Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Virus?


  • Please log in to reply
15 replies to this topic

#1 Krisshawnee

Krisshawnee

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:12:35 PM

Posted 12 July 2014 - 02:37 PM

I've recently begun having my virus proection (avast) pop up every 20 minutes or so telling me it blocked a webpage. I've screenshotted the 'message' it's giving me and when I go to the avast site for it, I've copied the link about it. I've run my virus scan (both in general and on reboot) and also run mal-ware bytes but I'm still getting the block message which suggests to me it's still there. Any help would be great. Below is the message that keeps popping up. Let me know if you need the 'link' and I'll send it.. but I'm not inclined to randomly posted it, just in case.

 

2rh4w81.png



BC AdBot (Login to Remove)

 


m

#2 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:35 PM

Posted 12 July 2014 - 04:22 PM

Please download Junkware Removal Tool and save it on your desktop.

 


  • Shut down your anti-virus, anti-spyware, and firewall software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log is saved to your desktop and will automatically open.
  • Please attach the JRT log.


Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

Please download MINITOOLBOX and run it.



Checkmark following boxes:


Flush DNS
Reset FF proxy Settings
Reset Ie Proxy Settings
Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (problems only)



Click Go and post the result.     



#3 Krisshawnee

Krisshawnee
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:12:35 PM

Posted 13 July 2014 - 11:57 AM

Thank you for your quick response and I appreciate you taking the time to help me. The above instructions are complete and the logs are as follows in the order you had them ran.

 

JRT.TEXT

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Professional x64
Ran by Krisshawnee on Sun 07/13/2014 at 12:19:52.33
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_windows-live-messenger_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_windows-live-messenger_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_windows-live-messenger_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_windows-live-messenger_RASMANCS



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\starapp"
Successfully deleted: [Folder] "C:\Users\Krisshawnee\AppData\Roaming\search protection"
Successfully deleted: [Folder] "C:\Program Files (x86)\coupons"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"



~~~ FireFox

Emptied folder: C:\Users\Krisshawnee\AppData\Roaming\mozilla\firefox\profiles\0w03b4oo.default-1347047330950\minidumps [473 files]



~~~ Chrome

Dumping contents of C:\Users\Krisshawnee\appdata\local\Google\Chrome\User Data\Default\Default
C:\Users\Krisshawnee\appdata\local\Google\Chrome\User Data\Default\Default\aadjdhgedcdidhgegfdidddgdeddgcgd
C:\Users\Krisshawnee\appdata\local\Google\Chrome\User Data\Default\Default\aadjdhgedcdidhgegfdidddgdeddgcgd\background.html
C:\Users\Krisshawnee\appdata\local\Google\Chrome\User Data\Default\Default\aadjdhgedcdidhgegfdidddgdeddgcgd\manifest.json

Successfully deleted: [Folder] C:\Users\Krisshawnee\appdata\local\Google\Chrome\User Data\Default\Default [Default Extension 1.0]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 07/13/2014 at 12:28:52.85
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 

 

 

ADWCLEANER

# AdwCleaner v3.215 - Report created 13/07/2014 at 12:42:01
# Updated 09/07/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Krisshawnee - KRISSHAWNEE-PC
# Running from : C:\Users\Krisshawnee\Desktop\Virus stuff\adwcleaner_3.215.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Search Protection

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17126


-\\ Mozilla Firefox v30.0 (en-US)

[ File : C:\Users\i love you\AppData\Roaming\Mozilla\Firefox\Profiles\yy5c0scn.default\prefs.js ]


[ File : C:\Users\Krisshawnee\AppData\Roaming\Mozilla\Firefox\Profiles\0w03b4oo.default-1347047330950\prefs.js ]


-\\ Google Chrome v

[ File : C:\Users\Krisshawnee\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [1137 octets] - [13/07/2014 12:39:49]
AdwCleaner[S0].txt - [1061 octets] - [13/07/2014 12:42:01]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1121 octets] ##########
 

 

MINITOOLBOX

MiniToolBox by Farbar  Version:10-01-2013
Ran by Krisshawnee (administrator) on 13-07-2014 at 12:51:44
Running from "C:\Users\Krisshawnee\Desktop\Virus stuff"
Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1       localhost

========================= IP Configuration: ================================

NVIDIA nForce 10/100 Mbps Ethernet  = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : Krisshawnee-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : NVIDIA nForce 10/100 Mbps Ethernet
   Physical Address. . . . . . . . . : 00-24-21-9E-99-30
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::89a6:398e:1a74:a99c%11(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.2(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Sunday, July 13, 2014 12:51:21 PM
   Lease Expires . . . . . . . . . . : Monday, July 14, 2014 12:51:20 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 234890273
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-E5-D1-48-00-24-21-9E-99-30
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{D386C556-C4C2-49B7-A39E-E95DE2C31427}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:18b5:1690:3f57:fefd(Preferred)
   Link-local IPv6 Address . . . . . : fe80::18b5:1690:3f57:fefd%13(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  UnKnown
Address:  192.168.1.1

Name:    google.com
Addresses:  2607:f8b0:4000:809::1008
      173.194.115.67
      173.194.115.68
      173.194.115.69
      173.194.115.70
      173.194.115.71
      173.194.115.72
      173.194.115.73
      173.194.115.78
      173.194.115.64
      173.194.115.65
      173.194.115.66


Pinging google.com [173.194.115.68] with 32 bytes of data:
Reply from 173.194.115.68: bytes=32 time=62ms TTL=55
Reply from 173.194.115.68: bytes=32 time=58ms TTL=55

Ping statistics for 173.194.115.68:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 58ms, Maximum = 62ms, Average = 60ms
Server:  UnKnown
Address:  192.168.1.1

Name:    yahoo.com
Addresses:  206.190.36.45
      98.138.253.109
      98.139.183.24


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=66ms TTL=51
Reply from 98.138.253.109: bytes=32 time=65ms TTL=51

Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 65ms, Maximum = 66ms, Average = 65ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 11...00 24 21 9e 99 30 ......NVIDIA nForce 10/100 Mbps Ethernet
  1...........................Software Loopback Interface 1
 12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1      192.168.1.2     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link       192.168.1.2    276
      192.168.1.2  255.255.255.255         On-link       192.168.1.2    276
    192.168.1.255  255.255.255.255         On-link       192.168.1.2    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.1.2    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.1.2    276
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 13     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 13     58 2001::/32                On-link
 13    306 2001:0:5ef5:79fd:18b5:1690:3f57:fefd/128
                                    On-link
 11    276 fe80::/64                On-link
 13    306 fe80::/64                On-link
 13    306 fe80::18b5:1690:3f57:fefd/128
                                    On-link
 11    276 fe80::89a6:398e:1a74:a99c/128
                                    On-link
  1    306 ff00::/8                 On-link
 13    306 ff00::/8                 On-link
 11    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/13/2014 00:45:38 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (07/13/2014 00:44:37 PM) (Source: Service Control Manager) (User: )
Description: The Garmin Core Update Service service failed to start due to the following error:
%%1053

Error: (07/13/2014 00:44:37 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Garmin Core Update Service service to connect.


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2013-01-30 19:20:11.382
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\RzSynapse.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-01-30 19:20:11.328
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\RzSynapse.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-01-30 19:19:28.443
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\RzSynapse.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-01-30 19:19:28.394
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\RzSynapse.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-01-30 19:19:28.334
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\RzSynapse.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-01-30 19:19:28.087
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\RzSynapse.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-01-30 19:16:35.750
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\RzSynapse.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-01-30 19:16:35.687
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\RzSynapse.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-01-30 19:16:35.609
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\RzSynapse.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-01-30 19:16:35.531
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\RzSynapse.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


=========================== Installed Programs ============================

 Update for Microsoft Office 2007 (KB2508958)
64 Bit HP CIO Components Installer (Version: 7.2.8)
Adobe Flash Player 14 ActiveX (Version: 14.0.0.145)
Adobe Flash Player 14 Plugin (Version: 14.0.0.145)
AIM for Windows
Aion (Version: 4.0.0.3)
Amazon Kindle
AMD Accelerated Video Transcoding (Version: 13.20.100.31206)
AMD Catalyst Control Center (Version: 2013.1206.1603.28764)
AMD Catalyst Install Manager (Version: 8.0.915.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Fuel (Version: 2013.1206.1603.28764)
AMD Media Foundation Decoders (Version: 1.0.81206.1620)
AMD Wireless Display v3.0 (Version: 1.0.0.14)
Apple Application Support (Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
Audacity 1.3.14 (Unicode)
avast! Free Antivirus (Version: 9.0.2021)
B209a-m (Version: 140.0.690.000)
Bandisoft MPEG-1 Decoder
Battle.net
Bonjour (Version: 3.0.0.10)
Broforce
BufferChm (Version: 140.0.212.000)
calibre (Version: 1.35.0)
Calisto DFU Driver (x64) (Version: 2.4.49092.0)
CameraHelperMsi (Version: 13.20.1182.0)
Canon PowerShot SX160 IS Camera User Guide (Version: 1.0.0.1)
Canon Utilities CameraWindow DC 8 (Version: 8.9.0.4)
Canon Utilities ImageBrowser EX (Version: 1.2.1.13)
Canon Utilities PhotoStitch (Version: 3.1.23.47)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2013.1206.1603.28764)
Catalyst Control Center InstallProxy (Version: 2013.1206.1603.28764)
Catalyst Control Center Localization All (Version: 2013.1206.1603.28764)
ccc-utility64 (Version: 2013.1206.1603.28764)
CCC Help Chinese Standard (Version: 2013.1206.1602.28764)
CCC Help Chinese Traditional (Version: 2013.1206.1602.28764)
CCC Help Czech (Version: 2013.1206.1602.28764)
CCC Help Danish (Version: 2013.1206.1602.28764)
CCC Help Dutch (Version: 2013.1206.1602.28764)
CCC Help English (Version: 2013.1206.1602.28764)
CCC Help Finnish (Version: 2013.1206.1602.28764)
CCC Help French (Version: 2013.1206.1602.28764)
CCC Help German (Version: 2013.1206.1602.28764)
CCC Help Greek (Version: 2013.1206.1602.28764)
CCC Help Hungarian (Version: 2013.1206.1602.28764)
CCC Help Italian (Version: 2013.1206.1602.28764)
CCC Help Japanese (Version: 2013.1206.1602.28764)
CCC Help Korean (Version: 2013.1206.1602.28764)
CCC Help Norwegian (Version: 2013.1206.1602.28764)
CCC Help Polish (Version: 2013.1206.1602.28764)
CCC Help Portuguese (Version: 2013.1206.1602.28764)
CCC Help Russian (Version: 2013.1206.1602.28764)
CCC Help Spanish (Version: 2013.1206.1602.28764)
CCC Help Swedish (Version: 2013.1206.1602.28764)
CCC Help Thai (Version: 2013.1206.1602.28764)
CCC Help Turkish (Version: 2013.1206.1602.28764)
CCleaner (Version: 3.22)
Coupon Printer for Windows (Version: 5.0.0.0)
Curse Client (Version: 5.1.1.810)
Defraggler (Version: 2.09)
Destinations (Version: 140.0.77.000)
DeviceDiscovery (Version: 140.0.212.000)
Diablo II
Diablo III
Dropbox (Version: 2.0.22)
Elevated Installer (Version: 2.1.11)
erLT (Version: 1.20.138.34)
Foxit Reader (Version: 5.4.5.124)
Furcadia (Version: 30.0)
Garmin Express (Version: 2.1.11)
Garmin Express Tray (Version: 2.1.11)
Garmin Update Service (Version: 2.1.11)
GIMP 2.6.11 (Version: 2.6.11)
Google Chrome (Version: 35.0.1916.153)
Google Drive (Version: 1.16.7009.9618)
Google Update Helper (Version: 1.3.24.15)
GPBaseService2 (Version: 140.0.211.000)
GPL Ghostscript (Version: 9.02)
GPL Ghostscript (Version: 9.05)
Guild Wars
Guild Wars 2
Hewlett-Packard ACLM.NET v1.1.0.0 (Version: 1.00.0000)
HP Customer Participation Program 14.0 (Version: 14.0)
HP Imaging Device Functions 14.0 (Version: 14.0)
HP Photo Creations (Version: 1.0.0.11502)
HP Photosmart Plus B209a-m All-in-One Driver Software 14.0 Rel. 6 (Version: 14.0)
HP Product Detection (Version: 11.14.0001)
HP Smart Web Printing 4.60 (Version: 4.60)
HP Solution Center 14.0 (Version: 14.0)
HP Update (Version: 5.003.001.001)
HPPhotoGadget (Version: 140.0.524.000)
HPProductAssistant (Version: 140.0.212.000)
HPSSupply (Version: 140.0.211.000)
ICQ 8.1 (build 6337) (Version: 8.1.6337.0)
ImgBurn (Version: 2.5.6.0)
iTunes (Version: 11.0.5.5)
Java 7 Update 7 (Version: 7.0.70)
Java Auto Updater (Version: 2.1.9.0)
Java™ 6 Update 31 (64-bit) (Version: 6.0.310)
Java™ 6 Update 35 (Version: 6.0.350)
Jitsi (Version: 2.2.4603.9615)
K-Lite Codec Pack 5.9.0 (64-bit) (Version: 5.9.0)
K-Lite Codec Pack 8.4.9 (Standard) (Version: 8.4.9)
League of Legends (Version: 3.0.0)
Logitech Vid HD (Version: 7.2 (7248))
Logitech Webcam Software (Version: 2.0)
LWS Facebook (Version: 13.20.1166.0)
LWS Gallery (Version: 13.20.1166.0)
LWS Help_main (Version: 13.20.1182.0)
LWS Launcher (Version: 13.20.1166.0)
LWS Motion Detection (Version: 13.20.1176.0)
LWS Pictures And Video (Version: 13.20.1182.0)
LWS Twitter (Version: 13.20.1166.0)
LWS Video Mask Maker (Version: 13.10.1216.0)
LWS VideoEffects (Version: 13.20.1182.0)
LWS Webcam Software (Version: 13.20.1168.0)
LWS WLM Plugin (Version: 1.20.1166.0)
LWS YouTube Plugin (Version: 13.20.1166.0)
Macromedia Dreamweaver 8 (Version: 8.0.0.2734)
Macromedia Extension Manager (Version: 1.7.240)
Magic ISO Maker v5.5 (build 0281)
MagicDisc 2.7.106
magicJack (Version: 2.0.6073.4413)
Malwarebytes Anti-Malware version 2.0.2.1012 (Version: 2.0.2.1012)
MapleStory
MarketResearch (Version: 140.0.212.000)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Expression Web (Version: 12.0.6215.1000)
Microsoft Expression Web MUI (English) (Version: 12.0.6612.1000)
Microsoft Expression Web Service Pack 1 (SP1)
Microsoft IntelliType Pro 8.2 (Version: 8.20.469.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Project 2007 Service Pack 3 (SP3)
Microsoft Office Project MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Project Professional 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)
Microsoft Office Visio 2007 Service Pack 3 (SP3)
Microsoft Office Visio MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Visio Professional 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.30214.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (Version: 11.0.50727.1)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (Version: 11.0.51106.1)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (Version: 11.0.50727.1)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (Version: 11.0.50727)
Mozilla Firefox 30.0 (x86 en-US) (Version: 30.0)
Mozilla Maintenance Service (Version: 29.0)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Mumble 1.2.3 (Version: 1.2.3)
Network64 (Version: 140.0.215.000)
Network64 (Version: 140.0.221.000)
Neverwinter
Nexon Game Manager
Notepad++ (Version: 5.9.8)
NVIDIA Drivers (Version: 1.10.62.40)
Paint.NET v3.5.10 (Version: 3.60.0)
Pando Media Booster (Version: 2.6.0.7)
Plantronics Spokes Software (Version: 2.8.24304.0)
PS_AIO_06_B209a-m_SW_Min (Version: 140.0.690.000)
QT Lite 4.1.0 (Version: 4.1.0)
QuickTransfer (Version: 140.0.98.000)
RaidCall (Version: 7.2.6-1.0.8500.17)
Rainmeter (Version: 2.5 r1842)
Raptr
Real Alternative 2.0.2 (Version: 2.0.2)
Recuva (Version: 1.42)
Revo Uninstaller 1.94 (Version: 1.94)
Scan (Version: 140.0.80.000)
Shop for HP Supplies (Version: 14.0)
Skype™ 6.16 (Version: 6.16.105)
SmartWebPrinting (Version: 140.0.186.000)
SolutionCenter (Version: 140.0.213.000)
Speccy (Version: 1.20)
Status (Version: 140.0.212.000)
Steam
Swiff Player 1.7.2 (Version: 1.7.2)
TeamSpeak 3 Client (Version: 3.0.15)
TeraCopy 2.27
Toolbox (Version: 140.0.428.000)
TrayApp (Version: 140.0.212.000)
Trillian
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2881065) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Project 2007 Help (KB963668)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Visio 2007 Help (KB963666)
Update for Microsoft Office Word 2007 Help (KB963665)
Ventrilo Client for Windows x64 (Version: 3.0.8.0)
Vindictus
VLC media player 2.0.0 (Version: 2.0.0)
WebReg (Version: 140.0.212.017)
Windows Driver Package - Plantronics, Inc. (usbser.ntamd64) Ports  (04/21/2009 5.1) (Version: 04/21/2009 5.1)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Upload Tool (Version: 14.0.8014.1029)
World of Warcraft
Yahoo! Messenger

========================= Devices: ================================

Name: Coprocessor
Description: Coprocessor
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


========================= Memory info: ===================================

Percentage of memory in use: 47%
Total physical RAM: 4095.37 MB
Available physical RAM: 2144.51 MB
Total Pagefile: 8188.91 MB
Available Pagefile: 6153.39 MB
Total Virtual: 4095.88 MB
Available Virtual: 3959 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:465.75 GB) (Free:180.58 GB) NTFS

========================= Users: ========================================

User accounts for \\KRISSHAWNEE-PC

Administrator            Guest                    i love you               
Krisshawnee              


**** End of log ****
 



#4 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:35 PM

Posted 13 July 2014 - 03:25 PM

Please disable your antivirus, prior and during this scan.

Please Download Emisoft Emergency Kit from here.
Save the file to your desktop.
Right click and run as administrator. (xp users double click)
Click Accept and Extract.
This file will appear on the desktop.
5mDYl2s.png
Right click it, select run as administrator. (xp users double click)
Select Emergency Kit Scanner.
XD8s6GY.png
A pop up requesting an update will appear, select yes.
GhaXlHz.png
After the update go to scan pc select the option in the picture below.
vo6qCbW.png
Now select Quarantine Detected Objects.

Bx2A8B2.png
When the update has finshed, go to scan pc ,select deep scan.
YUZY8NB.png
This scan will take a long time this is normal, as it scans your entire hard drive.
Click on view report, save report to your desktop attach here in your next reply.     



#5 Krisshawnee

Krisshawnee
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:12:35 PM

Posted 14 July 2014 - 03:06 PM

So due to lack of thinking on my part, I had to run this scan 3 times to get a full scan. My computer went into hibernation and ended the scan. Took twice before I realized what was causing the scan to end. I've gone ahead and saved each of the logs... so there are three... posted in the order I got them. I hope that doesn't cause a problem.

 

SCAN 1

Emsisoft Emergency Kit - Version 4.0
Last update: 7/13/2014 5:39:51 PM
User account: Krisshawnee-PC\Krisshawnee

Scan settings:

Scan type: Deep Scan
Objects: Rootkits, Memory, Traces, C:\

Detect PUPs: On
Scan archives: On
ADS Scan: On
File extension filter: Off
Advanced caching: On
Direct disk access: Off

Scan start:    7/13/2014 5:41:06 PM
C:\Windows\couponprinter.ocx     detected: Application.AdCoup (A)
Value: HKEY_USERS\S-1-5-21-510606911-811568144-2969326600-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR     detected: Setting.DisableTaskMgr (A)
Value: HKEY_USERS\S-1-5-21-510606911-811568144-2969326600-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS     detected: Setting.DisableRegistryTools (A)

Scanned    112287
Found    3

Scan end:    7/13/2014 6:29:37 PM
Scan time:    0:48:31

Value: HKEY_USERS\S-1-5-21-510606911-811568144-2969326600-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS    Quarantined Setting.DisableRegistryTools (A)
Value: HKEY_USERS\S-1-5-21-510606911-811568144-2969326600-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR    Quarantined Setting.DisableTaskMgr (A)
C:\Windows\couponprinter.ocx    Quarantined Application.AdCoup (A)

Quarantined    3
 

 

SCAN 2

Emsisoft Emergency Kit - Version 4.0
Last update: 7/13/2014 5:39:51 PM
User account: Krisshawnee-PC\Krisshawnee

Scan settings:

Scan type: Deep Scan
Objects: Rootkits, Memory, Traces, C:\

Detect PUPs: On
Scan archives: On
ADS Scan: On
File extension filter: Off
Advanced caching: On
Direct disk access: Off

Scan start:    7/13/2014 6:30:07 PM
C:\ProgramData\InstallMate\{0DD49804-48D6-4F74-AD9F-00F4D637BAF2}\Custom.dll     detected: Application.Malware.NOV (B)
C:\Users\Krisshawnee\Desktop\Briefcase\iExplore.exe     detected: Backdoor.Hupigon.262831 (B)
C:\Windows.old\Documents and Settings\owner\Desktop\Briefcase\iExplore.exe     detected: Backdoor.Hupigon.262831 (B)

Scanned    315342
Found    3

Scan end:    7/13/2014 9:48:09 PM
Scan time:    3:18:02

C:\Users\Krisshawnee\Desktop\Briefcase\iExplore.exe    Quarantined Backdoor.Hupigon.262831 (B)
C:\Windows.old\Documents and Settings\owner\Desktop\Briefcase\iExplore.exe    Quarantined Backdoor.Hupigon.262831 (B)
C:\ProgramData\InstallMate\{0DD49804-48D6-4F74-AD9F-00F4D637BAF2}\Custom.dll    Quarantined Application.Malware.NOV (B)

Quarantined    3
 

 

 

SCAN 3

Emsisoft Emergency Kit - Version 4.0
Last update: 7/13/2014 5:39:51 PM
User account: Krisshawnee-PC\Krisshawnee

Scan settings:

Scan type: Deep Scan
Objects: Rootkits, Memory, Traces, C:\

Detect PUPs: On
Scan archives: On
ADS Scan: On
File extension filter: Off
Advanced caching: On
Direct disk access: Off

Scan start:    7/14/2014 1:01:27 AM

Scanned    513390
Found    0

Scan end:    7/14/2014 6:44:07 AM
Scan time:    5:42:40
 



#6 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:35 PM

Posted 14 July 2014 - 03:13 PM

Please download TDSSKiller.exe to your desktop.. Vista/Windows 7 users right-click and select Run As Administrator.

  • Click on Change Parameters and click Detect TDLFS File System.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  • Note: If Cure is not an option, Skip instead, do not choose Delete unless instructed.
  • A TDSSKiller text file would be saved in Local Disk C.
  • Copy and paste the contents of that file in your next reply.

 

 

  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the eset online scanner button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer.
      Save it to your Desktop.
    • Double click on the icon to download the ESET Smart Installer. icon on your Desktop.
  • Check "YES, I
  • accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under Scan Settings, check "Scan Archives" and Remove Found Threats
  • Click Advanced settingsand select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESET Scan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button
  •  

Edited by Lazerchicken, 14 July 2014 - 03:14 PM.


#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,240 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:35 PM

Posted 14 July 2014 - 09:40 PM

About Backdoor:Win32/Hupigon        
 
Important note:
One or more of the identified infections is a backdoor trojan. This allows hackers to remotely control your computer, steal critical system information and download and execute files. I would counsel you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation. Though the trojan has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information: How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud? When Should I Format, How Should I Reinstall We can still clean this machine but I can't guarantee that it will be 100% secure afterwards. Let me know what you decide to do.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 Krisshawnee

Krisshawnee
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:12:35 PM

Posted 14 July 2014 - 10:02 PM

19:51:30.0890 0x0f58  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
19:51:40.0220 0x0f58  ============================================================
19:51:40.0220 0x0f58  Current date / time: 2014/07/14 19:51:40.0220
19:51:40.0220 0x0f58  SystemInfo:
19:51:40.0220 0x0f58  
19:51:40.0220 0x0f58  OS Version: 6.1.7601 ServicePack: 1.0
19:51:40.0221 0x0f58  Product type: Workstation
19:51:40.0221 0x0f58  ComputerName: KRISSHAWNEE-PC
19:51:40.0221 0x0f58  UserName: Krisshawnee
19:51:40.0221 0x0f58  Windows directory: C:\Windows
19:51:40.0221 0x0f58  System windows directory: C:\Windows
19:51:40.0221 0x0f58  Running under WOW64
19:51:40.0221 0x0f58  Processor architecture: Intel x64
19:51:40.0221 0x0f58  Number of processors: 2
19:51:40.0221 0x0f58  Page size: 0x1000
19:51:40.0221 0x0f58  Boot type: Normal boot
19:51:40.0221 0x0f58  ============================================================
19:51:42.0424 0x0f58  KLMD registered as C:\Windows\system32\drivers\42209560.sys
19:51:42.0909 0x0f58  System UUID: {500F96E3-B4F6-D391-25CC-086C728E77C8}
19:51:43.0788 0x0f58  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:51:43.0791 0x0f58  ============================================================
19:51:43.0791 0x0f58  \Device\Harddisk0\DR0:
19:51:43.0791 0x0f58  MBR partitions:
19:51:43.0791 0x0f58  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A380D41
19:51:43.0791 0x0f58  ============================================================
19:51:43.0807 0x0f58  C: <-> \Device\Harddisk0\DR0\Partition1
19:51:43.0807 0x0f58  ============================================================
19:51:43.0807 0x0f58  Initialize success
19:51:43.0807 0x0f58  ============================================================
19:52:05.0520 0x0908  ============================================================
19:52:05.0520 0x0908  Scan started
19:52:05.0521 0x0908  Mode: Manual; TDLFS;
19:52:05.0521 0x0908  ============================================================
19:52:05.0521 0x0908  KSN ping started
19:52:09.0352 0x0908  KSN ping finished: true
19:52:11.0215 0x0908  ================ Scan system memory ========================
19:52:11.0215 0x0908  System memory - ok
19:52:11.0215 0x0908  ================ Scan services =============================
19:52:11.0347 0x0908  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
19:52:11.0354 0x0908  1394ohci - ok
19:52:11.0399 0x0908  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
19:52:11.0421 0x0908  ACPI - ok
19:52:11.0435 0x0908  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
19:52:11.0437 0x0908  AcpiPmi - ok
19:52:11.0629 0x0908  [ A6B6AB9502B63F43A9A56AE6AFB22078, DD1F0BA3D8F3333F52A71EAE3719A001F6EF844D647FFABF0E4C56C6C764ACA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:52:11.0636 0x0908  AdobeFlashPlayerUpdateSvc - ok
19:52:11.0672 0x0908  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
19:52:11.0695 0x0908  adp94xx - ok
19:52:11.0722 0x0908  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
19:52:11.0745 0x0908  adpahci - ok
19:52:11.0770 0x0908  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
19:52:11.0775 0x0908  adpu320 - ok
19:52:11.0799 0x0908  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
19:52:11.0802 0x0908  AeLookupSvc - ok
19:52:11.0864 0x0908  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\Windows\system32\drivers\afd.sys
19:52:11.0886 0x0908  AFD - ok
19:52:11.0906 0x0908  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
19:52:11.0908 0x0908  agp440 - ok
19:52:11.0925 0x0908  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
19:52:11.0928 0x0908  ALG - ok
19:52:11.0980 0x0908  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
19:52:11.0982 0x0908  aliide - ok
19:52:12.0055 0x0908  [ 66B54471B5856E314947881E28263A6D, 2D60706B52A2CE98FF806337D62CD010C1DEB2AEDDF899C7B67173928B2D7C4C ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
19:52:12.0065 0x0908  AMD External Events Utility - ok
19:52:12.0121 0x0908  AMD FUEL Service - ok
19:52:12.0135 0x0908  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
19:52:12.0137 0x0908  amdide - ok
19:52:12.0168 0x0908  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
19:52:12.0170 0x0908  AmdK8 - ok
19:52:12.0639 0x0908  [ FBB35875FEFE53D4280259842069ED72, B1A1B5799A6C50C244182CD201A1E9FCB7BE3B5ED4BB2E2E6BCF8E1BF53B75DB ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
19:52:13.0074 0x0908  amdkmdag - ok
19:52:13.0145 0x0908  [ A32BCAD9377E3B75D034CAFBA463A0AE, F504895D9C9CD1B4607806BCAF15A1CBFBAC2E5824903277A1350C9F35045602 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
19:52:13.0167 0x0908  amdkmdap - ok
19:52:13.0192 0x0908  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
19:52:13.0195 0x0908  AmdPPM - ok
19:52:13.0233 0x0908  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
19:52:13.0237 0x0908  amdsata - ok
19:52:13.0271 0x0908  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
19:52:13.0278 0x0908  amdsbs - ok
19:52:13.0291 0x0908  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
19:52:13.0293 0x0908  amdxata - ok
19:52:13.0320 0x0908  [ E8CCB797DAF80779C768BD3A9FC8FCAF, 781BD878CA34D8B6D2FE238439CD173E95449260428859BEA92866D41B1284F4 ] AODDriver4.2.0  C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
19:52:13.0323 0x0908  AODDriver4.2.0 - ok
19:52:13.0357 0x0908  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
19:52:13.0360 0x0908  AppID - ok
19:52:13.0394 0x0908  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
19:52:13.0397 0x0908  AppIDSvc - ok
19:52:13.0440 0x0908  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
19:52:13.0443 0x0908  Appinfo - ok
19:52:13.0541 0x0908  [ 4FE5C6D40664AE07BE5105874357D2ED, 70DD05EE80B77EB2F781E0919885D1BBB1119EA1A8955935AF5AECD05E30F14A ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:52:13.0544 0x0908  Apple Mobile Device - ok
19:52:13.0588 0x0908  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
19:52:13.0594 0x0908  AppMgmt - ok
19:52:13.0613 0x0908  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
19:52:13.0616 0x0908  arc - ok
19:52:13.0625 0x0908  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
19:52:13.0627 0x0908  arcsas - ok
19:52:13.0741 0x0908  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:52:13.0770 0x0908  aspnet_state - ok
19:52:13.0843 0x0908  [ D95E64416A4A3ED6986E0F474DA934BD, DBB4A0DED0DABE1F8FF0DB8C0E9EC4EC906A85A45DC0AEC013A8744F9BF5D40E ] aswHwid         C:\Windows\system32\drivers\aswHwid.sys
19:52:13.0845 0x0908  aswHwid - ok
19:52:13.0874 0x0908  [ FF1E537A3632CBB9A0BF72B9FD0878D5, B26E6A1F6E6FA5280A12861EFAD44D8F49353F47B21843EBA73E149CF613DCBC ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
19:52:13.0876 0x0908  aswMonFlt - ok
19:52:13.0889 0x0908  [ A5757DE5F9C83AB40667A53D5126EA40, 58B72B1B126CF641188703CE82E26BEB0C41AD7587CFFCCCE9E3C64CC7AACC90 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
19:52:13.0893 0x0908  aswRdr - ok
19:52:13.0932 0x0908  [ 645D97385F3F284FB5604F9B970F4D24, 15A9D7F0F4C1062210E4E744A9069B8645177D19F35B8740D74022639DC05F2E ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
19:52:13.0935 0x0908  aswRvrt - ok
19:52:14.0008 0x0908  [ B8FDEDE963B82CFD23B3A53A3084666D, 3537E5B684FB6F0AA589A5FA7CD111E1744DF384AB1A266D4114100F104ED11B ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
19:52:14.0053 0x0908  aswSnx - ok
19:52:14.0094 0x0908  [ 0DEDC041DF594AEC2C3BD00417CFAF60, 0D3A8924503986546EE256D185225C0B080FDB6B0C8B0BED7516B07A7334371B ] aswSP           C:\Windows\system32\drivers\aswSP.sys
19:52:14.0117 0x0908  aswSP - ok
19:52:14.0166 0x0908  [ 48DED912CDE54FC0923B9858512366E1, 9B216B934408A7CB3CE2B41240B7EF01EAA3BC066211B784064FF8AC97A29B4E ] aswStm          C:\Windows\system32\drivers\aswStm.sys
19:52:14.0169 0x0908  aswStm - ok
19:52:14.0211 0x0908  [ 471A311745848B80339436688A8286E6, E51C57236CEC19AC38E85D115DB97875517D837811188AD2E53FA49055B53890 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
19:52:14.0222 0x0908  aswVmm - ok
19:52:14.0250 0x0908  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
19:52:14.0252 0x0908  AsyncMac - ok
19:52:14.0307 0x0908  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
19:52:14.0309 0x0908  atapi - ok
19:52:14.0350 0x0908  [ 770A3B0D78232B0C1054495392A1FBA3, 733BB08BAFE42E848F3A3CDFD80A2C37DB829CAD2E18B3D6299FDEE6EF30C9CD ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
19:52:14.0354 0x0908  AtiHDAudioService - ok
19:52:14.0403 0x0908  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:52:14.0437 0x0908  AudioEndpointBuilder - ok
19:52:14.0458 0x0908  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
19:52:14.0474 0x0908  AudioSrv - ok
19:52:14.0539 0x0908  [ 73F5C13B431915BAE35254B4E95DFB71, 393A045859382C44133C004598B1512048046BCC129FED2247A77FDBFCDB6DFF ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
19:52:14.0541 0x0908  avast! Antivirus - ok
19:52:14.0575 0x0908  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
19:52:14.0579 0x0908  AxInstSV - ok
19:52:14.0636 0x0908  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
19:52:14.0660 0x0908  b06bdrv - ok
19:52:14.0708 0x0908  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
19:52:14.0719 0x0908  b57nd60a - ok
19:52:14.0764 0x0908  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
19:52:14.0768 0x0908  BDESVC - ok
19:52:14.0777 0x0908  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
19:52:14.0779 0x0908  Beep - ok
19:52:14.0838 0x0908  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
19:52:14.0873 0x0908  BFE - ok
19:52:14.0930 0x0908  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\system32\qmgr.dll
19:52:15.0020 0x0908  BITS - ok
19:52:15.0041 0x0908  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
19:52:15.0043 0x0908  blbdrive - ok
19:52:15.0101 0x0908  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:52:15.0124 0x0908  Bonjour Service - ok
19:52:15.0166 0x0908  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
19:52:15.0168 0x0908  bowser - ok
19:52:15.0186 0x0908  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
19:52:15.0188 0x0908  BrFiltLo - ok
19:52:15.0202 0x0908  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
19:52:15.0204 0x0908  BrFiltUp - ok
19:52:15.0265 0x0908  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
19:52:15.0268 0x0908  BridgeMP - ok
19:52:15.0312 0x0908  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
19:52:15.0317 0x0908  Browser - ok
19:52:15.0346 0x0908  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
19:52:15.0368 0x0908  Brserid - ok
19:52:15.0382 0x0908  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
19:52:15.0385 0x0908  BrSerWdm - ok
19:52:15.0396 0x0908  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
19:52:15.0397 0x0908  BrUsbMdm - ok
19:52:15.0402 0x0908  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
19:52:15.0404 0x0908  BrUsbSer - ok
19:52:15.0419 0x0908  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
19:52:15.0422 0x0908  BTHMODEM - ok
19:52:15.0459 0x0908  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
19:52:15.0463 0x0908  bthserv - ok
19:52:15.0482 0x0908  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
19:52:15.0485 0x0908  cdfs - ok
19:52:15.0513 0x0908  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
19:52:15.0518 0x0908  cdrom - ok
19:52:15.0543 0x0908  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
19:52:15.0546 0x0908  CertPropSvc - ok
19:52:15.0553 0x0908  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
19:52:15.0555 0x0908  circlass - ok
19:52:15.0669 0x0908  [ B794DCF38C965FA2F93C45A7C3D582C5, 0E483EAF835B85AA4B6F449F9BB68AF0A3EE4192D29CD72F4B812F1E4D9E9A7C ] cleanhlp        C:\EEK\Run\cleanhlp64.sys
19:52:15.0672 0x0908  cleanhlp - ok
19:52:15.0706 0x0908  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
19:52:15.0728 0x0908  CLFS - ok
19:52:15.0786 0x0908  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:52:15.0790 0x0908  clr_optimization_v2.0.50727_32 - ok
19:52:15.0832 0x0908  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:52:15.0844 0x0908  clr_optimization_v2.0.50727_64 - ok
19:52:15.0901 0x0908  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:52:15.0988 0x0908  clr_optimization_v4.0.30319_32 - ok
19:52:16.0013 0x0908  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:52:16.0034 0x0908  clr_optimization_v4.0.30319_64 - ok
19:52:16.0076 0x0908  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
19:52:16.0077 0x0908  CmBatt - ok
19:52:16.0112 0x0908  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
19:52:16.0114 0x0908  cmdide - ok
19:52:16.0156 0x0908  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
19:52:16.0178 0x0908  CNG - ok
19:52:16.0202 0x0908  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
19:52:16.0203 0x0908  Compbatt - ok
19:52:16.0256 0x0908  [ 19431BE8FC5EFB79551E2171D2B53D47, 0DB3ACD851682F8EF0B4C777AB6A73555BC8B7A309DD5C245CA9A0ED40857DE1 ] CompFilter64    C:\Windows\system32\DRIVERS\lvbflt64.sys
19:52:16.0258 0x0908  CompFilter64 - ok
19:52:16.0284 0x0908  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
19:52:16.0286 0x0908  CompositeBus - ok
19:52:16.0292 0x0908  COMSysApp - ok
19:52:16.0307 0x0908  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
19:52:16.0309 0x0908  crcdisk - ok
19:52:16.0359 0x0908  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
19:52:16.0365 0x0908  CryptSvc - ok
19:52:16.0411 0x0908  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
19:52:16.0434 0x0908  CSC - ok
19:52:16.0463 0x0908  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
19:52:16.0498 0x0908  CscService - ok
19:52:16.0539 0x0908  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
19:52:16.0561 0x0908  DcomLaunch - ok
19:52:16.0596 0x0908  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
19:52:16.0619 0x0908  defragsvc - ok
19:52:16.0643 0x0908  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
19:52:16.0647 0x0908  DfsC - ok
19:52:16.0669 0x0908  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
19:52:16.0692 0x0908  Dhcp - ok
19:52:16.0704 0x0908  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
19:52:16.0706 0x0908  discache - ok
19:52:16.0735 0x0908  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
19:52:16.0738 0x0908  Disk - ok
19:52:16.0776 0x0908  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
19:52:16.0780 0x0908  dmvsc - ok
19:52:16.0833 0x0908  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
19:52:16.0839 0x0908  Dnscache - ok
19:52:16.0858 0x0908  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
19:52:16.0869 0x0908  dot3svc - ok
19:52:16.0920 0x0908  [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
19:52:16.0924 0x0908  Dot4 - ok
19:52:16.0956 0x0908  [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
19:52:16.0957 0x0908  Dot4Print - ok
19:52:16.0968 0x0908  [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
19:52:16.0971 0x0908  dot4usb - ok
19:52:17.0007 0x0908  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
19:52:17.0013 0x0908  DPS - ok
19:52:17.0062 0x0908  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
19:52:17.0064 0x0908  drmkaud - ok
19:52:17.0128 0x0908  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
19:52:17.0163 0x0908  DXGKrnl - ok
19:52:17.0192 0x0908  EagleX64 - ok
19:52:17.0210 0x0908  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
19:52:17.0215 0x0908  EapHost - ok
19:52:17.0348 0x0908  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
19:52:17.0473 0x0908  ebdrv - ok
19:52:17.0514 0x0908  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
19:52:17.0518 0x0908  EFS - ok
19:52:17.0596 0x0908  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
19:52:17.0630 0x0908  ehRecvr - ok
19:52:17.0651 0x0908  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
19:52:17.0655 0x0908  ehSched - ok
19:52:17.0701 0x0908  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
19:52:17.0723 0x0908  elxstor - ok
19:52:17.0737 0x0908  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
19:52:17.0738 0x0908  ErrDev - ok
19:52:17.0778 0x0908  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
19:52:17.0800 0x0908  EventSystem - ok
19:52:17.0826 0x0908  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
19:52:17.0832 0x0908  exfat - ok
19:52:17.0853 0x0908  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
19:52:17.0859 0x0908  fastfat - ok
19:52:17.0906 0x0908  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
19:52:17.0940 0x0908  Fax - ok
19:52:17.0964 0x0908  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
19:52:17.0966 0x0908  fdc - ok
19:52:17.0982 0x0908  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
19:52:17.0985 0x0908  fdPHost - ok
19:52:17.0992 0x0908  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
19:52:17.0995 0x0908  FDResPub - ok
19:52:18.0010 0x0908  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
19:52:18.0013 0x0908  FileInfo - ok
19:52:18.0026 0x0908  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
19:52:18.0028 0x0908  Filetrace - ok
19:52:18.0039 0x0908  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
19:52:18.0041 0x0908  flpydisk - ok
19:52:18.0068 0x0908  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
19:52:18.0079 0x0908  FltMgr - ok
19:52:18.0161 0x0908  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
19:52:18.0208 0x0908  FontCache - ok
19:52:18.0254 0x0908  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:52:18.0256 0x0908  FontCache3.0.0.0 - ok
19:52:18.0269 0x0908  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
19:52:18.0272 0x0908  FsDepends - ok
19:52:18.0309 0x0908  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
19:52:18.0311 0x0908  Fs_Rec - ok
19:52:18.0358 0x0908  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
19:52:18.0365 0x0908  fvevol - ok
19:52:18.0393 0x0908  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
19:52:18.0396 0x0908  gagp30kx - ok
19:52:18.0526 0x0908  [ CC598405B3B2AE48896CB5B5D9D75376, 1887A3CD74E944E53D2B49ED22C16DF25ADFC909F78CB4D9AA4A50E6DB932580 ] Garmin Core Update Service C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
19:52:18.0532 0x0908  Garmin Core Update Service - ok
19:52:18.0560 0x0908  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:52:18.0563 0x0908  GEARAspiWDM - ok
19:52:18.0615 0x0908  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
19:52:18.0649 0x0908  gpsvc - ok
19:52:18.0728 0x0908  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:52:18.0732 0x0908  gupdate - ok
19:52:18.0738 0x0908  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:52:18.0741 0x0908  gupdatem - ok
19:52:18.0761 0x0908  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
19:52:18.0763 0x0908  hcw85cir - ok
19:52:18.0828 0x0908  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:52:18.0850 0x0908  HdAudAddService - ok
19:52:18.0868 0x0908  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
19:52:18.0872 0x0908  HDAudBus - ok
19:52:18.0890 0x0908  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
19:52:18.0892 0x0908  HidBatt - ok
19:52:18.0917 0x0908  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
19:52:18.0921 0x0908  HidBth - ok
19:52:18.0936 0x0908  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
19:52:18.0939 0x0908  HidIr - ok
19:52:18.0956 0x0908  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
19:52:18.0959 0x0908  hidserv - ok
19:52:19.0018 0x0908  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
19:52:19.0020 0x0908  HidUsb - ok
19:52:19.0040 0x0908  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
19:52:19.0044 0x0908  hkmsvc - ok
19:52:19.0070 0x0908  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:52:19.0081 0x0908  HomeGroupListener - ok
19:52:19.0110 0x0908  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:52:19.0118 0x0908  HomeGroupProvider - ok
19:52:19.0250 0x0908  [ 5DA42D24712E00728CEA2342A65009B2, 73EC5250DCFD556525B24B3CA66C64AC7747E77652A2AD6119936A59A9E8562A ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
19:52:19.0257 0x0908  hpqcxs08 - ok
19:52:19.0295 0x0908  [ D86A39BF100069444D026D22D9A6E555, 7B24D48D5BA67704C88697FADB64364E0E64D26259408E3C219820C5404C5EEC ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
19:52:19.0299 0x0908  hpqddsvc - ok
19:52:19.0324 0x0908  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
19:52:19.0328 0x0908  HpSAMD - ok
19:52:19.0384 0x0908  [ F37882F128EFACEFE353E0BAE2766909, 2F9D21613500F092DFC0DB879180B549EE615D9B07408A5CC1A7F84663B2F47A ] HPSLPSVC        C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
19:52:19.0418 0x0908  HPSLPSVC - ok
19:52:19.0457 0x0908  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
19:52:19.0491 0x0908  HTTP - ok
19:52:19.0509 0x0908  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
19:52:19.0510 0x0908  hwpolicy - ok
19:52:19.0537 0x0908  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
19:52:19.0541 0x0908  i8042prt - ok
19:52:19.0599 0x0908  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
19:52:19.0622 0x0908  iaStorV - ok
19:52:19.0704 0x0908  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:52:19.0760 0x0908  idsvc - ok
19:52:19.0801 0x0908  IEEtwCollectorService - ok
19:52:19.0832 0x0908  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
19:52:19.0833 0x0908  iirsp - ok
19:52:19.0888 0x0908  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
19:52:19.0922 0x0908  IKEEXT - ok
19:52:19.0962 0x0908  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
19:52:19.0964 0x0908  intelide - ok
19:52:19.0992 0x0908  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
19:52:19.0995 0x0908  intelppm - ok
19:52:20.0030 0x0908  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
19:52:20.0035 0x0908  IPBusEnum - ok
19:52:20.0058 0x0908  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:52:20.0061 0x0908  IpFilterDriver - ok
19:52:20.0110 0x0908  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
19:52:20.0132 0x0908  iphlpsvc - ok
19:52:20.0152 0x0908  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
19:52:20.0155 0x0908  IPMIDRV - ok
19:52:20.0166 0x0908  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
19:52:20.0169 0x0908  IPNAT - ok
19:52:20.0256 0x0908  [ 78486992AC657AE5065C4A2135838570, E958E2977843A15A73F06A2D2F24130C7F62305A9AA0488F419E2D729BA6939A ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
19:52:20.0279 0x0908  iPod Service - ok
19:52:20.0305 0x0908  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
19:52:20.0306 0x0908  IRENUM - ok
19:52:20.0329 0x0908  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
19:52:20.0330 0x0908  isapnp - ok
19:52:20.0376 0x0908  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
19:52:20.0387 0x0908  iScsiPrt - ok
19:52:20.0414 0x0908  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
19:52:20.0416 0x0908  kbdclass - ok
19:52:20.0435 0x0908  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
19:52:20.0438 0x0908  kbdhid - ok
19:52:20.0448 0x0908  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
19:52:20.0451 0x0908  KeyIso - ok
19:52:20.0491 0x0908  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
19:52:20.0494 0x0908  KSecDD - ok
19:52:20.0508 0x0908  [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
19:52:20.0514 0x0908  KSecPkg - ok
19:52:20.0547 0x0908  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
19:52:20.0549 0x0908  ksthunk - ok
19:52:20.0591 0x0908  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
19:52:20.0614 0x0908  KtmRm - ok
19:52:20.0665 0x0908  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
19:52:20.0688 0x0908  LanmanServer - ok
19:52:20.0710 0x0908  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:52:20.0718 0x0908  LanmanWorkstation - ok
19:52:20.0745 0x0908  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
19:52:20.0747 0x0908  lltdio - ok
19:52:20.0787 0x0908  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
19:52:20.0809 0x0908  lltdsvc - ok
19:52:20.0827 0x0908  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
19:52:20.0830 0x0908  lmhosts - ok
19:52:20.0856 0x0908  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
19:52:20.0860 0x0908  LSI_FC - ok
19:52:20.0882 0x0908  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
19:52:20.0886 0x0908  LSI_SAS - ok
19:52:20.0899 0x0908  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
19:52:20.0902 0x0908  LSI_SAS2 - ok
19:52:20.0924 0x0908  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
19:52:20.0928 0x0908  LSI_SCSI - ok
19:52:20.0953 0x0908  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
19:52:20.0957 0x0908  luafv - ok
19:52:21.0014 0x0908  [ 8BB169810C66B32364886A8751325181, 1FD06375424F10DA46A43DBA0B27C2913536CA146396291C42C8A19BA0939A80 ] LVRS64          C:\Windows\system32\DRIVERS\lvrs64.sys
19:52:21.0037 0x0908  LVRS64 - ok
19:52:21.0066 0x0908  [ 5C3FF68267A5D242EE79EE01B993D6CE, 853637AC30A16698F2F583693E98B67104ECE5B8F80C6FB88266665162623B92 ] LVUSBS64        C:\Windows\system32\DRIVERS\LVUSBS64.sys
19:52:21.0069 0x0908  LVUSBS64 - ok
19:52:21.0228 0x0908  [ D49858FB1432A0601FCE2A9E452D6BC9, 0EF4AFB3710F860E6E9967A33D257D2705A9DCFF923F609EC3FAC50A0C0E2C0E ] LVUVC64         C:\Windows\system32\DRIVERS\lvuvc64.sys
19:52:21.0375 0x0908  LVUVC64 - ok
19:52:21.0418 0x0908  [ 79D51E7F5926E8CE1B3EBECEBAE28CFF, 2722E217AF11F928E58F694E5C1CC5776283A56C54E7F84401FECFBD73E91EBA ] mcdbus          C:\Windows\system32\DRIVERS\mcdbus.sys
19:52:21.0429 0x0908  mcdbus - ok
19:52:21.0451 0x0908  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
19:52:21.0457 0x0908  Mcx2Svc - ok
19:52:21.0470 0x0908  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
19:52:21.0472 0x0908  megasas - ok
19:52:21.0484 0x0908  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
19:52:21.0493 0x0908  MegaSR - ok
19:52:21.0569 0x0908  [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
19:52:21.0593 0x0908  Microsoft Office Groove Audit Service - ok
19:52:21.0633 0x0908  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
19:52:21.0637 0x0908  MMCSS - ok
19:52:21.0654 0x0908  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
19:52:21.0656 0x0908  Modem - ok
19:52:21.0699 0x0908  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
19:52:21.0701 0x0908  monitor - ok
19:52:21.0729 0x0908  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
19:52:21.0732 0x0908  mouclass - ok
19:52:21.0754 0x0908  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
19:52:21.0756 0x0908  mouhid - ok
19:52:21.0774 0x0908  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
19:52:21.0778 0x0908  mountmgr - ok
19:52:21.0871 0x0908  [ 26EA1DAD601EE3ACAC301D66F07BA219, C9594BB15D53D4AC2156CCCD2DB65B2C20620F1F60DA85F48D1586FC10028096 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:52:21.0875 0x0908  MozillaMaintenance - ok
19:52:21.0899 0x0908  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
19:52:21.0905 0x0908  mpio - ok
19:52:21.0948 0x0908  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
19:52:21.0951 0x0908  mpsdrv - ok
19:52:21.0991 0x0908  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
19:52:22.0025 0x0908  MpsSvc - ok
19:52:22.0069 0x0908  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
19:52:22.0074 0x0908  MRxDAV - ok
19:52:22.0114 0x0908  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
19:52:22.0119 0x0908  mrxsmb - ok
19:52:22.0138 0x0908  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:52:22.0161 0x0908  mrxsmb10 - ok
19:52:22.0173 0x0908  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:52:22.0178 0x0908  mrxsmb20 - ok
19:52:22.0205 0x0908  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
19:52:22.0207 0x0908  msahci - ok
19:52:22.0214 0x0908  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
19:52:22.0219 0x0908  msdsm - ok
19:52:22.0239 0x0908  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
19:52:22.0246 0x0908  MSDTC - ok
19:52:22.0264 0x0908  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
19:52:22.0265 0x0908  Msfs - ok
19:52:22.0275 0x0908  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
19:52:22.0277 0x0908  mshidkmdf - ok
19:52:22.0281 0x0908  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
19:52:22.0283 0x0908  msisadrv - ok
19:52:22.0320 0x0908  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
19:52:22.0327 0x0908  MSiSCSI - ok
19:52:22.0332 0x0908  msiserver - ok
19:52:22.0359 0x0908  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
19:52:22.0361 0x0908  MSKSSRV - ok
19:52:22.0389 0x0908  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
19:52:22.0390 0x0908  MSPCLOCK - ok
19:52:22.0406 0x0908  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
19:52:22.0407 0x0908  MSPQM - ok
19:52:22.0436 0x0908  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
19:52:22.0458 0x0908  MsRPC - ok
19:52:22.0467 0x0908  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
19:52:22.0469 0x0908  mssmbios - ok
19:52:22.0481 0x0908  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
19:52:22.0483 0x0908  MSTEE - ok
19:52:22.0495 0x0908  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
19:52:22.0497 0x0908  MTConfig - ok
19:52:22.0520 0x0908  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
19:52:22.0523 0x0908  Mup - ok
19:52:22.0561 0x0908  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
19:52:22.0583 0x0908  napagent - ok
19:52:22.0636 0x0908  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
19:52:22.0659 0x0908  NativeWifiP - ok
19:52:22.0737 0x0908  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
19:52:22.0771 0x0908  NDIS - ok
19:52:22.0796 0x0908  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
19:52:22.0798 0x0908  NdisCap - ok
19:52:22.0824 0x0908  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
19:52:22.0826 0x0908  NdisTapi - ok
19:52:22.0855 0x0908  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
19:52:22.0858 0x0908  Ndisuio - ok
19:52:22.0883 0x0908  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
19:52:22.0889 0x0908  NdisWan - ok
19:52:22.0906 0x0908  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
19:52:22.0909 0x0908  NDProxy - ok
19:52:22.0969 0x0908  [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
19:52:22.0973 0x0908  Net Driver HPZ12 - ok
19:52:22.0981 0x0908  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
19:52:22.0984 0x0908  NetBIOS - ok
19:52:22.0999 0x0908  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
19:52:23.0020 0x0908  NetBT - ok
19:52:23.0037 0x0908  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
19:52:23.0040 0x0908  Netlogon - ok
19:52:23.0080 0x0908  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
19:52:23.0102 0x0908  Netman - ok
19:52:23.0150 0x0908  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:52:23.0169 0x0908  NetMsmqActivator - ok
19:52:23.0195 0x0908  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:52:23.0199 0x0908  NetPipeActivator - ok
19:52:23.0224 0x0908  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
19:52:23.0247 0x0908  netprofm - ok
19:52:23.0261 0x0908  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:52:23.0265 0x0908  NetTcpActivator - ok
19:52:23.0272 0x0908  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:52:23.0276 0x0908  NetTcpPortSharing - ok
19:52:23.0305 0x0908  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
19:52:23.0308 0x0908  nfrd960 - ok
19:52:23.0349 0x0908  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
19:52:23.0372 0x0908  NlaSvc - ok
19:52:23.0378 0x0908  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
19:52:23.0380 0x0908  Npfs - ok
19:52:23.0394 0x0908  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
19:52:23.0398 0x0908  nsi - ok
19:52:23.0412 0x0908  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
19:52:23.0414 0x0908  nsiproxy - ok
19:52:23.0505 0x0908  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
19:52:23.0573 0x0908  Ntfs - ok
19:52:23.0590 0x0908  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
19:52:23.0592 0x0908  Null - ok
19:52:23.0639 0x0908  [ A85B4F2EF3A7304A5399EF0526423040, E45854691BA6AE36E53C2922CC93FF13DC2D84CBE7FE13A2F0B1CE1C16D1D158 ] NVENETFD        C:\Windows\system32\DRIVERS\nvm62x64.sys
19:52:23.0662 0x0908  NVENETFD - ok
19:52:23.0700 0x0908  [ 0AD267A4674805B61A5D7B911D2A978A, FD4A80BD4BBBC0D820E363EB1566FF878DE4097F2CCA2AC1BEDF75DE343F60E7 ] NVNET           C:\Windows\system32\DRIVERS\nvmf6264.sys
19:52:23.0722 0x0908  NVNET - ok
19:52:23.0764 0x0908  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
19:52:23.0769 0x0908  nvraid - ok
19:52:23.0812 0x0908  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
19:52:23.0816 0x0908  nvstor - ok
19:52:23.0841 0x0908  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
19:52:23.0846 0x0908  nv_agp - ok
19:52:23.0950 0x0908  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:52:23.0972 0x0908  odserv - ok
19:52:23.0997 0x0908  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
19:52:24.0000 0x0908  ohci1394 - ok
19:52:24.0056 0x0908  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:52:24.0061 0x0908  ose - ok
19:52:24.0092 0x0908  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
19:52:24.0115 0x0908  p2pimsvc - ok
19:52:24.0140 0x0908  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
19:52:24.0163 0x0908  p2psvc - ok
19:52:24.0201 0x0908  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
19:52:24.0204 0x0908  Parport - ok
19:52:24.0245 0x0908  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
19:52:24.0249 0x0908  partmgr - ok
19:52:24.0270 0x0908  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
19:52:24.0282 0x0908  PcaSvc - ok
19:52:24.0295 0x0908  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
19:52:24.0301 0x0908  pci - ok
19:52:24.0343 0x0908  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
19:52:24.0345 0x0908  pciide - ok
19:52:24.0374 0x0908  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
19:52:24.0380 0x0908  pcmcia - ok
19:52:24.0395 0x0908  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
19:52:24.0397 0x0908  pcw - ok
19:52:24.0426 0x0908  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
19:52:24.0449 0x0908  PEAUTH - ok
19:52:24.0512 0x0908  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
19:52:24.0569 0x0908  PeerDistSvc - ok
19:52:24.0665 0x0908  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
19:52:24.0668 0x0908  PerfHost - ok
19:52:24.0830 0x0908  [ 087A343DFC337F37723DD7912DE6B6CD, AE11C28A01D4FC2CCB36C5956D9414AEBA8AFC4A868047CC691F32CF31E44AAC ] PID_PEPI        C:\Windows\system32\DRIVERS\LV302V64.SYS
19:52:24.0920 0x0908  PID_PEPI - ok
19:52:24.0987 0x0908  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
19:52:25.0043 0x0908  pla - ok
19:52:25.0097 0x0908  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
19:52:25.0121 0x0908  PlugPlay - ok
19:52:25.0154 0x0908  [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
19:52:25.0159 0x0908  Pml Driver HPZ12 - ok
19:52:25.0174 0x0908  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
19:52:25.0179 0x0908  PNRPAutoReg - ok
19:52:25.0204 0x0908  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
19:52:25.0213 0x0908  PNRPsvc - ok
19:52:25.0248 0x0908  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
19:52:25.0270 0x0908  PolicyAgent - ok
19:52:25.0297 0x0908  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
19:52:25.0305 0x0908  Power - ok
19:52:25.0334 0x0908  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
19:52:25.0338 0x0908  PptpMiniport - ok
19:52:25.0354 0x0908  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
19:52:25.0357 0x0908  Processor - ok
19:52:25.0400 0x0908  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
19:52:25.0411 0x0908  ProfSvc - ok
19:52:25.0425 0x0908  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:52:25.0428 0x0908  ProtectedStorage - ok
19:52:25.0459 0x0908  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
19:52:25.0464 0x0908  Psched - ok
19:52:25.0535 0x0908  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
19:52:25.0591 0x0908  ql2300 - ok
19:52:25.0613 0x0908  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
19:52:25.0618 0x0908  ql40xx - ok
19:52:25.0651 0x0908  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
19:52:25.0673 0x0908  QWAVE - ok
19:52:25.0685 0x0908  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
19:52:25.0688 0x0908  QWAVEdrv - ok
19:52:25.0701 0x0908  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
19:52:25.0703 0x0908  RasAcd - ok
19:52:25.0733 0x0908  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
19:52:25.0735 0x0908  RasAgileVpn - ok
19:52:25.0745 0x0908  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
19:52:25.0750 0x0908  RasAuto - ok
19:52:25.0766 0x0908  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
19:52:25.0771 0x0908  Rasl2tp - ok
19:52:25.0792 0x0908  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
19:52:25.0816 0x0908  RasMan - ok
19:52:25.0834 0x0908  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
19:52:25.0837 0x0908  RasPppoe - ok
19:52:25.0855 0x0908  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
19:52:25.0858 0x0908  RasSstp - ok
19:52:25.0874 0x0908  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
19:52:25.0896 0x0908  rdbss - ok
19:52:25.0910 0x0908  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
19:52:25.0912 0x0908  rdpbus - ok
19:52:25.0921 0x0908  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
19:52:25.0922 0x0908  RDPCDD - ok
19:52:25.0958 0x0908  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
19:52:25.0963 0x0908  RDPDR - ok
19:52:25.0990 0x0908  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
19:52:25.0991 0x0908  RDPENCDD - ok
19:52:26.0000 0x0908  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
19:52:26.0001 0x0908  RDPREFMP - ok
19:52:26.0042 0x0908  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
19:52:26.0049 0x0908  RDPWD - ok
19:52:26.0071 0x0908  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
19:52:26.0078 0x0908  rdyboost - ok
19:52:26.0114 0x0908  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
19:52:26.0119 0x0908  RemoteAccess - ok
19:52:26.0135 0x0908  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
19:52:26.0146 0x0908  RemoteRegistry - ok
19:52:26.0160 0x0908  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
19:52:26.0165 0x0908  RpcEptMapper - ok
19:52:26.0188 0x0908  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
19:52:26.0191 0x0908  RpcLocator - ok
19:52:26.0216 0x0908  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
19:52:26.0230 0x0908  RpcSs - ok
19:52:26.0241 0x0908  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
19:52:26.0244 0x0908  rspndr - ok
19:52:26.0288 0x0908  [ D2CEFF3BEFE9C468717B6BB7FA4A5E44, 13266B19BBC7F45090F4C6951853824CA148DD5C4B0BA619D21EE0186C615123 ] RzSynapse       C:\Windows\system32\DRIVERS\RzSynapse.sys
19:52:26.0291 0x0908  RzSynapse - ok
19:52:26.0315 0x0908  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
19:52:26.0317 0x0908  s3cap - ok
19:52:26.0336 0x0908  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
19:52:26.0339 0x0908  SamSs - ok
19:52:26.0363 0x0908  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
19:52:26.0368 0x0908  sbp2port - ok
19:52:26.0391 0x0908  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
19:52:26.0401 0x0908  SCardSvr - ok
19:52:26.0409 0x0908  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
19:52:26.0411 0x0908  scfilter - ok
19:52:26.0453 0x0908  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
19:52:26.0500 0x0908  Schedule - ok
19:52:26.0565 0x0908  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
19:52:26.0568 0x0908  SCPolicySvc - ok
19:52:26.0587 0x0908  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
19:52:26.0596 0x0908  SDRSVC - ok
19:52:26.0625 0x0908  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
19:52:26.0627 0x0908  secdrv - ok
19:52:26.0645 0x0908  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
19:52:26.0650 0x0908  seclogon - ok
19:52:26.0666 0x0908  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
19:52:26.0671 0x0908  SENS - ok
19:52:26.0689 0x0908  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
19:52:26.0693 0x0908  SensrSvc - ok
19:52:26.0718 0x0908  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
19:52:26.0720 0x0908  Serenum - ok
19:52:26.0754 0x0908  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
19:52:26.0758 0x0908  Serial - ok
19:52:26.0772 0x0908  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
19:52:26.0774 0x0908  sermouse - ok
19:52:26.0801 0x0908  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
19:52:26.0808 0x0908  SessionEnv - ok
19:52:26.0813 0x0908  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
19:52:26.0815 0x0908  sffdisk - ok
19:52:26.0835 0x0908  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
19:52:26.0837 0x0908  sffp_mmc - ok
19:52:26.0844 0x0908  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
19:52:26.0846 0x0908  sffp_sd - ok
19:52:26.0853 0x0908  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
19:52:26.0854 0x0908  sfloppy - ok
19:52:26.0907 0x0908  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
19:52:26.0929 0x0908  SharedAccess - ok
19:52:26.0950 0x0908  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:52:26.0972 0x0908  ShellHWDetection - ok
19:52:26.0993 0x0908  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
19:52:26.0996 0x0908  SiSRaid2 - ok
19:52:27.0011 0x0908  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
19:52:27.0014 0x0908  SiSRaid4 - ok
19:52:27.0070 0x0908  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
19:52:27.0075 0x0908  SkypeUpdate - ok
19:52:27.0100 0x0908  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
19:52:27.0103 0x0908  Smb - ok
19:52:27.0132 0x0908  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
19:52:27.0136 0x0908  SNMPTRAP - ok
19:52:27.0144 0x0908  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
19:52:27.0147 0x0908  spldr - ok
19:52:27.0203 0x0908  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
19:52:27.0234 0x0908  Spooler - ok
19:52:27.0359 0x0908  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
19:52:27.0484 0x0908  sppsvc - ok
19:52:27.0515 0x0908  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
19:52:27.0524 0x0908  sppuinotify - ok
19:52:27.0555 0x0908  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
19:52:27.0579 0x0908  srv - ok
19:52:27.0602 0x0908  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
19:52:27.0625 0x0908  srv2 - ok
19:52:27.0657 0x0908  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
19:52:27.0665 0x0908  srvnet - ok
19:52:27.0696 0x0908  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
19:52:27.0704 0x0908  SSDPSRV - ok
19:52:27.0727 0x0908  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
19:52:27.0727 0x0908  SstpSvc - ok
19:52:27.0797 0x0908  [ 3F0826F632F66906CB3ED62202A6BAD7, CA21B038DD1A1BED7293A8DEEBE19D43D1C12378ED5C6B82D36900CD4FFF23B7 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
19:52:27.0821 0x0908  Steam Client Service - ok
19:52:27.0844 0x0908  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
19:52:27.0844 0x0908  stexstor - ok
19:52:27.0883 0x0908  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
19:52:27.0915 0x0908  stisvc - ok
19:52:27.0946 0x0908  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
19:52:27.0946 0x0908  storflt - ok
19:52:27.0969 0x0908  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
19:52:27.0977 0x0908  StorSvc - ok
19:52:28.0000 0x0908  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
19:52:28.0000 0x0908  storvsc - ok
19:52:28.0024 0x0908  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
19:52:28.0024 0x0908  swenum - ok
19:52:28.0055 0x0908  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
19:52:28.0086 0x0908  swprv - ok
19:52:28.0157 0x0908  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
19:52:28.0227 0x0908  SysMain - ok
19:52:28.0250 0x0908  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:52:28.0258 0x0908  TabletInputService - ok
19:52:28.0274 0x0908  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
19:52:28.0297 0x0908  TapiSrv - ok
19:52:28.0305 0x0908  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
19:52:28.0313 0x0908  TBS - ok
19:52:28.0415 0x0908  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
19:52:28.0477 0x0908  Tcpip - ok
19:52:28.0572 0x0908  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
19:52:28.0611 0x0908  TCPIP6 - ok
19:52:28.0658 0x0908  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
19:52:28.0666 0x0908  tcpipreg - ok
19:52:28.0681 0x0908  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
19:52:28.0689 0x0908  TDPIPE - ok
19:52:28.0712 0x0908  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
19:52:28.0712 0x0908  TDTCP - ok
19:52:28.0728 0x0908  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
19:52:28.0728 0x0908  tdx - ok
19:52:28.0744 0x0908  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
19:52:28.0744 0x0908  TermDD - ok
19:52:28.0783 0x0908  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
19:52:28.0814 0x0908  TermService - ok
19:52:28.0830 0x0908  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
19:52:28.0837 0x0908  Themes - ok
19:52:28.0861 0x0908  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
19:52:28.0869 0x0908  THREADORDER - ok
19:52:28.0876 0x0908  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
19:52:28.0884 0x0908  TrkWks - ok
19:52:28.0939 0x0908  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:52:28.0947 0x0908  TrustedInstaller - ok
19:52:28.0986 0x0908  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
19:52:28.0994 0x0908  tssecsrv - ok
19:52:29.0009 0x0908  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
19:52:29.0017 0x0908  TsUsbFlt - ok
19:52:29.0041 0x0908  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
19:52:29.0041 0x0908  TsUsbGD - ok
19:52:29.0087 0x0908  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
19:52:29.0087 0x0908  tunnel - ok
19:52:29.0111 0x0908  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
19:52:29.0119 0x0908  uagp35 - ok
19:52:29.0142 0x0908  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
19:52:29.0166 0x0908  udfs - ok
19:52:29.0197 0x0908  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
19:52:29.0205 0x0908  UI0Detect - ok
19:52:29.0228 0x0908  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
19:52:29.0228 0x0908  uliagpkx - ok
19:52:29.0251 0x0908  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
19:52:29.0251 0x0908  umbus - ok
19:52:29.0267 0x0908  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
19:52:29.0267 0x0908  UmPass - ok
19:52:29.0306 0x0908  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
19:52:29.0330 0x0908  UmRdpService - ok
19:52:29.0423 0x0908  [ 6AA98EEB910E3D3A718592834EBE61D7, 6413F4DB38B70BFDF895AB00883724E5688B4BBB8C0F9392907ADB505B656870 ] UMVPFSrv        C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
19:52:29.0447 0x0908  UMVPFSrv - ok
19:52:29.0462 0x0908  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
19:52:29.0486 0x0908  upnphost - ok
19:52:29.0525 0x0908  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
19:52:29.0525 0x0908  USBAAPL64 - ok
19:52:29.0581 0x0908  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
19:52:29.0588 0x0908  usbaudio - ok
19:52:29.0627 0x0908  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
19:52:29.0635 0x0908  usbccgp - ok
19:52:29.0690 0x0908  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
19:52:29.0690 0x0908  usbcir - ok
19:52:29.0713 0x0908  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
19:52:29.0721 0x0908  usbehci - ok
19:52:29.0752 0x0908  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
19:52:29.0776 0x0908  usbhub - ok
19:52:29.0815 0x0908  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
19:52:29.0815 0x0908  usbohci - ok
19:52:29.0854 0x0908  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
19:52:29.0854 0x0908  usbprint - ok
19:52:29.0893 0x0908  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\drivers\usbscan.sys
19:52:29.0901 0x0908  usbscan - ok
19:52:29.0924 0x0908  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:52:29.0924 0x0908  USBSTOR - ok
19:52:29.0963 0x0908  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
19:52:29.0963 0x0908  usbuhci - ok
19:52:29.0987 0x0908  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
19:52:29.0995 0x0908  UxSms - ok
19:52:30.0002 0x0908  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
19:52:30.0010 0x0908  VaultSvc - ok
19:52:30.0026 0x0908  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
19:52:30.0026 0x0908  vdrvroot - ok
19:52:30.0057 0x0908  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
19:52:30.0088 0x0908  vds - ok
19:52:30.0104 0x0908  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
19:52:30.0104 0x0908  vga - ok
19:52:30.0127 0x0908  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
19:52:30.0127 0x0908  VgaSave - ok
19:52:30.0151 0x0908  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
19:52:30.0159 0x0908  vhdmp - ok
19:52:30.0190 0x0908  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
19:52:30.0190 0x0908  viaide - ok
19:52:30.0229 0x0908  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
19:52:30.0237 0x0908  vmbus - ok
19:52:30.0245 0x0908  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
19:52:30.0245 0x0908  VMBusHID - ok
19:52:30.0268 0x0908  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
19:52:30.0268 0x0908  volmgr - ok
19:52:30.0284 0x0908  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
19:52:30.0307 0x0908  volmgrx - ok
19:52:30.0338 0x0908  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
19:52:30.0346 0x0908  volsnap - ok
19:52:30.0385 0x0908  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
19:52:30.0385 0x0908  vsmraid - ok
19:52:30.0456 0x0908  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
19:52:30.0518 0x0908  VSS - ok
19:52:30.0534 0x0908  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
19:52:30.0542 0x0908  vwifibus - ok
19:52:30.0566 0x0908  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
19:52:30.0589 0x0908  W32Time - ok
19:52:30.0613 0x0908  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
19:52:30.0613 0x0908  WacomPen - ok
19:52:30.0644 0x0908  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
19:52:30.0644 0x0908  WANARP - ok
19:52:30.0652 0x0908  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
19:52:30.0660 0x0908  Wanarpv6 - ok
19:52:30.0738 0x0908  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
19:52:30.0785 0x0908  WatAdminSvc - ok
19:52:30.0855 0x0908  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
19:52:30.0910 0x0908  wbengine - ok
19:52:30.0933 0x0908  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
19:52:30.0957 0x0908  WbioSrvc - ok
19:52:30.0972 0x0908  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
19:52:30.0996 0x0908  wcncsvc - ok
19:52:31.0003 0x0908  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:52:31.0011 0x0908  WcsPlugInService - ok
19:52:31.0027 0x0908  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
19:52:31.0027 0x0908  Wd - ok
19:52:31.0089 0x0908  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
19:52:31.0121 0x0908  Wdf01000 - ok
19:52:31.0152 0x0908  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
19:52:31.0152 0x0908  WdiServiceHost - ok
19:52:31.0160 0x0908  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
19:52:31.0167 0x0908  WdiSystemHost - ok
19:52:31.0207 0x0908  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
19:52:31.0230 0x0908  WebClient - ok
19:52:31.0269 0x0908  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
19:52:31.0292 0x0908  Wecsvc - ok
19:52:31.0308 0x0908  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
19:52:31.0308 0x0908  wercplsupport - ok
19:52:31.0347 0x0908  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
19:52:31.0347 0x0908  WerSvc - ok
19:52:31.0371 0x0908  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
19:52:31.0371 0x0908  WfpLwf - ok
19:52:31.0386 0x0908  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
19:52:31.0386 0x0908  WIMMount - ok
19:52:31.0417 0x0908  WinDefend - ok
19:52:31.0433 0x0908  WinHttpAutoProxySvc - ok
19:52:31.0480 0x0908  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
19:52:31.0488 0x0908  Winmgmt - ok
19:52:31.0570 0x0908  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
19:52:31.0656 0x0908  WinRM - ok
19:52:31.0710 0x0908  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
19:52:31.0710 0x0908  WinUsb - ok
19:52:31.0765 0x0908  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
19:52:31.0796 0x0908  Wlansvc - ok
19:52:31.0820 0x0908  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
19:52:31.0820 0x0908  WmiAcpi - ok
19:52:31.0851 0x0908  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
19:52:31.0859 0x0908  wmiApSrv - ok
19:52:31.0890 0x0908  WMPNetworkSvc - ok
19:52:31.0898 0x0908  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
19:52:31.0906 0x0908  WPCSvc - ok
19:52:31.0921 0x0908  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
19:52:31.0929 0x0908  WPDBusEnum - ok
19:52:31.0945 0x0908  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
19:52:31.0945 0x0908  ws2ifsl - ok
19:52:31.0953 0x0908  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
19:52:31.0960 0x0908  wscsvc - ok
19:52:31.0968 0x0908  WSearch - ok
19:52:32.0078 0x0908  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
19:52:32.0171 0x0908  wuauserv - ok
19:52:32.0210 0x0908  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
19:52:32.0210 0x0908  WudfPf - ok
19:52:32.0234 0x0908  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
19:52:32.0242 0x0908  WUDFRd - ok
19:52:32.0273 0x0908  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
19:52:32.0281 0x0908  wudfsvc - ok
19:52:32.0328 0x0908  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
19:52:32.0351 0x0908  WwanSvc - ok
19:52:32.0429 0x0908  [ 2EE48CFCE7CA8E0DB4C44C7476C0943B, 2C324592F3F2D50BABA7123B6F9FC922667CC132777E019FF615F2D6F273A45E ] xusb21          C:\Windows\system32\DRIVERS\xusb21.sys
19:52:32.0437 0x0908  xusb21 - ok
19:52:32.0445 0x0908  ================ Scan global ===============================
19:52:32.0468 0x0908  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
19:52:32.0515 0x0908  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
19:52:32.0539 0x0908  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
19:52:32.0586 0x0908  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
19:52:32.0618 0x0908  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
19:52:32.0641 0x0908  [ Global ] - ok
19:52:32.0641 0x0908  ================ Scan MBR ==================================
19:52:32.0649 0x0908  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:52:33.0180 0x0908  \Device\Harddisk0\DR0 - ok
19:52:33.0180 0x0908  ================ Scan VBR ==================================
19:52:33.0188 0x0908  [ 84134F473E28067372E88505DBF75FA6 ] \Device\Harddisk0\DR0\Partition1
19:52:33.0188 0x0908  \Device\Harddisk0\DR0\Partition1 - ok
19:52:33.0188 0x0908  ================ Scan generic autorun ======================
19:52:33.0321 0x0908  [ 88CA0FFA894AF4B0D90B93FAA2A0A0D9, FC48386A287EB95E5D173FA358D6F0823A651C83835605892EAFD6ED11F17D6F ] c:\Program Files\Microsoft IntelliType Pro\itype.exe
19:52:33.0391 0x0908  itype - ok
19:52:33.0485 0x0908  [ 600D58E096AD89F03321117AFBBD0712, 9343B1CA5A4A0A1782E096C671424AEE4D31B85A091D6FC65E3774E945540552 ] C:\Program Files (x86)\Plantronics\PlantronicsURE\PlantronicsURE.exe
19:52:33.0508 0x0908  PlantronicsURE.exe - ok
19:52:33.0516 0x0908  NCUpdateHelper - ok
19:52:33.0586 0x0908  [ 61E4289E91E88C90478D7F4BEB10DCF7, 1D0F4034E0111CF5758F470C15A22A0A28EB8269CB5BF07222C9C0FB07A15C55 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
19:52:33.0586 0x0908  APSDaemon - ok
19:52:33.0633 0x0908  [ CE42DFE915F78246364D464902E47360, A0CE51355A126E10CE54DE9A59DBD36C404340113764B4520606863794031D69 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
19:52:33.0641 0x0908  iTunesHelper - ok
19:52:33.0829 0x0908  [ 26AFC1F16494FFE66F2197153B342A27, 817436E38F832500E120F196941F2F8392B192262E16D5E52CD5DFAC34749C15 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
19:52:33.0961 0x0908  AvastUI.exe - ok
19:52:34.0110 0x0908  [ 16598A9758F386F82D2C447C70C95D10, 0A698135EFC195C359702AA76897B9C67712FDE0A54B51587134B65510B154ED ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe
19:52:34.0141 0x0908  StartCCC - ok
19:52:34.0243 0x0908  [ BC0DF782D8C5C446C2AC7D16D2F3312C, 2702873FDC1B8DEA46F3B6B98BC93ED0EA199FA30F0AA22C0E50D8B6B5381FEE ] C:\Users\Krisshawnee\AppData\Roaming\mjusbsp\cdloader2.exe
19:52:34.0243 0x0908  cdloader - ok
19:52:34.0282 0x0908  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] C:\Users\Krisshawnee\AppData\Local\Google\Update\GoogleUpdate.exe
19:52:34.0290 0x0908  Google Update - ok
19:52:34.0313 0x0908  icq - ok
19:52:34.0329 0x0908  Skype - ok
19:52:34.0329 0x0908  Waiting for KSN requests completion. In queue: 75
19:52:35.0329 0x0908  Waiting for KSN requests completion. In queue: 75
19:52:36.0329 0x0908  Waiting for KSN requests completion. In queue: 75
19:52:37.0407 0x0908  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2021.515 ), 0x41000 ( enabled : updated )
19:52:37.0422 0x0908  Win FW state via NFP2: enabled
19:52:40.0211 0x0908  ============================================================
19:52:40.0211 0x0908  Scan finished
19:52:40.0211 0x0908  ============================================================
19:52:40.0219 0x0fbc  Detected object count: 0
19:52:40.0219 0x0fbc  Actual detected object count: 0
19:52:50.0633 0x0e28  Deinitialize success
 

 

 

 

 

-------------------------------------------------

C:\Users\Krisshawnee\AppData\Local\Temp\AskSLib.dll    a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application    deleted - quarantined
C:\Users\Krisshawnee\AppData\Local\Temp\27980c0e\temp\BITA5A7.tmp    a variant of Win32/AdWare.MultiPlug.AG application    cleaned by deleting - quarantined
C:\Windows\Temp\avast_ash\uTorrent\uTorrent.exe    a variant of Win32/Bunndle potentially unsafe application    deleted - quarantined
C:\Windows.old\Documents and Settings\owner\Application Data\Sun\Java\Deployment\cache\6.0\49\6e97d631-1f5ad670    Java/TrojanDownloader.OpenStream.NCA trojan    cleaned by deleting - quarantined
C:\Windows.old\Documents and Settings\owner\Local Settings\Temp\AAWInstallerTemp\v9.6.0\Ad-Aware.msi    a variant of Win32/Toolbar.Visicom.A potentially unwanted application    deleted - quarantined
C:\Windows.old\Windows\Installer\42718.msi    a variant of Win32/Toolbar.Visicom.A potentially unwanted application    deleted - quarantined
 

 

 

 

I don't do much banking on this computer and am no inclined to reformat unless absolutely forced to do so.



#9 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:03:35 AM

Posted 14 July 2014 - 10:57 PM

Do you now, or have you had the program Ad-Aware installed ??

 

This is picked up in the logs as being installed, but may now be removed.

It shows as AAWInstallerTemp\v9.6.0\Ad-Aware.

 

How is the problem ??


Edited by noknojon, 14 July 2014 - 10:59 PM.


#10 Krisshawnee

Krisshawnee
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:12:35 PM

Posted 15 July 2014 - 10:41 PM

I did have Ad-aware installed at once point in time. I don't have it any more.

 

As far as how the issue is, I haven't had the chance to be on long today but in the short time I've been on, I haven't gotten the warning from Avast. I will have more time tomorrow evening and will report back before bedtime tomorrow for an update as far as answering that last question.



#11 Krisshawnee

Krisshawnee
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:12:35 PM

Posted 16 July 2014 - 10:41 PM

I've been on most of the evening and have not once had avast alert me to it trying to open a window so my best guess is one of the scans did get it.



#12 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:35 PM

Posted 17 July 2014 - 06:58 AM

Install unchecky, this will help with issues in the future.

http://unchecky.com/

 

Now that we are done we need to clean up the disinfection tools we used along the way.
Download DelFix by "Xplode" to your Desktop.
Right Click the tool and Run as Admin ( Xp Users Double Click)

Put a check mark next the items below:


 

  • Remove disinfection tools
  • Create registry backup
  • Purge System Restore

 

Now click on "Run" button.
Allow the program to complete its work.
All the tools we used will be removed.
Tool will create and open a log report (DelFix.txt)
Note: The report can be located at the following location C:\DelFix.txt



#13 Krisshawnee

Krisshawnee
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:12:35 PM

Posted 17 July 2014 - 06:58 PM

# DelFix v10.7 - Logfile created 17/07/2014 at 18:31:44
# Updated 27/04/2014 by Xplode
# Username : Krisshawnee - KRISSHAWNEE-PC
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)

~ Removing disinfection tools ...

Deleted : C:\Qoobox
Deleted : C:\32788R22FWJFW
Deleted : C:\AdwCleaner
Deleted : C:\rkill.log
Deleted : C:\Users\Krisshawnee\Desktop\esetsmartinstaller_enu.exe
Deleted : C:\Users\Krisshawnee\Desktop\tdsskiller.exe
Deleted : C:\Users\Krisshawnee\Downloads\tdsskiller.zip
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\Swearware
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis

~ Creating registry backup ... OK

~ Cleaning system restore ...

Deleted : RP #256 [avast! antivirus system restore point | 07/12/2014 18:06:53]
Deleted : RP #257 [Removed 7-Zip 9.20 (x64 edition) | 07/12/2014 19:31:16]
Deleted : RP #258 [Windows Update | 07/15/2014 08:18:20]
Deleted : RP #259 [Windows Update | 07/17/2014 04:16:24]

New restore point created !

########## - EOF - ##########
 



#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,240 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:35 PM

Posted 18 July 2014 - 09:51 AM


How long ago did you run ComboFix?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#15 Krisshawnee

Krisshawnee
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:12:35 PM

Posted 18 July 2014 - 02:40 PM

Umm... a year atleast.. maybe two.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users