Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Internet explorer opening in Task Manager


  • Please log in to reply
7 replies to this topic

#1 mirceamrc

mirceamrc

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:12:50 AM

Posted 25 August 2014 - 03:25 PM

Hey guys, I think I got a virus. If I keep my task manager open for some time i can see a lot of internet explorer applications opening up but i cant acces them, like they are hidden. They start bulking up and up. Can you help me?



BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,770 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:01:50 PM

Posted 25 August 2014 - 08:23 PM

Welcome aboard p22002758.gif

 

p22002970.gif Download Security Check from here or here and save it to your Desktop.

  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2 SecurityCheck may produce some false warning(s), so leave the results reading to me.

p22002970.gif Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


p22002970.gif Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (do NOT change any settings here)
  • List Users, Partitions and Memory size
  • List Restore Points

Click Go and post the result.

p22002970.gif Please download Malwarebytes Anti-Malware to your desktop.
NOTE. If you already have MBAM 2.0 installed scroll down.

  • Double-click mb3-setup-1878.1878-3.5.1.2522.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:

    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.

  • Click Finish.
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.



If you already have MBAM 2.0 installed:

  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.


How to get logs:
(Export log to save as txt)


  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the Scan Log which shows the Date and time of the scan just performed.
  • Click 'Export'.
  • Click 'Text file (*.txt)'
  • In the Save File dialog box which appears, click on Desktop.
  • In the File name: box type a name for your scan log.
  • A message box named 'File Saved' should appear stating "Your file has been successfully exported".
  • Click Ok
  • Attach that saved log to your next reply.



(Copy to clipboard for pasting into forum replies or tickets)

  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.


p22002970.gifDownload 51a5f31352b88-icon_MBAR.pngMalwarebytes Anti-Rootkit to your desktop.
  • Warning! Malwarebytes Anti-Rootkit needs to be run from an account with administrator rights.
  • Double click on downloaded file. OK self extracting prompt.
  • MBAR will start. Click "Next" to continue.
  • Click in the following screen "Update" to obtain the latest malware definitions.
  • Once the update is complete select "Next" and click "Scan".
  • When the scan is finished and no malware has been found select "Exit".
  • If malware was detected, make sure to check all the items and click "Cleanup". Reboot your computer.
  • Open the MBAR folder located on your Desktop and paste the content of the following files in your next reply:
  • "mbar-log-{date} (xx-xx-xx).txt"
  • "system-log.txt"



p22002970.gif Please download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • Do not reboot until instructed.
  • If the tool does not run from any of the links provided, please let me know.


If normal mode still doesn't work, run the tool from safe mode.

When the scan is done Notepad will open with rKill log.
Post it in your next reply.

NOTE. rKill.txt log will also be present on your desktop.

NOTE Do NOT wrap your logs in "quote" or "code" brackets.
Do NOT use spoilers.
Do NOT edit your reply to post additional logs. Create new reply. I'll not get any email notifications about edits so I won't know you posted something new.


My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#3 mirceamrc

mirceamrc
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:12:50 AM

Posted 26 August 2014 - 06:34 AM

 Results of screen317's Security Check version 0.99.87  
   x86   
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
 Windows Security Center service is not running! This report may not be accurate!
Microsoft Security Essentials   
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Java 7 Update 67  
 Java version out of Date!
 Adobe Flash Player     14.0.0.145  
 Mozilla Firefox (31.0)
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamscheduler.exe   
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C::  
````````````````````End of Log``````````````````````

 

---------------------------------------------------------

 

Farbar Service Scanner Version: 21-07-2014
Ran by Mircea (administrator) on 26-08-2014 at 14:26:21
Running from "D:\Downloads"
Microsoft Windows 7 Ultimate   (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => File is digitally signed
C:\Windows\system32\Drivers\nsiproxy.sys => File is digitally signed
C:\Windows\system32\dhcpcore.dll => File is digitally signed
C:\Windows\system32\Drivers\afd.sys => File is digitally signed
C:\Windows\system32\Drivers\tdx.sys => File is digitally signed
C:\Windows\system32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\system32\dnsrslvr.dll => File is digitally signed
C:\Windows\system32\mpssvc.dll => File is digitally signed
C:\Windows\system32\bfe.dll => File is digitally signed
C:\Windows\system32\Drivers\mpsdrv.sys => File is digitally signed
C:\Windows\system32\SDRSVC.dll => File is digitally signed
C:\Windows\system32\vssvc.exe => File is digitally signed
C:\Windows\system32\wscsvc.dll => File is digitally signed
C:\Windows\system32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\system32\wuaueng.dll => File is digitally signed
C:\Windows\system32\qmgr.dll => File is digitally signed
C:\Windows\system32\es.dll => File is digitally signed
C:\Windows\system32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\system32\ipnathlp.dll => File is digitally signed
C:\Windows\system32\iphlpsvc.dll => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed


**** End of log ****

 

-----------------------------------------

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 26/08/2014
Scan Time: 14:24:53
Logfile: log.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.08.26.01
Rootkit Database: v2014.08.21.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7
CPU: x86
File System: NTFS
User: Mircea

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 308074
Time Elapsed: 8 min, 5 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)
 

----------------------------------------------------

MiniToolBox by Farbar  Version: 21-07-2014
Ran by Mircea (administrator) on 26-08-2014 at 14:36:53
Running from "D:\Downloads"
Microsoft Windows 7 Ultimate   (X86)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================
::1 localhost


127.0.0.1 localhost

========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [51712] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/25/2014 11:47:20 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {025e14c9-dae1-4216-b82a-8066c0f26f54}

Error: (08/25/2014 09:40:22 PM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 8.0.7600.16385, time stamp: 0x4a5bc69e
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0207e010
Faulting process id: 0x153c
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (08/25/2014 09:05:28 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {58a0de17-4f7a-44e6-8071-78a91f3c2b75}

Error: (08/24/2014 11:12:09 PM) (Source: Application Error) (User: )
Description: Faulting application name: CF_SGI.exe, version: 1.0.0.1, time stamp: 0x52b8e87c
Faulting module name: CF_SGI.exe, version: 1.0.0.1, time stamp: 0x52b8e87c
Exception code: 0xc0000005
Fault offset: 0x0000507d
Faulting process id: 0x17a4
Faulting application start time: 0xCF_SGI.exe0
Faulting application path: CF_SGI.exe1
Faulting module path: CF_SGI.exe2
Report Id: CF_SGI.exe3

Error: (08/24/2014 02:18:12 PM) (Source: Application Error) (User: )
Description: Faulting application name: CoherentUI_Host.exe, version: 1.8.1.0, time stamp: 0x52fdeb59
Faulting module name: CoherentUI_Host.exe, version: 1.8.1.0, time stamp: 0x52fdeb59
Exception code: 0xc0000005
Fault offset: 0x0005b914
Faulting process id: 0x2b0
Faulting application start time: 0xCoherentUI_Host.exe0
Faulting application path: CoherentUI_Host.exe1
Faulting module path: CoherentUI_Host.exe2
Report Id: CoherentUI_Host.exe3

Error: (08/24/2014 02:17:59 PM) (Source: Application Error) (User: )
Description: Faulting application name: CoherentUI_Host.exe, version: 1.8.1.0, time stamp: 0x52fdeb59
Faulting module name: CoherentUI_Host.exe, version: 1.8.1.0, time stamp: 0x52fdeb59
Exception code: 0xc0000005
Fault offset: 0x00056684
Faulting process id: 0x53c
Faulting application start time: 0xCoherentUI_Host.exe0
Faulting application path: CoherentUI_Host.exe1
Faulting module path: CoherentUI_Host.exe2
Report Id: CoherentUI_Host.exe3

Error: (08/23/2014 08:37:06 PM) (Source: Application Error) (User: )
Description: Faulting application name: League of Legends.exe, version: 4.14.0.362, time stamp: 0x53f3e75c
Faulting module name: ltc_game32-86352.dll_unloaded, version: 0.0.0.0, time stamp: 0x53f3f995
Exception code: 0xc0000005
Fault offset: 0x646c0cea
Faulting process id: 0x11cc
Faulting application start time: 0xLeague of Legends.exe0
Faulting application path: League of Legends.exe1
Faulting module path: League of Legends.exe2
Report Id: League of Legends.exe3

Error: (08/23/2014 08:37:01 PM) (Source: Application Error) (User: )
Description: Faulting application name: League of Legends.exe, version: 4.14.0.362, time stamp: 0x53f3e75c
Faulting module name: ltc_game32-86352.dll_unloaded, version: 0.0.0.0, time stamp: 0x53f3f995
Exception code: 0xc0000005
Fault offset: 0x64781f23
Faulting process id: 0x11cc
Faulting application start time: 0xLeague of Legends.exe0
Faulting application path: League of Legends.exe1
Faulting module path: League of Legends.exe2
Report Id: League of Legends.exe3

Error: (08/23/2014 08:33:14 PM) (Source: Application Hang) (User: )
Description: The program League of Legends.exe version 4.14.0.362 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: b4c

Start Time: 01cfbef7e91805df

Termination Time: 110

Application Path: D:\Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.52\deploy\League of Legends.exe

Report Id:

Error: (08/23/2014 11:49:39 AM) (Source: Application Error) (User: )
Description: Faulting application name: CF_SGI.exe, version: 1.0.0.1, time stamp: 0x52b8e87c
Faulting module name: CF_SGI.exe, version: 1.0.0.1, time stamp: 0x52b8e87c
Exception code: 0xc0000005
Fault offset: 0x0000507d
Faulting process id: 0xc74
Faulting application start time: 0xCF_SGI.exe0
Faulting application path: CF_SGI.exe1
Faulting module path: CF_SGI.exe2
Report Id: CF_SGI.exe3


System errors:
=============
Error: (08/26/2014 02:14:48 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the szserver service.

Error: (08/26/2014 02:11:22 PM) (Source: Service Control Manager) (User: )
Description: The Windows Update service hung on starting.

Error: (08/26/2014 02:06:54 PM) (Source: Microsoft Antimalware) (User: )
Description: %Virus:DOS/Rovnix.gen!A60 has encountered a critical error when taking action on malware or other potentially unwanted software.

For more information please see the following:
%Virus:DOS/Rovnix.gen!A603

    Name: Virus:DOS/Rovnix.gen!A

    ID: 2147686707

    Severity: %Virus:DOS/Rovnix.gen!A600

    Category: %Virus:DOS/Rovnix.gen!A602

    Path: 4.5.0216.02

    Detection Origin: 4.5.0216.04

    Detection Type: 4.5.0216.08

    Detection Source: %Virus:DOS/Rovnix.gen!A608

    User: {1E2774E7-638A-4B86-8FEB-FB543F0E2CC0}9

    Process Name: %Virus:DOS/Rovnix.gen!A609

    Action: {1E2774E7-638A-4B86-8FEB-FB543F0E2CC0}1

    Action Status:  {1E2774E7-638A-4B86-8FEB-FB543F0E2CC0}8

    Error Code: {1E2774E7-638A-4B86-8FEB-FB543F0E2CC0}3

    Error description: {1E2774E7-638A-4B86-8FEB-FB543F0E2CC0}4

    Signature Version: 2014-08-26T11:06:24.463Z1

    Engine Version: 2014-08-26T11:06:24.463Z2

Error: (08/26/2014 02:06:48 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.

Error: (08/26/2014 02:06:48 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.

Error: (08/26/2014 02:06:48 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.

Error: (08/26/2014 02:06:48 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.

Error: (08/26/2014 02:06:48 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.

Error: (08/26/2014 02:06:48 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.

Error: (08/26/2014 02:06:48 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.


Microsoft Office Sessions:
=========================
Error: (08/25/2014 11:47:20 PM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {025e14c9-dae1-4216-b82a-8066c0f26f54}

Error: (08/25/2014 09:40:22 PM) (Source: Application Error)(User: )
Description: iexplore.exe8.0.7600.163854a5bc69eunknown0.0.0.000000000c00000050207e010153c01cfc09348de2c3fC:\Program Files\Internet Explorer\iexplore.exeunknown44d395ad-2c87-11e4-9530-6466b301df00

Error: (08/25/2014 09:05:28 AM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {58a0de17-4f7a-44e6-8071-78a91f3c2b75}

Error: (08/24/2014 11:12:09 PM) (Source: Application Error)(User: )
Description: CF_SGI.exe1.0.0.152b8e87cCF_SGI.exe1.0.0.152b8e87cc00000050000507d17a401cfbfcd5e26f183D:\Games\Crossfire\Crossfire Europe\CF_SGI.exeD:\Games\Crossfire\Crossfire Europe\CF_SGI.exeec879719-2bca-11e4-94c8-6466b301df00

Error: (08/24/2014 02:18:12 PM) (Source: Application Error)(User: )
Description: CoherentUI_Host.exe1.8.1.052fdeb59CoherentUI_Host.exe1.8.1.052fdeb59c00000050005b9142b001cfbf88745a8b70C:\Users\Mircea\AppData\Roaming\Curse Client\Bin\CoherentUI_Host.exeC:\Users\Mircea\AppData\Roaming\Curse Client\Bin\CoherentUI_Host.exe55236f3b-2b80-11e4-94c8-6466b301df00

Error: (08/24/2014 02:17:59 PM) (Source: Application Error)(User: )
Description: CoherentUI_Host.exe1.8.1.052fdeb59CoherentUI_Host.exe1.8.1.052fdeb59c00000050005668453c01cfbf8870709865C:\Users\Mircea\AppData\Roaming\Curse Client\Bin\CoherentUI_Host.exeC:\Users\Mircea\AppData\Roaming\Curse Client\Bin\CoherentUI_Host.exe4d9bae71-2b80-11e4-94c8-6466b301df00

Error: (08/23/2014 08:37:06 PM) (Source: Application Error)(User: )
Description: League of Legends.exe4.14.0.36253f3e75cltc_game32-86352.dll_unloaded0.0.0.053f3f995c0000005646c0cea11cc01cfbef8b36d6b4eD:\Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.52\deploy\League of Legends.exeltc_game32-86352.dll19605daf-2aec-11e4-bdfc-6466b301df00

Error: (08/23/2014 08:37:01 PM) (Source: Application Error)(User: )
Description: League of Legends.exe4.14.0.36253f3e75cltc_game32-86352.dll_unloaded0.0.0.053f3f995c000000564781f2311cc01cfbef8b36d6b4eD:\Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.52\deploy\League of Legends.exeltc_game32-86352.dll167c93da-2aec-11e4-bdfc-6466b301df00

Error: (08/23/2014 08:33:14 PM) (Source: Application Hang)(User: )
Description: League of Legends.exe4.14.0.362b4c01cfbef7e91805df110D:\Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.52\deploy\League of Legends.exe

Error: (08/23/2014 11:49:39 AM) (Source: Application Error)(User: )
Description: CF_SGI.exe1.0.0.152b8e87cCF_SGI.exe1.0.0.152b8e87cc00000050000507dc7401cfbeaef0715ab2D:\Games\Crossfire\Crossfire Europe\CF_SGI.exeD:\Games\Crossfire\Crossfire Europe\CF_SGI.exe6a179a77-2aa2-11e4-951f-6466b301df00



=========================== Installed Programs ============================
µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.33215 - BitTorrent Inc.)
Adobe Flash Player 11 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.2.202.235 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Romanian (HKLM\...\{AC76BA86-7AD7-1048-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Arc (HKLM\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment)
Assassin's Creed Brotherhood (HKLM\...\{BE4BA698-8533-4F77-9559-C7F3F78C0B05}) (Version: 1.00 - Ubisoft)
Assassin's Creed II (HKLM\...\{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}) (Version: 1.01 - Ubisoft)
Assassin's Creed Revelations (HKLM\...\{33A22B2D-55BA-4508-B767-BF2E9C21A73F}) (Version: 1.00 - Ubisoft)
Core Temp 1.0 RC6 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
CPUID HWMonitor 1.25 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
Crossfire Europe (HKLM\...\Crossfire Europe) (Version: 1.172 - SG Europe)
Curse (HKLM\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dark Souls Prepare to Die Edition (HKLM\...\GFWL_{4E4D0FA1-F880-4CCB-999A-501000008200}) (Version: 1.0.0000.130 - NAMCO BANDAI Games Europe S.A.S.)
Dark Souls Prepare to Die Edition (Version: 1.0.0000.130 - NAMCO BANDAI Games Europe S.A.S.) Hidden
Dead Space (HKLM\...\Steam App 17470) (Version:  - EA Redwood Shores)
FIFA 11 (HKLM\...\{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}) (Version: 1.0.0.0 - Electronic Arts)
GameRanger (HKCU\...\GameRanger) (Version:  - GameRanger Technologies)
Heroes of Might and Magic V Bundle (HKLM\...\Heroes of Might and Magic V Bundle_is1) (Version:  - GOG.com)
Hi-Rez Studios Authenticate and Update Service (HKLM\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Ingato Client (HKLM\...\Ingato Client 1.60) (Version: 1.64 - Ingato LTD)
Ingato Client (Version: 1.60 - Ingato LTD) Hidden
Java 7 Update 67 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (Version: 2.1.67.1 - Oracle, Inc.) Hidden
League of Legends (HKLM\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (Version: 3.0.1 - Riot Games) Hidden
LogMeIn Hamachi (HKLM\...\LogMeIn Hamachi) (Version: 2.2.0.227 - LogMeIn, Inc.)
LogMeIn Hamachi (Version: 2.2.0.227 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Medal of Honor™ Single Player (HKLM\...\Steam App 47790) (Version:  - Electronic Arts)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Express - ENU (HKLM\...\Microsoft Visual C++ 2010 Express - ENU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 Express - ENU (Version: 10.0.30319 - Microsoft Corporation) Hidden
Mozilla Firefox 31.0 (x86 en-US) (HKLM\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
Ninja Blade (HKLM\...\{06F478B0-053F-45C7-B7F4-B81520345720}) (Version: 1.00 - ND Games)
NVIDIA 3D Vision Controller Driver 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Control Panel 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 2.1.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.160.1244 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 15.3.36 (Version: 15.3.36 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Update 15.3.36 (Version: 15.3.36 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 15.3.36 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
Pando Media Booster (HKLM\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
Plague Inc Evolved v0.7.5 (HKLM\...\Plague Inc Evolved v0.7.50.7.5) (Version: 0.7.5 - Friends in War)
Prince of Persia The Forgotten Sands™ (HKLM\...\{EAEAAF8C-8E86-4CAC-AC08-1A33EDCA34AC}) (Version: 1.0 - Ubisoft)
PunkBuster Services (HKLM\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6767 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (HKLM\...\Sid Meier's Civilization V_is1) (Version:  - )
Skype™ 6.18 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Smite (HKLM\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 1.0.2268.2 - Hi-Rez Studios)
StarCraft II: Heart of the Swarm © Blizzard Entertainment version 1 (HKLM\...\U3RhckNyYWZ0IElJOiBIZWFydCBvZiB0aGUgU3dhcm0gKGMp~BFC02D25_is1) (Version: 1 - )
Steam (HKLM\...\Steam) (Version:  - Valve Corporation)
System Requirements Lab CYRI (HKLM\...\{19B0831B-0C18-4103-86E4-90FCD04CD3B9}) (Version: 6.0.12.5 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
Ubisoft Game Launcher (HKLM\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Warhammer 40.000 Dawn of War II (HKLM\...\{45C5ECC4-E590-483F-A50D-4782F881CF1B}) (Version: 1.00.0 - THQ)
Warhammer 40000 Dawn of War II - Retribution (HKLM\...\Warhammer 40000 Dawn of War II - Retribution_is1) (Version:  - )
Warhammer 40000 Space Marine (HKLM\...\Warhammer 40000 Space Marine_is1) (Version:  - )
Windows Live ID Sign-in Assistant (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 5.10 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
World of Tanks (HKLM\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version:  - Wargaming.net)
Yahoo! Messenger (HKLM\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Yahoo! Software Update (HKLM\...\Yahoo! Software Update) (Version:  - )

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 58%
Total physical RAM: 2046.49 MB
Available physical RAM: 844.51 MB
Total Pagefile: 4092.98 MB
Available Pagefile: 2449.72 MB
Total Virtual: 2047.88 MB
Available Virtual: 1957.04 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:48.83 GB) (Free:21.83 GB) NTFS
3 Drive d: () (Fixed) (Total:416.92 GB) (Free:79.13 GB) NTFS

========================= Users: ========================================

User accounts for \\PC

Administrator            Guest                    Mircea                   
Tata                     

========================= Restore Points ==================================

25-08-2014 20:28:31 Installed STOPzilla
25-08-2014 20:47:21 STOPzilla Restore Point.
26-08-2014 11:09:51 Removed STOPzilla
26-08-2014 11:12:23 Removed STOPzilla

**** End of log ****
 


Edited by mirceamrc, 26 August 2014 - 06:43 AM.


#4 mirceamrc

mirceamrc
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:12:50 AM

Posted 26 August 2014 - 06:45 AM

I still have The malwarebytes anti root kit and rkill, did I forgot something ?

 

Malwarebytes anti root kit detected nothing

 

 

Rkill 2.6.8 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 08/26/2014 02:49:58 PM in x86 mode.
Windows Version: Windows 7 Ultimate

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * No issues found.

Checking Windows Service Integrity:

 * No issues found.

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * HOSTS file entries found:

  127.0.0.1 localhost
  ::1 localhost

Program finished at: 08/26/2014 02:50:27 PM
Execution time: 0 hours(s), 0 minute(s), and 29 seconds(s)
 

 

Here I added a screenshot of the explorer instances in task manager

 

http://imgur.com/tDKkXjR


Edited by mirceamrc, 26 August 2014 - 06:55 AM.


#5 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,770 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:01:50 PM

Posted 26 August 2014 - 05:55 PM

Download TDSSKiller and save it to your desktop.

  • Doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.


My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#6 mirceamrc

mirceamrc
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:12:50 AM

Posted 26 August 2014 - 11:51 PM

07:44:02.0430 0x0a5c  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
07:44:09.0439 0x0a5c  ============================================================
07:44:09.0439 0x0a5c  Current date / time: 2014/08/27 07:44:09.0439
07:44:09.0439 0x0a5c  SystemInfo:
07:44:09.0439 0x0a5c  
07:44:09.0439 0x0a5c  OS Version: 6.1.7600 ServicePack: 0.0
07:44:09.0439 0x0a5c  Product type: Workstation
07:44:09.0439 0x0a5c  ComputerName: PC
07:44:09.0439 0x0a5c  UserName: Mircea
07:44:09.0439 0x0a5c  Windows directory: C:\Windows
07:44:09.0439 0x0a5c  System windows directory: C:\Windows
07:44:09.0439 0x0a5c  Processor architecture: Intel x86
07:44:09.0439 0x0a5c  Number of processors: 2
07:44:09.0439 0x0a5c  Page size: 0x1000
07:44:09.0439 0x0a5c  Boot type: Normal boot
07:44:09.0439 0x0a5c  ============================================================
07:44:15.0106 0x0a5c  KLMD registered as C:\Windows\system32\drivers\53988759.sys
07:44:16.0081 0x0a5c  System UUID: {77EADB7E-4BA7-F96C-849D-0AFFAC028F45}
07:44:17.0634 0x0a5c  Drive \Device\Harddisk0\DR0 - Size: 0x7470AFDE00 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
07:44:17.0635 0x0a5c  ============================================================
07:44:17.0635 0x0a5c  \Device\Harddisk0\DR0:
07:44:17.0636 0x0a5c  MBR partitions:
07:44:17.0636 0x0a5c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x61A7927
07:44:17.0651 0x0a5c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x61A79A5, BlocksNum 0x341D93DB
07:44:17.0651 0x0a5c  ============================================================
07:44:17.0671 0x0a5c  C: <-> \Device\Harddisk0\DR0\Partition1
07:44:17.0688 0x0a5c  D: <-> \Device\Harddisk0\DR0\Partition2
07:44:17.0689 0x0a5c  ============================================================
07:44:17.0689 0x0a5c  Initialize success
07:44:17.0689 0x0a5c  ============================================================
07:44:27.0659 0x1780  ============================================================
07:44:27.0659 0x1780  Scan started
07:44:27.0659 0x1780  Mode: Manual;
07:44:27.0659 0x1780  ============================================================
07:44:27.0659 0x1780  KSN ping started
07:44:52.0384 0x1780  KSN ping finished: true
07:44:54.0009 0x1780  ================ Scan system memory ========================
07:44:54.0009 0x1780  System memory - ok
07:44:54.0009 0x1780  ================ Scan services =============================
07:44:54.0333 0x1780  [ 6D2ACA41739BFE8CB86EE8E85F29697D, 74A4F53C8309A8E5E94CDE4D440DD5308566185E6D8D98FD08E70A25BD728C91 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
07:44:54.0337 0x1780  1394ohci - ok
07:44:54.0368 0x1780  [ F0E07D144C8685B8774BC32FC8DA4DF0, 39816ED2623CA9ABE2B2EDCDB2F8481634742F00FEEF7E324F34D2BAAD668A67 ] ACPI            C:\Windows\system32\DRIVERS\ACPI.sys
07:44:54.0375 0x1780  ACPI - ok
07:44:54.0388 0x1780  [ 98D81CA942D19F7D9153B095162AC013, ACE5C073323176621F3312AA9B1EE1A3382F8CDD590D90DC57B34035FD6BC281 ] AcpiPmi         C:\Windows\system32\DRIVERS\acpipmi.sys
07:44:54.0390 0x1780  AcpiPmi - ok
07:44:54.0497 0x1780  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
07:44:54.0499 0x1780  AdobeARMservice - ok
07:44:54.0600 0x1780  [ 76D5A3D2A50402A0B9B6ED13C4371E79, 948515F94A0B926FDD17B7E96769A67C918C66CB915C3E7E4491CD4D35C12256 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
07:44:54.0608 0x1780  AdobeFlashPlayerUpdateSvc - ok
07:44:54.0647 0x1780  [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
07:44:54.0670 0x1780  adp94xx - ok
07:44:54.0684 0x1780  [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
07:44:54.0693 0x1780  adpahci - ok
07:44:54.0709 0x1780  [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
07:44:54.0714 0x1780  adpu320 - ok
07:44:54.0740 0x1780  [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
07:44:54.0742 0x1780  AeLookupSvc - ok
07:44:54.0762 0x1780  [ DDC040FDB01EF1712A6B13E52AFB104C, BF17E91BBB85A04F1EEF580CD006101332CDE5B876A0D04C6932F30707BB184F ] AFD             C:\Windows\system32\drivers\afd.sys
07:44:54.0771 0x1780  AFD - ok
07:44:54.0786 0x1780  [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\Windows\system32\DRIVERS\agp440.sys
07:44:54.0788 0x1780  agp440 - ok
07:44:54.0819 0x1780  [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys
07:44:54.0822 0x1780  aic78xx - ok
07:44:54.0863 0x1780  [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG             C:\Windows\System32\alg.exe
07:44:54.0866 0x1780  ALG - ok
07:44:54.0871 0x1780  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide          C:\Windows\system32\DRIVERS\aliide.sys
07:44:54.0874 0x1780  aliide - ok
07:44:54.0880 0x1780  [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp          C:\Windows\system32\DRIVERS\amdagp.sys
07:44:54.0882 0x1780  amdagp - ok
07:44:54.0888 0x1780  [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide          C:\Windows\system32\DRIVERS\amdide.sys
07:44:54.0889 0x1780  amdide - ok
07:44:54.0912 0x1780  [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
07:44:54.0914 0x1780  AmdK8 - ok
07:44:54.0921 0x1780  [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
07:44:54.0923 0x1780  AmdPPM - ok
07:44:54.0931 0x1780  [ 2101A86C25C154F8314B24EF49D7FBC2, E4C1326CF55850793B45B2BFDF361C4E98A07FB13E08BFD6DB50135489700998 ] amdsata         C:\Windows\system32\DRIVERS\amdsata.sys
07:44:54.0934 0x1780  amdsata - ok
07:44:54.0944 0x1780  [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
07:44:54.0950 0x1780  amdsbs - ok
07:44:54.0957 0x1780  [ B81C2B5616F6420A9941EA093A92B150, DA2000C9E06533232F8716A6674BC9DFD5C3AAE1FC46F7A91B8E917DB913F42F ] amdxata         C:\Windows\system32\DRIVERS\amdxata.sys
07:44:54.0959 0x1780  amdxata - ok
07:44:55.0123 0x1780  [ 2BAD76425AB994535E9EC858B86AD273, DFB2704C60DEFA8EF8041CA27B2248628B2235968E4ABE3DE2041D76D1A056F0 ] appdrv01        C:\Windows\system32\Drivers\appdrv01.sys
07:44:55.0390 0x1780  appdrv01 - ok
07:44:55.0423 0x1780  appdrvrem01 - ok
07:44:55.0441 0x1780  [ FEB834C02CE1E84B6A38F953CA067706, E5A7F8B632ABFBD1283C3D44FB02449814EDB653B204E1720DAA780A6D64FD01 ] AppID           C:\Windows\system32\drivers\appid.sys
07:44:55.0444 0x1780  AppID - ok
07:44:55.0461 0x1780  [ 62A9C86CB6085E20DB4823E4E97826F5, E0F840B49710022C4FB437002AD06F64B0F6B5D628B32D00F2B66765E6B97E4B ] AppIDSvc        C:\Windows\System32\appidsvc.dll
07:44:55.0463 0x1780  AppIDSvc - ok
07:44:55.0486 0x1780  [ 7DEAD9E3F65DCB2794F2711003BBF650, F541C30EEFD1BDB70F361B878B6E51DC728873695DD137148CE531FBACCDA21B ] Appinfo         C:\Windows\System32\appinfo.dll
07:44:55.0487 0x1780  Appinfo - ok
07:44:55.0523 0x1780  [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt         C:\Windows\System32\appmgmts.dll
07:44:55.0527 0x1780  AppMgmt - ok
07:44:55.0547 0x1780  [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc             C:\Windows\system32\DRIVERS\arc.sys
07:44:55.0550 0x1780  arc - ok
07:44:55.0558 0x1780  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
07:44:55.0561 0x1780  arcsas - ok
07:44:55.0610 0x1780  [ AA7A7D90C687A135D956C81533C58BF5, 3FDF8E719C6E9F03DB5BE1F6C4EA2B4A3DBB8B5114942DE5D7AC7236CBD8A3F5 ] ArcService      D:\Arc\Arc\ArcService.exe
07:44:55.0763 0x1780  ArcService - ok
07:44:55.0949 0x1780  [ 776ACEFA0CA9DF0FAA51A5FB2F435705, 72DF7ED6B085BC468994F5B3189506FD726A9A17A9C42ACA1E420D787691361D ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
07:44:55.0964 0x1780  aspnet_state - ok
07:44:55.0982 0x1780  [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
07:44:55.0984 0x1780  AsyncMac - ok
07:44:55.0990 0x1780  [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi           C:\Windows\system32\DRIVERS\atapi.sys
07:44:55.0991 0x1780  atapi - ok
07:44:56.0034 0x1780  [ 510C873BFA135AA829F4180352772734, BC528D840EB338B0C5D11801C63D8EADD40AF8043DC77ACB4B42E8D20767538F ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
07:44:56.0044 0x1780  AudioEndpointBuilder - ok
07:44:56.0078 0x1780  [ 510C873BFA135AA829F4180352772734, BC528D840EB338B0C5D11801C63D8EADD40AF8043DC77ACB4B42E8D20767538F ] Audiosrv        C:\Windows\System32\Audiosrv.dll
07:44:56.0088 0x1780  Audiosrv - ok
07:44:56.0112 0x1780  [ DD6A431B43E34B91A767D1CE33728175, 8BFF6474C9DFBEC96FA7B2789EF9B17C7910B52DBCF70CDA1F0C698CFA5EFB6E ] AxInstSV        C:\Windows\System32\AxInstSV.dll
07:44:56.0123 0x1780  AxInstSV - ok
07:44:56.0208 0x1780  [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
07:44:56.0287 0x1780  b06bdrv - ok
07:44:56.0319 0x1780  [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
07:44:56.0326 0x1780  b57nd60x - ok
07:44:56.0349 0x1780  [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC          C:\Windows\System32\bdesvc.dll
07:44:56.0353 0x1780  BDESVC - ok
07:44:56.0358 0x1780  [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep            C:\Windows\system32\drivers\Beep.sys
07:44:56.0361 0x1780  Beep - ok
07:44:56.0404 0x1780  [ 85AC71C045CEB054ED48A7841AAE0C11, BA0C0CC50E5C49838116AC9A12A7CF1A683601FD08D3CF6EC06620C51C0806FF ] BFE             C:\Windows\System32\bfe.dll
07:44:56.0415 0x1780  BFE - ok
07:44:56.0453 0x1780  [ 53F476476F55A27F580661BDE09C4EC4, 90DFBF97F011CFF41D2CFA2E33978BC746A7E693AC75EED1436130C4F10B4E67 ] BITS            C:\Windows\System32\qmgr.dll
07:44:56.0487 0x1780  BITS - ok
07:44:56.0495 0x1780  [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
07:44:56.0498 0x1780  blbdrive - ok
07:44:56.0505 0x1780  [ FCAFAEF6798D7B51FF029F99A9898961, BFB37686B1386EB883B99DB6AC342C20514939F8B7A5CEC5D63865B3DC2B4D4F ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
07:44:56.0509 0x1780  bowser - ok
07:44:56.0515 0x1780  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
07:44:56.0517 0x1780  BrFiltLo - ok
07:44:56.0522 0x1780  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
07:44:56.0524 0x1780  BrFiltUp - ok
07:44:56.0547 0x1780  [ 598E1280E7FF3744F4B8329366CC5635, 9B6392AEBE7EF26253487AF8C7C114822ABB187BA32DA8DBF622DB1B8DA6F1C0 ] Browser         C:\Windows\System32\browser.dll
07:44:56.0550 0x1780  Browser - ok
07:44:56.0578 0x1780  [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
07:44:56.0599 0x1780  Brserid - ok
07:44:56.0606 0x1780  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
07:44:56.0610 0x1780  BrSerWdm - ok
07:44:56.0615 0x1780  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
07:44:56.0617 0x1780  BrUsbMdm - ok
07:44:56.0623 0x1780  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
07:44:56.0625 0x1780  BrUsbSer - ok
07:44:56.0632 0x1780  [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
07:44:56.0634 0x1780  BTHMODEM - ok
07:44:56.0656 0x1780  [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv         C:\Windows\system32\bthserv.dll
07:44:56.0659 0x1780  bthserv - ok
07:44:56.0674 0x1780  [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
07:44:56.0678 0x1780  cdfs - ok
07:44:56.0695 0x1780  [ BA6E70AA0E6091BC39DE29477D866A77, A17A68BDA46995F75FB1C2C593A81CD3B2BFE290CEAA45FA2380DDF5537A23C9 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
07:44:56.0700 0x1780  cdrom - ok
07:44:56.0729 0x1780  [ 628A9E30EC5E18DD5DE6BE4DBDC12198, DDA43DCCB195440D6BD5752BD00D984F45BD6D23DBE2A656C33E3CD1E5D17AD7 ] CertPropSvc     C:\Windows\System32\certprop.dll
07:44:56.0731 0x1780  CertPropSvc - ok
07:44:56.0738 0x1780  [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
07:44:56.0741 0x1780  circlass - ok
07:44:56.0769 0x1780  [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS            C:\Windows\system32\CLFS.sys
07:44:56.0775 0x1780  CLFS - ok
07:44:56.0886 0x1780  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
07:44:56.0889 0x1780  clr_optimization_v2.0.50727_32 - ok
07:44:56.0918 0x1780  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
07:44:56.0995 0x1780  clr_optimization_v4.0.30319_32 - ok
07:44:57.0002 0x1780  [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
07:44:57.0005 0x1780  CmBatt - ok
07:44:57.0011 0x1780  [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide          C:\Windows\system32\DRIVERS\cmdide.sys
07:44:57.0013 0x1780  cmdide - ok
07:44:57.0028 0x1780  [ 1B675691ED940766149C93E8F4488D68, A55C41B2B343B1CF53D737ED1752D0510052094FFC60FDB833279A8A52398132 ] CNG             C:\Windows\system32\Drivers\cng.sys
07:44:57.0039 0x1780  CNG - ok
07:44:57.0053 0x1780  [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
07:44:57.0055 0x1780  Compbatt - ok
07:44:57.0072 0x1780  [ F1724BA27E97D627F808FB0BA77A28A6, F7D69082EEFEC0FB8B309F6AEE282D4A5DFC1A40851ED65904AA9582C5DEA5AB ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
07:44:57.0075 0x1780  CompositeBus - ok
07:44:57.0081 0x1780  COMSysApp - ok
07:44:57.0087 0x1780  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
07:44:57.0091 0x1780  crcdisk - ok
07:44:57.0114 0x1780  [ 9C231178CE4FB385F4B54B0A9080B8A4, 08EFAEBFF68D5CCE432D75116ED4BDC63FEA651459C9AD363CBEEDB769806527 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
07:44:57.0118 0x1780  CryptSvc - ok
07:44:57.0157 0x1780  [ 27C9490BDD0AE48911AB8CF1932591ED, 751F576F797F8A7BA576C32598BD6FD2E60D4FACC7836CC5BA3F68C38D27CCCA ] CSC             C:\Windows\system32\drivers\csc.sys
07:44:57.0179 0x1780  CSC - ok
07:44:57.0222 0x1780  [ 56FB5F222EA30D3D3FC459879772CB73, 2C4646774575858E26DBA9C73853E06D0BD18CC8A4C73C633071FF5FE04CA0F4 ] CscService      C:\Windows\System32\cscsvc.dll
07:44:57.0234 0x1780  CscService - ok
07:44:57.0279 0x1780  [ B82CD39E336973359D7C9BF911E8E84F, 45DB8F1E88FC25A81D2F3C2F8A8CDB6B34C44950B038E24FB71DCDD9823DB22A ] DcomLaunch      C:\Windows\system32\rpcss.dll
07:44:57.0302 0x1780  DcomLaunch - ok
07:44:57.0346 0x1780  [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc       C:\Windows\System32\defragsvc.dll
07:44:57.0354 0x1780  defragsvc - ok
07:44:57.0362 0x1780  [ 8E09E52EE2E3CEB199EF3DD99CF9E3FB, B03D0CF11C1D0DCBB76E74D796F3AFA2F9598C918017C29670BED4E3A9962EF5 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
07:44:57.0365 0x1780  DfsC - ok
07:44:57.0405 0x1780  [ C56495FBD770712367CAD35E5DE72DA6, 9D5456A2E208F542F0B6C951EFCABA2A10919777C4287D7298A28F543D5BAC32 ] Dhcp            C:\Windows\system32\dhcpcore.dll
07:44:57.0411 0x1780  Dhcp - ok
07:44:57.0418 0x1780  [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache        C:\Windows\system32\drivers\discache.sys
07:44:57.0419 0x1780  discache - ok
07:44:57.0451 0x1780  [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
07:44:57.0454 0x1780  Disk - ok
07:44:57.0489 0x1780  [ D0722E963D3C6145446874241401B209, 542B3E6EC7E0161AB4732380343139959775E749996A97684A5D423833DDB196 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
07:44:57.0493 0x1780  Dnscache - ok
07:44:57.0519 0x1780  [ 4408C85C21EEA48EB0CE486BAEEF0502, 67EA726F4053665D94D7790EC89616EA0698A7548073A9211E3F75937B4384BE ] dot3svc         C:\Windows\System32\dot3svc.dll
07:44:57.0526 0x1780  dot3svc - ok
07:44:57.0551 0x1780  [ 7FA81C6E11CAA594ADB52084DA73A1E5, 9ED1C585D9CA091E75E4A2A1E5B923B104EBDC5FC9D12154DE909C583E4D0CAE ] DPS             C:\Windows\system32\dps.dll
07:44:57.0555 0x1780  DPS - ok
07:44:57.0595 0x1780  [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
07:44:57.0596 0x1780  drmkaud - ok
07:44:57.0652 0x1780  [ 00C161B3D20AE0F9C7C3C0EB53AB7155, 38FE83B482FA580B292F7DFC8B372C78AECD6FF53EC41EB7BF4A2461827CDD64 ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
07:44:57.0658 0x1780  dtsoftbus01 - ok
07:44:57.0712 0x1780  [ C94B6C3CC628179CB9B9061C19888B99, 47614189E6B3DBD972D68B383EBA24ED01095B0C924B720B8CFF44297CC7FF6D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
07:44:57.0747 0x1780  DXGKrnl - ok
07:44:57.0780 0x1780  [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost         C:\Windows\System32\eapsvc.dll
07:44:57.0783 0x1780  EapHost - ok
07:44:57.0910 0x1780  [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
07:44:58.0036 0x1780  ebdrv - ok
07:44:58.0078 0x1780  [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] EFS             C:\Windows\System32\lsass.exe
07:44:58.0080 0x1780  EFS - ok
07:44:58.0167 0x1780  [ 3A74A6E33685662B125A3269B1F2114F, 183E180E4B35E549B5D7363D926E17226FF70CFDE7328F7B0B3676B9A27E2569 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
07:44:58.0191 0x1780  ehRecvr - ok
07:44:58.0199 0x1780  [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched         C:\Windows\ehome\ehsched.exe
07:44:58.0203 0x1780  ehSched - ok
07:44:58.0234 0x1780  [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
07:44:58.0257 0x1780  elxstor - ok
07:44:58.0264 0x1780  [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev          C:\Windows\system32\DRIVERS\errdev.sys
07:44:58.0266 0x1780  ErrDev - ok
07:44:58.0303 0x1780  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem     C:\Windows\system32\es.dll
07:44:58.0311 0x1780  EventSystem - ok
07:44:58.0322 0x1780  [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat           C:\Windows\system32\drivers\exfat.sys
07:44:58.0328 0x1780  exfat - ok
07:44:58.0338 0x1780  [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
07:44:58.0342 0x1780  fastfat - ok
07:44:58.0389 0x1780  [ F7EA23CC5E6BF2181F3F399D54F6EFC1, 4659A2EDC5D5171668FB20BED7B56466A674876888519D6F524F7456EBD11263 ] Fax             C:\Windows\system32\fxssvc.exe
07:44:58.0401 0x1780  Fax - ok
07:44:58.0409 0x1780  [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
07:44:58.0412 0x1780  fdc - ok
07:44:58.0434 0x1780  [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost         C:\Windows\system32\fdPHost.dll
07:44:58.0436 0x1780  fdPHost - ok
07:44:58.0450 0x1780  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub        C:\Windows\system32\fdrespub.dll
07:44:58.0453 0x1780  FDResPub - ok
07:44:58.0459 0x1780  [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
07:44:58.0465 0x1780  FileInfo - ok
07:44:58.0470 0x1780  [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
07:44:58.0473 0x1780  Filetrace - ok
07:44:58.0479 0x1780  [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
07:44:58.0480 0x1780  flpydisk - ok
07:44:58.0504 0x1780  [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
07:44:58.0510 0x1780  FltMgr - ok
07:44:58.0656 0x1780  [ 151258FC2EC8C48BDF8A53350AE0A676, 21F808E29E06AF03E1E55498C7975830157021BE9648117B27F4D21BBD07E9DB ] FontCache       C:\Windows\system32\FntCache.dll
07:44:58.0905 0x1780  FontCache - ok
07:44:58.0959 0x1780  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
07:44:58.0971 0x1780  FontCache3.0.0.0 - ok
07:44:59.0039 0x1780  [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
07:44:59.0042 0x1780  FsDepends - ok
07:44:59.0048 0x1780  [ A574B4360E438977038AAE4BF60D79A2, 7255CCDDDAC4853FA72E6487408C4B7390CBA37549CE952929B2A9CF3327C616 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
07:44:59.0053 0x1780  Fs_Rec - ok
07:44:59.0112 0x1780  [ 5592F5DBA26282D24D2B080EB438A4D7, 5376D6CFFE9A1406CFA0BF4325EB65206F57A5C50034DA7EB4238BEB08D4D6DB ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
07:44:59.0191 0x1780  fvevol - ok
07:44:59.0259 0x1780  [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
07:44:59.0273 0x1780  gagp30kx - ok
07:44:59.0327 0x1780  [ 8BA3C04702BF8F927AB36AE8313CA4EE, 3B6460C8134AA9D6E4FB978201B35FE9B67DD5BBB6C8D9625F3097DDA30C2893 ] gpsvc           C:\Windows\System32\gpsvc.dll
07:44:59.0344 0x1780  gpsvc - ok
07:44:59.0402 0x1780  [ 833051C6C6C42117191935F734CFBD97, 5EB5672ABC7994A4AFF855A572158B8BE4FC6E541CFD4B9BE4FF2739A9A6AFB8 ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
07:44:59.0418 0x1780  hamachi - ok
07:44:59.0755 0x1780  [ 59370B23587672184DF890275C8C4BCB, 53D05329AAA65AE900CC84DFAC1EB532D46C94C9192B416F9EAA8A5547D278D1 ] Hamachi2Svc     C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
07:44:59.0824 0x1780  Hamachi2Svc - ok
07:44:59.0841 0x1780  [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
07:44:59.0865 0x1780  hcw85cir - ok
07:44:59.0968 0x1780  [ 3530CAD25DEBA7DC7DE8BB51632CBC5F, 6706B8AD211A4B89B6571ACD227412026EAD87D71456B3EC6E7DD8FA15B997BE ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
07:45:00.0011 0x1780  HdAudAddService - ok
07:45:00.0034 0x1780  [ 717A2207FD6F13AD3E664C7D5A43C7BF, BF28A6F00B64FA0E801493E3289CFFD5E313E724DF7B5AB521C9E37A20890DCF ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
07:45:00.0037 0x1780  HDAudBus - ok
07:45:00.0043 0x1780  [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
07:45:00.0046 0x1780  HidBatt - ok
07:45:00.0054 0x1780  [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
07:45:00.0059 0x1780  HidBth - ok
07:45:00.0084 0x1780  [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
07:45:00.0086 0x1780  HidIr - ok
07:45:00.0102 0x1780  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv         C:\Windows\system32\hidserv.dll
07:45:00.0104 0x1780  hidserv - ok
07:45:00.0129 0x1780  [ 25072FB35AC90B25F9E4E3BACF774102, EBCE089947CC5A251A517CB91E81FCB948B18405FBACA04C874D4A48AF88676D ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
07:45:00.0131 0x1780  HidUsb - ok
07:45:00.0230 0x1780  [ C193FE8507607B2917A6F9B554132559, 962B065219D305B2DE1B4816D234438FBF8F6A79D45389683A21657733C14D5B ] HiPatchService  D:\Games\Smite\HiPatchService.exe
07:45:00.0339 0x1780  HiPatchService - ok
07:45:00.0370 0x1780  [ 741C2A45CA8407E374AABA3E330B7872, FCF31C46297CFDF8240F0E783A61C8463FEDB1EF7A676AB89DFF0EAE9F3534B4 ] hkmsvc          C:\Windows\system32\kmsvc.dll
07:45:00.0374 0x1780  hkmsvc - ok
07:45:00.0389 0x1780  [ A768CA158BB06782A2835B907F4873C3, EFF736C6BA38FB8FC8807286AB273E7274F505E8E59D952E8563DF77C412C5AE ] HomeGroupListener C:\Windows\system32\ListSvc.dll
07:45:00.0396 0x1780  HomeGroupListener - ok
07:45:00.0426 0x1780  [ FB08DEC5EF43D0C66D83B8E9694E7549, 9C9ECE9E90F524791FC5DCE797BAE39605F966592126FF058BA3FA0BEFD07BEB ] HomeGroupProvider C:\Windows\system32\provsvc.dll
07:45:00.0433 0x1780  HomeGroupProvider - ok
07:45:00.0445 0x1780  [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD          C:\Windows\system32\DRIVERS\HpSAMD.sys
07:45:00.0448 0x1780  HpSAMD - ok
07:45:00.0527 0x1780  [ C531C7FD9E8B62021112787C4E2C5A5A, 09205E2A5BFB6C623B312B8AC82F7F7CA8A922B1D9A0E3952BD3BA47BBE1F18C ] HTTP            C:\Windows\system32\drivers\HTTP.sys
07:45:00.0604 0x1780  HTTP - ok
07:45:00.0616 0x1780  [ 8305F33CDE89AD6C7A0763ED0B5A8D42, A7CA4978DC1FF6105EA39124DF854F0B1FD478476B871ED0E018AF3AE2165282 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
07:45:00.0617 0x1780  hwpolicy - ok
07:45:00.0699 0x1780  [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
07:45:00.0720 0x1780  i8042prt - ok
07:45:00.0767 0x1780  [ 934AF4D7C5F457B9F0743F4299B77B67, F232554352BB7CD716D6173FC1AB2661E49480994BB22E9A6FE7A33B51F0A51B ] iaStorV         C:\Windows\system32\DRIVERS\iaStorV.sys
07:45:00.0834 0x1780  iaStorV - ok
07:45:01.0018 0x1780  [ 5AF815EB5BC9802E5A064E2BA62BFC0C, DC8CED05F623D30C57E8A7A382A219B4266C9C766ABF8A8D71783EACB8607B82 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
07:45:01.0089 0x1780  idsvc - ok
07:45:01.0254 0x1780  [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
07:45:01.0259 0x1780  iirsp - ok
07:45:01.0496 0x1780  [ FAC0EE6562B121B1399D6E855583F7A5, 034C9EE9232EB2CE64297EC4BCBEB5DA443ED9176C436CC754EF84FFB4AD4B08 ] IKEEXT          C:\Windows\System32\ikeext.dll
07:45:01.0514 0x1780  IKEEXT - ok
07:45:02.0170 0x1780  [ 52EE480B541CA61025BC504B0348FAB8, 83379B12AB3F278EE1F17E08394F489569C8A47503F51B8017A1B25EAE07E5CF ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
07:45:02.0293 0x1780  IntcAzAudAddService - ok
07:45:02.0340 0x1780  [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide        C:\Windows\system32\DRIVERS\intelide.sys
07:45:02.0351 0x1780  intelide - ok
07:45:02.0395 0x1780  [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
07:45:02.0404 0x1780  intelppm - ok
07:45:02.0478 0x1780  [ B671FDA040CEA1018DAB736466BDAF1D, 4E1DA0CE561609269BF354497B8A5B3902D58D351E10F8247500FE66D9AE793B ] ip100Avista     C:\Windows\system32\DRIVERS\ipfnd51.sys
07:45:02.0489 0x1780  ip100Avista - ok
07:45:02.0531 0x1780  [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
07:45:02.0543 0x1780  IPBusEnum - ok
07:45:02.0555 0x1780  [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
07:45:02.0560 0x1780  IpFilterDriver - ok
07:45:02.0768 0x1780  [ 477397B432A256A50EE7E4339EB9EA14, 3722938E69D16962F773F39669E9B90279DC9527BBC63564B33C89DAFD283497 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
07:45:02.0781 0x1780  iphlpsvc - ok
07:45:02.0815 0x1780  [ E4454B6C37D7FFD5649611F6496308A7, 5B2AA8C06076C9A1FF944E5EA07C29BA7FABEBB38E6BFB388ED46933EAC465FB ] IPMIDRV         C:\Windows\system32\DRIVERS\IPMIDrv.sys
07:45:02.0870 0x1780  IPMIDRV - ok
07:45:02.0889 0x1780  [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
07:45:02.0900 0x1780  IPNAT - ok
07:45:02.0927 0x1780  [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
07:45:02.0933 0x1780  IRENUM - ok
07:45:02.0950 0x1780  [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp          C:\Windows\system32\DRIVERS\isapnp.sys
07:45:02.0961 0x1780  isapnp - ok
07:45:02.0991 0x1780  [ ED46C223AE46C6866AB77CDC41C404B7, 1B2A4A3FF0E5F8F02717F20983D57612D62DFF809064A7E524700E7254BB7DB3 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
07:45:03.0002 0x1780  iScsiPrt - ok
07:45:03.0031 0x1780  [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
07:45:03.0034 0x1780  kbdclass - ok
07:45:03.0039 0x1780  [ 3D9F0EBF350EDCFD6498057301455964, B3CB5F0C045B06C86E683F3C67DC0D4E37AF16E20B189B05C926A5A7011438FB ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
07:45:03.0041 0x1780  kbdhid - ok
07:45:03.0066 0x1780  [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] KeyIso          C:\Windows\system32\lsass.exe
07:45:03.0068 0x1780  KeyIso - ok
07:45:03.0102 0x1780  [ E36A061EC11B373826905B21BE10948F, CB9F8B76E0A99307A841B66CBD96C7087CC0B068699CBEF01040E37C6EA60E6A ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
07:45:03.0105 0x1780  KSecDD - ok
07:45:03.0114 0x1780  [ 26C046977E85B95036453D7B88BA1820, 375B284AFB407CAE417D2090B112A0ED1CCD516ABFDDBFCD5D6AADE859F14ACD ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
07:45:03.0118 0x1780  KSecPkg - ok
07:45:03.0152 0x1780  [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm           C:\Windows\system32\msdtckrm.dll
07:45:03.0173 0x1780  KtmRm - ok
07:45:03.0209 0x1780  [ BCA92CB047A4326925ECEF759DBAA233, C2A188F5526882A2E3AC4CC0190452DA37CBD93043DFE5571A20E8EFE9D56DA3 ] LanmanServer    C:\Windows\system32\srvsvc.dll
07:45:03.0216 0x1780  LanmanServer - ok
07:45:03.0242 0x1780  [ B9891F885DCF1F0513A51CB58493CB1F, C883D243E1E7B7AEA031FB90FE4FCEED631F835DC95F9D9D60BC554E6EC358C2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
07:45:03.0246 0x1780  LanmanWorkstation - ok
07:45:03.0271 0x1780  [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
07:45:03.0274 0x1780  lltdio - ok
07:45:03.0307 0x1780  [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
07:45:03.0313 0x1780  lltdsvc - ok
07:45:03.0329 0x1780  [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts         C:\Windows\System32\lmhsvc.dll
07:45:03.0331 0x1780  lmhosts - ok
07:45:03.0366 0x1780  [ 61535275E03AFAB541D7C94C69A96AF7, C8EEC418C844A7A303CFF4129F3A36C476DB927681E426010AA9E7246F461647 ] LMIGuardianSvc  C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
07:45:03.0396 0x1780  LMIGuardianSvc - ok
07:45:03.0423 0x1780  [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
07:45:03.0427 0x1780  LSI_FC - ok
07:45:03.0435 0x1780  [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
07:45:03.0438 0x1780  LSI_SAS - ok
07:45:03.0451 0x1780  [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
07:45:03.0454 0x1780  LSI_SAS2 - ok
07:45:03.0462 0x1780  [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
07:45:03.0465 0x1780  LSI_SCSI - ok
07:45:03.0487 0x1780  [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv           C:\Windows\system32\drivers\luafv.sys
07:45:03.0490 0x1780  luafv - ok
07:45:03.0521 0x1780  [ 8683C1B450F4B3872839308D836E0F92, C6CEEEA780D2191AEAC2537FD96324FF5501D92CE46313FB95ABB51765D919ED ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
07:45:03.0523 0x1780  MBAMProtector - ok
07:45:03.0635 0x1780  [ D84AEA3F3329D622DFC1297DDDF6163B, 316FE56CC30ED1473A917253F46B79EAA12F4ABD5B4B1ADB03929DFEE940F577 ] MBAMScheduler   C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
07:45:03.0724 0x1780  MBAMScheduler - ok
07:45:03.0778 0x1780  [ 4F45ED469906494F9BF754E476390DBD, D8FF6AFD73D8C191F5732DF9737E6F83B2B52B06A3A6CD4CC6EAC9464CBB2772 ] MBAMService     C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
07:45:03.0836 0x1780  MBAMService - ok
07:45:03.0873 0x1780  [ 12E71DA845D76665B56753AD149E32B3, 0E403710CCBACD5AB85FD4C32AAB6CB2C27BC1F043E8008EE49EE96ECA944146 ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
07:45:03.0877 0x1780  MBAMSwissArmy - ok
07:45:03.0897 0x1780  [ BD27D97297934FD4217A37FD28A7ABC7, 446F3D6D278A4B3B79B331AA325632FD038952E5E910FC927894E9171A623794 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
07:45:03.0899 0x1780  MBAMWebAccessControl - ok
07:45:03.0924 0x1780  [ E2B0887816ED336685954E3D8FDAA51D, 4DCB08ADC6A89DCA68D1285734B283B567888EF72249F6BBA73A63D1BD462466 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
07:45:03.0928 0x1780  Mcx2Svc - ok
07:45:03.0934 0x1780  [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
07:45:03.0936 0x1780  megasas - ok
07:45:03.0953 0x1780  [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
07:45:03.0961 0x1780  MegaSR - ok
07:45:04.0308 0x1780  Microsoft SharePoint Workspace Audit Service - ok
07:45:04.0344 0x1780  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS           C:\Windows\system32\mmcss.dll
07:45:04.0346 0x1780  MMCSS - ok
07:45:04.0357 0x1780  [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem           C:\Windows\system32\drivers\modem.sys
07:45:04.0364 0x1780  Modem - ok
07:45:04.0379 0x1780  [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
07:45:04.0380 0x1780  monitor - ok
07:45:04.0395 0x1780  [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
07:45:04.0397 0x1780  mouclass - ok
07:45:04.0405 0x1780  [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
07:45:04.0408 0x1780  mouhid - ok
07:45:04.0415 0x1780  [ 921C18727C5920D6C0300736646931C2, 19ACE502982E9C5B0134676102EAEE96675C9CA237E410DB36C389D6B4078301 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
07:45:04.0417 0x1780  mountmgr - ok
07:45:04.0505 0x1780  [ 4E9D8041D352A33332FD6F59A3A78B03, D4E6229B07EF9866993EEE4F6223DC7F1FF1108273FE14A3DC74E65C181DE56A ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
07:45:04.0518 0x1780  MozillaMaintenance - ok
07:45:04.0562 0x1780  [ 8072A7BB35D92CC621AC2605EEF79BC4, 68F61BE84A5032CEC24F04C90DACA1AE78F3744016389BE2345256B26E44E09A ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
07:45:04.0568 0x1780  MpFilter - ok
07:45:04.0585 0x1780  [ 2AF5997438C55FB79D33D015C30E1974, E8F048A02FEB400C133D0BFC1659921E73B59549E3F7D2A13929901B87A1901F ] mpio            C:\Windows\system32\DRIVERS\mpio.sys
07:45:04.0589 0x1780  mpio - ok
07:45:04.0602 0x1780  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
07:45:04.0605 0x1780  mpsdrv - ok
07:45:04.0634 0x1780  [ 5CD996CECF45CBC3E8D109C86B82D69E, ABE40DA4DA555D3D5054BE28BF82E775D90DCB9E31409DC95FABF2F016B17700 ] MpsSvc          C:\Windows\system32\mpssvc.dll
07:45:04.0647 0x1780  MpsSvc - ok
07:45:04.0657 0x1780  [ B1BE47008D20E43DA3ADC37C24CDB89D, 6E8555E84B42E5098227B35EA5ABADF2CD3AC247B37CB9E9304FF67064EBE59B ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
07:45:04.0661 0x1780  MRxDAV - ok
07:45:04.0669 0x1780  [ F4A054BE78AF7F410129C4B64B07DC9B, 65E14D38CCAB4FBB0C0D4A12F11B2E150AEC00AC692EE92A5CE6C982CF1190F5 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
07:45:04.0674 0x1780  mrxsmb - ok
07:45:04.0696 0x1780  [ DEFFA295BD1895C6ED8E3078412AC60B, 3F13CD67659EC2C8ABADC2C5B48B939ECDC6DB7CAAAAC3C2823AC12842BC1630 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
07:45:04.0703 0x1780  mrxsmb10 - ok
07:45:04.0712 0x1780  [ 24D76ABE5DCAD22F19D105F76FDF0CE1, D0A7E033B4DF4AA5A9600A2A7A890FDE20AC7CE87C660817EB92FE10E2DAD343 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
07:45:04.0716 0x1780  mrxsmb20 - ok
07:45:04.0722 0x1780  [ 4326D168944123F38DD3B2D9C37A0B12, 322AE93418BE3BA6B3E11C86431EC3F4B23CADC3B968B92978A08A7C0D0D8902 ] msahci          C:\Windows\system32\DRIVERS\msahci.sys
07:45:04.0724 0x1780  msahci - ok
07:45:04.0732 0x1780  [ 455029C7174A2DBB03DBA8A0D8BDDD9A, 614D71978B024109ADD9A7A74F74ABD5FAA1C36A2E859AF288398EAE7CD76DF2 ] msdsm           C:\Windows\system32\DRIVERS\msdsm.sys
07:45:04.0737 0x1780  msdsm - ok
07:45:04.0756 0x1780  [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC           C:\Windows\System32\msdtc.exe
07:45:04.0762 0x1780  MSDTC - ok
07:45:04.0772 0x1780  [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs            C:\Windows\system32\drivers\Msfs.sys
07:45:04.0774 0x1780  Msfs - ok
07:45:04.0780 0x1780  [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
07:45:04.0782 0x1780  mshidkmdf - ok
07:45:04.0788 0x1780  [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv        C:\Windows\system32\DRIVERS\msisadrv.sys
07:45:04.0790 0x1780  msisadrv - ok
07:45:04.0819 0x1780  [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
07:45:04.0824 0x1780  MSiSCSI - ok
07:45:04.0829 0x1780  msiserver - ok
07:45:04.0860 0x1780  [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
07:45:04.0862 0x1780  MSKSSRV - ok
07:45:04.0920 0x1780  [ 1EE3643D1AA747222427F63353611AD7, 18465E375485DF4E980121449077D5BA87C25C5FA8D86F40DA3B7BE153306766 ] MsMpSvc         C:\Program Files\Microsoft Security Client\MsMpEng.exe
07:45:04.0922 0x1780  MsMpSvc - ok
07:45:04.0936 0x1780  [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
07:45:04.0938 0x1780  MSPCLOCK - ok
07:45:04.0943 0x1780  [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
07:45:04.0946 0x1780  MSPQM - ok
07:45:04.0955 0x1780  [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
07:45:04.0960 0x1780  MsRPC - ok
07:45:04.0969 0x1780  [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
07:45:04.0970 0x1780  mssmbios - ok
07:45:04.0976 0x1780  [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
07:45:04.0977 0x1780  MSTEE - ok
07:45:04.0983 0x1780  [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
07:45:04.0985 0x1780  MTConfig - ok
07:45:04.0993 0x1780  [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup             C:\Windows\system32\Drivers\mup.sys
07:45:04.0996 0x1780  Mup - ok
07:45:05.0033 0x1780  [ 80284F1985C70C86F0B5F86DA2DFE1DF, 424A5BBC28C72DA0DBABEB9E423B8C409754CD1BA3DFC9E174BF22D8BCE1BE63 ] napagent        C:\Windows\system32\qagentRT.dll
07:45:05.0042 0x1780  napagent - ok
07:45:05.0084 0x1780  [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
07:45:05.0092 0x1780  NativeWifiP - ok
07:45:05.0125 0x1780  [ 23759D175A0A9BAAF04D05047BC135A8, 2C8C553B4E1ED3A644F619F16BCEDD5A3C6D74A17E6E75A3E740E06B1D636348 ] NDIS            C:\Windows\system32\drivers\ndis.sys
07:45:05.0145 0x1780  NDIS - ok
07:45:05.0170 0x1780  [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
07:45:05.0173 0x1780  NdisCap - ok
07:45:05.0182 0x1780  [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
07:45:05.0184 0x1780  NdisTapi - ok
07:45:05.0190 0x1780  [ B30AE7F2B6D7E343B0DF32E6C08FCE75, 39BBBF7AF886732CB9ED3E6C06DA4318554089F3BEA74C74328FE1C6EF68E70B ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
07:45:05.0193 0x1780  Ndisuio - ok
07:45:05.0201 0x1780  [ 267C415EADCBE53C9CA873DEE39CF3A4, BAA8626BDA7B68176B19A99FBBD40FB2A774C8F44B56F9FFB99A1F5C16A1C555 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
07:45:05.0205 0x1780  NdisWan - ok
07:45:05.0214 0x1780  [ AF7E7C63DCEF3F8772726F86039D6EB4, 1CFDED48E8844138864786DBF9D5519162A6DB28F885A781934E8AFBD52EAC50 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
07:45:05.0217 0x1780  NDProxy - ok
07:45:05.0223 0x1780  [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
07:45:05.0225 0x1780  NetBIOS - ok
07:45:05.0245 0x1780  [ DD52A733BF4CA5AF84562A5E2F963B91, 5CEB9664CED3D120F5408A12035748728710D41090A289CF66023CED4C838A1F ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
07:45:05.0250 0x1780  NetBT - ok
07:45:05.0267 0x1780  [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] Netlogon        C:\Windows\system32\lsass.exe
07:45:05.0269 0x1780  Netlogon - ok
07:45:05.0352 0x1780  [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman          C:\Windows\System32\netman.dll
07:45:05.0370 0x1780  Netman - ok
07:45:05.0418 0x1780  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
07:45:05.0430 0x1780  NetMsmqActivator - ok
07:45:05.0437 0x1780  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
07:45:05.0440 0x1780  NetPipeActivator - ok
07:45:05.0468 0x1780  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm        C:\Windows\System32\netprofm.dll
07:45:05.0484 0x1780  netprofm - ok
07:45:05.0492 0x1780  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
07:45:05.0495 0x1780  NetTcpActivator - ok
07:45:05.0503 0x1780  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
07:45:05.0506 0x1780  NetTcpPortSharing - ok
07:45:05.0524 0x1780  [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
07:45:05.0527 0x1780  nfrd960 - ok
07:45:05.0569 0x1780  [ FCBC2F48430EB0D7150A6521C0B84ACA, EEFB975E2D1121EE9E93702F2CA2938C99C6B2273616C85816BA15E857E8D4FF ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
07:45:05.0572 0x1780  NisDrv - ok
07:45:05.0664 0x1780  [ E4AA07F8BCBCB66EF115C443CD45C7A2, 3B538D9E376F12FC8589BA500BB5E859337CF1856D0E4AA66E2E3B5E301DAEC5 ] NisSrv          C:\Program Files\Microsoft Security Client\NisSrv.exe
07:45:05.0677 0x1780  NisSrv - ok
07:45:05.0706 0x1780  [ 2226496E34BD40734946A054B1CD657F, 98392D98C9213822268971432BB55047ABD8B4EBD42483FA69BF50FB8FAD64A2 ] NlaSvc          C:\Windows\System32\nlasvc.dll
07:45:05.0713 0x1780  NlaSvc - ok
07:45:05.0720 0x1780  [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
07:45:05.0728 0x1780  Npfs - ok
07:45:05.0742 0x1780  [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi             C:\Windows\system32\nsisvc.dll
07:45:05.0745 0x1780  nsi - ok
07:45:05.0751 0x1780  [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
07:45:05.0752 0x1780  nsiproxy - ok
07:45:05.0818 0x1780  [ 3795DCD21F740EE799FB7223234215AF, B03DBFD33B201134473D23038E0BD86CFE64556754BF4EBA42C10B67AEECAEA6 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
07:45:05.0882 0x1780  Ntfs - ok
07:45:05.0898 0x1780  [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null            C:\Windows\system32\drivers\Null.sys
07:45:05.0900 0x1780  Null - ok
07:45:05.0954 0x1780  [ 9F8EE4948B7ADD9D12F778F61A2758A4, 9848C7D97AC000BF7A00BAE12593E48E14D36D7FFFCF25A163FAAB446691032F ] NVHDA           C:\Windows\system32\drivers\nvhda32v.sys
07:45:05.0960 0x1780  NVHDA - ok
07:45:07.0060 0x1780  [ 1E3D32DDBE6BBDC0843432BAD599069F, 908893652F953C01E3FFEA19E76154B6246277720B088A61086A9B336B3EC6AD ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
07:45:07.0474 0x1780  nvlddmkm - ok
07:45:07.0889 0x1780  [ D3791C720DDEE697C0933B14DC135D9C, BE10585887F3C48464A856AC3510AF30D14849EEC1556D9E356A506784CB02A5 ] NvNetworkService C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
07:45:07.0936 0x1780  NvNetworkService - ok
07:45:07.0981 0x1780  [ 3F3D04B1D08D43C16EA7963954EC768D, BA82C1D3D9F4AA5F1C9729D61D4E06DB961FDF2B1E9B483D29DB308204DF0754 ] nvraid          C:\Windows\system32\DRIVERS\nvraid.sys
07:45:07.0986 0x1780  nvraid - ok
07:45:07.0995 0x1780  [ C99F251A5DE63C6F129CF71933ACED0F, 24D48A5F5D699AB0DD4D4435F8F7C6B73A924AEF8F9D1170FD644E26499546A2 ] nvstor          C:\Windows\system32\DRIVERS\nvstor.sys
07:45:07.0999 0x1780  nvstor - ok
07:45:08.0067 0x1780  [ 1050FFC62C9F3686676EC801737D87F3, 5E8E4DB9123939DA5F04F0064C421D5AAEB9F6C93B31441387D5104E6A7B9988 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
07:45:08.0069 0x1780  NvStreamKms - ok
07:45:09.0823 0x1780  [ 4A2916890A0D013AAD3D0431EBD48B0B, 582726CE085AC86538BA482275849252FBC36088C6C957BFC7064D36602FD638 ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
07:45:10.0532 0x1780  NvStreamSvc - ok
07:45:10.0772 0x1780  [ 5004DAF6A37C5C73FFCF4D3935A6FE87, 52F2149383EC41B18310801FD07C1363EE81C5D1F2B0206460FC7922C00D7A15 ] nvsvc           C:\Windows\system32\nvvsvc.exe
07:45:10.0798 0x1780  nvsvc - ok
07:45:10.0824 0x1780  [ FA3B7E6BD974251CE1160A471B497072, 0ABB83CAECAF9F8E9AD8D3FDD2F2F33419B7317B42D3C0AA62C414A6D887AB38 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad32v.sys
07:45:10.0826 0x1780  nvvad_WaveExtensible - ok
07:45:10.0843 0x1780  [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp          C:\Windows\system32\DRIVERS\nv_agp.sys
07:45:10.0847 0x1780  nv_agp - ok
07:45:10.0854 0x1780  [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
07:45:10.0857 0x1780  ohci1394 - ok
07:45:10.0937 0x1780  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
07:45:10.0942 0x1780  ose - ok
07:45:11.0315 0x1780  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7, F342100E2E9001F11FDF93F856B50FA43F9B85D2C6B5706EC0433E77206498DA ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
07:45:11.0484 0x1780  osppsvc - ok
07:45:11.0524 0x1780  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
07:45:11.0546 0x1780  p2pimsvc - ok
07:45:11.0578 0x1780  [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc          C:\Windows\system32\p2psvc.dll
07:45:11.0624 0x1780  p2psvc - ok
07:45:11.0665 0x1780  [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport         C:\Windows\system32\DRIVERS\parport.sys
07:45:11.0668 0x1780  Parport - ok
07:45:11.0675 0x1780  [ FF4218952B51DE44FE910953A3E686B9, 871E4F8300AFE2AE770B8F00C12911A08D8BBD8E07C37A11AFF67CA92607A602 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
07:45:11.0678 0x1780  partmgr - ok
07:45:11.0683 0x1780  [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
07:45:11.0685 0x1780  Parvdm - ok
07:45:11.0694 0x1780  [ 358AB7956D3160000726574083DFC8A6, 6CAFD4D1B8AB8C1D167ADC018985DDAB5AC2CBFFB3434FE6390F14AF50C19025 ] PcaSvc          C:\Windows\System32\pcasvc.dll
07:45:11.0700 0x1780  PcaSvc - ok
07:45:11.0710 0x1780  [ C858CB77C577780ECC456A892E7E7D0F, 21AE545B736739DE5A7B02CF227516BA6D02B1AAAECD8CC516CCF9F1FD710BCF ] pci             C:\Windows\system32\DRIVERS\pci.sys
07:45:11.0716 0x1780  pci - ok
07:45:11.0722 0x1780  [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide          C:\Windows\system32\DRIVERS\pciide.sys
07:45:11.0723 0x1780  pciide - ok
07:45:11.0746 0x1780  [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
07:45:11.0752 0x1780  pcmcia - ok
07:45:11.0758 0x1780  [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw             C:\Windows\system32\drivers\pcw.sys
07:45:11.0761 0x1780  pcw - ok
07:45:11.0789 0x1780  [ 9E0104BA49F4E6973749A02BF41344ED, B32F39F38DB48D77FBA884DEE34112BAB81CCEF5DD2EAAA12D9589D73D2BB116 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
07:45:11.0827 0x1780  PEAUTH - ok
07:45:12.0005 0x1780  [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
07:45:12.0050 0x1780  PeerDistSvc - ok
07:45:12.0139 0x1780  [ 9C1BFF7910C89A1D12E57343475840CB, 62E00E1278BD263B2AC8CB803C31F2818C54DB143C49470FAD07731E04BD2DE3 ] pla             C:\Windows\system32\pla.dll
07:45:12.0208 0x1780  pla - ok
07:45:12.0267 0x1780  [ 2CC2008F1296968FBA162ED9F9AFE328, 670E2BE4EB8210C9D6AEA635DFA20E390936762A22B2BB413BF9C7AF418150D6 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
07:45:12.0275 0x1780  PlugPlay - ok
07:45:12.0379 0x1780  [ 1713D9DE407313138118D501B0E3C05B, 75D89D507BFEBC8F9FBEB988C721BFB721FD0535BE915F370F3966967BA0B419 ] PnkBstrA        C:\Windows\system32\PnkBstrA.exe
07:45:12.0395 0x1780  PnkBstrA - ok
07:45:12.0414 0x1780  [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
07:45:12.0417 0x1780  PNRPAutoReg - ok
07:45:12.0430 0x1780  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
07:45:12.0437 0x1780  PNRPsvc - ok
07:45:12.0491 0x1780  [ 48E1B75C6DC0232FD92BAAE4BD344721, 5BA4EB5A60725836D8085EABF87F51160BA57E318A0C4378410217911A393CE7 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
07:45:12.0523 0x1780  PolicyAgent - ok
07:45:12.0546 0x1780  [ DBFF83F709A91049621C1D35DD45C92C, 0A722A44F431CAB5EA77FF5F25EB6975C2111B605564FF9FB59751067E7CD3A7 ] Power           C:\Windows\system32\umpo.dll
07:45:12.0552 0x1780  Power - ok
07:45:12.0758 0x1780  [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
07:45:12.0809 0x1780  PptpMiniport - ok
07:45:12.0999 0x1780  [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
07:45:13.0097 0x1780  Processor - ok
07:45:13.0441 0x1780  [ 630CF26F0227498B7D5A92B12548960F, 7B6E2A3C398DF2E8F63C03ED5B59BB8DA47D5C1ACA9F37438F71F35633ACD6CD ] ProfSvc         C:\Windows\system32\profsvc.dll
07:45:13.0449 0x1780  ProfSvc - ok
07:45:13.0477 0x1780  [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] ProtectedStorage C:\Windows\system32\lsass.exe
07:45:13.0479 0x1780  ProtectedStorage - ok
07:45:13.0505 0x1780  [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
07:45:13.0509 0x1780  Psched - ok
07:45:13.0870 0x1780  [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
07:45:13.0922 0x1780  ql2300 - ok
07:45:13.0951 0x1780  [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
07:45:13.0984 0x1780  ql40xx - ok
07:45:14.0037 0x1780  [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE           C:\Windows\system32\qwave.dll
07:45:14.0052 0x1780  QWAVE - ok
07:45:14.0073 0x1780  [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
07:45:14.0075 0x1780  QWAVEdrv - ok
07:45:14.0080 0x1780  [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
07:45:14.0082 0x1780  RasAcd - ok
07:45:14.0094 0x1780  [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
07:45:14.0097 0x1780  RasAgileVpn - ok
07:45:14.0118 0x1780  [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto         C:\Windows\System32\rasauto.dll
07:45:14.0123 0x1780  RasAuto - ok
07:45:14.0132 0x1780  [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
07:45:14.0138 0x1780  Rasl2tp - ok
07:45:14.0173 0x1780  [ 0CE66EC736B7FC526D78F7624C7D2A94, D70B45AA413691CF84B24E966EBA1689955E54BDDA206380CAB7CD50F56D5CEB ] RasMan          C:\Windows\System32\rasmans.dll
07:45:14.0183 0x1780  RasMan - ok
07:45:14.0190 0x1780  [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
07:45:14.0193 0x1780  RasPppoe - ok
07:45:14.0201 0x1780  [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
07:45:14.0204 0x1780  RasSstp - ok
07:45:14.0215 0x1780  [ 835D7E81BF517A3B72384BDCC85E1CE6, DC855AF17150C1B27926293115C01B5E1FD00FABCE18AFAEAB3DC68BDE4C908B ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
07:45:14.0222 0x1780  rdbss - ok
07:45:14.0232 0x1780  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
07:45:14.0234 0x1780  rdpbus - ok
07:45:14.0239 0x1780  [ 1E016846895B15A99F9A176A05029075, 78AE674B6E7D3A69099B24AC07E06563A4C867F9DCD8548E4DAAE6FC5ACA4E29 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
07:45:14.0240 0x1780  RDPCDD - ok
07:45:14.0262 0x1780  [ C5FF95883FFEF704D50C40D21CFB3AB5, 26CC53DDE126A6BD99F606695F063BB7FDC4BBABB9F75F7AD7A84B58C837EEAA ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
07:45:14.0267 0x1780  RDPDR - ok
07:45:14.0281 0x1780  [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
07:45:14.0282 0x1780  RDPENCDD - ok
07:45:14.0290 0x1780  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
07:45:14.0291 0x1780  RDPREFMP - ok
07:45:14.0300 0x1780  [ 801371BA9782282892D00AADB08EE367, 884DDC24B8400E76F65F54C249053333AD29543224F9EC156C64A6BDF584DDCD ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
07:45:14.0306 0x1780  RDPWD - ok
07:45:14.0320 0x1780  [ 4EA225BF1CF05E158853F30A99CA29A7, F211480F13E2FE36C31110AE67ABE74E9D572D3A36BEEDE29E14ECBD8C246878 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
07:45:14.0325 0x1780  rdyboost - ok
07:45:14.0344 0x1780  [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess    C:\Windows\System32\mprdim.dll
07:45:14.0349 0x1780  RemoteAccess - ok
07:45:14.0367 0x1780  [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry  C:\Windows\system32\regsvc.dll
07:45:14.0373 0x1780  RemoteRegistry - ok
07:45:14.0398 0x1780  [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
07:45:14.0401 0x1780  RpcEptMapper - ok
07:45:14.0427 0x1780  [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator      C:\Windows\system32\locator.exe
07:45:14.0437 0x1780  RpcLocator - ok
07:45:14.0467 0x1780  [ B82CD39E336973359D7C9BF911E8E84F, 45DB8F1E88FC25A81D2F3C2F8A8CDB6B34C44950B038E24FB71DCDD9823DB22A ] RpcSs           C:\Windows\system32\rpcss.dll
07:45:14.0477 0x1780  RpcSs - ok
07:45:14.0485 0x1780  [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
07:45:14.0488 0x1780  rspndr - ok
07:45:14.0511 0x1780  [ 5423D8437051E89DD34749F242C98648, 28FD190E13676B0FD452A73C3069B72206E2938DB2240BAA9BDB56687C748A2B ] s3cap           C:\Windows\system32\DRIVERS\vms3cap.sys
07:45:14.0513 0x1780  s3cap - ok
07:45:14.0532 0x1780  [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] SamSs           C:\Windows\system32\lsass.exe
07:45:14.0534 0x1780  SamSs - ok
07:45:14.0586 0x1780  sbapifs - ok
07:45:14.0602 0x1780  [ 34EE0C44B724E3E4CE2EFF29126DE5B5, D27AAF77CB8830893558A600E19CDBF9A6AA7D69DE4B34F317ED4AFD38E8CAFB ] sbp2port        C:\Windows\system32\DRIVERS\sbp2port.sys
07:45:14.0606 0x1780  sbp2port - ok
07:45:14.0623 0x1780  [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
07:45:14.0629 0x1780  SCardSvr - ok
07:45:14.0636 0x1780  [ A95C54B2AC3CC9C73FCDF9E51A1D6B51, 8C0189A6AF9AEC46CBA4DA422C52B2D3E4858B2F2658DB6CA7996B5F368D2503 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
07:45:14.0638 0x1780  scfilter - ok
07:45:14.0692 0x1780  [ 3E8B0C453E25613A1F59762A5C42AA75, 86801C49664441A08F7E95031E52AD2518D61CCB945A857A18F0714351A8158C ] Schedule        C:\Windows\system32\schedsvc.dll
07:45:14.0736 0x1780  Schedule - ok
07:45:14.0761 0x1780  [ 628A9E30EC5E18DD5DE6BE4DBDC12198, DDA43DCCB195440D6BD5752BD00D984F45BD6D23DBE2A656C33E3CD1E5D17AD7 ] SCPolicySvc     C:\Windows\System32\certprop.dll
07:45:14.0763 0x1780  SCPolicySvc - ok
07:45:14.0780 0x1780  [ 5FD90ABDBFAEE85986802622CBB03446, 0A8D9DC09C2ACA9EAABED04737E9EBF6EFB92BB2B9E5F37F10BFDF47CBF7DEDB ] SDRSVC          C:\Windows\System32\SDRSVC.dll
07:45:14.0794 0x1780  SDRSVC - ok
07:45:14.0817 0x1780  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
07:45:14.0819 0x1780  secdrv - ok
07:45:14.0836 0x1780  [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon        C:\Windows\system32\seclogon.dll
07:45:14.0839 0x1780  seclogon - ok
07:45:14.0854 0x1780  [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS            C:\Windows\System32\sens.dll
07:45:14.0857 0x1780  SENS - ok
07:45:14.0877 0x1780  [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
07:45:14.0885 0x1780  SensrSvc - ok
07:45:14.0897 0x1780  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
07:45:14.0899 0x1780  Serenum - ok
07:45:14.0907 0x1780  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial          C:\Windows\system32\DRIVERS\serial.sys
07:45:14.0910 0x1780  Serial - ok
07:45:14.0916 0x1780  [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
07:45:14.0918 0x1780  sermouse - ok
07:45:14.0946 0x1780  [ 8F55CE568C543D5ADF45C409D16718FC, 64D45854A91B656C1AF36EB272FDC54E9B5FB0200CB93E20F7D997DDA109EF7F ] SessionEnv      C:\Windows\system32\sessenv.dll
07:45:14.0951 0x1780  SessionEnv - ok
07:45:14.0956 0x1780  [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
07:45:14.0959 0x1780  sffdisk - ok
07:45:14.0964 0x1780  [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc        C:\Windows\system32\DRIVERS\sffp_mmc.sys
07:45:14.0968 0x1780  sffp_mmc - ok
07:45:14.0973 0x1780  [ 4F1E5B0FE7C8050668DBFADE8999AEFB, E36DAACC3D11F004808A3F44C471BBFDC2F33411D9F5C18B55B0DB2A6DA6E74C ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
07:45:14.0975 0x1780  sffp_sd - ok
07:45:14.0982 0x1780  [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
07:45:14.0983 0x1780  sfloppy - ok
07:45:15.0015 0x1780  [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
07:45:15.0036 0x1780  SharedAccess - ok
07:45:15.0062 0x1780  [ CD2E48FA5B29EE2B3B5858056D246EF2, B743F92D0121CF3D827753C85F1F5A14C2DAA1CAFD42C7810C3BECB853DB6175 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
07:45:15.0071 0x1780  ShellHWDetection - ok
07:45:15.0078 0x1780  [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp          C:\Windows\system32\DRIVERS\sisagp.sys
07:45:15.0080 0x1780  sisagp - ok
07:45:15.0092 0x1780  [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
07:45:15.0094 0x1780  SiSRaid2 - ok
07:45:15.0101 0x1780  [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
07:45:15.0105 0x1780  SiSRaid4 - ok
07:45:15.0134 0x1780  [ 050A4112B00BCA2E13314CDE48C1DEEE, 86C679CD494DEEB984372BF954EFBB8982AC7995FBF89FCF83BC228991D1B825 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
07:45:15.0155 0x1780  SkypeUpdate - ok
07:45:15.0163 0x1780  [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
07:45:15.0166 0x1780  Smb - ok
07:45:15.0192 0x1780  [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
07:45:15.0196 0x1780  SNMPTRAP - ok
07:45:15.0202 0x1780  [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr           C:\Windows\system32\drivers\spldr.sys
07:45:15.0204 0x1780  spldr - ok
07:45:15.0222 0x1780  [ 49B6DD6AB3715B7A67965F17194E98A9, 331D69F3630BA978AC13471A2E7465351D04416343A595C62B94BADFFCD02B3A ] Spooler         C:\Windows\System32\spoolsv.exe
07:45:15.0243 0x1780  Spooler - ok
07:45:15.0523 0x1780  [ 4C287F9069FEDBD791178876EE9DE536, 6099E76FF6FBA002EBA2BA7BE4E3238D91332E077524D1DD402E0C9ADA22E852 ] sppsvc          C:\Windows\system32\sppsvc.exe
07:45:15.0632 0x1780  sppsvc - ok
07:45:15.0672 0x1780  [ D8E3E19EEBDAB49DD4A8D3062EAD4EC7, E7A8A5774C62DC12B56DC3E0A385ACA9069F3A5E6AC664AD0C383EF44DCF81B3 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
07:45:15.0682 0x1780  sppuinotify - ok
07:45:15.0706 0x1780  [ 2BA4EBC7DFBA845A1EDBE1F75913BE33, 58D0B957469D55026A53C3963508C8B36BDB360A0A5B870332B79A39200DB3AC ] srv             C:\Windows\system32\DRIVERS\srv.sys
07:45:15.0714 0x1780  srv - ok
07:45:15.0728 0x1780  [ DCE7E10FEAABD4CAE95948B3DE5340BB, B1E9CD14DC24BB161EFC83D83CE95D0A98008AD790041785C6C8B87564A491D7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
07:45:15.0736 0x1780  srv2 - ok
07:45:15.0745 0x1780  [ B5665BAA2120B8A54E22E9CD07C05106, 86E50853D412ACDC752AD182ED52B49DD679D75843E1E9D6A6425E750594692C ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
07:45:15.0749 0x1780  srvnet - ok
07:45:15.0766 0x1780  [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
07:45:15.0773 0x1780  SSDPSRV - ok
07:45:15.0782 0x1780  [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
07:45:15.0787 0x1780  SstpSvc - ok
07:45:15.0875 0x1780  [ B5C26A6A92C9A6CD64399D2B06D29464, 6CAF09892D4C516361125AAF5387D5BF306EC26133EE45DBBC35C8B6190BAD24 ] Steam Client Service C:\Program Files\Common Files\Steam\SteamService.exe
07:45:16.0974 0x1780  Steam Client Service - ok
07:45:17.0124 0x1780  [ 5DA84663B5DC64AF9D5E944D809A6099, C5D427F019081BF93C08391845E7B22A9AFCE7D3A6E6F8EA1F36566F05F9843E ] Stereo Service  C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
07:45:17.0148 0x1780  Stereo Service - ok
07:45:17.0173 0x1780  [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
07:45:17.0175 0x1780  stexstor - ok
07:45:17.0213 0x1780  [ A22825E7BB7018E8AF3E229A5AF17221, 5C97557F8BC6ABBB5BE624AE41AAC22C3D845F76C3E930337A4C07B2381086D7 ] StiSvc          C:\Windows\System32\wiaservc.dll
07:45:17.0245 0x1780  StiSvc - ok
07:45:17.0264 0x1780  [ 957E346CA948668F2496A6CCF6FF82CC, 5C0E0F0E0F2D36E3213885C60BC3B075AFD2257FEB4B8186FC1FE253E0C218AF ] storflt         C:\Windows\system32\DRIVERS\vmstorfl.sys
07:45:17.0266 0x1780  storflt - ok
07:45:17.0279 0x1780  [ D5751969DC3E4B88BF482AC8EC9FE019, DAEB50C0045364C75965B0E94744C6E2E1E85C8D00F1E8A5593F3EC780BDD7D9 ] storvsc         C:\Windows\system32\DRIVERS\storvsc.sys
07:45:17.0282 0x1780  storvsc - ok
07:45:17.0288 0x1780  [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
07:45:17.0290 0x1780  swenum - ok
07:45:17.0327 0x1780  [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv           C:\Windows\System32\swprv.dll
07:45:17.0338 0x1780  swprv - ok
07:45:17.0395 0x1780  [ 04105C8DA62353589C29BDAEB8D88BD8, CC7A3A779A143E09FE5C0AA6795A7B13496C4E121347949CB23F7946EE5E2DED ] SysMain         C:\Windows\system32\sysmain.dll
07:45:17.0440 0x1780  SysMain - ok
07:45:17.0458 0x1780  [ FCFB6C552FBC0DA299799CBD50AD9FD4, A2A90829087B1A7F9B57D6F184EB4AE38D10B2986B0DC8D2ACA5EE9412CA3976 ] TabletInputService C:\Windows\System32\TabSvc.dll
07:45:17.0475 0x1780  TabletInputService - ok
07:45:17.0494 0x1780  [ 2F46B0C70A4ADC8C90CF825DA3B4FEAF, FF66CBA014F3F8B721088F5AB3D004C1711E7F587CC8D4AC3DCFB45CDB746800 ] TapiSrv         C:\Windows\System32\tapisrv.dll
07:45:17.0503 0x1780  TapiSrv - ok
07:45:17.0522 0x1780  [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS             C:\Windows\System32\tbssvc.dll
07:45:17.0527 0x1780  TBS - ok
07:45:17.0742 0x1780  [ 63170B9EE1D0EF0032F0408605671D1A, 4618A91CB83BB0ACDA526DB9527728BB352C777A919AF1A7A9EE28C55701CC30 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
07:45:17.0777 0x1780  Tcpip - ok
07:45:17.0833 0x1780  [ 63170B9EE1D0EF0032F0408605671D1A, 4618A91CB83BB0ACDA526DB9527728BB352C777A919AF1A7A9EE28C55701CC30 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
07:45:17.0861 0x1780  TCPIP6 - ok
07:45:17.0913 0x1780  [ E64444523ADD154F86567C469BC0B17F, FBE8A1DC28C102068183754F6BF0D03F5D18FD24BEB7E4B57D1CFCEBB13B381F ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
07:45:17.0927 0x1780  tcpipreg - ok
07:45:17.0947 0x1780  [ 1875C1490D99E70E449E3AFAE9FCBADF, FFDF03826DAB748D51B53B648B632E79B3CD6238F684FDEA749B4D0F93BE5A77 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
07:45:17.0949 0x1780  TDPIPE - ok
07:45:17.0954 0x1780  [ 7551E91EA999EE9A8E9C331D5A9C31F3, C98C97DFD6C7276CD999545A7BC67B56E1BDDFB2886412E9198012322F95A10D ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
07:45:17.0957 0x1780  TDTCP - ok
07:45:17.0964 0x1780  [ CB39E896A2A83702D1737BFD402B3542, FA77D98EA3606CA2FCEF0E0949FDE2C32A080B47CAFDE46CE903CA3CBFC5DF35 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
07:45:17.0967 0x1780  tdx - ok
07:45:17.0974 0x1780  [ C36F41EE20E6999DBF4B0425963268A5, 9DB789A17DF2C283D6E803EEA15F2BDFC56EE3BE342A5606DD5C179C3550ECA6 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
07:45:17.0977 0x1780  TermDD - ok
07:45:18.0010 0x1780  [ A01E50A04D7B1960B33E92B9080E6A94, 0512BF11F2FD62BDBD2B1AA34D509BE82AC374C37B925C8C0ED119C6331930FD ] TermService     C:\Windows\System32\termsrv.dll
07:45:18.0025 0x1780  TermService - ok
07:45:18.0048 0x1780  [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes          C:\Windows\system32\themeservice.dll
07:45:18.0051 0x1780  Themes - ok
07:45:18.0075 0x1780  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER     C:\Windows\system32\mmcss.dll
07:45:18.0091 0x1780  THREADORDER - ok
07:45:18.0125 0x1780  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks          C:\Windows\System32\trkwks.dll
07:45:18.0129 0x1780  TrkWks - ok
07:45:18.0184 0x1780  [ 41A4C781D2286208D397D72099304133, 447CAAD5589AA499EEE49FBA2CB53210359DB76AFF1DF2F0BD4D92A397037C1D ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
07:45:18.0190 0x1780  TrustedInstaller - ok
07:45:18.0199 0x1780  [ 98AE6FA07D12CB4EC5CF4A9BFA5F4242, 9606DACB8CBDAF520282BE8C8F064535767405F138D9E9A215D2C59183E93CC1 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
07:45:18.0201 0x1780  tssecsrv - ok
07:45:18.0216 0x1780  [ 3E461D890A97F9D4C168F5FDA36E1D00, 82A8778F404F7AC5102802CF46F279F1E58AC74244665D06FD0C68A8BD887536 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
07:45:18.0220 0x1780  tunnel - ok
07:45:18.0235 0x1780  [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
07:45:18.0237 0x1780  uagp35 - ok
07:45:18.0249 0x1780  [ 09CC3E16F8E5EE7168E01CF8FCBE061A, 81EEAC72A7C4D72666C743DEFF8096FDB465AA1FA8076C60D19CC192846F01CA ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
07:45:18.0256 0x1780  udfs - ok
07:45:18.0278 0x1780  [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect       C:\Windows\system32\UI0Detect.exe
07:45:18.0294 0x1780  UI0Detect - ok
07:45:18.0321 0x1780  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx        C:\Windows\system32\DRIVERS\uliagpkx.sys
07:45:18.0325 0x1780  uliagpkx - ok
07:45:18.0337 0x1780  [ 049B3A50B3D646BAEEEE9EEC9B0668DC, 5774438BBD0976424C20559E14BA2AC158D9FF5D4E1FDC1C9C9F4D7A5CE8C377 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
07:45:18.0340 0x1780  umbus - ok
07:45:18.0351 0x1780  [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
07:45:18.0353 0x1780  UmPass - ok
07:45:18.0391 0x1780  [ 8ECACA5454844F66386F7BE4AE0D7CD1, F3B02A9F598C6A9EFA019F5833959DD1A86FDFDB9FDDF99A8687BBB6211AAD00 ] UmRdpService    C:\Windows\System32\umrdp.dll
07:45:18.0397 0x1780  UmRdpService - ok
07:45:18.0431 0x1780  [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost        C:\Windows\System32\upnphost.dll
07:45:18.0453 0x1780  upnphost - ok
07:45:18.0461 0x1780  [ 8455C4ED038EFD09E99327F9D2D48FFA, D166F98EA3D85F7DD6B5258949C186714A17EF89B6FDC9804165F7B4FA811C30 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
07:45:18.0464 0x1780  usbccgp - ok
07:45:18.0472 0x1780  [ 04EC7CEC62EC3B6D9354EEE93327FC82, 6CB41D8644618A5F701F6CA91FB65BB94AA83EA48992133B5262DC539B334B2E ] usbcir          C:\Windows\system32\DRIVERS\usbcir.sys
07:45:18.0475 0x1780  usbcir - ok
07:45:18.0484 0x1780  [ 1C333BFD60F2FED2C7AD5DAF533CB742, 97AE9CA39482B886FCD063E80B8AB153E1FC1459452657393D8B1745EF69E1C3 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
07:45:18.0487 0x1780  usbehci - ok
07:45:18.0499 0x1780  [ EE6EF93CCFA94FAE8C6AB298273D8AE2, CBEE16CEAD02E994F0C2AD77DD8C01CB9964C6B42DE49FF7A787849CD25767B4 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
07:45:18.0507 0x1780  usbhub - ok
07:45:18.0513 0x1780  [ A6FB7957EA7AFB1165991E54CE934B74, 1CE83D9E3276AE380F720C7700A17D58A37A2A77FD72DA69EE0C756B88DB3689 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
07:45:18.0515 0x1780  usbohci - ok
07:45:18.0520 0x1780  [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
07:45:18.0522 0x1780  usbprint - ok
07:45:18.0530 0x1780  [ D8889D56E0D27E57ED4591837FE71D27, DB1B65EEBFB036086EC3347C1181D9D01FF65870EAEC4A1BA08AF43C35075647 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
07:45:18.0575 0x1780  USBSTOR - ok
07:45:18.0580 0x1780  [ 78780C3EBCE17405B1CCD07A3A8A7D72, FBFF3111E22EE0B4BCAFA81F89AAE985135BFF48EEFD130C09B49CCF8A9946B9 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
07:45:18.0582 0x1780  usbuhci - ok
07:45:18.0628 0x1780  [ F642A7E4BF78CFA359CCA0A3557C28D7, 12F1ABDD5C871147AFC682BCEF099F319A4F542AC3F0B647D7A5DFE63EDAE061 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
07:45:18.0633 0x1780  usbvideo - ok
07:45:18.0654 0x1780  [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms           C:\Windows\System32\uxsms.dll
07:45:18.0657 0x1780  UxSms - ok
07:45:18.0676 0x1780  [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] VaultSvc        C:\Windows\system32\lsass.exe
07:45:18.0678 0x1780  VaultSvc - ok
07:45:18.0687 0x1780  [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot        C:\Windows\system32\DRIVERS\vdrvroot.sys
07:45:18.0690 0x1780  vdrvroot - ok
07:45:18.0728 0x1780  [ 8C4E7C49D3641BC9E299E466A7F8867D, 4F2E742EFE2DE47EE187B3BCDFDCB525FE484B74700A226D7894F9633F957AFA ] vds             C:\Windows\System32\vds.exe
07:45:18.0750 0x1780  vds - ok
07:45:18.0759 0x1780  [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
07:45:18.0762 0x1780  vga - ok
07:45:18.0770 0x1780  [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave         C:\Windows\System32\drivers\vga.sys
07:45:18.0772 0x1780  VgaSave - ok
07:45:18.0782 0x1780  [ 3BE6E1F3A4F1AFEC8CEE0D7883F93583, 33DF8F7C9A3176175113CA10D69FAF17A5412C055943F14DDC9923531FADB82D ] vhdmp           C:\Windows\system32\DRIVERS\vhdmp.sys
07:45:18.0788 0x1780  vhdmp - ok
07:45:18.0796 0x1780  [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp          C:\Windows\system32\DRIVERS\viaagp.sys
07:45:18.0799 0x1780  viaagp - ok
07:45:18.0807 0x1780  [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys
07:45:18.0811 0x1780  ViaC7 - ok
07:45:18.0819 0x1780  [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide          C:\Windows\system32\DRIVERS\viaide.sys
07:45:18.0821 0x1780  viaide - ok
07:45:18.0836 0x1780  [ 379B349F65F453D2A6E75EA6B7448E49, F52B1B3AE9F5D38B45C889A7B1EBE59533C17E73678D355D1466B5EF3338BF16 ] vmbus           C:\Windows\system32\DRIVERS\vmbus.sys
07:45:18.0842 0x1780  vmbus - ok
07:45:18.0856 0x1780  [ EC2BBAB4B84D0738C6C83D2234DC36FE, 8BA2FA187DAC6994D5A29897AE5F46E6424FB53C827553E0BB148E31825D6676 ] VMBusHID        C:\Windows\system32\DRIVERS\VMBusHID.sys
07:45:18.0858 0x1780  VMBusHID - ok
07:45:18.0864 0x1780  [ 384E5A2AA49934295171E499F86BA6F3, C79271F98506392422325C075144F45436F9979FE1E002B57F9426F3DA96CEF0 ] volmgr          C:\Windows\system32\DRIVERS\volmgr.sys
07:45:18.0867 0x1780  volmgr - ok
07:45:18.0898 0x1780  [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
07:45:18.0908 0x1780  volmgrx - ok
07:45:18.0921 0x1780  [ 58DF9D2481A56EDDE167E51B334D44FD, C77D7BE83CF1C0DEC80429C5A519E794FD2E8C1E6DAD6F5C92B5EB5694CEB8EA ] volsnap         C:\Windows\system32\DRIVERS\volsnap.sys
07:45:18.0928 0x1780  volsnap - ok
07:45:18.0948 0x1780  [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
07:45:18.0953 0x1780  vsmraid - ok
07:45:19.0036 0x1780  [ 7EA2BCD94D9CFAF4C556F5CC94532A6C, 7CD6637BE0A08E3B0F9991D79751DCA8AEC9224B83301821DAA29C9F42B7A9E3 ] VSS             C:\Windows\system32\vssvc.exe
07:45:19.0082 0x1780  VSS - ok
07:45:19.0093 0x1780  [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
07:45:19.0096 0x1780  vwifibus - ok
07:45:19.0149 0x1780  [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time         C:\Windows\system32\w32time.dll
07:45:19.0159 0x1780  W32Time - ok
07:45:19.0194 0x1780  [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
07:45:19.0197 0x1780  WacomPen - ok
07:45:19.0234 0x1780  [ 692A712062146E96D28BA0B7D75DE31B, B6D260272330E0C8EBFAD8F09212F48F1EFED42E6BD3F29A5780D0B691D55B34 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
07:45:19.0238 0x1780  WANARP - ok
07:45:19.0245 0x1780  [ 692A712062146E96D28BA0B7D75DE31B, B6D260272330E0C8EBFAD8F09212F48F1EFED42E6BD3F29A5780D0B691D55B34 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
07:45:19.0247 0x1780  Wanarpv6 - ok
07:45:19.0326 0x1780  [ 7790B77FE1E5EE47DCC66247095BB4C9, FFB541F83CDE32E65007D41217C2F46CDDF68121E2846B638EAB620ACA940B05 ] wbengine        C:\Windows\system32\wbengine.exe
07:45:19.0400 0x1780  wbengine - ok
07:45:19.0414 0x1780  [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
07:45:19.0424 0x1780  WbioSrvc - ok
07:45:19.0440 0x1780  [ D0F88AA11EE1A62BCC6D6A8A7783CA11, 3DBC1806E6F8CD58A9E93EA2A0CDC83C1A90E37B5E385209E4D9A0C81922F447 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
07:45:19.0451 0x1780  wcncsvc - ok
07:45:19.0469 0x1780  [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
07:45:19.0475 0x1780  WcsPlugInService - ok
07:45:19.0484 0x1780  [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
07:45:19.0487 0x1780  Wd - ok
07:45:19.0505 0x1780  [ 9950E3D0F08141C7E89E64456AE7DC73, DE4B96812B305A63F5874BBF2DC40354FB45B3D96C1D33436E677099760BA448 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
07:45:19.0520 0x1780  Wdf01000 - ok
07:45:19.0544 0x1780  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost  C:\Windows\system32\wdi.dll
07:45:19.0555 0x1780  WdiServiceHost - ok
07:45:19.0562 0x1780  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost   C:\Windows\system32\wdi.dll
07:45:19.0567 0x1780  WdiSystemHost - ok
07:45:19.0587 0x1780  [ D87C7D2C517F82A5AB7A73E203063D9E, 8861AB4ECEDAE801008BE0406FCB19418AA2864E89D0776B94E25773E6DB5E88 ] WebClient       C:\Windows\System32\webclnt.dll
07:45:19.0608 0x1780  WebClient - ok
07:45:19.0637 0x1780  [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc          C:\Windows\system32\wecsvc.dll
07:45:19.0657 0x1780  Wecsvc - ok
07:45:19.0674 0x1780  [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
07:45:19.0679 0x1780  wercplsupport - ok
07:45:19.0717 0x1780  [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc          C:\Windows\System32\WerSvc.dll
07:45:19.0722 0x1780  WerSvc - ok
07:45:19.0739 0x1780  [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
07:45:19.0742 0x1780  WfpLwf - ok
07:45:19.0753 0x1780  [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
07:45:19.0755 0x1780  WIMMount - ok
07:45:19.0944 0x1780  [ 3FAE8F94296001C32EAB62CD7D82E0FD, 180FAECC426CF8F46700C855022E5865D528B1A20686F96D11080AB2FE2E0430 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
07:45:19.0976 0x1780  WinDefend - ok
07:45:19.0991 0x1780  WinHttpAutoProxySvc - ok
07:45:20.0245 0x1780  [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
07:45:20.0251 0x1780  Winmgmt - ok
07:45:20.0309 0x1780  [ C4F5D3901D1B41D602DDC196E0B95B51, 20FF2A9DEE3ECBFB163DFA62A407E30ED49F609EF46936F286C2A08A24EA3E7C ] WinRM           C:\Windows\system32\WsmSvc.dll
07:45:20.0339 0x1780  WinRM - ok
07:45:20.0466 0x1780  [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc         C:\Windows\System32\wlansvc.dll
07:45:20.0507 0x1780  Wlansvc - ok
07:45:20.0671 0x1780  [ 5144AE67D60EC653F97DDF3FEED29E77, F6238767284B2356A9F502E2ACCFAAC283FA13CBF238E98B5115A55179526B10 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
07:45:20.0733 0x1780  wlidsvc - ok
07:45:20.0766 0x1780  [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
07:45:20.0768 0x1780  WmiAcpi - ok
07:45:20.0791 0x1780  [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
07:45:20.0796 0x1780  wmiApSrv - ok
07:45:20.0903 0x1780  [ 77FBD400984CF72BA0FC4B3489D65F74, 9AA404F17177FEB43A9EA1A86061B452E7C4A93C873E61B68269047519CD433E ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
07:45:20.0946 0x1780  WMPNetworkSvc - ok
07:45:20.0974 0x1780  [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
07:45:20.0983 0x1780  WPCSvc - ok
07:45:21.0001 0x1780  [ B7F658A2EBC07129538AD9AB35212637, 86774A760189E4B126C972A778F890C00C1C30EDD28044DD43B40644A8778B4D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
07:45:21.0008 0x1780  WPDBusEnum - ok
07:45:21.0015 0x1780  [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
07:45:21.0021 0x1780  ws2ifsl - ok
07:45:21.0037 0x1780  [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc          C:\Windows\System32\wscsvc.dll
07:45:21.0041 0x1780  wscsvc - ok
07:45:21.0047 0x1780  WSearch - ok
07:45:21.0160 0x1780  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll
07:45:21.0238 0x1780  wuauserv - ok
07:45:21.0267 0x1780  [ 6F9B6C0C93232CFF47D0F72D6DB1D21E, C685A458951820ED0F09E6197251CE6FC55AAB75D4FBEFF2992805309239A47A ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
07:45:21.0282 0x1780  WudfPf - ok
07:45:21.0292 0x1780  [ F91FF1E51FCA30B3C3981DB7D5924252, D7052B58F22638CA8B59C6FD7408D6D6DD1C33910912CACC05C133472CE0DDCE ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
07:45:21.0296 0x1780  WUDFRd - ok
07:45:21.0327 0x1780  [ DDEE3682FE97037C45F4D7AB467CB8B6, D5A8F07AF4EDD9D7E17FEC6222D187E2981C177A479511E407756E0E5CB8D387 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
07:45:21.0331 0x1780  wudfsvc - ok
07:45:21.0347 0x1780  [ FF2D745B560F7C71B31F30F4D49F73D2, B2FBF7E5F58E34AC64FE6CF65800F1F07939279203BDE89375FAC92B884A4F37 ] WwanSvc         C:\Windows\System32\wwansvc.dll
07:45:21.0355 0x1780  WwanSvc - ok
07:45:21.0417 0x1780  XDva413 - ok
07:45:21.0612 0x1780  [ DD0042F0C3B606A6A8B92D49AFB18AD6, 8D3BE4C93D02AF5F42EC46AF598D6DA40C61D467CB2FEE5E222F9C1E7A84B852 ] YahooAUService  C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
07:45:21.0632 0x1780  YahooAUService - ok
07:45:21.0654 0x1780  ================ Scan global ===============================
07:45:21.0696 0x1780  [ 9A595DF601070DA78C40481120DD2C06, 4C2D6216F212DE9346339ED29152962A39E4435E70F18DD655156727E70818F6 ] C:\Windows\system32\basesrv.dll
07:45:21.0743 0x1780  [ 827E4F75901CA3F990B1487D3301841E, A0B17C83D52DB95EDBA81C6ABD78E5E4E3BB65CB57F977B07172A96D4C2B743B ] C:\Windows\system32\winsrv.dll
07:45:21.0775 0x1780  [ 827E4F75901CA3F990B1487D3301841E, A0B17C83D52DB95EDBA81C6ABD78E5E4E3BB65CB57F977B07172A96D4C2B743B ] C:\Windows\system32\winsrv.dll
07:45:21.0818 0x1780  [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
07:45:21.0896 0x1780  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\Windows\system32\services.exe
07:45:21.0906 0x1780  [ Global ] - ok
07:45:21.0907 0x1780  ================ Scan MBR ==================================
07:45:21.0918 0x1780  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
07:45:23.0584 0x1780  \Device\Harddisk0\DR0 - ok
07:45:23.0588 0x1780  ================ Scan VBR ==================================
07:45:23.0607 0x1780  [ 0C38549A77DEFF18CB39ED2DDC7E198A ] \Device\Harddisk0\DR0\Partition1
07:45:23.0619 0x1780  \Device\Harddisk0\DR0\Partition1 - detected Rootkit.Boot.Cidox.b ( 0 )
07:45:23.0619 0x1780  \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - infected
07:45:26.0358 0x1780  [ 2E6BAA7EDBEAC7C3AC87C26FDFEB3566 ] \Device\Harddisk0\DR0\Partition2
07:45:26.0374 0x1780  \Device\Harddisk0\DR0\Partition2 - ok
07:45:26.0375 0x1780  ================ Scan generic autorun ======================
07:45:27.0461 0x1780  [ 626031BF55ECB3904D3F77D3136F47AF, 3316A7737DDE3F6B7E161C992D24043143BF7FCC8212709A08879BF7066F0E8F ] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
07:45:27.0869 0x1780  RtHDVCpl - ok
07:45:28.0276 0x1780  [ 51F760F54E2CBDE649B342DA35B713D2, EDE61A7F2D5C015404264521FD0578B18B079844B5BEC093D421E44BD87AB28E ] C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
07:45:28.0343 0x1780  NvBackend - ok
07:45:28.0551 0x1780  [ 882B5B999A71F56D5DF294D93AE1E7D1, 690B93C4A3E476595808EBDBE5CF620FC4A86D41FCD66023DE0DA7972F8941E4 ] C:\Program Files\Microsoft Security Client\msseces.exe
07:45:28.0598 0x1780  MSC - ok
07:45:28.0774 0x1780  [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
07:45:28.0803 0x1780  Adobe ARM - ok
07:45:28.0892 0x1780  [ 308F2EE28005510DE616409148CF077B, A2126CB185B0053086BDD6F0A16A503F6CA629AC677E4B7AE6D43C770061D087 ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
07:45:28.0909 0x1780  SunJavaUpdateSched - ok
07:45:28.0941 0x1780  [ 901AA7A38CE13F14B6BBEC38C0595698, 1E95F2048E2A1782807D52E9816ED267355718E24D01FF07ACE73D965EDE388A ] D:\Office\Office14\BCSSync.exe
07:45:29.0037 0x1780  BCSSync - ok
07:45:29.0054 0x1780  [ 51138BEEA3E2C21EC44D0932C71762A8, 5AD3C37E6F2B9DB3EE8B5AEEDC474645DE90C66E3D95F8620C48102F1EBA4124 ] C:\Windows\system32\rundll32.exe
07:45:29.0064 0x1780  ShadowPlay - ok
07:45:29.0197 0x1780  [ EA6EADF6314E43783BA8EEE79F93F73C, 1A4BC2D8DFBDC37AF85C73DEE76A6EE901EBA188D43856BD2FFA96B79A126F73 ] C:\Program Files\Windows Sidebar\Sidebar.exe
07:45:29.0242 0x1780  Sidebar - ok
07:45:29.0278 0x1780  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
07:45:29.0281 0x1780  mctadmin - ok
07:45:29.0321 0x1780  [ EA6EADF6314E43783BA8EEE79F93F73C, 1A4BC2D8DFBDC37AF85C73DEE76A6EE901EBA188D43856BD2FFA96B79A126F73 ] C:\Program Files\Windows Sidebar\Sidebar.exe
07:45:29.0344 0x1780  Sidebar - ok
07:45:29.0375 0x1780  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
07:45:29.0379 0x1780  mctadmin - ok
07:45:29.0711 0x1780  [ 98C1023CA1AF0B2DC85A55A59559B7EC, 2593EDB18789820AB4F20DD7DA5A43F38B7DABE9DC2FAF48765EB175C5B49D2C ] C:\Users\Mircea\AppData\Roaming\uTorrent\uTorrent.exe
07:45:29.0747 0x1780  uTorrent - ok
07:45:29.0754 0x1780  Waiting for KSN requests completion. In queue: 12
07:45:30.0754 0x1780  Waiting for KSN requests completion. In queue: 12
07:45:31.0754 0x1780  Waiting for KSN requests completion. In queue: 12
07:45:32.0782 0x1780  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.5.216.0 ), 0x61000 ( enabled : updated )
07:45:32.0811 0x1780  Win FW state via NFP2: enabled
07:45:35.0559 0x1780  ============================================================
07:45:35.0559 0x1780  Scan finished
07:45:35.0559 0x1780  ============================================================
07:45:35.0570 0x1710  Detected object count: 1
07:45:35.0570 0x1710  Actual detected object count: 1
07:46:25.0271 0x1710  \Device\Harddisk0\DR0\Partition1 - copied to quarantine
07:46:25.0931 0x1710  \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - will be cured on reboot
07:46:25.0945 0x1710  \Device\Harddisk0\DR0\Partition1 - ok
07:46:25.0945 0x1710  \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - User select action: Cure
07:46:27.0151 0x1710  KLMD registered as C:\Windows\system32\drivers\19212190.sys
07:46:57.0080 0x0f60  Deinitialize success



#7 mirceamrc

mirceamrc
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:12:50 AM

Posted 27 August 2014 - 12:33 AM

Problem solved, IE no longer opens automatically in task manager, thanks for your time!



#8 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,770 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:01:50 PM

Posted 27 August 2014 - 07:52 PM

Good news :)

 

Couple more scans...

 

p22002970.gif Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe
Double click on TFC.exe to run the program.
Click on Start button to begin cleaning process.
TFC will close all running programs, and it may ask you to restart computer.

p22002970.gif Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.


p22002970.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.


p22002970.gif Please run a free online scan with the ESET Online Scanner.

  • Disable your antivirus program
  • Internet Explorer users - Click on this link to open ESET OnlineScan.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on ESET Smart Installer to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Check "Enable detection of potentially unwanted applications".
  • Click Advanced settings and make sure all 4 boxes are checkmarked (two of them are already checkmarked by default).
    Do NOT checkmark "Use custom proxy settings"
  • Click the Start button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.


My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users