0814  NdisWan - ok
15:50:56.0490 0x0814  [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
15:50:56.0537 0x0814  NDProxy - ok
15:50:56.0630 0x0814  [ A081CB6FB9A12668F233EB5414BE3A0E, EE2A1311B51D1FEBAF79F45E568A927D8EA7704AFC8495AED2D26927566F61E3 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
15:50:56.0661 0x0814  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
15:50:56.0755 0x0814  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
15:50:56.0802 0x0814  [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
15:50:56.0895 0x0814  NetBIOS - ok
15:50:56.0958 0x0814  [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
15:50:57.0036 0x0814  NetBT - ok
15:50:57.0067 0x0814  [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] Netlogon        C:\Windows\system32\lsass.exe
15:50:57.0083 0x0814  Netlogon - ok
15:50:57.0129 0x0814  [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman          C:\Windows\System32\netman.dll
15:50:57.0254 0x0814  Netman - ok
15:50:57.0317 0x0814  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:50:57.0363 0x0814  NetMsmqActivator - ok
15:50:57.0379 0x0814  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:50:57.0410 0x0814  NetPipeActivator - ok
15:50:57.0441 0x0814  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm        C:\Windows\System32\netprofm.dll
15:50:57.0519 0x0814  netprofm - ok
15:50:57.0582 0x0814  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:50:57.0613 0x0814  NetTcpActivator - ok
15:50:57.0629 0x0814  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:50:57.0660 0x0814  NetTcpPortSharing - ok
15:50:57.0707 0x0814  [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
15:50:57.0753 0x0814  nfrd960 - ok
15:50:57.0800 0x0814  [ FCBC2F48430EB0D7150A6521C0B84ACA, EEFB975E2D1121EE9E93702F2CA2938C99C6B2273616C85816BA15E857E8D4FF ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
15:50:57.0847 0x0814  NisDrv - ok
15:50:57.0878 0x0814  [ E4AA07F8BCBCB66EF115C443CD45C7A2, 3B538D9E376F12FC8589BA500BB5E859337CF1856D0E4AA66E2E3B5E301DAEC5 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
15:50:57.0909 0x0814  NisSrv - ok
15:50:57.0972 0x0814  [ 374071043F9E4231EE43BE2BB48DD36D, C4FA3FC40CC49DBBB91901D14210A55D3831FAC9F9B3FF45FCA7F5CF242C9E92 ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:50:58.0065 0x0814  NlaSvc - ok
15:50:58.0112 0x0814  [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:50:58.0175 0x0814  Npfs - ok
15:50:58.0206 0x0814  [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi             C:\Windows\system32\nsisvc.dll
15:50:58.0237 0x0814  nsi - ok
15:50:58.0268 0x0814  [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:50:58.0346 0x0814  nsiproxy - ok
15:50:58.0440 0x0814  [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
15:50:58.0518 0x0814  Ntfs - ok
15:50:58.0643 0x0814  [ 9A308FCDCCA98A15B6F62D36A272160E, 3991F70D42C1949067ED48CF4EB815E06360B077F6A2369AC76BF0892C3C33EE ] NTI IScheduleSvc C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
15:50:58.0705 0x0814  NTI IScheduleSvc - ok
15:50:58.0767 0x0814  [ 28C59F594044CBF8598B18C927097091, 7B7633A9BCB1E0A3F89DD697C296D77955907DCF239B4B9D155AD7B90F2A1E7A ] NTIBackupSvc    C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
15:50:58.0814 0x0814  NTIBackupSvc - ok
15:50:58.0830 0x0814  [ 94E08DCC43F46471D96953E712B6D82B, 3990598CE201D17C3377F1210F088E4883C001EA678F528D95E578664368782B ] NTIDrvr         C:\Windows\system32\drivers\NTIDrvr.sys
15:50:58.0861 0x0814  NTIDrvr - ok
15:50:58.0908 0x0814  [ B8D903B2894FF9AFBD99CA51C35590D7, AAC96724781EC5A715CEF85C65D4AE15283522D3F19020FC456BA0F73BAA22F9 ] NTISchedulerSvc C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
15:50:58.0986 0x0814  NTISchedulerSvc - ok
15:50:59.0017 0x0814  [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null            C:\Windows\system32\drivers\Null.sys
15:50:59.0079 0x0814  Null - ok
15:50:59.0142 0x0814  [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
15:50:59.0173 0x0814  nvraid - ok
15:50:59.0189 0x0814  [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
15:50:59.0220 0x0814  nvstor - ok
15:50:59.0235 0x0814  [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
15:50:59.0251 0x0814  nv_agp - ok
15:50:59.0282 0x0814  [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
15:50:59.0345 0x0814  ohci1394 - ok
15:50:59.0469 0x0814  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:50:59.0516 0x0814  ose - ok
15:50:59.0766 0x0814  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7, F342100E2E9001F11FDF93F856B50FA43F9B85D2C6B5706EC0433E77206498DA ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:51:00.0062 0x0814  osppsvc - ok
15:51:00.0125 0x0814  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
15:51:00.0156 0x0814  p2pimsvc - ok
15:51:00.0203 0x0814  [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc          C:\Windows\system32\p2psvc.dll
15:51:00.0234 0x0814  p2psvc - ok
15:51:00.0265 0x0814  [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport         C:\Windows\system32\DRIVERS\parport.sys
15:51:00.0281 0x0814  Parport - ok
15:51:00.0327 0x0814  [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
15:51:00.0343 0x0814  partmgr - ok
15:51:00.0374 0x0814  [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
15:51:00.0421 0x0814  Parvdm - ok
15:51:00.0452 0x0814  [ 358AB7956D3160000726574083DFC8A6, 6CAFD4D1B8AB8C1D167ADC018985DDAB5AC2CBFFB3434FE6390F14AF50C19025 ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:51:00.0483 0x0814  PcaSvc - ok
15:51:00.0515 0x0814  [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci             C:\Windows\system32\drivers\pci.sys
15:51:00.0561 0x0814  pci - ok
15:51:00.0608 0x0814  [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide          C:\Windows\system32\drivers\pciide.sys
15:51:00.0639 0x0814  pciide - ok
15:51:00.0671 0x0814  [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
15:51:00.0702 0x0814  pcmcia - ok
15:51:00.0717 0x0814  [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw             C:\Windows\system32\drivers\pcw.sys
15:51:00.0733 0x0814  pcw - ok
15:51:00.0780 0x0814  [ 9E0104BA49F4E6973749A02BF41344ED, B32F39F38DB48D77FBA884DEE34112BAB81CCEF5DD2EAAA12D9589D73D2BB116 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:51:00.0905 0x0814  PEAUTH - ok
15:51:00.0998 0x0814  [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
15:51:01.0076 0x0814  PeerDistSvc - ok
15:51:01.0217 0x0814  [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla             C:\Windows\system32\pla.dll
15:51:01.0435 0x0814  pla - ok
15:51:01.0513 0x0814  [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:51:01.0591 0x0814  PlugPlay - ok
15:51:01.0669 0x0814  [ 65BC271F337637731D3C71455AE1F476, DAD32B61FE0147F8D2DA4C8F016920CD6BB2098F16E3CC2768009763E71DEFBC ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
15:51:01.0700 0x0814  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
15:51:01.0700 0x0814  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
15:51:01.0731 0x0814  [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
15:51:01.0794 0x0814  PNRPAutoReg - ok
15:51:01.0841 0x0814  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
15:51:01.0887 0x0814  PNRPsvc - ok
15:51:01.0934 0x0814  [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
15:51:02.0012 0x0814  PolicyAgent - ok
15:51:02.0075 0x0814  [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power           C:\Windows\system32\umpo.dll
15:51:02.0153 0x0814  Power - ok
15:51:02.0199 0x0814  [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
15:51:02.0262 0x0814  PptpMiniport - ok
15:51:02.0293 0x0814  [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
15:51:02.0340 0x0814  Processor - ok
15:51:02.0387 0x0814  [ CADEFAC453040E370A1BDFF3973BE00D, 2E3DD8DA702468D8AB0F3CE27188B1991D4CB015FB36BAE4C6E7996B61CF49B8 ] ProfSvc         C:\Windows\system32\profsvc.dll
15:51:02.0449 0x0814  ProfSvc - ok
15:51:02.0480 0x0814  [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:51:02.0496 0x0814  ProtectedStorage - ok
15:51:02.0527 0x0814  [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
15:51:02.0558 0x0814  Psched - ok
15:51:02.0605 0x0814  [ F036CFB275D0C55F4E45FBBF5F98B3C8, D8D1CA9F65B34A93AB9F7FD9BB6C453B2BF4E8320E620F56055B743DF1D56DE8 ] PSI_SVC_2       C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
15:51:02.0714 0x0814  PSI_SVC_2 - ok
15:51:02.0823 0x0814  [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
15:51:02.0933 0x0814  ql2300 - ok
15:51:02.0948 0x0814  [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
15:51:02.0979 0x0814  ql40xx - ok
15:51:03.0011 0x0814  [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE           C:\Windows\system32\qwave.dll
15:51:03.0057 0x0814  QWAVE - ok
15:51:03.0104 0x0814  [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:51:03.0135 0x0814  QWAVEdrv - ok
15:51:03.0151 0x0814  [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:51:03.0229 0x0814  RasAcd - ok
15:51:03.0276 0x0814  [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
15:51:03.0354 0x0814  RasAgileVpn - ok
15:51:03.0401 0x0814  [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto         C:\Windows\System32\rasauto.dll
15:51:03.0463 0x0814  RasAuto - ok
15:51:03.0494 0x0814  [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
15:51:03.0541 0x0814  Rasl2tp - ok
15:51:03.0603 0x0814  [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan          C:\Windows\System32\rasmans.dll
15:51:03.0697 0x0814  RasMan - ok
15:51:03.0728 0x0814  [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:51:03.0775 0x0814  RasPppoe - ok
15:51:03.0806 0x0814  [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
15:51:03.0915 0x0814  RasSstp - ok
15:51:03.0962 0x0814  [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
15:51:04.0056 0x0814  rdbss - ok
15:51:04.0103 0x0814  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
15:51:04.0149 0x0814  rdpbus - ok
15:51:04.0165 0x0814  [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
15:51:04.0243 0x0814  RDPCDD - ok
15:51:04.0290 0x0814  [ B973FCFC50DC1434E1970A146F7E3885, BE797E5F5AE34D37F8DA1134CE94DD14DBE36D2BC405B97E992E2257848B7CA9 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
15:51:04.0305 0x0814  RDPDR - ok
15:51:04.0337 0x0814  [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
15:51:04.0415 0x0814  RDPENCDD - ok
15:51:04.0446 0x0814  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
15:51:04.0539 0x0814  RDPREFMP - ok
15:51:04.0586 0x0814  [ F031683E6D1FEA157ABB2FF260B51E61, 83B552819A5964152882C527E1421DBCEAACC74DEB897E3C4B53F52F1467FED3 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
15:51:04.0649 0x0814  RDPWD - ok
15:51:04.0711 0x0814  [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
15:51:04.0758 0x0814  rdyboost - ok
15:51:04.0789 0x0814  [ 001B4278407F4303EFC902A2B16F2453, 92A95B0EFAAE7ADC6380D5207C86CB45BEEAE6974417A13669484A9D179E69AC ] regi            C:\Windows\system32\drivers\regi.sys
15:51:04.0805 0x0814  regi - ok
15:51:04.0851 0x0814  [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:51:04.0929 0x0814  RemoteAccess - ok
15:51:04.0976 0x0814  [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry  C:\Windows\system32\regsvc.dll
15:51:05.0085 0x0814  RemoteRegistry - ok
15:51:05.0117 0x0814  [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
15:51:05.0148 0x0814  RpcEptMapper - ok
15:51:05.0195 0x0814  [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator      C:\Windows\system32\locator.exe
15:51:05.0226 0x0814  RpcLocator - ok
15:51:05.0288 0x0814  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs           C:\Windows\system32\rpcss.dll
15:51:05.0351 0x0814  RpcSs - ok
15:51:05.0397 0x0814  [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
15:51:05.0444 0x0814  rspndr - ok
15:51:05.0522 0x0814  [ F1ED9FFA59C369E72BC53A7631346F61, 3404CFEC1614201FF9B5053547EFA08FF5EEBC4E67DD0FF37C35CA55292C0862 ] RSUSBSTOR       C:\Windows\System32\Drivers\RtsUStor.sys
15:51:05.0569 0x0814  RSUSBSTOR - ok
15:51:05.0631 0x0814  [ 7CB9F0FDD730F4A4ECF6CDE15EA12E8A, A6810A901620119E1809297A568DC903729471F4F4F813F1C60378E122D2358E ] RS_Service      C:\Program Files\Acer\Acer VCM\RS_Service.exe
15:51:05.0678 0x0814  RS_Service - ok
15:51:05.0725 0x0814  [ 2FD0636A8A3E8B2D0FEF07D48CFBA7A2, 2AD402245A1394C616494F45D80E8C81DA3E6F83904E2BCD46DD1E0CA035DAC4 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIV.sys
15:51:05.0834 0x0814  RTHDMIAzAudService - ok
15:51:05.0881 0x0814  [ 7FA7F2E249A5DCBB7970630E15E1F482, 9633B193F3FDA67BC551C6DCA4788AB83E9F45F77763EE579D02FE5D6B80DEDF ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
15:51:05.0928 0x0814  s3cap - ok
15:51:05.0959 0x0814  [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] SamSs           C:\Windows\system32\lsass.exe
15:51:05.0990 0x0814  SamSs - ok
15:51:06.0037 0x0814  [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
15:51:06.0084 0x0814  sbp2port - ok
15:51:06.0115 0x0814  [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:51:06.0209 0x0814  SCardSvr - ok
15:51:06.0240 0x0814  [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
15:51:06.0302 0x0814  scfilter - ok
15:51:06.0396 0x0814  [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule        C:\Windows\system32\schedsvc.dll
15:51:06.0521 0x0814  Schedule - ok
15:51:06.0567 0x0814  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc     C:\Windows\System32\certprop.dll
15:51:06.0583 0x0814  SCPolicySvc - ok
15:51:06.0614 0x0814  [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
15:51:06.0661 0x0814  SDRSVC - ok
15:51:06.0723 0x0814  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
15:51:06.0817 0x0814  secdrv - ok
15:51:06.0848 0x0814  [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon        C:\Windows\system32\seclogon.dll
15:51:06.0942 0x0814  seclogon - ok
15:51:06.0957 0x0814  [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS            C:\Windows\System32\sens.dll
15:51:07.0004 0x0814  SENS - ok
15:51:07.0035 0x0814  [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
15:51:07.0098 0x0814  SensrSvc - ok
15:51:07.0129 0x0814  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
15:51:07.0160 0x0814  Serenum - ok
15:51:07.0223 0x0814  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial          C:\Windows\system32\DRIVERS\serial.sys
15:51:07.0254 0x0814  Serial - ok
15:51:07.0301 0x0814  [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
15:51:07.0363 0x0814  sermouse - ok
15:51:07.0425 0x0814  [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv      C:\Windows\system32\sessenv.dll
15:51:07.0503 0x0814  SessionEnv - ok
15:51:07.0550 0x0814  [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
15:51:07.0613 0x0814  sffdisk - ok
15:51:07.0628 0x0814  [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
15:51:07.0675 0x0814  sffp_mmc - ok
15:51:07.0706 0x0814  [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
15:51:07.0722 0x0814  sffp_sd - ok
15:51:07.0847 0x0814  [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
15:51:07.0909 0x0814  sfloppy - ok
15:51:08.0112 0x0814  [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
15:51:08.0315 0x0814  SharedAccess - ok
15:51:08.0393 0x0814  [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:51:08.0439 0x0814  ShellHWDetection - ok
15:51:08.0559 0x0814  [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp          C:\Windows\system32\drivers\sisagp.sys
15:51:08.0609 0x0814  sisagp - ok
15:51:08.0779 0x0814  [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:51:08.0799 0x0814  SiSRaid2 - ok
15:51:08.0859 0x0814  [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
15:51:08.0909 0x0814  SiSRaid4 - ok
15:51:09.0049 0x0814  [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
15:51:09.0109 0x0814  Smb - ok
15:51:09.0160 0x0814  [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:51:09.0191 0x0814  SNMPTRAP - ok
15:51:09.0238 0x0814  [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr           C:\Windows\system32\drivers\spldr.sys
15:51:09.0269 0x0814  spldr - ok
15:51:09.0347 0x0814  [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler         C:\Windows\System32\spoolsv.exe
15:51:09.0409 0x0814  Spooler - ok
15:51:09.0893 0x0814  [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc          C:\Windows\system32\sppsvc.exe
15:51:10.0080 0x0814  sppsvc - ok
15:51:10.0158 0x0814  [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify     C:\Windows\system32\sppuinotify.dll
15:51:10.0236 0x0814  sppuinotify - ok
15:51:10.0314 0x0814  [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv             C:\Windows\system32\DRIVERS\srv.sys
15:51:10.0392 0x0814  srv - ok
15:51:10.0455 0x0814  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:51:10.0517 0x0814  srv2 - ok
15:51:10.0548 0x0814  [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:51:10.0579 0x0814  srvnet - ok
15:51:10.0626 0x0814  [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
15:51:10.0689 0x0814  SSDPSRV - ok
15:51:10.0720 0x0814  [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
15:51:10.0813 0x0814  SstpSvc - ok
15:51:10.0845 0x0814  [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
15:51:10.0860 0x0814  stexstor - ok
15:51:10.0907 0x0814  [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc          C:\Windows\System32\wiaservc.dll
15:51:11.0001 0x0814  StiSvc - ok
15:51:11.0032 0x0814  [ 472AF0311073DCECEAA8FA18BA2BDF89, 089414057EB2047E42C96C1ACE79D509967461DC5A4D2836F63C04268637A3FC ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
15:51:11.0079 0x0814  storflt - ok
15:51:11.0110 0x0814  [ 0BF669F0A910BEDA4A32258D363AF2A5, 83EEBACDE4F69A2866B69CAA633F5C8B3CB01D88CEDB01B6EA5988E0A25CEE47 ] StorSvc         C:\Windows\system32\storsvc.dll
15:51:11.0125 0x0814  StorSvc - ok
15:51:11.0157 0x0814  [ DCAFFD62259E0BDB433DD67B5BB37619, CBD12FF9BBF33D18B0F3D322B12EC62E7DF3BF45C6AD43D2E91FF4C4762E05D0 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
15:51:11.0172 0x0814  storvsc - ok
15:51:11.0203 0x0814  [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum          C:\Windows\system32\drivers\swenum.sys
15:51:11.0219 0x0814  swenum - ok
15:51:11.0250 0x0814  [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv           C:\Windows\System32\swprv.dll
15:51:11.0359 0x0814  swprv - ok
15:51:11.0531 0x0814  [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain         C:\Windows\system32\sysmain.dll
15:51:11.0625 0x0814  SysMain - ok
15:51:11.0671 0x0814  [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
15:51:11.0734 0x0814  TabletInputService - ok
15:51:11.0781 0x0814  [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv         C:\Windows\System32\tapisrv.dll
15:51:11.0874 0x0814  TapiSrv - ok
15:51:11.0905 0x0814  [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS             C:\Windows\System32\tbssvc.dll
15:51:11.0968 0x0814  TBS - ok
15:51:12.0171 0x0814  [ CA59F7C570AF70BC174F477CFE2D9EE3, F09E4E14207A2AC6957D2C0AC8707D0E356A9087FA6DC703373242D8EEB026BD ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
15:51:12.0249 0x0814  Tcpip - ok
15:51:12.0342 0x0814  [ CA59F7C570AF70BC174F477CFE2D9EE3, F09E4E14207A2AC6957D2C0AC8707D0E356A9087FA6DC703373242D8EEB026BD ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
15:51:12.0405 0x0814  TCPIP6 - ok
15:51:12.0483 0x0814  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:51:12.0545 0x0814  tcpipreg - ok
15:51:12.0623 0x0814  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
15:51:12.0685 0x0814  TDPIPE - ok
15:51:12.0732 0x0814  [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
15:51:12.0763 0x0814  TDTCP - ok
15:51:12.0826 0x0814  [ B459575348C20E8121D6039DA063C704, 1B4328A9EA39FF5A57F258E02254D04B73455F1DF7C997C13702A8B2F12D0347 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
15:51:12.0966 0x0814  tdx - ok
15:51:12.0997 0x0814  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD          C:\Windows\system32\drivers\termdd.sys
15:51:13.0013 0x0814  TermDD - ok
15:51:13.0138 0x0814  [ 382C804C92811BE57829D8E550A900E2, 5F52C2E7902024CF1C9CC0069F411C3F19CCA3DB209F437FA0F3932D4898EB50 ] TermService     C:\Windows\System32\termsrv.dll
15:51:13.0294 0x0814  TermService - ok
15:51:13.0325 0x0814  [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes          C:\Windows\system32\themeservice.dll
15:51:13.0387 0x0814  Themes - ok
15:51:13.0419 0x0814  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER     C:\Windows\system32\mmcss.dll
15:51:13.0465 0x0814  THREADORDER - ok
15:51:13.0481 0x0814  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks          C:\Windows\System32\trkwks.dll
15:51:13.0559 0x0814  TrkWks - ok
15:51:13.0621 0x0814  [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:51:13.0684 0x0814  TrustedInstaller - ok
15:51:13.0746 0x0814  [ B37B08F2E5EEB1A37E448E09BACE1101, 32CC9E06B88BAB6FAB4696B744548DFCE9199A7FD2BA8B019F269CA75895852C ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
15:51:13.0793 0x0814  tssecsrv - ok
15:51:13.0855 0x0814  [ FD1D6C73E6333BE727CBCC6054247654, 6F7B9AE1A5986204DB3348D13B303F30FC17624939DA74D6BD114FAEED0FB30E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
15:51:13.0918 0x0814  TsUsbFlt - ok
15:51:13.0980 0x0814  [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
15:51:14.0058 0x0814  tunnel - ok
15:51:14.0105 0x0814  [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
15:51:14.0152 0x0814  uagp35 - ok
15:51:14.0167 0x0814  [ 91096BD971BF7C1C4CA58C1CE594BB24, 9F1A007995D21CF87D0E44BA2555E7429CF3E8B6A44F11C9B619C73F13BD18F5 ] UBHelper        C:\Windows\system32\drivers\UBHelper.sys
15:51:14.0199 0x0814  UBHelper - ok
15:51:14.0245 0x0814  [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:51:14.0355 0x0814  udfs - ok
15:51:14.0401 0x0814  [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect       C:\Windows\system32\UI0Detect.exe
15:51:14.0448 0x0814  UI0Detect - ok
15:51:14.0495 0x0814  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
15:51:14.0526 0x0814  uliagpkx - ok
15:51:14.0573 0x0814  [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
15:51:14.0620 0x0814  umbus - ok
15:51:14.0651 0x0814  [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
15:51:14.0698 0x0814  UmPass - ok
15:51:14.0776 0x0814  [ 409994A8EACEEE4E328749C0353527A0, FFC57B647147DE2957A7DE4B330CC534DE7AC892A2FCE3BB164F7A516CAB1B56 ] UmRdpService    C:\Windows\System32\umrdp.dll
15:51:14.0854 0x0814  UmRdpService - ok
15:51:14.0963 0x0814  [ F9EC9ACD504D823D9B9CA98A4F8D3CA2, 58DAD5111C598F14CB199FE6A61FA5918F29513B778A8664FD05EFAB3C665D4F ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
15:51:14.0994 0x0814  Updater Service - ok
15:51:15.0041 0x0814  [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost        C:\Windows\System32\upnphost.dll
15:51:15.0119 0x0814  upnphost - ok
15:51:15.0197 0x0814  [ 6E421CCC57059B0186C6259CA3B6DFC9, E348BF23CCD6C14FD10C1689BBDC77E125245331F97BFE60D4C8FD9A8711CB59 ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
15:51:15.0244 0x0814  USBAAPL - ok
15:51:15.0291 0x0814  [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
15:51:15.0337 0x0814  usbccgp - ok
15:51:15.0384 0x0814  [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir          C:\Windows\system32\drivers\usbcir.sys
15:51:15.0431 0x0814  usbcir - ok
15:51:15.0462 0x0814  [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
15:51:15.0478 0x0814  usbehci - ok
15:51:15.0509 0x0814  [ FB0E8B624D1F7E214EDB3D6E56B4EC88, 1B0E1909D282A7E25CF4CA01F135E86851836FF795E92636BAFD61ED432AB2CB ] usbfilter       C:\Windows\system32\DRIVERS\usbfilter.sys
15:51:15.0556 0x0814  usbfilter - ok
15:51:15.0603 0x0814  [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
15:51:15.0681 0x0814  usbhub - ok
15:51:15.0727 0x0814  [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
15:51:15.0774 0x0814  usbohci - ok
15:51:15.0821 0x0814  [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
15:51:15.0868 0x0814  usbprint - ok
15:51:15.0930 0x0814  [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:51:15.0977 0x0814  USBSTOR - ok
15:51:16.0008 0x0814  [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
15:51:16.0039 0x0814  usbuhci - ok
15:51:16.0086 0x0814  [ DE014425522610BEDCA3821BB8C0F1D5, D6FEA0DF07F89834AEEE8C02CC7FD41068D758B6CCECE2EEE5CF4B9DB646FA1E ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
15:51:16.0164 0x0814  usbvideo - ok
15:51:16.0211 0x0814  [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms           C:\Windows\System32\uxsms.dll
15:51:16.0273 0x0814  UxSms - ok
15:51:16.0289 0x0814  [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] VaultSvc        C:\Windows\system32\lsass.exe
15:51:16.0320 0x0814  VaultSvc - ok
15:51:16.0336 0x0814  [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
15:51:16.0351 0x0814  vdrvroot - ok
15:51:16.0398 0x0814  [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds             C:\Windows\System32\vds.exe
15:51:16.0476 0x0814  vds - ok
15:51:16.0507 0x0814  [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
15:51:16.0570 0x0814  vga - ok
15:51:16.0601 0x0814  [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave         C:\Windows\System32\drivers\vga.sys
15:51:16.0648 0x0814  VgaSave - ok
15:51:16.0679 0x0814  [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
15:51:16.0710 0x0814  vhdmp - ok
15:51:16.0741 0x0814  [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
15:51:16.0773 0x0814  viaagp - ok
15:51:16.0804 0x0814  [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys
15:51:16.0866 0x0814  ViaC7 - ok
15:51:16.0913 0x0814  [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide          C:\Windows\system32\drivers\viaide.sys
15:51:16.0944 0x0814  viaide - ok
15:51:16.0960 0x0814  [ C2F2911156FDC7817C52829C86DA494E, FE499F189B5016FCE0018AA3DE3970B72275B7B15F3D4D608117F6DDEC6B90DC ] vmbus           C:\Windows\system32\drivers\vmbus.sys
15:51:16.0991 0x0814  vmbus - ok
15:51:17.0022 0x0814  [ D4D77455211E204F370D08F4963063CE, 2018B2A84C73E0834200A594C02A9D28C74906F126DAD3CCDDFC9CD9A61669E2 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
15:51:17.0038 0x0814  VMBusHID - ok
15:51:17.0069 0x0814  [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
15:51:17.0085 0x0814  volmgr - ok
15:51:17.0116 0x0814  [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
15:51:17.0147 0x0814  volmgrx - ok
15:51:17.0178 0x0814  [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
15:51:17.0209 0x0814  volsnap - ok
15:51:17.0256 0x0814  [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
15:51:17.0287 0x0814  vsmraid - ok
15:51:17.0443 0x0814  [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS             C:\Windows\system32\vssvc.exe
15:51:17.0584 0x0814  VSS - ok
15:51:17.0631 0x0814  [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
15:51:17.0662 0x0814  vwifibus - ok
15:51:17.0709 0x0814  [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
15:51:17.0755 0x0814  vwififlt - ok
15:51:17.0802 0x0814  [ A3F04CBEA6C2A10E6CB01F8B47611882, 32AFE18B07FECA30BC95831A5DC94C784E543784DF16165334A777DC84E91EF3 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
15:51:17.0833 0x0814  vwifimp - ok
15:51:17.0880 0x0814  [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time         C:\Windows\system32\w32time.dll
15:51:18.0005 0x0814  W32Time - ok
15:51:18.0052 0x0814  [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
15:51:18.0114 0x0814  WacomPen - ok
15:51:18.0208 0x0814  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
15:51:18.0286 0x0814  WANARP - ok
15:51:18.0301 0x0814  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
15:51:18.0333 0x0814  Wanarpv6 - ok
15:51:18.0457 0x0814  [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
15:51:18.0582 0x0814  WatAdminSvc - ok
15:51:18.0738 0x0814  [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine        C:\Windows\system32\wbengine.exe
15:51:18.0847 0x0814  wbengine - ok
15:51:18.0972 0x0814  [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
15:51:19.0035 0x0814  WbioSrvc - ok
15:51:19.0097 0x0814  [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc         C:\Windows\System32\wcncsvc.dll
15:51:19.0175 0x0814  wcncsvc - ok
15:51:19.0222 0x0814  [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:51:19.0269 0x0814  WcsPlugInService - ok
15:51:19.0300 0x0814  [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
15:51:19.0315 0x0814  Wd - ok
15:51:19.0425 0x0814  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:51:19.0503 0x0814  Wdf01000 - ok
15:51:19.0534 0x0814  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost  C:\Windows\system32\wdi.dll
15:51:19.0565 0x0814  WdiServiceHost - ok
15:51:19.0581 0x0814  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost   C:\Windows\system32\wdi.dll
15:51:19.0596 0x0814  WdiSystemHost - ok
15:51:19.0659 0x0814  [ 75E8EBD7040CE238684333F97014762A, 2CA0B267FBAEB303D1F8B639D733DC0DE17BA1276CC9096035B4F2BBBED3EF7F ] WebClient       C:\Windows\System32\webclnt.dll
15:51:19.0737 0x0814  WebClient - ok
15:51:19.0799 0x0814  [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:51:19.0861 0x0814  Wecsvc - ok
15:51:19.0893 0x0814  [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
15:51:19.0955 0x0814  wercplsupport - ok
15:51:19.0986 0x0814  [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc          C:\Windows\System32\WerSvc.dll
15:51:20.0064 0x0814  WerSvc - ok
15:51:20.0111 0x0814  [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
15:51:20.0173 0x0814  WfpLwf - ok
15:51:20.0205 0x0814  [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
15:51:20.0236 0x0814  WIMMount - ok
15:51:20.0470 0x0814  [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
15:51:20.0595 0x0814  WinDefend - ok
15:51:20.0673 0x0814  WinHttpAutoProxySvc - ok
15:51:20.0876 0x0814  [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
15:51:20.0954 0x0814  Winmgmt - ok
15:51:21.0156 0x0814  [ 1B91CD34EA3A90AB6A4EF0550174F4CC, 5B6618615EBFBA594C945AD35F5C68DA8C6053892B6D12D626BB6120910D80DC ] WinRM           C:\Windows\system32\WsmSvc.dll
15:51:21.0281 0x0814  WinRM - ok
15:51:21.0344 0x0814  [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
15:51:21.0406 0x0814  WinUsb - ok
15:51:21.0546 0x0814  [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc         C:\Windows\System32\wlansvc.dll
15:51:21.0624 0x0814  Wlansvc - ok
15:51:21.0656 0x0814  [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
15:51:21.0718 0x0814  WmiAcpi - ok
15:51:21.0780 0x0814  [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:51:21.0812 0x0814  wmiApSrv - ok
15:51:21.0936 0x0814  [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
15:51:22.0014 0x0814  WMPNetworkSvc - ok
15:51:22.0046 0x0814  [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
15:51:22.0077 0x0814  WPCSvc - ok
15:51:22.0124 0x0814  [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:51:22.0202 0x0814  WPDBusEnum - ok
15:51:22.0248 0x0814  [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
15:51:22.0311 0x0814  ws2ifsl - ok
15:51:22.0342 0x0814  [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc          C:\Windows\System32\wscsvc.dll
15:51:22.0389 0x0814  wscsvc - ok
15:51:22.0436 0x0814  [ 553F6CCD7C58EB98D4A8FBDAF283D7A9, 71FBE50C470D1F54FDAADCECEC2CB021AE240CD59DE4E8EB5BCAA6E7F2F86560 ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
15:51:22.0451 0x0814  WSDPrintDevice - ok
15:51:22.0467 0x0814  WSearch - ok
15:51:22.0607 0x0814  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll
15:51:22.0732 0x0814  wuauserv - ok
15:51:22.0763 0x0814  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
15:51:22.0810 0x0814  WudfPf - ok
15:51:22.0857 0x0814  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
15:51:22.0919 0x0814  WUDFRd - ok
15:51:22.0966 0x0814  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
15:51:23.0013 0x0814  wudfsvc - ok
15:51:23.0075 0x0814  [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc         C:\Windows\System32\wwansvc.dll
15:51:23.0138 0x0814  WwanSvc - ok
15:51:23.0169 0x0814  ================ Scan global ===============================
15:51:23.0216 0x0814  [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll
15:51:23.0278 0x0814  [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
15:51:23.0309 0x0814  [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
15:51:23.0340 0x0814  [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
15:51:23.0372 0x0814  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\Windows\system32\services.exe
15:51:23.0372 0x0814  [ Global ] - ok
15:51:23.0372 0x0814  ================ Scan MBR ==================================
15:51:23.0387 0x0814  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:51:25.0384 0x0814  \Device\Harddisk0\DR0 - ok
15:51:25.0400 0x0814  ================ Scan VBR ==================================
15:51:25.0415 0x0814  [ F86FF775E337225B2CE61C6792E75AFC ] \Device\Harddisk0\DR0\Partition1
15:51:25.0462 0x0814  \Device\Harddisk0\DR0\Partition1 - detected Rootkit.Boot.Cidox.b ( 0 )
15:51:25.0462 0x0814  \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - infected
15:51:25.0493 0x0814  [ D07B2378360CF4AA01B7B37F0ACAD3F6 ] \Device\Harddisk0\DR0\Partition2
15:51:25.0524 0x0814  \Device\Harddisk0\DR0\Partition2 - ok
15:51:25.0571 0x0814  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.5.216.0 ), 0x61000 ( enabled : updated )
15:51:25.0571 0x0814  Win FW state via NFP2: enabled
15:51:25.0571 0x0814  ============================================================
15:51:25.0571 0x0814  Scan finished
15:51:25.0571 0x0814  ============================================================
15:51:25.0587 0x09a4  Detected object count: 3
15:51:25.0587 0x09a4  Actual detected object count: 3
15:51:36.0132 0x09a4  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
15:51:36.0132 0x09a4  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:51:36.0148 0x09a4  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
15:51:36.0148 0x09a4  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:51:36.0148 0x09a4  \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - skipped by user
15:51:36.0148 0x09a4  \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - User select action: Skip
 


Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:02-06-2014
Ran by Michael DeLeon (administrator) on DELEON-PC on 05-06-2014 16:31:21
Running from C:\Users\Michael DeLeon\Desktop
Platform: Microsoft Windows 7 Professional  Service Pack 1 (X86) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Registration\GREGsvc.exe
(NewTech Infosystems, Inc.) C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(NTI, Inc.) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Acer Incorporated) C:\Program Files\Acer\Acer VCM\RS_Service.exe
(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(NewTech Infosystems, Inc.) C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\LMworker.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
() C:\Windows\PLFSetI.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer VCM\AcerVCM.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(InterVideo) C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Advanced Micro Devices, Inc.) C:\Windows\System32\atibtmon.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [9718376 2010-09-21] (Realtek Semiconductor)
HKLM\...\Run: [BackupManagerTray] => C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [265984 2010-06-28] (NewTech Infosystems, Inc.)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-10-28] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [LManager] => C:\Program Files\Launch Manager\LManager.exe [975952 2010-08-10] (Dritek System Inc.)
HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [548744 2010-04-13] (ELAN Microelectronic Corp.)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [206208 2011-04-12] ()
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [715296 2010-06-11] (Acer Incorporated)
HKLM\...\Run: [LogMeIn GUI] => "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [951576 2014-03-11] (Microsoft Corporation)
HKU\S-1-5-21-2427238340-1203257242-3108606586-1000\...\Run: [Desktop Software] => "C:\Program Files\Common Files\SupportSoft\bin\bcont.exe"  /ini "C:\Program Files\ComcastUI\Desktop Software\uinstaller.ini" /fromrun /starthidden
HKU\S-1-5-21-2427238340-1203257242-3108606586-1000\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
HKU\S-1-5-21-2427238340-1203257242-3108606586-1000\...\Run: [ApplePhotoStreams] => C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk
ShortcutTarget: Acer VCM.lnk -> C:\Program Files\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
SearchScopes: HKLM - {8c9ef753-beb6-4582-b653-93ac59274437} URL = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=YLxdm002YYus&ptb=16C4B079-34AD-4215-B883-B5F54269319F&psa=&ind=2011123109&ptnrS=YLxdm002YYus&si=CI3c4-LDrK0CFQ4j7AodxkGqnA&st=sb&n=77df4da5&searchfor={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {8c9ef753-beb6-4582-b653-93ac59274437} URL =
BHO: No Name - {02478D38-C3F9-4efb-9B51-7695ECA05670} -  No File
BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: No Name - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -  No File
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {82E5DF24-51E8-47CD-864A-F4BD5005AA73} https://www.icloud.com/system/iCloud.cab
DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com/activex/ractrl.cab?lmi=100
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.6.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.6.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

========================== Services (Whitelisted) =================

R2 ePowerSvc; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [735776 2010-06-11] (Acer Incorporated)
R2 GREGService; C:\Program Files\Acer\Registration\GREGsvc.exe [23584 2010-01-08] (Acer Incorporated)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2014-03-11] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [279776 2014-03-11] (Microsoft Corporation)
R2 NTI IScheduleSvc; C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [255744 2010-06-28] (NewTech Infosystems, Inc.)
R2 NTISchedulerSvc; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [144640 2010-04-16] (NTI, Inc.)
R2 RS_Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [260640 2010-01-29] (Acer Incorporated)
R2 Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [243232 2010-01-28] (Acer Group)

==================== Drivers (Whitelisted) ====================

R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW73.sys [102416 2010-09-23] (ATI Technologies, Inc.)
R3 ETD; C:\Windows\System32\DRIVERS\ETD.sys [109960 2010-04-13] (ELAN Microelectronic Corp.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231960 2014-01-25] (Microsoft Corporation)
R3 NTIDrvr; C:\Windows\system32\drivers\NTIDrvr.sys [15360 2010-04-28] (NTI Corporation)
S3 RTHDMIAzAudService; C:\Windows\System32\drivers\RtHDMIV.sys [183584 2010-01-26] (Realtek Semiconductor Corp.)
R3 UBHelper; C:\Windows\system32\drivers\UBHelper.sys [15360 2010-04-28] (NTI Corporation)
S1 edqqovsz; \??\C:\Windows\system32\drivers\edqqovsz.sys [X]
S1 iihaspgb; \??\C:\Windows\system32\drivers\iihaspgb.sys [X]
S1 iwkjfoqy; \??\C:\Windows\system32\drivers\iwkjfoqy.sys [X]
S2 LMIInfo; \??\C:\Program Files\LogMeIn\x86\RaInfo.sys [X]
S4 LMIRfsClientNP; No ImagePath
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-06-05 16:31 - 2014-06-05 16:31 - 00011843 _____ () C:\Users\Michael DeLeon\Desktop\FRST.txt
2014-06-05 16:31 - 2014-06-05 16:31 - 00000000 ____D () C:\FRST
2014-06-05 15:40 - 2014-06-05 15:40 - 04176736 _____ (Kaspersky Lab ZAO) C:\Users\Michael DeLeon\Desktop\tdsskiller.exe
2014-06-05 15:40 - 2014-06-05 15:40 - 01059840 _____ (Farbar) C:\Users\Michael DeLeon\Desktop\FRST.exe
2014-06-05 14:33 - 2014-06-05 14:33 - 00001528 _____ () C:\Users\Michael DeLeon\Desktop\attach.txt
2014-06-05 14:08 - 2014-06-05 14:08 - 00688992 ____R (Swearware) C:\Users\Michael DeLeon\Desktop\dds.com
2014-06-05 01:12 - 2014-06-05 17:31 - 00000000 ____D () C:\Windows\Microsoft Antimalware
2014-06-04 20:54 - 2014-06-04 20:54 - 00002121 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-06-04 20:53 - 2014-06-04 20:54 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-06-04 10:18 - 2014-06-04 19:49 - 00000000 ____D () C:\Users\Michael DeLeon\AppData\Roaming\Inxycyl
2014-06-03 09:32 - 2014-06-04 11:53 - 00000000 ____D () C:\Users\Michael DeLeon\AppData\Roaming\Boysdau
2014-06-03 09:26 - 2014-06-04 10:12 - 00000000 ____D () C:\Users\Michael DeLeon\AppData\Roaming\Myyvdyaq
2014-06-02 14:29 - 2014-06-04 11:53 - 00000000 ____D () C:\Users\Michael DeLeon\AppData\Roaming\Deeqoxl
2014-06-02 14:28 - 2014-06-04 11:53 - 00000000 ____D () C:\Users\Michael DeLeon\AppData\Roaming\Ipacax
2014-06-02 09:55 - 2014-06-02 09:55 - 00068782 _____ () C:\Users\Michael DeLeon\AppData\Local\mbumdaos
2014-06-02 09:51 - 2014-06-02 09:51 - 00000000 _____ () C:\Users\Michael DeLeon\AppData\Roaming\SharedSettings.ccs
2014-05-23 15:12 - 2014-05-23 15:12 - 00021286 ____N () C:\Users\Michael DeLeon\Documents\PetesFinancialEstimate.xlsx
2014-05-17 16:19 - 2014-05-17 16:19 - 00003009 _____ () C:\Users\Michael DeLeon\Desktop\mami - SC 128.JPG - Shortcut.lnk
2014-05-16 10:09 - 2014-05-16 10:09 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-05-15 13:47 - 2014-05-05 23:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-15 13:47 - 2014-05-05 23:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-15 13:47 - 2014-05-05 22:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-14 12:16 - 2014-05-09 03:06 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-14 12:16 - 2014-05-09 03:04 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-14 12:15 - 2014-04-11 22:15 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-14 12:15 - 2014-04-11 22:15 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-14 12:15 - 2014-04-11 22:12 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-14 12:15 - 2014-04-11 22:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-14 12:15 - 2014-04-11 22:12 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-14 12:15 - 2014-04-11 22:11 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-14 12:15 - 2014-04-11 22:11 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-14 12:15 - 2014-03-04 05:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2014-05-14 12:15 - 2014-03-04 05:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-14 12:15 - 2014-03-04 05:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-14 12:15 - 2014-03-04 05:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-14 12:15 - 2014-03-04 05:17 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-14 12:15 - 2014-03-04 05:17 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-14 12:15 - 2014-03-04 05:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-14 12:15 - 2014-03-04 05:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-14 12:15 - 2014-03-04 05:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-14 12:15 - 2014-03-04 05:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-14 12:15 - 2014-03-04 05:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-14 12:15 - 2014-03-04 05:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-14 12:15 - 2014-03-04 05:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-14 12:15 - 2014-03-04 05:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-14 12:15 - 2014-03-04 05:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-14 12:15 - 2014-03-04 05:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-14 12:15 - 2014-03-04 05:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-14 12:13 - 2014-03-24 22:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-08 10:39 - 2014-05-08 10:39 - 00000000 __SHD () C:\Users\Michael DeLeon\AppData\Local\EmieUserList
2014-05-08 10:39 - 2014-05-08 10:39 - 00000000 __SHD () C:\Users\Michael DeLeon\AppData\Local\EmieSiteList
2014-05-08 10:15 - 2014-05-16 10:29 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-08 09:58 - 2014-03-06 04:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-08 09:58 - 2014-03-06 04:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-08 09:58 - 2014-03-06 04:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-08 09:58 - 2014-03-06 04:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-08 09:58 - 2014-03-06 03:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-08 09:58 - 2014-03-06 03:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-08 09:58 - 2014-03-06 03:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-08 09:58 - 2014-03-06 03:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-08 09:58 - 2014-03-06 03:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-08 09:58 - 2014-03-06 03:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-08 09:58 - 2014-03-06 03:38 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-08 09:58 - 2014-03-06 03:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-08 09:58 - 2014-03-06 03:28 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-08 09:58 - 2014-03-06 03:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-08 09:58 - 2014-03-06 03:18 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-08 09:58 - 2014-03-06 03:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-08 09:58 - 2014-03-06 03:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-08 09:58 - 2014-03-06 03:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-08 09:58 - 2014-03-06 02:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-08 09:58 - 2014-03-06 02:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-08 09:58 - 2014-03-06 02:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-08 09:58 - 2014-03-06 01:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-08 09:58 - 2014-03-06 01:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-08 09:58 - 2014-03-06 01:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

==================== One Month Modified Files and Folders =======

2014-06-05 17:31 - 2014-06-05 01:12 - 00000000 ____D () C:\Windows\Microsoft Antimalware
2014-06-05 16:31 - 2014-06-05 16:31 - 00011843 _____ () C:\Users\Michael DeLeon\Desktop\FRST.txt
2014-06-05 16:31 - 2014-06-05 16:31 - 00000000 ____D () C:\FRST
2014-06-05 16:31 - 2011-09-20 15:19 - 00000000 ____D () C:\Users\Michael DeLeon\AppData\Local\Temp
2014-06-05 16:29 - 2011-04-12 18:11 - 01543782 _____ () C:\Windows\WindowsUpdate.log
2014-06-05 16:19 - 2012-04-11 17:53 - 00000902 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-05 15:54 - 2009-07-14 00:34 - 00021680 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-05 15:54 - 2009-07-14 00:34 - 00021680 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-05 15:46 - 2012-04-03 15:53 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-05 15:42 - 2012-04-11 17:53 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-05 15:41 - 2013-02-13 14:20 - 00016132 _____ () C:\Windows\setupact.log
2014-06-05 15:41 - 2009-07-14 00:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-05 15:40 - 2014-06-05 15:40 - 04176736 _____ (Kaspersky Lab ZAO) C:\Users\Michael DeLeon\Desktop\tdsskiller.exe
2014-06-05 15:40 - 2014-06-05 15:40 - 01059840 _____ (Farbar) C:\Users\Michael DeLeon\Desktop\FRST.exe
2014-06-05 15:31 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-06-05 15:21 - 2011-09-21 10:38 - 00000000 ____D () C:\Users\Michael DeLeon\Documents\Outlook Files
2014-06-05 15:17 - 2011-09-20 18:16 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-05 14:43 - 2014-04-02 15:18 - 00112224 _____ () C:\Windows\system32\GDIPFONTCACHEV1.DAT
2014-06-05 14:43 - 2013-02-13 14:20 - 00110854 _____ () C:\Windows\PFRO.log
2014-06-05 14:43 - 2009-07-14 00:33 - 00424280 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-05 14:42 - 2011-09-21 11:48 - 00008091 _____ () C:\ProgramData\hpzinstall.log
2014-06-05 14:39 - 2011-09-21 11:49 - 00000000 ____D () C:\Program Files\HP
2014-06-05 14:38 - 2011-09-21 11:48 - 00000000 ____D () C:\ProgramData\HP
2014-06-05 14:37 - 2009-07-14 00:52 - 00000000 ____D () C:\Windows\twain_32
2014-06-05 14:33 - 2014-06-05 14:33 - 00001528 _____ () C:\Users\Michael DeLeon\Desktop\attach.txt
2014-06-05 14:08 - 2014-06-05 14:08 - 00688992 ____R (Swearware) C:\Users\Michael DeLeon\Desktop\dds.com
2014-06-05 13:16 - 2011-09-21 12:03 - 00000000 ____D () C:\Users\Michael DeLeon\AppData\Local\Google
2014-06-05 13:16 - 2011-09-21 12:03 - 00000000 ____D () C:\Program Files\Google
2014-06-05 13:09 - 2011-09-21 12:08 - 00000000 ____D () C:\Users\Michael DeLeon\AppData\Roaming\Apple Computer
2014-06-04 20:54 - 2014-06-04 20:54 - 00002121 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-06-04 20:54 - 2014-06-04 20:53 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-06-04 20:54 - 2011-09-21 12:08 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-06-04 20:15 - 2009-07-13 22:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-06-04 19:49 - 2014-06-04 10:18 - 00000000 ____D () C:\Users\Michael DeLeon\AppData\Roaming\Inxycyl
2014-06-04 19:49 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\security
2014-06-04 19:24 - 2010-09-27 07:55 - 00786514 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-04 19:18 - 2011-09-21 12:08 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-04 11:53 - 2014-06-03 09:32 - 00000000 ____D () C:\Users\Michael DeLeon\AppData\Roaming\Boysdau
2014-06-04 11:53 - 2014-06-02 14:29 - 00000000 ____D () C:\Users\Michael DeLeon\AppData\Roaming\Deeqoxl
2014-06-04 11:53 - 2014-06-02 14:28 - 00000000 ____D () C:\Users\Michael DeLeon\AppData\Roaming\Ipacax
2014-06-04 10:12 - 2014-06-03 09:26 - 00000000 ____D () C:\Users\Michael DeLeon\AppData\Roaming\Myyvdyaq
2014-06-03 10:05 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-06-02 15:02 - 2012-12-23 13:12 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-06-02 14:54 - 2011-09-20 15:19 - 00000000 ____D () C:\Users\Michael DeLeon
2014-06-02 14:46 - 2010-09-27 07:56 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-06-02 14:31 - 2011-09-21 12:03 - 00000000 ____D () C:\Program Files\Acro Software
2014-06-02 09:55 - 2014-06-02 09:55 - 00068782 _____ () C:\Users\Michael DeLeon\AppData\Local\mbumdaos
2014-06-02 09:51 - 2014-06-02 09:51 - 00000000 _____ () C:\Users\Michael DeLeon\AppData\Roaming\SharedSettings.ccs
2014-05-23 15:12 - 2014-05-23 15:12 - 00021286 ____N () C:\Users\Michael DeLeon\Documents\PetesFinancialEstimate.xlsx
2014-05-17 16:19 - 2014-05-17 16:19 - 00003009 _____ () C:\Users\Michael DeLeon\Desktop\mami - SC 128.JPG - Shortcut.lnk
2014-05-17 16:19 - 2012-03-26 15:40 - 00045056 ___SH () C:\Users\Michael DeLeon\Desktop\Thumbs.db
2014-05-16 12:22 - 2013-02-06 15:31 - 00001108 __RSH () C:\Users\Michael DeLeon\ntuser.pol
2014-05-16 11:09 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\rescache
2014-05-16 10:29 - 2014-05-08 10:15 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-16 10:09 - 2014-05-16 10:09 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-05-16 10:09 - 2013-08-18 14:51 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-16 10:05 - 2011-09-20 16:25 - 90547776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-14 15:15 - 2013-05-22 11:45 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-05-14 15:15 - 2011-09-21 12:05 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-05-14 11:54 - 2012-04-03 15:52 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-05-14 11:54 - 2011-09-21 12:02 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-05-09 03:06 - 2014-05-14 12:16 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 03:04 - 2014-05-14 12:16 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-08 10:39 - 2014-05-08 10:39 - 00000000 __SHD () C:\Users\Michael DeLeon\AppData\Local\EmieUserList
2014-05-08 10:39 - 2014-05-08 10:39 - 00000000 __SHD () C:\Users\Michael DeLeon\AppData\Local\EmieSiteList

ZeroAccess:
C:\$Recycle.Bin\S-1-5-21-2427238340-1203257242-3108606586-1000\$1dbe67881fe5c067fd5ffcf4dfceb066

Some content of TEMP:
====================
C:\Users\Michael DeLeon\AppData\Local\Temp\BackupSetup.exe
C:\Users\Michael DeLeon\AppData\Local\Temp\InstallFlashPlayer.exe
C:\Users\Michael DeLeon\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Michael DeLeon\AppData\Local\Temp\jre-7u40-windows-i586-iftw.exe
C:\Users\Michael DeLeon\AppData\Local\Temp\setup.exe

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2014-05-29 17:56

==================== End Of Log ============================


Additional scan result of Farbar Recovery Scan Tool (x86) Version:02-06-2014
Ran by Michael DeLeon at 2014-06-05 16:31:57
Running from C:\Users\Michael DeLeon\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
Acer Backup Manager (HKLM\...\InstallShield_{30075A70-B5D2-440B-AFA3-FB2021740121}) (Version: 2.0.1.68 - NewTech Infosystems)
Acer Crystal Eye webcam Ver:1.1.199.107 (HKLM\...\{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}) (Version: 1.1.199.107 - Chicony Electronics Co.,Ltd.)
Acer ePower Management (HKLM\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 5.00.3005 - Acer Incorporated)
Acer eRecovery Management (HKLM\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3013 - Acer Incorporated)
Acer Registration (HKLM\...\Acer Registration) (Version: 1.03.3003 - Acer Incorporated)
Acer ScreenSaver (HKLM\...\Acer Screensaver) (Version: 1.1.0827.2010 - Acer Incorporated)
Acer Updater (HKLM\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3001 - Acer Incorporated)
Acer VCM (HKLM\...\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}) (Version: 4.05.3002 - Acer Incorporated)
Acrobat.com (HKLM\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 13 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM\...\Adobe Shockwave Player) (Version: 11.6.4.634 - Adobe Systems, Inc.)
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0592EF96-69D8-4E4B-9CC9-88F58EA86F01}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASPCA Reminder by We-Care.com v4.1.21.1 (HKLM\...\{A6558E2A-FAF9-4570-AA49-6328D0354517}) (Version: 4.1.21.1 - We-Care.com)
ATI Catalyst Install Manager (HKLM\...\{AC904169-4386-A9F9-AC00-67D5C42133BF}) (Version: 3.0.795.0 - ATI Technologies, Inc.)
Backup Manager Advance (Version: 2.0.1.68 - NewTech Infosystems) Hidden
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
bpd_scan (Version: 3.00.0000 - Hewlett-Packard) Hidden
Broadcom Gigabit NetLink Controller (HKLM\...\{A84DB02B-9C2B-4272-9D2D-A80E00A56513}) (Version: 14.0.2.3 - Broadcom Corporation)
Catalyst Control Center - Branding (Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (Version: 2010.1028.1114.18274 - ATI) Hidden
Catalyst Control Center InstallProxy (Version: 2010.1028.1114.18274 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (Version: 2010.1028.1114.18274 - ATI) Hidden
CCC Help Chinese Standard (Version: 2010.1028.1113.18274 - ATI) Hidden
CCC Help Chinese Traditional (Version: 2010.1028.1113.18274 - ATI) Hidden
CCC Help Czech (Version: 2010.1028.1113.18274 - ATI) Hidden
CCC Help Danish (Version: 2010.1028.1113.18274 - ATI) Hidden
CCC Help Dutch (Version: 2010.1028.1113.18274 - ATI) Hidden
CCC Help English (Version: 2010.1028.1113.18274 - ATI) Hidden
CCC Help Finnish (Version: 2010.1028.1113.18274 - ATI) Hidden
CCC Help French (Version: 2010.1028.1113.18274 - ATI) Hidden
CCC Help German (Version: 2010.1028.1113.18274 - ATI) Hidden
CCC Help Greek (Version: 2010.1028.1113.18274 - ATI) Hidden
CCC Help Hungarian (Version: 2010.1028.1113.18274 - ATI) Hidden
CCC Help Italian (Version: 2010.1028.1113.18274 - ATI) Hidden
CCC Help Japanese (Version: 2010.1028.1113.18274 - ATI) Hidden
CCC Help Korean (Version: 2010.1028.1113.18274 - ATI) Hidden
CCC Help Norwegian (Version: 2010.1028.1113.18274 - ATI) Hidden
CCC Help Polish (Version: 2010.1028.1113.18274 - ATI) Hidden
CCC Help Portuguese (Version: 2010.1028.1113.18274 - ATI) Hidden
CCC Help Russian (Version: 2010.1028.1113.18274 - ATI) Hidden
CCC Help Spanish (Version: 2010.1028.1113.18274 - ATI) Hidden
CCC Help Swedish (Version: 2010.1028.1113.18274 - ATI) Hidden
CCC Help Thai (Version: 2010.1028.1113.18274 - ATI) Hidden
CCC Help Turkish (Version: 2010.1028.1113.18274 - ATI) Hidden
ccc-core-static (Version: 2010.1028.1114.18274 - ATI) Hidden
ccc-utility (Version: 2010.1028.1114.18274 - ATI) Hidden
Corel WinDVD (HKLM\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.5.548 - Corel Inc.)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{349F73CA-653A-43A6-AE77-970B07D6EDA0}) (Version:  - Microsoft)
EasyChange Powered by TrueSwitch (HKLM\...\EasyChange Powered by TrueSwitch) (Version:  - )
ETDWare PS/2-x86 7.0.6.5_WHQL (HKLM\...\Elantech) (Version: 7.0.6.5 - ELAN Microelectronics Corp.)
Free Opener (HKLM\...\{A1F2C608-32D6-467D-B035-BBEF509042BA}_is1) (Version: 1.4 - EZ Freeware)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.24.7 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.1.0.0 (Version: 1.00.0000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden
Identity Card (HKLM\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)
Install Absolute Data Protect (HKLM\...\{40F4FF7A-B214-4453-B973-080B09CED019}) (Version: 1.0.0.39 - Absolute Software)
iTunes (HKLM\...\{C197BC08-3D82-4651-8886-E68C21578A38}) (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 6 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217006FF}) (Version: 7.0.60 - Oracle)
Java Auto Updater (Version: 2.1.9.0 - Sun Microsystems, Inc.) Hidden
JavaFX 2.0.3 (HKLM\...\{1111706F-666A-4037-7777-203328764D10}) (Version: 2.0.3 - Oracle Corporation)
Junk Mail filter update (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Launch Manager (HKLM\...\LManager) (Version: 4.0.14 - Acer Inc.)
MarketResearch (Version: 140.0.214.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Business 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NTI Backup Now 5 (HKLM\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.630 - NewTech Infosystems)
NTI Backup Now Standard (Version: 5.1.2.630 - NewTech Infosystems) Hidden
NTI Media Maker 8 (HKLM\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.12.6636 - NewTech Infosystems)
NTI Media Maker 8 (Version: 8.0.12.6636 - NewTech Infosystems) Hidden
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
QuickTime (HKLM\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek HDMI Audio Driver for ATI (HKLM\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6034 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6206 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30122 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (Version:  - Microsoft) Hidden
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{5E8EB600-8B94-429E-873E-98369C6DC1BC}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Welcome Center (HKLM\...\Acer Welcome Center) (Version: 1.02.3004 - Acer Incorporated)
Windows Live Call (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Communications Platform (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Essentials (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Messenger (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Movie Maker (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Live Writer (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Migration Assistant (HKLM\...\{D8BC400A-9D14-468B-A674-1D76A987AAFC}) (Version: 1.0.1.3 - Apple Inc.)

==================== Restore Points  =========================

==================== Hosts content: ==========================

2009-07-13 22:04 - 2009-06-10 17:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0605CBE2-45C0-4ACE-B5DE-30766A9F2301} - \Security Center Update - 2995471077 No Task File <==== ATTENTION
Task: {0749E310-72FB-44E9-8E88-4D5C91E14A0E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14] (Adobe Systems Incorporated)
Task: {57B803BD-0C76-43A7-A9FE-49AEDF77FFE1} - System32\Tasks\Apple Diagnostics => C:\Program Files\Common Files\Apple\Internet Services\EReporter.exe
Task: {90E3E81E-DF95-4BE3-B400-65C3BF532002} - \Security Center Update - 2060996413 No Task File <==== ATTENTION
Task: {9EBE6BA1-051F-47C4-9636-F8811EA2196E} - System32\Tasks\DTReg => C:\Users\Michael DeLeon\AppData\Roaming\DefaultTab\DefaultTab\DTReg.exe <==== ATTENTION
Task: {DAA89BCE-6355-4E64-9D6F-C82D75CFC2FC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {E0D0F49D-21FD-4956-9E42-71E53E462BFE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-04-11] (Google Inc.)
Task: {EAE88279-A5A9-4D0E-BE8A-DFAAD2F02181} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-04-11] (Google Inc.)
Task: {ECD2699B-63D9-4DDD-AEDD-2E09DE9344E1} - \Security Center Update - 2209647838 No Task File <==== ATTENTION
Task: {FE4DBB29-F2BC-4043-8DED-3D23C553AE6D} - System32\Tasks\{36A0B6E0-DFAB-4493-9CBF-F54C83B434B1} => C:\Program Files\eGrabber\ListGrabber Standard 2012\ListGrabber.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-07-25 10:30 - 2008-01-16 18:46 - 00139264 _____ () C:\Windows\system32\spool\DRIVERS\W32X86\3\hpzpi5k4.dll
2013-01-28 13:08 - 2013-01-28 13:08 - 00087952 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2013-01-28 13:08 - 2013-01-28 13:08 - 01242512 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2010-06-28 18:20 - 2010-06-28 18:20 - 00465576 _____ () C:\Program Files\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2010-06-28 18:12 - 2010-06-28 18:12 - 01081600 _____ () C:\Program Files\NewTech Infosystems\Acer Backup Manager\ACE.dll
2010-09-27 08:37 - 2009-05-20 02:02 - 00072200 _____ () C:\Program Files\Launch Manager\CdDirIo.dll
2011-04-12 18:34 - 2011-04-12 18:34 - 00206208 _____ () C:\Windows\PLFSetI.exe

==================== Alternate Data Streams (whitelisted) =========

==================== Safe Mode (whitelisted) ===================

==================== EXE Association (whitelisted) =============

==================== Disabled items from MSCONFIG ==============

==================== Faulty Device Manager Devices =============

Name: Officejet 6500 E709n
Description: Officejet 6500 E709n
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Officejet 6500 E709n
Description: Officejet 6500 E709n
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: LogMeIn Kernel Information Provider
Description: LogMeIn Kernel Information Provider
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: LMIInfo
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

==================== Event log errors: =========================

Application errors:
==================
Error: (06/05/2014 03:12:21 PM) (Source: Microsoft Office 14) (EventID: 2001) (User: )
Description: Microsoft Outlook: Rejected Safe Mode action : Outlook failed to launch in safe mode. Do you want to start repair?.
Rejected Safe Mode action : Microsoft Outlook.

Error: (06/05/2014 02:46:35 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (06/05/2014 02:44:50 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (06/04/2014 10:10:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.17041, time stamp: 0x531807e4
Faulting module name: Flash32_13_0_0_214.ocx, version: 13.0.0.214, time stamp: 0x5359c422
Exception code: 0xc0000005
Fault offset: 0x0020ca1d
Faulting process id: 0x578
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (06/04/2014 10:08:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.17041, time stamp: 0x531807e4
Faulting module name: Flash32_13_0_0_214.ocx, version: 13.0.0.214, time stamp: 0x5359c422
Exception code: 0xc0000005
Fault offset: 0x0020ca1d
Faulting process id: 0x1ed4
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (06/04/2014 10:08:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.17041, time stamp: 0x531807e4
Faulting module name: Flash32_13_0_0_214.ocx, version: 13.0.0.214, time stamp: 0x5359c422
Exception code: 0xc0000005
Fault offset: 0x0020ca1d
Faulting process id: 0x1ed4
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (06/04/2014 10:03:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.17041, time stamp: 0x531807e4
Faulting module name: Flash32_13_0_0_214.ocx, version: 13.0.0.214, time stamp: 0x5359c422
Exception code: 0xc0000005
Fault offset: 0x0020ca1d
Faulting process id: 0x16fc
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (06/04/2014 09:56:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.17041, time stamp: 0x531807e4
Faulting module name: Flash32_13_0_0_214.ocx, version: 13.0.0.214, time stamp: 0x5359c422
Exception code: 0xc0000005
Fault offset: 0x0020ca1d
Faulting process id: 0x1558
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (06/04/2014 07:54:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d6727a7
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea91c
Exception code: 0xc000070a
Fault offset: 0x0009be4c
Faulting process id: 0xfc0
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3

Error: (06/04/2014 07:19:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d6727a7
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea91c
Exception code: 0xc0000008
Fault offset: 0x00081f84
Faulting process id: 0xa30
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3

System errors:
=============
Error: (06/05/2014 03:41:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The LogMeIn Kernel Information Provider service failed to start due to the following error:
%%3

Error: (06/05/2014 02:48:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The LogMeIn Kernel Information Provider service failed to start due to the following error:
%%3

Error: (06/05/2014 02:47:42 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (06/05/2014 02:47:27 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (06/05/2014 02:46:57 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (06/05/2014 02:46:42 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (06/05/2014 02:46:27 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (06/05/2014 02:45:36 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (06/05/2014 02:45:35 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1068netman{BA126AD1-2166-11D1-B1D0-00805FC1270E}

Error: (06/05/2014 02:45:30 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Microsoft Office Sessions:
=========================
Error: (06/05/2014 03:12:21 PM) (Source: Microsoft Office 14) (EventID: 2001) (User: )
Description: Microsoft OutlookOutlook failed to launch in safe mode. Do you want to start repair?

Error: (06/05/2014 02:46:35 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"c:\program files\free opener\NGEN\x64\ngen.exe

Error: (06/05/2014 02:44:50 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORC:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllC:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (06/04/2014 10:10:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe11.0.9600.17041531807e4Flash32_13_0_0_214.ocx13.0.0.2145359c422c00000050020ca1d57801cf80631f034de9C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\Macromed\Flash\Flash32_13_0_0_214.ocx84476549-ec56-11e3-955a-b870f4702b40

Error: (06/04/2014 10:08:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe11.0.9600.17041531807e4Flash32_13_0_0_214.ocx13.0.0.2145359c422c00000050020ca1d1ed401cf8062d87c1ebbC:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\Macromed\Flash\Flash32_13_0_0_214.ocx49f2a858-ec56-11e3-955a-b870f4702b40

Error: (06/04/2014 10:08:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe11.0.9600.17041531807e4Flash32_13_0_0_214.ocx13.0.0.2145359c422c00000050020ca1d1ed401cf8062d87c1ebbC:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\Macromed\Flash\Flash32_13_0_0_214.ocx466697c1-ec56-11e3-955a-b870f4702b40

Error: (06/04/2014 10:03:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe11.0.9600.17041531807e4Flash32_13_0_0_214.ocx13.0.0.2145359c422c00000050020ca1d16fc01cf806209e43da7C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\Macromed\Flash\Flash32_13_0_0_214.ocx945d30fa-ec55-11e3-955a-b870f4702b40

Error: (06/04/2014 09:56:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe11.0.9600.17041531807e4Flash32_13_0_0_214.ocx13.0.0.2145359c422c00000050020ca1d155801cf80612c46ef1aC:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\Macromed\Flash\Flash32_13_0_0_214.ocx9fa00bfc-ec54-11e3-95c7-b870f4702b40

Error: (06/04/2014 07:54:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d6727a7ntdll.dll6.1.7601.18247521ea91cc000070a0009be4cfc001cf804fe7842498C:\Windows\Explorer.EXEC:\Windows\SYSTEM32\ntdll.dll82ee97ab-ec43-11e3-9fac-f655f98bdfd7

Error: (06/04/2014 07:19:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d6727a7ntdll.dll6.1.7601.18247521ea91cc000000800081f84a3001cf800d2ee245acC:\Windows\Explorer.EXEC:\Windows\SYSTEM32\ntdll.dllbdbe794a-ec3e-11e3-a1c9-b870f4702b40

==================== Memory info ===========================

Percentage of memory in use: 46%
Total physical RAM: 1786.9 MB
Available physical RAM: 954.05 MB
Total Pagefile: 3573.8 MB
Available Pagefile: 2634 MB
Total Virtual: 2047.88 MB
Available Virtual: 1914.47 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:219.79 GB) (Free:133.15 GB) NTFS
Drive e: () (Removable) (Total:7.34 GB) (Free:6.43 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: A9865A40)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=220 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 7 GB) (Disk ID: 6F4E0D00)
No partition Table on disk 1.

==================== End Of Log ============================



#5 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:02 AM

Posted 05 June 2014 - 04:28 PM

Rovnix it is...


Start TDSSKiller.exe again with administrator privileges.
  • Set the parameters like in the first scan and click on Start scan.
  • This time select for the threat Rootkit.Boot.Cidox.b (and only for that) the option Cure (or Delete).
  • Click on Continue and allow the reboot.
  • Copy and paste the log file (C:\TDSSKiller.<version_date_time>_log.txt) of this run in your next reply.


#6 moron mike

moron mike
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:02 AM

Posted 05 June 2014 - 04:38 PM

17:29:54.0076 0x09c8  TDSS rootkit removing tool 3.0.0.38 Jun  3 2014 17:04:25
17:30:00.0854 0x09c8  ============================================================
17:30:00.0854 0x09c8  Current date / time: 2014/06/05 17:30:00.0854
17:30:00.0854 0x09c8  SystemInfo:
17:30:00.0854 0x09c8 
17:30:00.0854 0x09c8  OS Version: 6.1.7601 ServicePack: 1.0
17:30:00.0854 0x09c8  Product type: Workstation
17:30:00.0854 0x09c8  ComputerName: DELEON-PC
17:30:00.0854 0x09c8  UserName: Michael DeLeon
17:30:00.0854 0x09c8  Windows directory: C:\Windows
17:30:00.0854 0x09c8  System windows directory: C:\Windows
17:30:00.0854 0x09c8  Processor architecture: Intel x86
17:30:00.0854 0x09c8  Number of processors: 2
17:30:00.0854 0x09c8  Page size: 0x1000
17:30:00.0854 0x09c8  Boot type: Normal boot
17:30:00.0854 0x09c8  ============================================================
17:30:03.0460 0x09c8  KLMD registered as C:\Windows\system32\drivers\02910694.sys
17:30:03.0772 0x09c8  System UUID: {2A2C9F8C-C196-8387-E118-C01A062FEC2C}
17:30:04.0645 0x09c8  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
17:30:04.0645 0x09c8  ============================================================
17:30:04.0645 0x09c8  \Device\Harddisk0\DR0:
17:30:04.0645 0x09c8  MBR partitions:
17:30:04.0645 0x09c8  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1A00800, BlocksNum 0x32000
17:30:04.0645 0x09c8  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1A32800, BlocksNum 0x1B792800
17:30:04.0645 0x09c8  ============================================================
17:30:04.0677 0x09c8  C: <-> \Device\Harddisk0\DR0\Partition2
17:30:04.0677 0x09c8  ============================================================
17:30:04.0677 0x09c8  Initialize success
17:30:04.0677 0x09c8  ============================================================
17:30:18.0936 0x0cd4  ============================================================
17:30:18.0936 0x0cd4  Scan started
17:30:18.0936 0x0cd4  Mode: Manual; SigCheck; TDLFS;
17:30:18.0936 0x0cd4  ============================================================
17:30:18.0936 0x0cd4  KSN ping started
17:30:18.0983 0x0cd4  KSN ping finished: false
17:30:19.0451 0x0cd4  ================ Scan system memory ========================
17:30:19.0451 0x0cd4  System memory - ok
17:30:19.0451 0x0cd4  ================ Scan services =============================
17:30:19.0700 0x0cd4  [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
17:30:19.0794 0x0cd4  1394ohci - ok
17:30:19.0856 0x0cd4  [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI            C:\Windows\system32\drivers\ACPI.sys
17:30:19.0872 0x0cd4  ACPI - ok
17:30:19.0903 0x0cd4  [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
17:30:19.0934 0x0cd4  AcpiPmi - ok
17:30:20.0012 0x0cd4  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
17:30:20.0044 0x0cd4  AdobeARMservice - ok
17:30:20.0137 0x0cd4  [ 09E7C37DF4A911C8A9AA8BF88ACD10AA, E881E0BBDCED58F28E0BA8DC27372EDFFFF2C57EE31CD13A032FDC9F7C831B5A ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:30:20.0168 0x0cd4  AdobeFlashPlayerUpdateSvc - ok
17:30:20.0262 0x0cd4  [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
17:30:20.0293 0x0cd4  adp94xx - ok
17:30:20.0309 0x0cd4  [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
17:30:20.0340 0x0cd4  adpahci - ok
17:30:20.0371 0x0cd4  [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
17:30:20.0402 0x0cd4  adpu320 - ok
17:30:20.0449 0x0cd4  [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
17:30:20.0465 0x0cd4  AeLookupSvc - ok
17:30:20.0543 0x0cd4  [ F81BB7E487EDCEAB630A7EE66CF23913, 7D1638FD7E388EF670FA0A421762E0413351058A20DDF0F9988A383F05395A68 ] AFD             C:\Windows\system32\drivers\afd.sys
17:30:20.0574 0x0cd4  AFD - ok
17:30:20.0605 0x0cd4  [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\Windows\system32\drivers\agp440.sys
17:30:20.0636 0x0cd4  agp440 - ok
17:30:20.0668 0x0cd4  [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys
17:30:20.0683 0x0cd4  aic78xx - ok
17:30:20.0714 0x0cd4  [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG             C:\Windows\System32\alg.exe
17:30:20.0730 0x0cd4  ALG - ok
17:30:20.0792 0x0cd4  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide          C:\Windows\system32\drivers\aliide.sys
17:30:20.0824 0x0cd4  aliide - ok
17:30:20.0870 0x0cd4  [ B8015284389D81F09B7719223C23AFFF, BC0E0B97892302306960E7ECBBCCDC4755670D44C56A5B270A73D806B312CD2A ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
17:30:20.0902 0x0cd4  AMD External Events Utility - ok
17:30:20.0933 0x0cd4  [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
17:30:20.0948 0x0cd4  amdagp - ok
17:30:20.0995 0x0cd4  [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide          C:\Windows\system32\drivers\amdide.sys
17:30:21.0026 0x0cd4  amdide - ok
17:30:21.0058 0x0cd4  [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
17:30:21.0089 0x0cd4  AmdK8 - ok
17:30:21.0385 0x0cd4  [ BA9436ED787DA38B2262A8A05AC085B6, 8C87EFF59E9825F6EEBEFDEEAFA38ED4E350BD9074F63672106A7112B8188373 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
17:30:21.0635 0x0cd4  amdkmdag - ok
17:30:21.0713 0x0cd4  [ 61B3986E8DB00087094D3FEE6C0DA298, EF4E51EE06776D788A89B6F76DCE62D2F69D71D60FBC0CCC5F0952E9F09EC9EC ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
17:30:21.0744 0x0cd4  amdkmdap - ok
17:30:21.0791 0x0cd4  [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
17:30:21.0806 0x0cd4  AmdPPM - ok
17:30:21.0838 0x0cd4  [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
17:30:21.0853 0x0cd4  amdsata - ok
17:30:21.0884 0x0cd4  [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
17:30:21.0916 0x0cd4  amdsbs - ok
17:30:21.0947 0x0cd4  [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
17:30:21.0947 0x0cd4  amdxata - ok
17:30:21.0994 0x0cd4  [ AEA177F783E20150ACE5383EE368DA19, 8FA9EE27AA1F22E8B8FE33A21028CA1E0062BAA95CB132C20D55B98C03B4254F ] AppID           C:\Windows\system32\drivers\appid.sys
17:30:22.0025 0x0cd4  AppID - ok
17:30:22.0056 0x0cd4  [ 62A9C86CB6085E20DB4823E4E97826F5, E0F840B49710022C4FB437002AD06F64B0F6B5D628B32D00F2B66765E6B97E4B ] AppIDSvc        C:\Windows\System32\appidsvc.dll
17:30:22.0087 0x0cd4  AppIDSvc - ok
17:30:22.0134 0x0cd4  [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo         C:\Windows\System32\appinfo.dll
17:30:22.0150 0x0cd4  Appinfo - ok
17:30:22.0243 0x0cd4  [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:30:22.0274 0x0cd4  Apple Mobile Device - ok
17:30:22.0337 0x0cd4  [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt         C:\Windows\System32\appmgmts.dll
17:30:22.0352 0x0cd4  AppMgmt - ok
17:30:22.0399 0x0cd4  [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc             C:\Windows\system32\DRIVERS\arc.sys
17:30:22.0415 0x0cd4  arc - ok
17:30:22.0430 0x0cd4  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
17:30:22.0446 0x0cd4  arcsas - ok
17:30:22.0555 0x0cd4  [ 9D768C43FEF254DD50B1DBF8AD5C4C0B, A50854EA5C08605133B8BB4DFDC6090357C5665314AA72E0BFA1E07D4E451F09 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
17:30:22.0602 0x0cd4  aspnet_state - ok
17:30:22.0633 0x0cd4  [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
17:30:22.0680 0x0cd4  AsyncMac - ok
17:30:22.0727 0x0cd4  [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi           C:\Windows\system32\drivers\atapi.sys
17:30:22.0758 0x0cd4  atapi - ok
17:30:22.0914 0x0cd4  [ A0E63FD329ECB4B59908FB229E8A2C0D, 00772664667741ABF43CF46A61B354EC3BC1F1DD9DE3508D4F20E22515C986C4 ] athr            C:\Windows\system32\DRIVERS\athr.sys
17:30:22.0976 0x0cd4  athr - ok
17:30:23.0039 0x0cd4  [ C8B17AC82AD2EE9E0E58E3461008C5F7, A5870143F19317B50EF634DB05218E09B8B8087E14F2FC74F1E247E3ED827AA6 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW73.sys
17:30:23.0086 0x0cd4  AtiHDAudioService - ok
17:30:23.0148 0x0cd4  [ 4FFE74E33BD9170950116F0CA46EAC89, B69F2DDC63E608E4D53FDB37B720E8C1B4837DDCBA7552B938819B2DA3F701E5 ] AtiPcie         C:\Windows\system32\DRIVERS\AtiPcie.sys
17:30:23.0164 0x0cd4  AtiPcie - ok
17:30:23.0242 0x0cd4  [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:30:23.0288 0x0cd4  AudioEndpointBuilder - ok
17:30:23.0320 0x0cd4  [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] Audiosrv        C:\Windows\System32\Audiosrv.dll
17:30:23.0366 0x0cd4  Audiosrv - ok
17:30:23.0398 0x0cd4  [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV        C:\Windows\System32\AxInstSV.dll
17:30:23.0429 0x0cd4  AxInstSV - ok
17:30:23.0476 0x0cd4  [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
17:30:23.0522 0x0cd4  b06bdrv - ok
17:30:23.0554 0x0cd4  [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
17:30:23.0585 0x0cd4  b57nd60x - ok
17:30:23.0632 0x0cd4  [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC          C:\Windows\System32\bdesvc.dll
17:30:23.0647 0x0cd4  BDESVC - ok
17:30:23.0663 0x0cd4  [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep            C:\Windows\system32\drivers\Beep.sys
17:30:23.0710 0x0cd4  Beep - ok
17:30:23.0772 0x0cd4  [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE             C:\Windows\System32\bfe.dll
17:30:23.0803 0x0cd4  BFE - ok
17:30:23.0850 0x0cd4  [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS            C:\Windows\System32\qmgr.dll
17:30:23.0928 0x0cd4  BITS - ok
17:30:23.0975 0x0cd4  [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
17:30:24.0006 0x0cd4  blbdrive - ok
17:30:24.0100 0x0cd4  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:30:24.0131 0x0cd4  Bonjour Service - ok
17:30:24.0178 0x0cd4  [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
17:30:24.0209 0x0cd4  bowser - ok
17:30:24.0224 0x0cd4  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:30:24.0240 0x0cd4  BrFiltLo - ok
17:30:24.0271 0x0cd4  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:30:24.0302 0x0cd4  BrFiltUp - ok
17:30:24.0349 0x0cd4  [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser         C:\Windows\System32\browser.dll
17:30:24.0396 0x0cd4  Browser - ok
17:30:24.0443 0x0cd4  [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
17:30:24.0490 0x0cd4  Brserid - ok
17:30:24.0521 0x0cd4  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
17:30:24.0536 0x0cd4  BrSerWdm - ok
17:30:24.0568 0x0cd4  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
17:30:24.0583 0x0cd4  BrUsbMdm - ok
17:30:24.0599 0x0cd4  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
17:30:24.0614 0x0cd4  BrUsbSer - ok
17:30:24.0630 0x0cd4  [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
17:30:24.0661 0x0cd4  BTHMODEM - ok
17:30:24.0692 0x0cd4  [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv         C:\Windows\system32\bthserv.dll
17:30:24.0786 0x0cd4  bthserv - ok
17:30:24.0802 0x0cd4  [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
17:30:24.0833 0x0cd4  cdfs - ok
17:30:24.0895 0x0cd4  [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom           C:\Windows\system32\drivers\cdrom.sys
17:30:24.0942 0x0cd4  cdrom - ok
17:30:24.0973 0x0cd4  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc     C:\Windows\System32\certprop.dll
17:30:25.0004 0x0cd4  CertPropSvc - ok
17:30:25.0036 0x0cd4  [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
17:30:25.0082 0x0cd4  circlass - ok
17:30:25.0114 0x0cd4  [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS            C:\Windows\system32\CLFS.sys
17:30:25.0129 0x0cd4  CLFS - ok
17:30:25.0192 0x0cd4  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:30:25.0223 0x0cd4  clr_optimization_v2.0.50727_32 - ok
17:30:25.0285 0x0cd4  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:30:25.0332 0x0cd4  clr_optimization_v4.0.30319_32 - ok
17:30:25.0363 0x0cd4  [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
17:30:25.0394 0x0cd4  CmBatt - ok
17:30:25.0426 0x0cd4  [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
17:30:25.0457 0x0cd4  cmdide - ok
17:30:25.0535 0x0cd4  [ 85449EEBE8F8EBD6481EFBF0F352B4EB, E6FF04970C5A5BFDE7297A86C1C7B9BFE2E0F976A1A1AFB874CEB488DC6151CC ] CNG             C:\Windows\system32\Drivers\cng.sys
17:30:25.0597 0x0cd4  CNG - ok
17:30:25.0628 0x0cd4  [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
17:30:25.0644 0x0cd4  Compbatt - ok
17:30:25.0675 0x0cd4  [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
17:30:25.0691 0x0cd4  CompositeBus - ok
17:30:25.0706 0x0cd4  COMSysApp - ok
17:30:25.0722 0x0cd4  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
17:30:25.0738 0x0cd4  crcdisk - ok
17:30:25.0800 0x0cd4  [ 7CA1BECEA5DE2643ADDAD32670E7A4C9, E3AB4CC52A97E3855D7EAB87363F807FDD2162ED8C76A036CD71549ED64E7797 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
17:30:25.0847 0x0cd4  CryptSvc - ok
17:30:25.0894 0x0cd4  [ 3C2177A897B4CA2788C6FB0C3FD81D4B, 98575CBD0664586E6211D02E71BDD52CBAA149A1658573550E29E74E5F7B1553 ] CSC             C:\Windows\system32\drivers\csc.sys
17:30:25.0956 0x0cd4  CSC - ok
17:30:26.0018 0x0cd4  [ 15F93B37F6801943360D9EB42485D5D3, DD6838C6496CB15F8BB57A6596F6A64ADD9C36B09F062295699131232712B558 ] CscService      C:\Windows\System32\cscsvc.dll
17:30:26.0065 0x0cd4  CscService - ok
17:30:26.0112 0x0cd4  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch      C:\Windows\system32\rpcss.dll
17:30:26.0159 0x0cd4  DcomLaunch - ok
17:30:26.0190 0x0cd4  [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc       C:\Windows\System32\defragsvc.dll
17:30:26.0237 0x0cd4  defragsvc - ok
17:30:26.0268 0x0cd4  [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
17:30:26.0284 0x0cd4  DfsC - ok
17:30:26.0362 0x0cd4  [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
17:30:26.0408 0x0cd4  Dhcp - ok
17:30:26.0440 0x0cd4  [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache        C:\Windows\system32\drivers\discache.sys
17:30:26.0471 0x0cd4  discache - ok
17:30:26.0502 0x0cd4  [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
17:30:26.0518 0x0cd4  Disk - ok
17:30:26.0549 0x0cd4  [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache        C:\Windows\System32\dnsrslvr.dll
17:30:26.0580 0x0cd4  Dnscache - ok
17:30:26.0611 0x0cd4  [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc         C:\Windows\System32\dot3svc.dll
17:30:26.0658 0x0cd4  dot3svc - ok
17:30:26.0705 0x0cd4  [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS             C:\Windows\system32\dps.dll
17:30:26.0752 0x0cd4  DPS - ok
17:30:26.0798 0x0cd4  [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
17:30:26.0830 0x0cd4  drmkaud - ok
17:30:26.0908 0x0cd4  [ 9CF46FDF163E06B83D03FF929EF2296C, 40BB0226361DEC2E6CBFE79CA092083986BD3D94564ED5F3E54CA2EE9A756837 ] DsiWMIService   C:\Program Files\Launch Manager\dsiwmis.exe
17:30:26.0970 0x0cd4  DsiWMIService - ok
17:30:27.0064 0x0cd4  [ 71BC35067CABC02C9453AEAA42B2E43E, 713B19F2C08EA5E4C087F7A74A8856932CF33E19D63384823DD4E02ED8798619 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
17:30:27.0157 0x0cd4  DXGKrnl - ok
17:30:27.0204 0x0cd4  [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost         C:\Windows\System32\eapsvc.dll
17:30:27.0235 0x0cd4  EapHost - ok
17:30:27.0391 0x0cd4  [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
17:30:27.0578 0x0cd4  ebdrv - ok
17:30:27.0641 0x0cd4  edqqovsz - ok
17:30:27.0672 0x0cd4  [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] EFS             C:\Windows\System32\lsass.exe
17:30:27.0703 0x0cd4  EFS - ok
17:30:27.0797 0x0cd4  [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
17:30:27.0859 0x0cd4  ehRecvr - ok
17:30:27.0890 0x0cd4  [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched         C:\Windows\ehome\ehsched.exe
17:30:27.0906 0x0cd4  ehSched - ok
17:30:27.0968 0x0cd4  [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
17:30:28.0015 0x0cd4  elxstor - ok
17:30:28.0124 0x0cd4  [ 2609A5B13DE9B2EEB38F3A83A406D079, 013C5E179EEB62364A80D1C1EBDA791EE3C59B4C8E78CD6EC9C174512001A48F ] ePowerSvc       C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
17:30:28.0187 0x0cd4  ePowerSvc - ok
17:30:28.0234 0x0cd4  [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
17:30:28.0249 0x0cd4  ErrDev - ok
17:30:28.0312 0x0cd4  [ 7C87DF14552A5E0270DBD906BAFF85FB, C347234DD892E1A769DDB427BEE1A8C47A770BEF70BF7703F20C66F64627890B ] ETD             C:\Windows\system32\DRIVERS\ETD.sys
17:30:28.0343 0x0cd4  ETD - ok
17:30:28.0390 0x0cd4  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem     C:\Windows\system32\es.dll
17:30:28.0452 0x0cd4  EventSystem - ok
17:30:28.0483 0x0cd4  [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat           C:\Windows\system32\drivers\exfat.sys
17:30:28.0514 0x0cd4  exfat - ok
17:30:28.0546 0x0cd4  [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
17:30:28.0577 0x0cd4  fastfat - ok
17:30:28.0655 0x0cd4  [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax             C:\Windows\system32\fxssvc.exe
17:30:28.0733 0x0cd4  Fax - ok
17:30:28.0764 0x0cd4  [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
17:30:28.0795 0x0cd4  fdc - ok
17:30:28.0811 0x0cd4  [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost         C:\Windows\system32\fdPHost.dll
17:30:28.0842 0x0cd4  fdPHost - ok
17:30:28.0873 0x0cd4  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub        C:\Windows\system32\fdrespub.dll
17:30:28.0904 0x0cd4  FDResPub - ok
17:30:28.0920 0x0cd4  [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
17:30:28.0936 0x0cd4  FileInfo - ok
17:30:28.0936 0x0cd4  [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
17:30:28.0982 0x0cd4  Filetrace - ok
17:30:28.0998 0x0cd4  [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
17:30:29.0029 0x0cd4  flpydisk - ok
17:30:29.0045 0x0cd4  [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
17:30:29.0076 0x0cd4  FltMgr - ok
17:30:29.0201 0x0cd4  [ E12C4928B32ACE04610259647F072635, B71B9C2DF45F33C4DAC88435129B08B0BCDBBE82E8C3AD0A95F00137CC8B619F ] FontCache       C:\Windows\system32\FntCache.dll
17:30:29.0294 0x0cd4  FontCache - ok
17:30:29.0372 0x0cd4  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
17:30:29.0404 0x0cd4  FontCache3.0.0.0 - ok
17:30:29.0419 0x0cd4  [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
17:30:29.0435 0x0cd4  FsDepends - ok
17:30:29.0466 0x0cd4  [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
17:30:29.0482 0x0cd4  Fs_Rec - ok
17:30:29.0544 0x0cd4  [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
17:30:29.0591 0x0cd4  fvevol - ok
17:30:29.0638 0x0cd4  [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
17:30:29.0669 0x0cd4  gagp30kx - ok
17:30:29.0747 0x0cd4  [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:30:29.0762 0x0cd4  GEARAspiWDM - ok
17:30:29.0825 0x0cd4  [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc           C:\Windows\System32\gpsvc.dll
17:30:29.0887 0x0cd4  gpsvc - ok
17:30:29.0965 0x0cd4  [ 0191DEE9B9EB7902AF2CF4F67301095D, 9E2E263E84167E1AD3FFCEA84066AF07CD6A653F5D8266A619E4973BC4B25460 ] GREGService     C:\Program Files\Acer\Registration\GREGsvc.exe
17:30:29.0996 0x0cd4  GREGService - ok
17:30:30.0074 0x0cd4  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
17:30:30.0121 0x0cd4  gupdate - ok
17:30:30.0152 0x0cd4  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
17:30:30.0168 0x0cd4  gupdatem - ok
17:30:30.0230 0x0cd4  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
17:30:30.0277 0x0cd4  gusvc - ok
17:30:30.0308 0x0cd4  [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
17:30:30.0324 0x0cd4  hcw85cir - ok
17:30:30.0386 0x0cd4  [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:30:30.0433 0x0cd4  HdAudAddService - ok
17:30:30.0464 0x0cd4  [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
17:30:30.0496 0x0cd4  HDAudBus - ok
17:30:30.0511 0x0cd4  [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
17:30:30.0527 0x0cd4  HidBatt - ok
17:30:30.0558 0x0cd4  [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
17:30:30.0574 0x0cd4  HidBth - ok
17:30:30.0605 0x0cd4  [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
17:30:30.0636 0x0cd4  HidIr - ok
17:30:30.0667 0x0cd4  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv         C:\Windows\system32\hidserv.dll
17:30:30.0698 0x0cd4  hidserv - ok
17:30:30.0745 0x0cd4  [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
17:30:30.0761 0x0cd4  HidUsb - ok
17:30:30.0823 0x0cd4  [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc          C:\Windows\system32\kmsvc.dll
17:30:30.0886 0x0cd4  hkmsvc - ok
17:30:30.0901 0x0cd4  [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:30:30.0917 0x0cd4  HomeGroupListener - ok
17:30:30.0964 0x0cd4  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:30:31.0026 0x0cd4  HomeGroupProvider - ok
17:30:31.0073 0x0cd4  [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
17:30:31.0088 0x0cd4  HpSAMD - ok
17:30:31.0166 0x0cd4  [ 871917B07A141BFF43D76D8844D48106, 30C702008D0EE57D63F74864967DD19A55A268E77E42B5B3CC73037AD51D2987 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
17:30:31.0244 0x0cd4  HTTP - ok
17:30:31.0260 0x0cd4  [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
17:30:31.0276 0x0cd4  hwpolicy - ok
17:30:31.0338 0x0cd4  [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
17:30:31.0354 0x0cd4  i8042prt - ok
17:30:31.0400 0x0cd4  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
17:30:31.0416 0x0cd4  iaStorV - ok
17:30:31.0510 0x0cd4  [ C521D7EB6497BB1AF6AFA89E322FB43C, BDDCFCBB5B76A9295669B5AC9F732D6127199ED5C300770B554C4E4794F66BB7 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:30:31.0572 0x0cd4  idsvc - ok
17:30:31.0588 0x0cd4  IEEtwCollectorService - ok
17:30:31.0619 0x0cd4  iihaspgb - ok
17:30:31.0666 0x0cd4  [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
17:30:31.0681 0x0cd4  iirsp - ok
17:30:31.0806 0x0cd4  [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT          C:\Windows\System32\ikeext.dll
17:30:31.0868 0x0cd4  IKEEXT - ok
17:30:32.0102 0x0cd4  [ D887BB07C8DEE2F1CEB50F12FA96EC17, 4B4642CC474A00B018A91B89CEC6327A37188792477DE5DB718C63EC44ABB4DB ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
17:30:32.0290 0x0cd4  IntcAzAudAddService - ok
17:30:32.0352 0x0cd4  [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide        C:\Windows\system32\drivers\intelide.sys
17:30:32.0383 0x0cd4  intelide - ok
17:30:32.0414 0x0cd4  [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
17:30:32.0446 0x0cd4  intelppm - ok
17:30:32.0477 0x0cd4  [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
17:30:32.0524 0x0cd4  IPBusEnum - ok
17:30:32.0539 0x0cd4  [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:30:32.0570 0x0cd4  IpFilterDriver - ok
17:30:32.0648 0x0cd4  [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
17:30:32.0711 0x0cd4  iphlpsvc - ok
17:30:32.0742 0x0cd4  [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
17:30:32.0773 0x0cd4  IPMIDRV - ok
17:30:32.0789 0x0cd4  [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
17:30:32.0836 0x0cd4  IPNAT - ok
17:30:32.0929 0x0cd4  [ 066F2BBE2EEC9A42B065B552BF356B4E, AE86DB5BFD4748C54C0C224E7FBEA3C032F1071A39303DF35AA04869D3950B7A ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
17:30:32.0976 0x0cd4  iPod Service - ok
17:30:33.0007 0x0cd4  [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
17:30:33.0023 0x0cd4  IRENUM - ok
17:30:33.0038 0x0cd4  [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
17:30:33.0054 0x0cd4  isapnp - ok
17:30:33.0101 0x0cd4  [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
17:30:33.0132 0x0cd4  iScsiPrt - ok
17:30:33.0163 0x0cd4  [ F415A88162D23977B5EDAE4F0410E903, B86FD88B4285ED96BFDB9430E4DB134AC1B09DBB541929C4D6C1EEAF792D444D ] IviRegMgr       C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
17:30:33.0194 0x0cd4  IviRegMgr - ok
17:30:33.0241 0x0cd4  iwkjfoqy - ok
17:30:33.0288 0x0cd4  [ 1F55A632DE2EBBD675529B57D5D3714B, 3D9F0428231FE0CCFB2429100D2C7CFBB8E9C7FAC3435BA0FD53228D5AD8A97F ] k57nd60x        C:\Windows\system32\DRIVERS\k57nd60x.sys
17:30:33.0335 0x0cd4  k57nd60x - ok
17:30:33.0366 0x0cd4  [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
17:30:33.0397 0x0cd4  kbdclass - ok
17:30:33.0444 0x0cd4  [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
17:30:33.0460 0x0cd4  kbdhid - ok
17:30:33.0475 0x0cd4  [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] KeyIso          C:\Windows\system32\lsass.exe
17:30:33.0491 0x0cd4  KeyIso - ok
17:30:33.0522 0x0cd4  [ 4120DA10AA42A9996F4575DB9E3E6E6E, 1C6E790772EA327ACB885D731A030408160534997DD56FEE4D6CEE6929873BB8 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
17:30:33.0553 0x0cd4  KSecDD - ok
17:30:33.0569 0x0cd4  [ D3964885F0A11ACF51DA3AAA776973B2, 417ED5A3201FC50FBC0D646F8F2114A1E8A91E7919A62508DCBC156C0BFB2FBA ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
17:30:33.0600 0x0cd4  KSecPkg - ok
17:30:33.0631 0x0cd4  [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm           C:\Windows\system32\msdtckrm.dll
17:30:33.0678 0x0cd4  KtmRm - ok
17:30:33.0709 0x0cd4  [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer    C:\Windows\system32\srvsvc.dll
17:30:33.0740 0x0cd4  LanmanServer - ok
17:30:33.0772 0x0cd4  [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:30:33.0818 0x0cd4  LanmanWorkstation - ok
17:30:33.0850 0x0cd4  [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
17:30:33.0896 0x0cd4  lltdio - ok
17:30:33.0928 0x0cd4  [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
17:30:33.0959 0x0cd4  lltdsvc - ok
17:30:33.0990 0x0cd4  [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts         C:\Windows\System32\lmhsvc.dll
17:30:34.0021 0x0cd4  lmhosts - ok
17:30:34.0068 0x0cd4  LMIInfo - ok
17:30:34.0084 0x0cd4  [ 4477689E2D8AE6B78BA34C9AF4CC1ED1, 0BC8AF546901E6C20611C5250BD65ACD0C4A8613BD8F8835F0D4680B5777F051 ] lmimirr         C:\Windows\system32\DRIVERS\lmimirr.sys
17:30:34.0115 0x0cd4  lmimirr - ok
17:30:34.0146 0x0cd4  LMIRfsClientNP - ok
17:30:34.0177 0x0cd4  [ 3FAA563DDF853320F90259D455A01D79, D81B5FCC0CBCF9CE18E44A31071D357B12F5016159E24954E50E68D80C9F61B8 ] LMIRfsDriver    C:\Windows\system32\drivers\LMIRfsDriver.sys
17:30:34.0208 0x0cd4  LMIRfsDriver - ok
17:30:34.0240 0x0cd4  [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
17:30:34.0255 0x0cd4  LSI_FC - ok
17:30:34.0286 0x0cd4  [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
17:30:34.0318 0x0cd4  LSI_SAS - ok
17:30:34.0333 0x0cd4  [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:30:34.0349 0x0cd4  LSI_SAS2 - ok
17:30:34.0364 0x0cd4  [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:30:34.0380 0x0cd4  LSI_SCSI - ok
17:30:34.0427 0x0cd4  [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv           C:\Windows\system32\drivers\luafv.sys
17:30:34.0474 0x0cd4  luafv - ok
17:30:34.0489 0x0cd4  MBAMSwissArmy - ok
17:30:34.0520 0x0cd4  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
17:30:34.0536 0x0cd4  Mcx2Svc - ok
17:30:34.0552 0x0cd4  [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
17:30:34.0567 0x0cd4  megasas - ok
17:30:34.0614 0x0cd4  [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
17:30:34.0630 0x0cd4  MegaSR - ok
17:30:34.0676 0x0cd4  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS           C:\Windows\system32\mmcss.dll
17:30:34.0708 0x0cd4  MMCSS - ok
17:30:34.0723 0x0cd4  [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem           C:\Windows\system32\drivers\modem.sys
17:30:34.0754 0x0cd4  Modem - ok
17:30:34.0786 0x0cd4  [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
17:30:34.0801 0x0cd4  monitor - ok
17:30:34.0864 0x0cd4  [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
17:30:34.0895 0x0cd4  mouclass - ok
17:30:34.0910 0x0cd4  [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
17:30:34.0942 0x0cd4  mouhid - ok
17:30:34.0973 0x0cd4  [ FC8771F45ECCCFD89684E38842539B9B, 806DDF2B4830CA866582FE74A521BB7DF26CA0E19013DAF584D3677FB48CC77A ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
17:30:34.0988 0x0cd4  mountmgr - ok
17:30:35.0066 0x0cd4  [ 8072A7BB35D92CC621AC2605EEF79BC4, 68F61BE84A5032CEC24F04C90DACA1AE78F3744016389BE2345256B26E44E09A ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
17:30:35.0129 0x0cd4  MpFilter - ok
17:30:35.0144 0x0cd4  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio            C:\Windows\system32\drivers\mpio.sys
17:30:35.0160 0x0cd4  mpio - ok
17:30:35.0191 0x0cd4  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
17:30:35.0222 0x0cd4  mpsdrv - ok
17:30:35.0269 0x0cd4  [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc          C:\Windows\system32\mpssvc.dll
17:30:35.0316 0x0cd4  MpsSvc - ok
17:30:35.0363 0x0cd4  [ 21F4B24ACFC79A483515BD986DD9043F, 22681907E02E0B723ABE2CEF0602D36C8EF862E7E2B62A9B40A5EF582E58D7BA ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
17:30:35.0410 0x0cd4  MRxDAV - ok
17:30:35.0456 0x0cd4  [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
17:30:35.0503 0x0cd4  mrxsmb - ok
17:30:35.0534 0x0cd4  [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:30:35.0566 0x0cd4  mrxsmb10 - ok
17:30:35.0597 0x0cd4  [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:30:35.0612 0x0cd4  mrxsmb20 - ok
17:30:35.0659 0x0cd4  [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci          C:\Windows\system32\drivers\msahci.sys
17:30:35.0675 0x0cd4  msahci - ok
17:30:35.0722 0x0cd4  [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
17:30:35.0737 0x0cd4  msdsm - ok
17:30:35.0768 0x0cd4  [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC           C:\Windows\System32\msdtc.exe
17:30:35.0784 0x0cd4  MSDTC - ok
17:30:35.0831 0x0cd4  [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs            C:\Windows\system32\drivers\Msfs.sys
17:30:35.0862 0x0cd4  Msfs - ok
17:30:35.0878 0x0cd4  [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
17:30:35.0924 0x0cd4  mshidkmdf - ok
17:30:35.0956 0x0cd4  [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
17:30:35.0971 0x0cd4  msisadrv - ok
17:30:36.0018 0x0cd4  [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
17:30:36.0080 0x0cd4  MSiSCSI - ok
17:30:36.0080 0x0cd4  msiserver - ok
17:30:36.0096 0x0cd4  [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
17:30:36.0127 0x0cd4  MSKSSRV - ok
17:30:36.0221 0x0cd4  [ 1EE3643D1AA747222427F63353611AD7, 18465E375485DF4E980121449077D5BA87C25C5FA8D86F40DA3B7BE153306766 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
17:30:36.0252 0x0cd4  MsMpSvc - ok
17:30:36.0283 0x0cd4  [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
17:30:36.0314 0x0cd4  MSPCLOCK - ok
17:30:36.0330 0x0cd4  [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
17:30:36.0377 0x0cd4  MSPQM - ok
17:30:36.0392 0x0cd4  [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
17:30:36.0424 0x0cd4  MsRPC - ok
17:30:36.0455 0x0cd4  [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
17:30:36.0470 0x0cd4  mssmbios - ok
17:30:36.0486 0x0cd4  [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
17:30:36.0517 0x0cd4  MSTEE - ok
17:30:36.0548 0x0cd4  [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
17:30:36.0564 0x0cd4  MTConfig - ok
17:30:36.0580 0x0cd4  [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup             C:\Windows\system32\Drivers\mup.sys
17:30:36.0595 0x0cd4  Mup - ok
17:30:36.0658 0x0cd4  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent        C:\Windows\system32\qagentRT.dll
17:30:36.0720 0x0cd4  napagent - ok
17:30:36.0751 0x0cd4  [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
17:30:36.0782 0x0cd4  NativeWifiP - ok
17:30:36.0860 0x0cd4  [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS            C:\Windows\system32\drivers\ndis.sys
17:30:36.0923 0x0cd4  NDIS - ok
17:30:36.0938 0x0cd4  [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
17:30:36.0970 0x0cd4  NdisCap - ok
17:30:37.0001 0x0cd4  [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
17:30:37.0032 0x0cd4  NdisTapi - ok
17:30:37.0048 0x0cd4  [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
17:30:37.0094 0x0cd4  Ndisuio - ok
17:30:37.0141 0x0cd4  [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
17:30:37.0188 0x0cd4  NdisWan - ok
17:30:37.0235 0x0cd4  [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
17:30:37.0282 0x0cd4  NDProxy - ok
17:30:37.0360 0x0cd4  [ A081CB6FB9A12668F233EB5414BE3A0E, EE2A1311B51D1FEBAF79F45E568A927D8EA7704AFC8495AED2D26927566F61E3 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
17:30:37.0375 0x0cd4  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
17:30:37.0516 0x0cd4  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
17:30:37.0516 0x0cd4  Force sending object to P2P due to detect: C:\Windows\system32\HPZinw12.dll
17:30:37.0516 0x0cd4  Object send P2P result: false
17:30:37.0547 0x0cd4  [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
17:30:37.0625 0x0cd4  NetBIOS - ok
17:30:37.0672 0x0cd4  [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
17:30:37.0703 0x0cd4  NetBT - ok
17:30:37.0718 0x0cd4  [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] Netlogon        C:\Windows\system32\lsass.exe
17:30:37.0750 0x0cd4  Netlogon - ok
17:30:37.0781 0x0cd4  [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman          C:\Windows\System32\netman.dll
17:30:37.0843 0x0cd4  Netman - ok
17:30:37.0906 0x0cd4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:30:37.0937 0x0cd4  NetMsmqActivator - ok
17:30:37.0952 0x0cd4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:30:37.0984 0x0cd4  NetPipeActivator - ok
17:30:38.0015 0x0cd4  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm        C:\Windows\System32\netprofm.dll
17:30:38.0093 0x0cd4  netprofm - ok
17:30:38.0124 0x0cd4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:30:38.0140 0x0cd4  NetTcpActivator - ok
17:30:38.0155 0x0cd4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:30:38.0171 0x0cd4  NetTcpPortSharing - ok
17:30:38.0218 0x0cd4  [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
17:30:38.0233 0x0cd4  nfrd960 - ok
17:30:38.0296 0x0cd4  [ FCBC2F48430EB0D7150A6521C0B84ACA, EEFB975E2D1121EE9E93702F2CA2938C99C6B2273616C85816BA15E857E8D4FF ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
17:30:38.0327 0x0cd4  NisDrv - ok
17:30:38.0389 0x0cd4  [ E4AA07F8BCBCB66EF115C443CD45C7A2, 3B538D9E376F12FC8589BA500BB5E859337CF1856D0E4AA66E2E3B5E301DAEC5 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
17:30:38.0452 0x0cd4  NisSrv - ok
17:30:38.0498 0x0cd4  [ 374071043F9E4231EE43BE2BB48DD36D, C4FA3FC40CC49DBBB91901D14210A55D3831FAC9F9B3FF45FCA7F5CF242C9E92 ] NlaSvc          C:\Windows\System32\nlasvc.dll
17:30:38.0561 0x0cd4  NlaSvc - ok
17:30:38.0592 0x0cd4  [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
17:30:38.0623 0x0cd4  Npfs - ok
17:30:38.0639 0x0cd4  [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi             C:\Windows\system32\nsisvc.dll
17:30:38.0686 0x0cd4  nsi - ok
17:30:38.0701 0x0cd4  [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
17:30:38.0732 0x0cd4  nsiproxy - ok
17:30:38.0810 0x0cd4  [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
17:30:38.0888 0x0cd4  Ntfs - ok
17:30:39.0013 0x0cd4  [ 9A308FCDCCA98A15B6F62D36A272160E, 3991F70D42C1949067ED48CF4EB815E06360B077F6A2369AC76BF0892C3C33EE ] NTI IScheduleSvc C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
17:30:39.0060 0x0cd4  NTI IScheduleSvc - ok
17:30:39.0122 0x0cd4  [ 28C59F594044CBF8598B18C927097091, 7B7633A9BCB1E0A3F89DD697C296D77955907DCF239B4B9D155AD7B90F2A1E7A ] NTIBackupSvc    C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
17:30:39.0138 0x0cd4  NTIBackupSvc - ok
17:30:39.0169 0x0cd4  [ 94E08DCC43F46471D96953E712B6D82B, 3990598CE201D17C3377F1210F088E4883C001EA678F528D95E578664368782B ] NTIDrvr         C:\Windows\system32\drivers\NTIDrvr.sys
17:30:39.0185 0x0cd4  NTIDrvr - ok
17:30:39.0200 0x0cd4  [ B8D903B2894FF9AFBD99CA51C35590D7, AAC96724781EC5A715CEF85C65D4AE15283522D3F19020FC456BA0F73BAA22F9 ] NTISchedulerSvc C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
17:30:39.0216 0x0cd4  NTISchedulerSvc - ok
17:30:39.0247 0x0cd4  [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null            C:\Windows\system32\drivers\Null.sys
17:30:39.0278 0x0cd4  Null - ok
17:30:39.0310 0x0cd4  [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
17:30:39.0325 0x0cd4  nvraid - ok
17:30:39.0356 0x0cd4  [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
17:30:39.0372 0x0cd4  nvstor - ok
17:30:39.0403 0x0cd4  [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
17:30:39.0419 0x0cd4  nv_agp - ok
17:30:39.0450 0x0cd4  [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
17:30:39.0466 0x0cd4  ohci1394 - ok
17:30:39.0590 0x0cd4  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:30:39.0637 0x0cd4  ose - ok
17:30:39.0949 0x0cd4  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7, F342100E2E9001F11FDF93F856B50FA43F9B85D2C6B5706EC0433E77206498DA ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:30:40.0199 0x0cd4  osppsvc - ok
17:30:40.0261 0x0cd4  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
17:30:40.0308 0x0cd4  p2pimsvc - ok
17:30:40.0339 0x0cd4  [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc          C:\Windows\system32\p2psvc.dll
17:30:40.0386 0x0cd4  p2psvc - ok
17:30:40.0417 0x0cd4  [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport         C:\Windows\system32\DRIVERS\parport.sys
17:30:40.0433 0x0cd4  Parport - ok
17:30:40.0464 0x0cd4  [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
17:30:40.0480 0x0cd4  partmgr - ok
17:30:40.0511 0x0cd4  [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
17:30:40.0542 0x0cd4  Parvdm - ok
17:30:40.0573 0x0cd4  [ 358AB7956D3160000726574083DFC8A6, 6CAFD4D1B8AB8C1D167ADC018985DDAB5AC2CBFFB3434FE6390F14AF50C19025 ] PcaSvc          C:\Windows\System32\pcasvc.dll
17:30:40.0604 0x0cd4  PcaSvc - ok
17:30:40.0636 0x0cd4  [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci             C:\Windows\system32\drivers\pci.sys
17:30:40.0667 0x0cd4  pci - ok
17:30:40.0714 0x0cd4  [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide          C:\Windows\system32\drivers\pciide.sys
17:30:40.0745 0x0cd4  pciide - ok
17:30:40.0776 0x0cd4  [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
17:30:40.0792 0x0cd4  pcmcia - ok
17:30:40.0807 0x0cd4  [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw             C:\Windows\system32\drivers\pcw.sys
17:30:40.0838 0x0cd4  pcw - ok
17:30:40.0885 0x0cd4  [ 9E0104BA49F4E6973749A02BF41344ED, B32F39F38DB48D77FBA884DEE34112BAB81CCEF5DD2EAAA12D9589D73D2BB116 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
17:30:40.0948 0x0cd4  PEAUTH - ok
17:30:41.0041 0x0cd4  [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
17:30:41.0135 0x0cd4  PeerDistSvc - ok
17:30:41.0244 0x0cd4  [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla             C:\Windows\system32\pla.dll
17:30:41.0384 0x0cd4  pla - ok
17:30:41.0447 0x0cd4  [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
17:30:41.0494 0x0cd4  PlugPlay - ok
17:30:41.0572 0x0cd4  [ 65BC271F337637731D3C71455AE1F476, DAD32B61FE0147F8D2DA4C8F016920CD6BB2098F16E3CC2768009763E71DEFBC ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
17:30:41.0587 0x0cd4  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
17:30:41.0587 0x0cd4  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
17:30:41.0587 0x0cd4  Force sending object to P2P due to detect: C:\Windows\system32\HPZipm12.dll
17:30:41.0587 0x0cd4  Object send P2P result: false
17:30:41.0618 0x0cd4  [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
17:30:41.0650 0x0cd4  PNRPAutoReg - ok
17:30:41.0681 0x0cd4  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
17:30:41.0712 0x0cd4  PNRPsvc - ok
17:30:41.0759 0x0cd4  [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
17:30:41.0837 0x0cd4  PolicyAgent - ok
17:30:41.0884 0x0cd4  [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power           C:\Windows\system32\umpo.dll
17:30:41.0930 0x0cd4  Power - ok
17:30:41.0962 0x0cd4  [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
17:30:41.0993 0x0cd4  PptpMiniport - ok
17:30:42.0024 0x0cd4  [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
17:30:42.0071 0x0cd4  Processor - ok
17:30:42.0102 0x0cd4  [ CADEFAC453040E370A1BDFF3973BE00D, 2E3DD8DA702468D8AB0F3CE27188B1991D4CB015FB36BAE4C6E7996B61CF49B8 ] ProfSvc         C:\Windows\system32\profsvc.dll
17:30:42.0164 0x0cd4  ProfSvc - ok
17:30:42.0180 0x0cd4  [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:30:42.0180 0x0cd4  ProtectedStorage - ok
17:30:42.0227 0x0cd4  [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
17:30:42.0274 0x0cd4  Psched - ok
17:30:42.0305 0x0cd4  [ F036CFB275D0C55F4E45FBBF5F98B3C8, D8D1CA9F65B34A93AB9F7FD9BB6C453B2BF4E8320E620F56055B743DF1D56DE8 ] PSI_SVC_2       C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
17:30:42.0320 0x0cd4  PSI_SVC_2 - ok
17:30:42.0414 0x0cd4  [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
17:30:42.0539 0x0cd4  ql2300 - ok
17:30:42.0570 0x0cd4  [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
17:30:42.0586 0x0cd4  ql40xx - ok
17:30:42.0617 0x0cd4  [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE           C:\Windows\system32\qwave.dll
17:30:42.0664 0x0cd4  QWAVE - ok
17:30:42.0679 0x0cd4  [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
17:30:42.0695 0x0cd4  QWAVEdrv - ok
17:30:42.0726 0x0cd4  [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
17:30:42.0742 0x0cd4  RasAcd - ok
17:30:42.0773 0x0cd4  [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
17:30:42.0804 0x0cd4  RasAgileVpn - ok
17:30:42.0835 0x0cd4  [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto         C:\Windows\System32\rasauto.dll
17:30:42.0866 0x0cd4  RasAuto - ok
17:30:42.0882 0x0cd4  [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
17:30:42.0929 0x0cd4  Rasl2tp - ok
17:30:42.0944 0x0cd4  [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan          C:\Windows\System32\rasmans.dll
17:30:42.0991 0x0cd4  RasMan - ok
17:30:43.0007 0x0cd4  [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
17:30:43.0038 0x0cd4  RasPppoe - ok
17:30:43.0085 0x0cd4  [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
17:30:43.0132 0x0cd4  RasSstp - ok
17:30:43.0147 0x0cd4  [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
17:30:43.0194 0x0cd4  rdbss - ok
17:30:43.0210 0x0cd4  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
17:30:43.0241 0x0cd4  rdpbus - ok
17:30:43.0272 0x0cd4  [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
17:30:43.0303 0x0cd4  RDPCDD - ok
17:30:43.0334 0x0cd4  [ B973FCFC50DC1434E1970A146F7E3885, BE797E5F5AE34D37F8DA1134CE94DD14DBE36D2BC405B97E992E2257848B7CA9 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
17:30:43.0366 0x0cd4  RDPDR - ok
17:30:43.0381 0x0cd4  [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
17:30:43.0444 0x0cd4  RDPENCDD - ok
17:30:43.0459 0x0cd4  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
17:30:43.0490 0x0cd4  RDPREFMP - ok
17:30:43.0537 0x0cd4  [ F031683E6D1FEA157ABB2FF260B51E61, 83B552819A5964152882C527E1421DBCEAACC74DEB897E3C4B53F52F1467FED3 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
17:30:43.0600 0x0cd4  RDPWD - ok
17:30:43.0646 0x0cd4  [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
17:30:43.0662 0x0cd4  rdyboost - ok
17:30:43.0693 0x0cd4  [ 001B4278407F4303EFC902A2B16F2453, 92A95B0EFAAE7ADC6380D5207C86CB45BEEAE6974417A13669484A9D179E69AC ] regi            C:\Windows\system32\drivers\regi.sys
17:30:43.0693 0x0cd4  regi - ok
17:30:43.0740 0x0cd4  [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess    C:\Windows\System32\mprdim.dll
17:30:43.0771 0x0cd4  RemoteAccess - ok
17:30:43.0818 0x0cd4  [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry  C:\Windows\system32\regsvc.dll
17:30:43.0880 0x0cd4  RemoteRegistry - ok
17:30:43.0896 0x0cd4  [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
17:30:43.0943 0x0cd4  RpcEptMapper - ok
17:30:43.0943 0x0cd4  [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator      C:\Windows\system32\locator.exe
17:30:43.0958 0x0cd4  RpcLocator - ok
17:30:44.0005 0x0cd4  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs           C:\Windows\system32\rpcss.dll
17:30:44.0036 0x0cd4  RpcSs - ok
17:30:44.0083 0x0cd4  [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
17:30:44.0130 0x0cd4  rspndr - ok
17:30:44.0192 0x0cd4  [ F1ED9FFA59C369E72BC53A7631346F61, 3404CFEC1614201FF9B5053547EFA08FF5EEBC4E67DD0FF37C35CA55292C0862 ] RSUSBSTOR       C:\Windows\System32\Drivers\RtsUStor.sys
17:30:44.0239 0x0cd4  RSUSBSTOR - ok
17:30:44.0302 0x0cd4  [ 7CB9F0FDD730F4A4ECF6CDE15EA12E8A, A6810A901620119E1809297A568DC903729471F4F4F813F1C60378E122D2358E ] RS_Service      C:\Program Files\Acer\Acer VCM\RS_Service.exe
17:30:44.0364 0x0cd4  RS_Service - ok
17:30:44.0411 0x0cd4  [ 2FD0636A8A3E8B2D0FEF07D48CFBA7A2, 2AD402245A1394C616494F45D80E8C81DA3E6F83904E2BCD46DD1E0CA035DAC4 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIV.sys
17:30:44.0458 0x0cd4  RTHDMIAzAudService - ok
17:30:44.0489 0x0cd4  [ 7FA7F2E249A5DCBB7970630E15E1F482, 9633B193F3FDA67BC551C6DCA4788AB83E9F45F77763EE579D02FE5D6B80DEDF ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
17:30:44.0504 0x0cd4  s3cap - ok
17:30:44.0520 0x0cd4  [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] SamSs           C:\Windows\system32\lsass.exe
17:30:44.0551 0x0cd4  SamSs - ok
17:30:44.0582 0x0cd4  [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
17:30:44.0614 0x0cd4  sbp2port - ok
17:30:44.0660 0x0cd4  [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
17:30:44.0707 0x0cd4  SCardSvr - ok
17:30:44.0723 0x0cd4  [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
17:30:44.0754 0x0cd4  scfilter - ok
17:30:44.0832 0x0cd4  [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule        C:\Windows\system32\schedsvc.dll
17:30:44.0894 0x0cd4  Schedule - ok
17:30:44.0957 0x0cd4  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc     C:\Windows\System32\certprop.dll
17:30:44.0988 0x0cd4  SCPolicySvc - ok
17:30:45.0035 0x0cd4  [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
17:30:45.0066 0x0cd4  SDRSVC - ok
17:30:45.0097 0x0cd4  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
17:30:45.0128 0x0cd4  secdrv - ok
17:30:45.0160 0x0cd4  [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon        C:\Windows\system32\seclogon.dll
17:30:45.0191 0x0cd4  seclogon - ok
17:30:45.0206 0x0cd4  [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS            C:\Windows\System32\sens.dll
17:30:45.0238 0x0cd4  SENS - ok
17:30:45.0269 0x0cd4  [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
17:30:45.0284 0x0cd4  SensrSvc - ok
17:30:45.0316 0x0cd4  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
17:30:45.0331 0x0cd4  Serenum - ok
17:30:45.0347 0x0cd4  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial          C:\Windows\system32\DRIVERS\serial.sys
17:30:45.0362 0x0cd4  Serial - ok
17:30:45.0394 0x0cd4  [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
17:30:45.0409 0x0cd4  sermouse - ok
17:30:45.0440 0x0cd4  [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv      C:\Windows\system32\sessenv.dll
17:30:45.0487 0x0cd4  SessionEnv - ok
17:30:45.0518 0x0cd4  [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
17:30:45.0534 0x0cd4  sffdisk - ok
17:30:45.0550 0x0cd4  [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
17:30:45.0565 0x0cd4  sffp_mmc - ok
17:30:45.0581 0x0cd4  [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
17:30:45.0596 0x0cd4  sffp_sd - ok
17:30:45.0612 0x0cd4  [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
17:30:45.0628 0x0cd4  sfloppy - ok
17:30:45.0690 0x0cd4  [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
17:30:45.0784 0x0cd4  SharedAccess - ok
17:30:45.0830 0x0cd4  [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:30:45.0893 0x0cd4  ShellHWDetection - ok
17:30:45.0924 0x0cd4  [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp          C:\Windows\system32\drivers\sisagp.sys
17:30:45.0940 0x0cd4  sisagp - ok
17:30:45.0971 0x0cd4  [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:30:45.0986 0x0cd4  SiSRaid2 - ok
17:30:46.0018 0x0cd4  [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
17:30:46.0033 0x0cd4  SiSRaid4 - ok
17:30:46.0064 0x0cd4  [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
17:30:46.0096 0x0cd4  Smb - ok
17:30:46.0142 0x0cd4  [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
17:30:46.0158 0x0cd4  SNMPTRAP - ok
17:30:46.0189 0x0cd4  [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr           C:\Windows\system32\drivers\spldr.sys
17:30:46.0205 0x0cd4  spldr - ok
17:30:46.0252 0x0cd4  [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler         C:\Windows\System32\spoolsv.exe
17:30:46.0298 0x0cd4  Spooler - ok
17:30:46.0470 0x0cd4  [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc          C:\Windows\system32\sppsvc.exe
17:30:46.0657 0x0cd4  sppsvc - ok
17:30:46.0688 0x0cd4  [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify     C:\Windows\system32\sppuinotify.dll
17:30:46.0720 0x0cd4  sppuinotify - ok
17:30:46.0766 0x0cd4  [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv             C:\Windows\system32\DRIVERS\srv.sys
17:30:46.0798 0x0cd4  srv - ok
17:30:46.0829 0x0cd4  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
17:30:46.0860 0x0cd4  srv2 - ok
17:30:46.0876 0x0cd4  [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
17:30:46.0891 0x0cd4  srvnet - ok
17:30:46.0922 0x0cd4  [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
17:30:46.0969 0x0cd4  SSDPSRV - ok
17:30:46.0985 0x0cd4  [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
17:30:47.0016 0x0cd4  SstpSvc - ok
17:30:47.0047 0x0cd4  [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
17:30:47.0063 0x0cd4  stexstor - ok
17:30:47.0125 0x0cd4  [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc          C:\Windows\System32\wiaservc.dll
17:30:47.0203 0x0cd4  StiSvc - ok
17:30:47.0219 0x0cd4  [ 472AF0311073DCECEAA8FA18BA2BDF89, 089414057EB2047E42C96C1ACE79D509967461DC5A4D2836F63C04268637A3FC ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
17:30:47.0250 0x0cd4  storflt - ok
17:30:47.0266 0x0cd4  [ 0BF669F0A910BEDA4A32258D363AF2A5, 83EEBACDE4F69A2866B69CAA633F5C8B3CB01D88CEDB01B6EA5988E0A25CEE47 ] StorSvc         C:\Windows\system32\storsvc.dll
17:30:47.0281 0x0cd4  StorSvc - ok
17:30:47.0312 0x0cd4  [ DCAFFD62259E0BDB433DD67B5BB37619, CBD12FF9BBF33D18B0F3D322B12EC62E7DF3BF45C6AD43D2E91FF4C4762E05D0 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
17:30:47.0328 0x0cd4  storvsc - ok
17:30:47.0344 0x0cd4  [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum          C:\Windows\system32\drivers\swenum.sys
17:30:47.0359 0x0cd4  swenum - ok
17:30:47.0375 0x0cd4  [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv           C:\Windows\System32\swprv.dll
17:30:47.0437 0x0cd4  swprv - ok
17:30:47.0500 0x0cd4  [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain         C:\Windows\system32\sysmain.dll
17:30:47.0578 0x0cd4  SysMain - ok
17:30:47.0624 0x0cd4  [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
17:30:47.0640 0x0cd4  TabletInputService - ok
17:30:47.0671 0x0cd4  [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv         C:\Windows\System32\tapisrv.dll
17:30:47.0718 0x0cd4  TapiSrv - ok
17:30:47.0749 0x0cd4  [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS             C:\Windows\System32\tbssvc.dll
17:30:47.0780 0x0cd4  TBS - ok
17:30:47.0890 0x0cd4  [ CA59F7C570AF70BC174F477CFE2D9EE3, F09E4E14207A2AC6957D2C0AC8707D0E356A9087FA6DC703373242D8EEB026BD ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
17:30:47.0983 0x0cd4  Tcpip - ok
17:30:48.0061 0x0cd4  [ CA59F7C570AF70BC174F477CFE2D9EE3, F09E4E14207A2AC6957D2C0AC8707D0E356A9087FA6DC703373242D8EEB026BD ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
17:30:48.0124 0x0cd4  TCPIP6 - ok
17:30:48.0155 0x0cd4  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
17:30:48.0202 0x0cd4  tcpipreg - ok
17:30:48.0233 0x0cd4  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
17:30:48.0248 0x0cd4  TDPIPE - ok
17:30:48.0280 0x0cd4  [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
17:30:48.0311 0x0cd4  TDTCP - ok
17:30:48.0358 0x0cd4  [ B459575348C20E8121D6039DA063C704, 1B4328A9EA39FF5A57F258E02254D04B73455F1DF7C997C13702A8B2F12D0347 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
17:30:48.0404 0x0cd4  tdx - ok
17:30:48.0436 0x0cd4  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD          C:\Windows\system32\drivers\termdd.sys
17:30:48.0451 0x0cd4  TermDD - ok
17:30:48.0514 0x0cd4  [ 382C804C92811BE57829D8E550A900E2, 5F52C2E7902024CF1C9CC0069F411C3F19CCA3DB209F437FA0F3932D4898EB50 ] TermService     C:\Windows\System32\termsrv.dll
17:30:48.0607 0x0cd4  TermService - ok
17:30:48.0638 0x0cd4  [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes          C:\Windows\system32\themeservice.dll
17:30:48.0670 0x0cd4  Themes - ok
17:30:48.0685 0x0cd4  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER     C:\Windows\system32\mmcss.dll
17:30:48.0716 0x0cd4  THREADORDER - ok
17:30:48.0748 0x0cd4  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks          C:\Windows\System32\trkwks.dll
17:30:48.0779 0x0cd4  TrkWks - ok
17:30:48.0841 0x0cd4  [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:30:48.0888 0x0cd4  TrustedInstaller - ok
17:30:48.0950 0x0cd4  [ B37B08F2E5EEB1A37E448E09BACE1101, 32CC9E06B88BAB6FAB4696B744548DFCE9199A7FD2BA8B019F269CA75895852C ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
17:30:48.0966 0x0cd4  tssecsrv - ok
17:30:49.0013 0x0cd4  [ FD1D6C73E6333BE727CBCC6054247654, 6F7B9AE1A5986204DB3348D13B303F30FC17624939DA74D6BD114FAEED0FB30E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
17:30:49.0044 0x0cd4  TsUsbFlt - ok
17:30:49.0106 0x0cd4  [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
17:30:49.0169 0x0cd4  tunnel - ok
17:30:49.0200 0x0cd4  [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
17:30:49.0216 0x0cd4  uagp35 - ok
17:30:49.0247 0x0cd4  [ 91096BD971BF7C1C4CA58C1CE594BB24, 9F1A007995D21CF87D0E44BA2555E7429CF3E8B6A44F11C9B619C73F13BD18F5 ] UBHelper        C:\Windows\system32\drivers\UBHelper.sys
17:30:49.0262 0x0cd4  UBHelper - ok
17:30:49.0294 0x0cd4  [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
17:30:49.0340 0x0cd4  udfs - ok
17:30:49.0387 0x0cd4  [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect       C:\Windows\system32\UI0Detect.exe
17:30:49.0418 0x0cd4  UI0Detect - ok
17:30:49.0434 0x0cd4  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
17:30:49.0465 0x0cd4  uliagpkx - ok
17:30:49.0512 0x0cd4  [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
17:30:49.0543 0x0cd4  umbus - ok
17:30:49.0574 0x0cd4  [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
17:30:49.0606 0x0cd4  UmPass - ok
17:30:49.0621 0x0cd4  [ 409994A8EACEEE4E328749C0353527A0, FFC57B647147DE2957A7DE4B330CC534DE7AC892A2FCE3BB164F7A516CAB1B56 ] UmRdpService    C:\Windows\System32\umrdp.dll
17:30:49.0652 0x0cd4  UmRdpService - ok
17:30:49.0746 0x0cd4  [ F9EC9ACD504D823D9B9CA98A4F8D3CA2, 58DAD5111C598F14CB199FE6A61FA5918F29513B778A8664FD05EFAB3C665D4F ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
17:30:49.0808 0x0cd4  Updater Service - ok
17:30:49.0855 0x0cd4  [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost        C:\Windows\System32\upnphost.dll
17:30:49.0933 0x0cd4  upnphost - ok
17:30:49.0980 0x0cd4  [ 6E421CCC57059B0186C6259CA3B6DFC9, E348BF23CCD6C14FD10C1689BBDC77E125245331F97BFE60D4C8FD9A8711CB59 ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
17:30:49.0996 0x0cd4  USBAAPL - ok
17:30:50.0027 0x0cd4  [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
17:30:50.0042 0x0cd4  usbccgp - ok
17:30:50.0089 0x0cd4  [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir          C:\Windows\system32\drivers\usbcir.sys
17:30:50.0136 0x0cd4  usbcir - ok
17:30:50.0136 0x0cd4  [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
17:30:50.0167 0x0cd4  usbehci - ok
17:30:50.0214 0x0cd4  [ FB0E8B624D1F7E214EDB3D6E56B4EC88, 1B0E1909D282A7E25CF4CA01F135E86851836FF795E92636BAFD61ED432AB2CB ] usbfilter       C:\Windows\system32\DRIVERS\usbfilter.sys
17:30:50.0230 0x0cd4  usbfilter - ok
17:30:50.0276 0x0cd4  [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
17:30:50.0308 0x0cd4  usbhub - ok
17:30:50.0339 0x0cd4  [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
17:30:50.0370 0x0cd4  usbohci - ok
17:30:50.0417 0x0cd4  [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
17:30:50.0432 0x0cd4  usbprint - ok
17:30:50.0479 0x0cd4  [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:30:50.0510 0x0cd4  USBSTOR - ok
17:30:50.0542 0x0cd4  [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
17:30:50.0557 0x0cd4  usbuhci - ok
17:30:50.0604 0x0cd4  [ DE014425522610BEDCA3821BB8C0F1D5, D6FEA0DF07F89834AEEE8C02CC7FD41068D758B6CCECE2EEE5CF4B9DB646FA1E ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
17:30:50.0635 0x0cd4  usbvideo - ok
17:30:50.0666 0x0cd4  [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms           C:\Windows\System32\uxsms.dll
17:30:50.0698 0x0cd4  UxSms - ok
17:30:50.0713 0x0cd4  [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] VaultSvc        C:\Windows\system32\lsass.exe
17:30:50.0744 0x0cd4  VaultSvc - ok
17:30:50.0760 0x0cd4  [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
17:30:50.0776 0x0cd4  vdrvroot - ok
17:30:50.0822 0x0cd4  [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds             C:\Windows\System32\vds.exe
17:30:50.0885 0x0cd4  vds - ok
17:30:50.0916 0x0cd4  [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
17:30:50.0932 0x0cd4  vga - ok
17:30:50.0947 0x0cd4  [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave         C:\Windows\System32\drivers\vga.sys
17:30:50.0978 0x0cd4  VgaSave - ok
17:30:51.0025 0x0cd4  [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
17:30:51.0072 0x0cd4  vhdmp - ok
17:30:51.0103 0x0cd4  [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
17:30:51.0134 0x0cd4  viaagp - ok
17:30:51.0150 0x0cd4  [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys
17:30:51.0166 0x0cd4  ViaC7 - ok
17:30:51.0212 0x0cd4  [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide          C:\Windows\system32\drivers\viaide.sys
17:30:51.0244 0x0cd4  viaide - ok
17:30:51.0259 0x0cd4  [ C2F2911156FDC7817C52829C86DA494E, FE499F189B5016FCE0018AA3DE3970B72275B7B15F3D4D608117F6DDEC6B90DC ] vmbus           C:\Windows\system32\drivers\vmbus.sys
17:30:51.0290 0x0cd4  vmbus - ok
17:30:51.0306 0x0cd4  [ D4D77455211E204F370D08F4963063CE, 2018B2A84C73E0834200A594C02A9D28C74906F126DAD3CCDDFC9CD9A61669E2 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
17:30:51.0322 0x0cd4  VMBusHID - ok
17:30:51.0353 0x0cd4  [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
17:30:51.0368 0x0cd4  volmgr - ok
17:30:51.0400 0x0cd4  [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
17:30:51.0415 0x0cd4  volmgrx - ok
17:30:51.0446 0x0cd4  [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
17:30:51.0462 0x0cd4  volsnap - ok
17:30:51.0509 0x0cd4  [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
17:30:51.0556 0x0cd4  vsmraid - ok
17:30:51.0634 0x0cd4  [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS             C:\Windows\system32\vssvc.exe
17:30:51.0727 0x0cd4  VSS - ok
17:30:51.0743 0x0cd4  [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
17:30:51.0774 0x0cd4  vwifibus - ok
17:30:51.0774 0x0cd4  [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
17:30:51.0805 0x0cd4  vwififlt - ok
17:30:51.0836 0x0cd4  [ A3F04CBEA6C2A10E6CB01F8B47611882, 32AFE18B07FECA30BC95831A5DC94C784E543784DF16165334A777DC84E91EF3 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
17:30:51.0852 0x0cd4  vwifimp - ok
17:30:51.0883 0x0cd4  [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time         C:\Windows\system32\w32time.dll
17:30:51.0946 0x0cd4  W32Time - ok
17:30:51.0961 0x0cd4  [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
17:30:51.0992 0x0cd4  WacomPen - ok
17:30:52.0008 0x0cd4  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
17:30:52.0039 0x0cd4  WANARP - ok
17:30:52.0055 0x0cd4  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
17:30:52.0086 0x0cd4  Wanarpv6 - ok
17:30:52.0195 0x0cd4  [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
17:30:52.0304 0x0cd4  WatAdminSvc - ok
17:30:52.0367 0x0cd4  [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine        C:\Windows\system32\wbengine.exe
17:30:52.0476 0x0cd4  wbengine - ok
17:30:52.0523 0x0cd4  [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
17:30:52.0554 0x0cd4  WbioSrvc - ok
17:30:52.0585 0x0cd4  [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc         C:\Windows\System32\wcncsvc.dll
17:30:52.0632 0x0cd4  wcncsvc - ok
17:30:52.0648 0x0cd4  [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:30:52.0663 0x0cd4  WcsPlugInService - ok
17:30:52.0694 0x0cd4  [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
17:30:52.0710 0x0cd4  Wd - ok
17:30:52.0804 0x0cd4  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
17:30:52.0882 0x0cd4  Wdf01000 - ok
17:30:52.0897 0x0cd4  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost  C:\Windows\system32\wdi.dll
17:30:52.0928 0x0cd4  WdiServiceHost - ok
17:30:52.0944 0x0cd4  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost   C:\Windows\system32\wdi.dll
17:30:52.0960 0x0cd4  WdiSystemHost - ok
17:30:53.0006 0x0cd4  [ 75E8EBD7040CE238684333F97014762A, 2CA0B267FBAEB303D1F8B639D733DC0DE17BA1276CC9096035B4F2BBBED3EF7F ] WebClient       C:\Windows\System32\webclnt.dll
17:30:53.0038 0x0cd4  WebClient - ok
17:30:53.0053 0x0cd4  [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc          C:\Windows\system32\wecsvc.dll
17:30:53.0116 0x0cd4  Wecsvc - ok
17:30:53.0147 0x0cd4  [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
17:30:53.0178 0x0cd4  wercplsupport - ok
17:30:53.0209 0x0cd4  [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc          C:\Windows\System32\WerSvc.dll
17:30:53.0256 0x0cd4  WerSvc - ok
17:30:53.0287 0x0cd4  [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
17:30:53.0318 0x0cd4  WfpLwf - ok
17:30:53.0334 0x0cd4  [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
17:30:53.0350 0x0cd4  WIMMount - ok
17:30:53.0474 0x0cd4  [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
17:30:53.0552 0x0cd4  WinDefend - ok
17:30:53.0599 0x0cd4  WinHttpAutoProxySvc - ok
17:30:53.0662 0x0cd4  [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
17:30:53.0740 0x0cd4  Winmgmt - ok
17:30:53.0833 0x0cd4  [ 1B91CD34EA3A90AB6A4EF0550174F4CC, 5B6618615EBFBA594C945AD35F5C68DA8C6053892B6D12D626BB6120910D80DC ] WinRM           C:\Windows\system32\WsmSvc.dll
17:30:53.0942 0x0cd4  WinRM - ok
17:30:53.0989 0x0cd4  [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
17:30:54.0036 0x0cd4  WinUsb - ok
17:30:54.0083 0x0cd4  [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc         C:\Windows\System32\wlansvc.dll
17:30:54.0192 0x0cd4  Wlansvc - ok
17:30:54.0208 0x0cd4  [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
17:30:54.0223 0x0cd4  WmiAcpi - ok
17:30:54.0270 0x0cd4  [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
17:30:54.0286 0x0cd4  wmiApSrv - ok
17:30:54.0442 0x0cd4  [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
17:30:54.0535 0x0cd4  WMPNetworkSvc - ok
17:30:54.0566 0x0cd4  [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
17:30:54.0582 0x0cd4  WPCSvc - ok
17:30:54.0613 0x0cd4  [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
17:30:54.0629 0x0cd4  WPDBusEnum - ok
17:30:54.0660 0x0cd4  [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
17:30:54.0691 0x0cd4  ws2ifsl - ok
17:30:54.0707 0x0cd4  [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc          C:\Windows\System32\wscsvc.dll
17:30:54.0738 0x0cd4  wscsvc - ok
17:30:54.0785 0x0cd4  [ 553F6CCD7C58EB98D4A8FBDAF283D7A9, 71FBE50C470D1F54FDAADCECEC2CB021AE240CD59DE4E8EB5BCAA6E7F2F86560 ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
17:30:54.0832 0x0cd4  WSDPrintDevice - ok
17:30:54.0847 0x0cd4  WSearch - ok
17:30:55.0003 0x0cd4  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll
17:30:55.0144 0x0cd4  wuauserv - ok
17:30:55.0190 0x0cd4  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
17:30:55.0206 0x0cd4  WudfPf - ok
17:30:55.0253 0x0cd4  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
17:30:55.0300 0x0cd4  WUDFRd - ok
17:30:55.0346 0x0cd4  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
17:30:55.0378 0x0cd4  wudfsvc - ok
17:30:55.0440 0x0cd4  [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc         C:\Windows\System32\wwansvc.dll
17:30:55.0502 0x0cd4  WwanSvc - ok
17:30:55.0534 0x0cd4  ================ Scan global ===============================
17:30:55.0565 0x0cd4  [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll
17:30:55.0612 0x0cd4  [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
17:30:55.0643 0x0cd4  [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
17:30:55.0674 0x0cd4  [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
17:30:55.0690 0x0cd4  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\Windows\system32\services.exe
17:30:55.0705 0x0cd4  [ Global ] - ok
17:30:55.0705 0x0cd4  ================ Scan MBR ==================================
17:30:55.0721 0x0cd4  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:30:56.0282 0x0cd4  \Device\Harddisk0\DR0 - ok
17:30:56.0282 0x0cd4  ================ Scan VBR ==================================
17:30:56.0282 0x0cd4  [ F86FF775E337225B2CE61C6792E75AFC ] \Device\Harddisk0\DR0\Partition1
17:30:56.0329 0x0cd4  \Device\Harddisk0\DR0\Partition1 - detected Rootkit.Boot.Cidox.b ( 0 )
17:30:56.0329 0x0cd4  \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - infected
17:30:56.0360 0x0cd4  [ D07B2378360CF4AA01B7B37F0ACAD3F6 ] \Device\Harddisk0\DR0\Partition2
17:30:56.0392 0x0cd4  \Device\Harddisk0\DR0\Partition2 - ok
17:30:56.0438 0x0cd4  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.5.216.0 ), 0x61000 ( enabled : updated )
17:30:56.0438 0x0cd4  Win FW state via NFP2: enabled
17:30:56.0438 0x0cd4  ============================================================
17:30:56.0438 0x0cd4  Scan finished
17:30:56.0438 0x0cd4  ============================================================
17:30:56.0454 0x0a98  Detected object count: 3
17:30:56.0454 0x0a98  Actual detected object count: 3
17:31:26.0422 0x0a98  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
17:31:26.0422 0x0a98  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:31:26.0422 0x0a98  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
17:31:26.0422 0x0a98  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:31:26.0453 0x0a98  \Device\Harddisk0\DR0\Partition1 - copied to quarantine
17:31:26.0890 0x0a98  \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - will be cured on reboot
17:31:26.0921 0x0a98  \Device\Harddisk0\DR0\Partition1 - ok
17:31:26.0921 0x0a98  \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - User select action: Cure
17:31:28.0153 0x0a98  KLMD registered as C:\Windows\system32\drivers\13142785.sys
17:31:37.0513 0x0c68  Deinitialize success
 



#7 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:02 AM

Posted 06 June 2014 - 02:09 AM

Alright. Let's continue:


Step 1

Please download Combofix (by sUBs) and save it to your Desktop.
  • Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.
  • Start Combofix.exe and follow its instructions.
  • Do not use the computer while the scan is running. This may cause the program to stall.
  • When finished, a log file will be displayed (that can also be found at C:\Combofix.txt).
    Please copy and paste the contents of this file into your next post.
Note: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." after the scan, just restart the computer.
(You can find more detailed instructions in this guide on using Combofix.)



Step 2

Start FRST with administator privileges.
  • Press the Scan button.
  • When finished, FRST will produce a log (FRST.txt) in the same directory the tool was run from.
    Please copy and paste this log in your next reply.


#8 moron mike

moron mike
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:02 AM

Posted 06 June 2014 - 08:06 AM

I will be out of town away from the infected computer for around a week, I hope that I can continue this thread when I return home.


Edited by moron mike, 06 June 2014 - 08:07 AM.


#9 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:02 AM

Posted 06 June 2014 - 12:58 PM

Yes, sure, that's no problem for me. Just run the two scans from my last post when you're back and post the logs.

#10 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:02 AM

Posted 03 September 2014 - 06:58 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users