Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with Alureon.J


  • This topic is locked This topic is locked
4 replies to this topic

#1 GinAndRamune

GinAndRamune

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:05:24 PM

Posted 12 September 2014 - 08:30 PM

Microsoft Security Essentials repeatedly notifies me of detecting Alureon.J and removing it.  I used TDSSKiller multiple times, and every time except once nothing was detected.  On the one time things were detected, an MSE notification stating that threats were detected and removed appeared on the screen; when I looked at the history, a series of about 5 different Alureons with different letters were removed.  

 

Attached are my DDS logs.

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.17280
Run by Tom Collins at 20:19:24 on 2014-09-12
Microsoft Windows 7 Professional   6.1.7601.1.1252.1.1033.18.16278.13821 [GMT -5:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
SP: Microsoft Security Essentials *Enabled/Updated* {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Logitech Gaming Software\LCore.exe
C:\Program Files\Logitech\Gaming Software\LWEMon.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Users\Tom Collins\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Windows\system32\sppsvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Users\Tom Collins\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Tom Collins\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Tom Collins\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Tom Collins\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Tom Collins\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
uRun: [F.lux] "C:\Users\Tom Collins\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
uRun: [KSS] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe" /autorun
mRun: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files (x86)\Fiddler2\Fiddler.exe"
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{07D576E5-09F8-4DCD-826F-F0A45AF4266E} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{777098AE-03F1-4F5A-827F-42CF7960C173} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{CEB413A7-A450-49ED-957D-874FB77027D9} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{CEB413A7-A450-49ED-957D-874FB77027D9}\34F6C6C696E637 : DHCPNameServer = 192.168.2.1 192.168.2.1
TCP: Interfaces\{DFDBB903-1EE4-479D-BE1E-E017DB5D2335} : DHCPNameServer = 131.204.41.6 131.204.41.3 131.204.110.12
SSODL: WebCheck - <orphaned>
x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
x64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
x64-Run: [ShadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Run: [IgfxTray] "C:\Windows\System32\igfxtray.exe"
x64-Run: [HotKeysCmds] "C:\Windows\System32\hkcmd.exe"
x64-Run: [Persistence] "C:\Windows\System32\igfxpers.exe"
x64-Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
x64-Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
x64-IE: {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files (x86)\Fiddler2\Fiddler.exe"
x64-Notify: igfxcui - igfxdev.dll
x64-Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Tom Collins\AppData\Roaming\Mozilla\Firefox\Profiles\lwst3xau.default\
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Users\Tom Collins\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll
FF - plugin: C:\Windows\System32\Wat\npWatWeb.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1165635.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2014-7-17 269008]
R0 SCMNdisP;General NDIS Protocol Driver;C:\Windows\System32\drivers\SCMNdisP.sys [2012-7-14 25312]
R1 AsrAppCharger;AsrAppCharger;C:\Windows\System32\drivers\AsrAppCharger.sys [2012-7-14 15368]
R1 FNETURPX;FNETURPX;C:\Windows\System32\drivers\FNETURPX.SYS [2012-7-14 15936]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
R2 KSS;Kaspersky Security Scan Service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [2014-2-21 202080]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2012-3-20 125584]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-1-2 1618888]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-12-30 21009352]
R2 PassThru Service;Internet Pass-Through Service;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2013-10-17 166912]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-11-11 414496]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-7-14 2656280]
R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2011-3-4 126952]
R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2011-3-4 390632]
R3 FNETTBOH_305;FNETTBOH_305;C:\Windows\System32\drivers\FNETTBOH_305.SYS [2012-7-14 31808]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2012-7-14 317440]
R3 ISCT;Intel® Smart Connect Technology Device Driver;C:\Windows\System32\drivers\ISCTD64.sys [2013-1-19 46568]
R3 LADF_CaptureOnly;LADF Capture Filter Driver;C:\Windows\System32\drivers\ladfGSCamd64.sys [2013-4-15 410008]
R3 LADF_RenderOnly;LADF Render Filter Driver;C:\Windows\System32\drivers\ladfGSRamd64.sys [2013-4-15 102808]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\Windows\System32\drivers\LGBusEnum.sys [2009-11-23 22408]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\Windows\System32\drivers\LGVirHid.sys [2009-11-23 16008]
R3 MBfilt;MBfilt;C:\Windows\System32\drivers\MBfilt64.sys [2012-7-14 32344]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-8-22 368624]
R3 NvStreamKms;NvStreamKms;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-5-27 19744]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2014-5-27 40392]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-7-14 471144]
R3 rzjstk;Razer Virtual Joystick Driver;C:\Windows\System32\drivers\rzjstk.sys [2014-5-19 27816]
R3 rzkeypadendpt;Razer Keypad Endpoint;C:\Windows\System32\drivers\rzkeypadendpt.sys [2014-5-19 32936]
R3 rzudd;Razer Mouse Driver;C:\Windows\System32\drivers\rzudd.sys [2014-5-19 155816]
R3 VirtuWDDM;VirtuWDDM;C:\Windows\System32\drivers\VirtuWDDM.sys [2012-7-14 66336]
R3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
S2 HTCMonitorService;HTCMonitorService;C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [2014-4-2 87368]
S2 RzWizardService;Razer Wizard Service;C:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe [2014-5-20 367616]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-4-3 315008]
S2 WSWNA3100;WSWNA3100;C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe [2012-7-14 285152]
S3 BCMH43XX;Broadcom 802.11 USB Network Adapter Driver;C:\Windows\System32\drivers\bcmwlhigh664.sys [2011-4-19 1254464]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2013-8-20 103576]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 htcnprot;HTC NDIS Protocol Driver;C:\Windows\System32\drivers\htcnprot.sys [2013-10-17 36928]
S3 HtcVCom32;HTC Diagnostic Port;C:\Windows\System32\drivers\HtcVComV64.sys [2010-3-8 121800]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-9-11 111616]
S3 pwdrvio;pwdrvio;C:\Windows\System32\pwdrvio.sys [2014-9-12 19152]
S3 pwdspio;pwdspio;C:\Windows\System32\pwdspio.sys [2014-9-12 12504]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2014-1-21 19456]
S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;C:\Windows\System32\drivers\RTL8192su.sys [2010-11-25 694888]
S3 rzjoystk;Razer VJoystick;C:\Windows\System32\drivers\rzjoystk.sys [2011-3-24 19968]
S3 RzSynapse;Razer Driver;C:\Windows\System32\drivers\RzSynapse.sys [2011-7-14 157184]
S3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2013-8-20 204568]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-1-21 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2014-1-21 30208]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-7-16 1255736]
S3 WsAudio_DeviceS(1);WsAudio_DeviceS(1);C:\Windows\System32\drivers\WsAudio_DeviceS(1).sys [2012-7-23 29288]
S3 WsAudio_DeviceS(2);WsAudio_DeviceS(2);C:\Windows\System32\drivers\WsAudio_DeviceS(2).sys [2012-7-23 29288]
S4 RosettaStoneLtdController;RosettaStoneLtdController;C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneLtdController.exe [2008-9-16 352312]
.
=============== Created Last 30 ================
.
2014-09-13 01:14:21 75888 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{279C3F8E-5F1A-44A6-882B-BF5CEABFED05}\offreg.dll
2014-09-13 00:58:52 3050808 ----a-w- C:\Windows\System32\pwNative.exe
2014-09-13 00:58:51 19152 ------w- C:\Windows\System32\pwdrvio.sys
2014-09-13 00:58:51 12504 ------w- C:\Windows\System32\pwdspio.sys
2014-09-13 00:58:41 -------- d-----w- C:\Program Files (x86)\MiniTool Partition Wizard Home Edition 8.1.1
2014-09-13 00:49:14 -------- d-----w- C:\ProgramData\Kaspersky Lab
2014-09-13 00:49:14 -------- d-----w- C:\Program Files (x86)\Kaspersky Lab
2014-09-12 23:49:28 11319192 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{279C3F8E-5F1A-44A6-882B-BF5CEABFED05}\mpengine.dll
2014-09-12 23:41:10 -------- d-sh--w- C:\$RECYCLE.BIN
2014-09-12 23:28:48 98816 ----a-w- C:\Windows\sed.exe
2014-09-12 23:28:48 256000 ----a-w- C:\Windows\PEV.exe
2014-09-12 23:28:48 208896 ----a-w- C:\Windows\MBR.exe
2014-09-12 23:15:01 -------- d-----w- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-09-12 23:09:26 33512 ----a-w- C:\Windows\SysWow64\drivers\TrueSight.sys
2014-09-12 23:09:24 -------- d-----w- C:\ProgramData\RogueKiller
2014-09-12 22:01:26 536576 ----a-w- C:\Windows\SysWow64\sqlite3.dll
2014-09-12 22:01:05 -------- d-----w- C:\AdwCleaner
2014-09-12 01:20:50 2777088 ----a-w- C:\Windows\System32\msmpeg2vdec.dll
2014-09-12 01:20:50 2285056 ----a-w- C:\Windows\SysWow64\msmpeg2vdec.dll
2014-09-11 22:45:55 1031168 ----a-w- C:\Windows\System32\TSWorkspace.dll
2014-09-11 22:45:54 793600 ----a-w- C:\Windows\SysWow64\TSWorkspace.dll
2014-09-11 22:45:44 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
2014-09-11 22:45:44 1987584 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2014-09-11 22:45:24 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-09-11 22:45:24 728064 ----a-w- C:\Windows\System32\kerberos.dll
2014-09-11 22:45:24 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
2014-09-11 22:45:24 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-09-11 22:45:24 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-09-11 22:45:17 578048 ----a-w- C:\Windows\System32\aepdu.dll
2014-09-11 22:45:17 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-09-09 23:11:07 11319192 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-09-02 22:51:04 1169712 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0E957F4B-DAB9-483B-9B4C-84384C1A0F6D}\gapaengine.dll
2014-08-27 23:00:29 404480 ----a-w- C:\Windows\System32\gdi32.dll
2014-08-27 23:00:29 3163648 ----a-w- C:\Windows\System32\win32k.sys
2014-08-27 23:00:29 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
2014-08-22 22:23:13 2620928 ----a-w- C:\Windows\System32\wucltux.dll
2014-08-22 22:22:59 97792 ----a-w- C:\Windows\System32\wudriver.dll
2014-08-22 22:22:59 92672 ----a-w- C:\Windows\SysWow64\wudriver.dll
2014-08-22 22:22:39 36864 ----a-w- C:\Windows\System32\wuapp.exe
2014-08-22 22:22:39 33792 ----a-w- C:\Windows\SysWow64\wuapp.exe
2014-08-22 22:22:39 198600 ----a-w- C:\Windows\System32\wuwebv.dll
2014-08-22 22:22:39 179656 ----a-w- C:\Windows\SysWow64\wuwebv.dll
.
==================== Find3M  ====================
.
2014-09-12 23:26:18 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-09-12 23:14:35 92888 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-08-18 22:29:49 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-08-18 22:29:35 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-08-18 22:19:53 5833728 ----a-w- C:\Windows\System32\jscript9.dll
2014-08-18 22:15:34 547328 ----a-w- C:\Windows\System32\vbscript.dll
2014-08-18 22:15:09 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-08-18 22:14:38 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-08-18 22:14:10 83968 ----a-w- C:\Windows\System32\MshtmlDac.dll
2014-08-18 22:08:55 4232704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-08-18 22:03:47 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-08-18 22:03:37 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-08-18 22:03:01 758272 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-08-18 21:57:44 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-08-18 21:56:17 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-08-18 21:46:26 454656 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-08-18 21:45:23 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-08-18 21:45:12 72704 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-08-18 21:44:44 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-08-18 21:44:09 61952 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2014-08-18 21:36:07 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-08-18 21:35:24 597504 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-08-18 21:23:17 2104832 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-08-18 21:23:16 1249280 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2014-08-18 21:22:48 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-08-18 21:15:13 2310656 ----a-w- C:\Windows\System32\wininet.dll
2014-08-18 21:08:54 2014208 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-08-18 21:07:44 1068032 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2014-08-18 20:46:48 1812992 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-07-25 07:35:46 875688 ----a-w- C:\Windows\SysWow64\msvcr120_clr0400.dll
2014-07-25 04:47:06 869544 ----a-w- C:\Windows\System32\msvcr120_clr0400.dll
2014-07-17 23:05:06 269008 ----a-w- C:\Windows\System32\drivers\MpFilter.sys
2014-07-17 23:05:06 125584 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys
2014-07-16 03:23:41 2048 ----a-w- C:\Windows\System32\tzres.dll
2014-07-16 02:46:02 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2014-07-14 02:02:45 1216000 ----a-w- C:\Windows\System32\rpcrt4.dll
2014-07-14 01:40:58 664064 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2014-07-09 02:03:23 7168 ----a-w- C:\Windows\System32\KBDYAK.DLL
2014-07-09 02:03:22 7168 ----a-w- C:\Windows\System32\KBDBASH.DLL
2014-07-09 01:31:42 7168 ----a-w- C:\Windows\SysWow64\KBDYAK.DLL
2014-07-09 01:31:41 6656 ----a-w- C:\Windows\SysWow64\KBDBASH.DLL
2014-06-30 22:24:50 8856 ----a-w- C:\Windows\System32\icardres.dll
2014-06-30 22:14:53 8856 ----a-w- C:\Windows\SysWow64\icardres.dll
2014-06-18 02:18:30 692736 ----a-w- C:\Windows\System32\osk.exe
2014-06-18 01:51:32 646144 ----a-w- C:\Windows\SysWow64\osk.exe
2014-06-16 02:10:19 985536 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2009-02-13 16:02:52 80896 ----a-w- C:\Program Files\devcon_amd64.exe
.
============= FINISH: 20:20:49.04 ===============
DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.17280
Run by Tom Collins at 20:19:24 on 2014-09-12
Microsoft Windows 7 Professional   6.1.7601.1.1252.1.1033.18.16278.13821 [GMT -5:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
SP: Microsoft Security Essentials *Enabled/Updated* {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Logitech Gaming Software\LCore.exe
C:\Program Files\Logitech\Gaming Software\LWEMon.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Users\Tom Collins\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Windows\system32\sppsvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Users\Tom Collins\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Tom Collins\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Tom Collins\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Tom Collins\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Tom Collins\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
uRun: [F.lux] "C:\Users\Tom Collins\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
uRun: [KSS] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe" /autorun
mRun: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files (x86)\Fiddler2\Fiddler.exe"
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{07D576E5-09F8-4DCD-826F-F0A45AF4266E} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{777098AE-03F1-4F5A-827F-42CF7960C173} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{CEB413A7-A450-49ED-957D-874FB77027D9} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{CEB413A7-A450-49ED-957D-874FB77027D9}\34F6C6C696E637 : DHCPNameServer = 192.168.2.1 192.168.2.1
TCP: Interfaces\{DFDBB903-1EE4-479D-BE1E-E017DB5D2335} : DHCPNameServer = 131.204.41.6 131.204.41.3 131.204.110.12
SSODL: WebCheck - <orphaned>
x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
x64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
x64-Run: [ShadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Run: [IgfxTray] "C:\Windows\System32\igfxtray.exe"
x64-Run: [HotKeysCmds] "C:\Windows\System32\hkcmd.exe"
x64-Run: [Persistence] "C:\Windows\System32\igfxpers.exe"
x64-Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
x64-Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
x64-IE: {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files (x86)\Fiddler2\Fiddler.exe"
x64-Notify: igfxcui - igfxdev.dll
x64-Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Tom Collins\AppData\Roaming\Mozilla\Firefox\Profiles\lwst3xau.default\
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Users\Tom Collins\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll
FF - plugin: C:\Windows\System32\Wat\npWatWeb.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1165635.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2014-7-17 269008]
R0 SCMNdisP;General NDIS Protocol Driver;C:\Windows\System32\drivers\SCMNdisP.sys [2012-7-14 25312]
R1 AsrAppCharger;AsrAppCharger;C:\Windows\System32\drivers\AsrAppCharger.sys [2012-7-14 15368]
R1 FNETURPX;FNETURPX;C:\Windows\System32\drivers\FNETURPX.SYS [2012-7-14 15936]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
R2 KSS;Kaspersky Security Scan Service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [2014-2-21 202080]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2012-3-20 125584]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-1-2 1618888]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-12-30 21009352]
R2 PassThru Service;Internet Pass-Through Service;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2013-10-17 166912]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-11-11 414496]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-7-14 2656280]
R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2011-3-4 126952]
R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2011-3-4 390632]
R3 FNETTBOH_305;FNETTBOH_305;C:\Windows\System32\drivers\FNETTBOH_305.SYS [2012-7-14 31808]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2012-7-14 317440]
R3 ISCT;Intel® Smart Connect Technology Device Driver;C:\Windows\System32\drivers\ISCTD64.sys [2013-1-19 46568]
R3 LADF_CaptureOnly;LADF Capture Filter Driver;C:\Windows\System32\drivers\ladfGSCamd64.sys [2013-4-15 410008]
R3 LADF_RenderOnly;LADF Render Filter Driver;C:\Windows\System32\drivers\ladfGSRamd64.sys [2013-4-15 102808]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\Windows\System32\drivers\LGBusEnum.sys [2009-11-23 22408]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\Windows\System32\drivers\LGVirHid.sys [2009-11-23 16008]
R3 MBfilt;MBfilt;C:\Windows\System32\drivers\MBfilt64.sys [2012-7-14 32344]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-8-22 368624]
R3 NvStreamKms;NvStreamKms;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-5-27 19744]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2014-5-27 40392]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-7-14 471144]
R3 rzjstk;Razer Virtual Joystick Driver;C:\Windows\System32\drivers\rzjstk.sys [2014-5-19 27816]
R3 rzkeypadendpt;Razer Keypad Endpoint;C:\Windows\System32\drivers\rzkeypadendpt.sys [2014-5-19 32936]
R3 rzudd;Razer Mouse Driver;C:\Windows\System32\drivers\rzudd.sys [2014-5-19 155816]
R3 VirtuWDDM;VirtuWDDM;C:\Windows\System32\drivers\VirtuWDDM.sys [2012-7-14 66336]
R3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
S2 HTCMonitorService;HTCMonitorService;C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [2014-4-2 87368]
S2 RzWizardService;Razer Wizard Service;C:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe [2014-5-20 367616]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-4-3 315008]
S2 WSWNA3100;WSWNA3100;C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe [2012-7-14 285152]
S3 BCMH43XX;Broadcom 802.11 USB Network Adapter Driver;C:\Windows\System32\drivers\bcmwlhigh664.sys [2011-4-19 1254464]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2013-8-20 103576]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 htcnprot;HTC NDIS Protocol Driver;C:\Windows\System32\drivers\htcnprot.sys [2013-10-17 36928]
S3 HtcVCom32;HTC Diagnostic Port;C:\Windows\System32\drivers\HtcVComV64.sys [2010-3-8 121800]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-9-11 111616]
S3 pwdrvio;pwdrvio;C:\Windows\System32\pwdrvio.sys [2014-9-12 19152]
S3 pwdspio;pwdspio;C:\Windows\System32\pwdspio.sys [2014-9-12 12504]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2014-1-21 19456]
S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;C:\Windows\System32\drivers\RTL8192su.sys [2010-11-25 694888]
S3 rzjoystk;Razer VJoystick;C:\Windows\System32\drivers\rzjoystk.sys [2011-3-24 19968]
S3 RzSynapse;Razer Driver;C:\Windows\System32\drivers\RzSynapse.sys [2011-7-14 157184]
S3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2013-8-20 204568]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-1-21 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2014-1-21 30208]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-7-16 1255736]
S3 WsAudio_DeviceS(1);WsAudio_DeviceS(1);C:\Windows\System32\drivers\WsAudio_DeviceS(1).sys [2012-7-23 29288]
S3 WsAudio_DeviceS(2);WsAudio_DeviceS(2);C:\Windows\System32\drivers\WsAudio_DeviceS(2).sys [2012-7-23 29288]
S4 RosettaStoneLtdController;RosettaStoneLtdController;C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneLtdController.exe [2008-9-16 352312]
.
=============== Created Last 30 ================
.
2014-09-13 01:14:21 75888 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{279C3F8E-5F1A-44A6-882B-BF5CEABFED05}\offreg.dll
2014-09-13 00:58:52 3050808 ----a-w- C:\Windows\System32\pwNative.exe
2014-09-13 00:58:51 19152 ------w- C:\Windows\System32\pwdrvio.sys
2014-09-13 00:58:51 12504 ------w- C:\Windows\System32\pwdspio.sys
2014-09-13 00:58:41 -------- d-----w- C:\Program Files (x86)\MiniTool Partition Wizard Home Edition 8.1.1
2014-09-13 00:49:14 -------- d-----w- C:\ProgramData\Kaspersky Lab
2014-09-13 00:49:14 -------- d-----w- C:\Program Files (x86)\Kaspersky Lab
2014-09-12 23:49:28 11319192 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{279C3F8E-5F1A-44A6-882B-BF5CEABFED05}\mpengine.dll
2014-09-12 23:41:10 -------- d-sh--w- C:\$RECYCLE.BIN
2014-09-12 23:28:48 98816 ----a-w- C:\Windows\sed.exe
2014-09-12 23:28:48 256000 ----a-w- C:\Windows\PEV.exe
2014-09-12 23:28:48 208896 ----a-w- C:\Windows\MBR.exe
2014-09-12 23:15:01 -------- d-----w- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-09-12 23:09:26 33512 ----a-w- C:\Windows\SysWow64\drivers\TrueSight.sys
2014-09-12 23:09:24 -------- d-----w- C:\ProgramData\RogueKiller
2014-09-12 22:01:26 536576 ----a-w- C:\Windows\SysWow64\sqlite3.dll
2014-09-12 22:01:05 -------- d-----w- C:\AdwCleaner
2014-09-12 01:20:50 2777088 ----a-w- C:\Windows\System32\msmpeg2vdec.dll
2014-09-12 01:20:50 2285056 ----a-w- C:\Windows\SysWow64\msmpeg2vdec.dll
2014-09-11 22:45:55 1031168 ----a-w- C:\Windows\System32\TSWorkspace.dll
2014-09-11 22:45:54 793600 ----a-w- C:\Windows\SysWow64\TSWorkspace.dll
2014-09-11 22:45:44 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
2014-09-11 22:45:44 1987584 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2014-09-11 22:45:24 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-09-11 22:45:24 728064 ----a-w- C:\Windows\System32\kerberos.dll
2014-09-11 22:45:24 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
2014-09-11 22:45:24 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-09-11 22:45:24 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-09-11 22:45:17 578048 ----a-w- C:\Windows\System32\aepdu.dll
2014-09-11 22:45:17 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-09-09 23:11:07 11319192 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-09-02 22:51:04 1169712 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0E957F4B-DAB9-483B-9B4C-84384C1A0F6D}\gapaengine.dll
2014-08-27 23:00:29 404480 ----a-w- C:\Windows\System32\gdi32.dll
2014-08-27 23:00:29 3163648 ----a-w- C:\Windows\System32\win32k.sys
2014-08-27 23:00:29 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
2014-08-22 22:23:13 2620928 ----a-w- C:\Windows\System32\wucltux.dll
2014-08-22 22:22:59 97792 ----a-w- C:\Windows\System32\wudriver.dll
2014-08-22 22:22:59 92672 ----a-w- C:\Windows\SysWow64\wudriver.dll
2014-08-22 22:22:39 36864 ----a-w- C:\Windows\System32\wuapp.exe
2014-08-22 22:22:39 33792 ----a-w- C:\Windows\SysWow64\wuapp.exe
2014-08-22 22:22:39 198600 ----a-w- C:\Windows\System32\wuwebv.dll
2014-08-22 22:22:39 179656 ----a-w- C:\Windows\SysWow64\wuwebv.dll
.
==================== Find3M  ====================
.
2014-09-12 23:26:18 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-09-12 23:14:35 92888 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-08-18 22:29:49 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-08-18 22:29:35 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-08-18 22:19:53 5833728 ----a-w- C:\Windows\System32\jscript9.dll
2014-08-18 22:15:34 547328 ----a-w- C:\Windows\System32\vbscript.dll
2014-08-18 22:15:09 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-08-18 22:14:38 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-08-18 22:14:10 83968 ----a-w- C:\Windows\System32\MshtmlDac.dll
2014-08-18 22:08:55 4232704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-08-18 22:03:47 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-08-18 22:03:37 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-08-18 22:03:01 758272 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-08-18 21:57:44 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-08-18 21:56:17 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-08-18 21:46:26 454656 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-08-18 21:45:23 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-08-18 21:45:12 72704 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-08-18 21:44:44 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-08-18 21:44:09 61952 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2014-08-18 21:36:07 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-08-18 21:35:24 597504 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-08-18 21:23:17 2104832 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-08-18 21:23:16 1249280 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2014-08-18 21:22:48 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-08-18 21:15:13 2310656 ----a-w- C:\Windows\System32\wininet.dll
2014-08-18 21:08:54 2014208 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-08-18 21:07:44 1068032 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2014-08-18 20:46:48 1812992 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-07-25 07:35:46 875688 ----a-w- C:\Windows\SysWow64\msvcr120_clr0400.dll
2014-07-25 04:47:06 869544 ----a-w- C:\Windows\System32\msvcr120_clr0400.dll
2014-07-17 23:05:06 269008 ----a-w- C:\Windows\System32\drivers\MpFilter.sys
2014-07-17 23:05:06 125584 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys
2014-07-16 03:23:41 2048 ----a-w- C:\Windows\System32\tzres.dll
2014-07-16 02:46:02 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2014-07-14 02:02:45 1216000 ----a-w- C:\Windows\System32\rpcrt4.dll
2014-07-14 01:40:58 664064 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2014-07-09 02:03:23 7168 ----a-w- C:\Windows\System32\KBDYAK.DLL
2014-07-09 02:03:22 7168 ----a-w- C:\Windows\System32\KBDBASH.DLL
2014-07-09 01:31:42 7168 ----a-w- C:\Windows\SysWow64\KBDYAK.DLL
2014-07-09 01:31:41 6656 ----a-w- C:\Windows\SysWow64\KBDBASH.DLL
2014-06-30 22:24:50 8856 ----a-w- C:\Windows\System32\icardres.dll
2014-06-30 22:14:53 8856 ----a-w- C:\Windows\SysWow64\icardres.dll
2014-06-18 02:18:30 692736 ----a-w- C:\Windows\System32\osk.exe
2014-06-18 01:51:32 646144 ----a-w- C:\Windows\SysWow64\osk.exe
2014-06-16 02:10:19 985536 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2009-02-13 16:02:52 80896 ----a-w- C:\Program Files\devcon_amd64.exe
.
============= FINISH: 20:20:49.04 ===============
 
 
 
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Professional 
Boot Device: \Device\HarddiskVolume2
Install Date: 7/14/2012 1:13:35 PM
System Uptime: 9/12/2014 8:11:51 PM (0 hours ago)
.
Motherboard: ASRock |  | Z68 Extreme3 Gen3
Processor: Intel® Core™ i5-2500K CPU @ 3.30GHz | CPUSocket | 3168/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 298 GiB total, 45.587 GiB free.
D: is CDROM ()
F: is FIXED (NTFS) - 2794 GiB total, 1372.325 GiB free.
T: is FIXED (NTFS) - 932 GiB total, 505.529 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {36fc9e60-c465-11cf-8056-444553540000}
Description: Unknown Device
Device ID: USB\VID_0000&PID_0000\6&3B069A8E&0&5
Manufacturer: (Standard USB Host Controller)
Name: Unknown Device
PNP Device ID: USB\VID_0000&PID_0000\6&3B069A8E&0&5
Service: 
.
==== System Restore Points ===================
.
RP357: 9/6/2014 9:38:48 AM - Windows Update
RP358: 9/9/2014 6:09:25 PM - Windows Update
RP359: 9/11/2014 8:20:06 PM - Windows Update
.
==== Installed Programs ======================
.
µTorrent
A Game of Thrones version 0.6.2
A.R.E.S.
AaaaaAAaaaAAAaaAAAAaAAAAA!!! for the Awesome
Adobe Flash Player 10 Plugin
Adobe Reader X (10.1.3)
Adobe Shockwave Player 11.6
Alan Wake
Alien Breed 2: Assault
Alien Breed 3: Descent
Alien Breed: Impact
Alien Swarm
Alien Zombie Megadeath
Amnesia: The Dark Descent
And Yet It Moves
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Armada Online Alpha
Asmedia ASM104x USB 3.0 Host Controller Driver
ASRock App Charger v1.0.4
ASRock eXtreme Tuner v0.1.110
ASRock InstantBoot v1.29
Astro Tripper
Atom Zombie Smasher 
Audacity 2.0
Audiosurf
Back to the Future: Ep 1 - It's About Time
Back to the Future: Ep 2 - Get Tannen!
Back to the Future: Ep 3 - Citizen Brown
Back to the Future: Ep 4 - Double Visions
Back to the Future: Ep 5 - OUTATIME
Bastion
Batman: Arkham Asylum GOTY Edition
Batman: Arkham City GOTY
Beat Hazard
Ben There, Dan That!
BIT.TRIP RUNNER
Blackwell Convergence
Blackwell Unbound
Blade Symphony
Blocks That Matter
Bonjour
Borderlands
BOSS
Braid
BRAINPIPE: A Plunge to Unhumanity
Breath of Death VII 
Burnout Paradise: The Ultimate Box
Cave Story+
CBR Reader
CDDRV_Installer
Character Writer 3.1.0
Cogs
Command & Conquer 3
Command & Conquer The First Decade
Command & Conquer™ 3: Kane's Wrath
Company of Heroes: Opposing Fronts
Company of Heroes: Tales of Valor
Containment: The Zombie Puzzler
Contraption Maker
Cosmic Osmo
Counter-Strike: Global Offensive
Counter-Strike: Source
Crayon Physics Deluxe
Crusader Kings II
Crysis 2 Maximum Edition
Cthulhu Saves the World 
Darksiders
Darksiders II
Data Jammers: FastForward
Dead Space
Defense Grid: The Awakening
Dino D-Day
Dragon Nest
Dual-Core Optimizer
Dungeon Defenders
Dungeons of Dredmor
Eets
erLT
Eufloria
EVGA Precision 2.0.4
F.E.A.R.
F.E.A.R. 2: Project Origin
F.E.A.R. 3
F.E.A.R.: Extraction Point
F.E.A.R.: Perseus Mandate
f.lux
Fable - The Lost Chapters
Faerie Solitaire
Fallout
Fallout 2
Fallout Tactics
Fallout: New Vegas
Fate of the World
FFmpeg v0.6.2 for Audacity
Fiddler
Firefall
foobar2000 v1.1.13
Fraps (remove only)
Free Video Call Recorder for Skype version 1.2.6.1125
FTL: Faster Than Light
Garry's Mod
Gemini Rue
GIMP 2.8.10
Google Chrome
Gotham City Impostors: Free To Play
Gratuitous Space Battles
Guacamelee! Gold Edition
Guardians of Middle-earth
Hack, Slash, Loot
Half-Life 2: Deathmatch
Half-Life 2: Lost Coast
Hammerfight
Hi-Rez Studios Authenticate and Update Service
Hotline Miami
HTC Driver Installer
HTC Sync Manager
ImgBurn
Infinity Wars - Animated Trading Card Game
Inkscape 0.48.2
Intel® Control Center
Intel® Management Engine Components
Intel® Processor Graphics
IPTInstaller
iTunes
Jamestown
Java Auto Updater
Java™ 6 Update 35
Java™ 7 Update 5 (64-bit)
Jolly Rover
Kaspersky Security Scan
Kerbal Space Program
KhalInstallWrapper
Killing Floor
LAME v3.99.3 (for Windows)
League of Legends
Left 4 Dead
Left 4 Dead 2
LIMBO
Logitech Gaming Software
Logitech Gaming Software 5.10
Logitech Gaming Software 8.52
Logitech SetPoint
LOLReplay
Lunia
Malwarebytes Anti-Malware version 2.0.2.1012
MechWarrior Online
Medal of Honor™ Single Player
MediaMonkey 4.0
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170)
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Security Client
Microsoft Security Essentials
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
Microsoft Windows Application Compatibility Database
Microsoft WSE 3.0 Runtime
Microsoft XNA Framework Redistributable 3.1
MiniTool Partition Wizard Home Edition 8.1.1
Mirror's Edge
Morrowind
Morrowind Script Extender 0.9.4.1
Mozilla Firefox 31.0 (x86 en-US)
Mozilla Maintenance Service
Mozilla Thunderbird 13.0.1 (x86 en-US)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NETGEAR WNA3100 wireless USB 2.0 adapter
Nexus Mod Manager
NVIDIA 3D Vision Controller Driver 331.82
NVIDIA 3D Vision Driver 331.82
NVIDIA Control Panel 331.82
NVIDIA GeForce Experience 2.0.1
NVIDIA Graphics Driver 331.82
NVIDIA HD Audio Driver 1.3.26.4
NVIDIA Install Application
NVIDIA LED Visualizer 1.0
NVIDIA Network Service
NVIDIA PhysX
NVIDIA ShadowPlay 12.4.67
NVIDIA Stereoscopic 3D Driver
NVIDIA Update 12.4.67
NVIDIA Update Core
NVIDIA Virtual Audio 1.2.23
Oddworld: Stranger's Wrath HD
OpenAL
OpenOffice.org 3.4
Osmos
Outlast
PAYDAY 2
PAYDAY: The Heist
Picasa 3
Pinball FX2
Pool Nation
Portal
PowerISO
Project64 1.6
PunkBuster Services
Python 2.7.5 (64-bit)
R for Windows 3.0.2
Razer Synapse 2.0
Realm of the Mad God
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Red Faction: Armageddon
RollerCoaster Tycoon 2 Triple Thrill Pack
Rosetta Stone Ltd Services
Rosetta Stone Version 3
Runespell: Overture
Saints Row: The Third
Scribblenauts Unlimited
Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972216)
Serious Sam 2
Serious Sam 3 Bonus Content
Serious Sam 3: BFE
Serious Sam Classics: Revolution
Serious Sam HD: The First Encounter
Serious Sam HD: The Second Encounter
SES Driver
Shank
SHIELD Streaming
Sid Meier's Civilization V
Sins of a Solar Empire: Rebellion
Skype™ 6.18
Sniper Elite V2
Star Wars - Jedi Knight II: Jedi Outcast
Star Wars - Jedi Knight: Mysteries of the Sith
Star Wars Jedi Knight: Dark Forces II
Star Wars Jedi Knight: Jedi Academy
Star Wars: Dark Forces
Star Wars: Knights of the Old Republic
Star Wars: Knights of the Old Republic II
Starbound
State of Decay
Steam
Streets of SimCity
Strongvault Online Backup
Super Meat Boy
Superfrog HD
swMSM
Team Fortress 2
TES Construction Set
The Binding of Isaac
The Blackwell Legacy
The Elder Scrolls III: Morrowind
The Elder Scrolls IV: Oblivion 
The Elder Scrolls V: Skyrim
The Golf Club
The Lord of the Rings: War in the North
The Sims™ 3
The Sims™ 3 Ambitions
The Sims™ 3 Generations
The Sims™ 3 Late Night
The Sims™ 3 Pets
The Sims™ 3 World Adventures
The Walking Dead
The Witcher 2: Assassins of Kings Enhanced Edition
Torchlight II
TrackMania² Canyon
TrackMania² Stadium
TreeSize Free V2.7
Trine
TSLRCM 1.8.1
UDPixel.exe
Universe Sandbox
VIRTU 1.2.104
Viscera Cleanup Detail
Viscera Cleanup Detail: alpha v0.25
VLC media player 2.0.2
VVVVVV
Wasteland 1 - The Original Classic
Windows Driver Package - Western Digital Technologies (WDC_SAM) WDC_SAM  (03/06/2009 1.0.0008.0)
Windows Live ID Sign-in Assistant
Windows Mobile Device Updater Component
Windows XP Mode
WinRAR 4.20 (64-bit)
Wireshark 1.10.7 (64-bit)
Worms Armageddon
Worms Blast
Worms Crazy Golf
Worms Pinball
Worms Revolution
Worms Ultimate Mayhem
WriteItNow 407f
Wrye Bash
XCOM: Enemy Unknown
XFastUsb
Xiph.Org Open Codecs 0.85.17777
Zeno Clash
Zune
Zune Language Pack (CHS)
Zune Language Pack (CHT)
Zune Language Pack (CSY)
Zune Language Pack (DAN)
Zune Language Pack (DEU)
Zune Language Pack (ELL)
Zune Language Pack (ESP)
Zune Language Pack (FIN)
Zune Language Pack (FRA)
Zune Language Pack (HUN)
Zune Language Pack (IND)
Zune Language Pack (ITA)
Zune Language Pack (JPN)
Zune Language Pack (KOR)
Zune Language Pack (MSL)
Zune Language Pack (NLD)
Zune Language Pack (NOR)
Zune Language Pack (PLK)
Zune Language Pack (PTB)
Zune Language Pack (PTG)
Zune Language Pack (RUS)
Zune Language Pack (SVE)
.
==== Event Viewer Messages From Past Week ========
.
9/6/2014 4:23:22 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service.
9/12/2014 8:17:38 PM, Error: Service Control Manager [7034]  - The PnkBstrA service terminated unexpectedly.  It has done this 1 time(s).
9/12/2014 8:17:23 PM, Error: Service Control Manager [7034]  - The HTCMonitorService service terminated unexpectedly.  It has done this 1 time(s).
9/12/2014 8:13:32 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Razer Wizard Service service to connect.
9/12/2014 8:13:32 PM, Error: Service Control Manager [7000]  - The Razer Wizard Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
9/12/2014 8:12:58 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Kaspersky Security Scan Service service to connect.
9/12/2014 8:12:58 PM, Error: Service Control Manager [7000]  - The Kaspersky Security Scan Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
9/12/2014 7:33:37 PM, Error: Service Control Manager [7034]  - The NVIDIA Stereoscopic 3D Driver Service service terminated unexpectedly.  It has done this 1 time(s).
9/12/2014 6:41:47 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Skype Updater service to connect.
9/12/2014 6:39:38 PM, Error: Service Control Manager [7030]  - The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
9/12/2014 6:39:07 PM, Error: Service Control Manager [7001]  - The Computer Browser service depends on the Server service which failed to start because of the following error:  The dependency service or group failed to start.
9/12/2014 6:39:04 PM, Error: Application Popup [1060]  - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
9/12/2014 6:30:01 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service VSS with arguments "" in order to run the server: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623}
9/12/2014 6:29:02 PM, Error: Service Control Manager [7031]  - The Microsoft Antimalware Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 100 milliseconds: Restart the service.
9/12/2014 6:29:02 PM, Error: Microsoft Antimalware [3002]  - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed.   Feature: On Access   Error Code: 0x8007043c   Error description: This service cannot be started in Safe Mode    Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
9/12/2014 6:23:03 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 1.183.2231.0   Update Source: Microsoft Update Server   Update Stage: Search   Source Path: Default URL   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\SYSTEM   Current Engine Version:    Previous Engine Version: 1.1.10904.0   Error code: 0x8007043c   Error description: This service cannot be started in Safe Mode 
9/12/2014 6:23:03 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
9/12/2014 6:19:29 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service BITS with arguments "" in order to run the server: {4991D34B-80A1-4291-83B6-3328366B9097}
9/12/2014 6:06:57 PM, Error: Service Control Manager [7001]  - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:  The dependency service or group failed to start.
9/12/2014 6:06:57 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
9/12/2014 6:06:57 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
9/12/2014 6:06:45 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
9/12/2014 6:06:38 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
9/12/2014 6:06:32 PM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  AsrAppCharger discache MpFilter SCDEmu spldr vpcvmm Wanarpv6
9/12/2014 6:06:30 PM, Error: Service Control Manager [7001]  - The Microsoft Network Inspection System service depends on the Microsoft Malware Protection Driver service which failed to start because of the following error:  A device attached to the system is not functioning.
9/12/2014 6:06:25 PM, Error: Microsoft Antimalware [3002]  - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed.   Feature: On Access   Error Code: 0x8007043c   Error description: This service cannot be started in Safe Mode    Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
9/12/2014 5:29:21 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.183.2321.0).
9/12/2014 5:29:14 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 1.183.2231.0   Update Source: Microsoft Update Server   Update Stage: Install   Source Path: http://www.microsoft.com   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\SYSTEM   Current Engine Version:    Previous Engine Version: 1.1.10904.0   Error code: 0x80070643   Error description: Fatal error during installation. 
9/12/2014 5:16:17 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 1.183.2231.0   Update Source: Microsoft Update Server   Update Stage: Download   Source Path: http://www.microsoft.com   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\SYSTEM   Current Engine Version:    Previous Engine Version: 1.1.10904.0   Error code: 0x8024001e   Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 
9/12/2014 5:16:17 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 1.183.2231.0   Update Source: Microsoft Update Server   Update Stage: Download   Source Path: http://www.microsoft.com   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\SYSTEM   Current Engine Version:    Previous Engine Version: 1.1.10904.0   Error code: 0x8024001e   Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 
9/12/2014 3:52:42 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 1.183.2231.0   Update Source: Microsoft Update Server   Update Stage: Search   Source Path: Default URL   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\SYSTEM   Current Engine Version:    Previous Engine Version: 1.1.10904.0   Error code: 0x8007043c   Error description: This service cannot be started in Safe Mode 
9/12/2014 3:41:43 PM, Error: Microsoft Antimalware [3002]  - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed.   Feature: On Access   Error Code: 0x8007043c   Error description: This service cannot be started in Safe Mode    Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
9/12/2014 3:39:59 PM, Error: Microsoft Antimalware [3002]  - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed.   Feature: On Access   Error Code: 0x8007043c   Error description: This service cannot be started in Safe Mode    Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
9/12/2014 3:33:03 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 1.183.2231.0   Update Source: Microsoft Update Server   Update Stage: Install   Source Path: http://www.microsoft.com   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\SYSTEM   Current Engine Version:    Previous Engine Version: 1.1.10904.0   Error code: 0x8024001e   Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 
9/11/2014 10:02:43 PM, Error: Service Control Manager [7022]  - The Windows Update service hung on starting.
.
==== End Of File ===========================
 
 
 

 

Attached Files



BC AdBot (Login to Remove)

 


#2 GinAndRamune

GinAndRamune
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:05:24 PM

Posted 13 September 2014 - 12:49 PM

Additional Information: I ran RKill, TDSSKiller, Malware Bytes, and MSE this morning in Safe Mode without Networking, nothing was found from any of them.

 

I started my computer in normal mode, here's a summary of what happened.

 

12:35 - Logged on

         - MSE detects Alureon.J and quarantines it

         - The following error occurred: Error code 0x80508023. The program could not find the malware and other potentially unwanted software on this computer. 

 
            Category: Trojan
 
            Description: This program is dangerous and executes commands from an attacker.
 
            Recommended action: Remove this software immediately.
 
            Items: 
            boot:\Device\Harddisk1\DR1
       - I selected to remove the quarantined virus
12:38 - Started RKill - it took 4:49 to compete.
 
Rkill 2.6.8 by Lawrence Abrams (Grinler)
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 09/13/2014 12:38:03 PM in x64 mode.
Windows Version: Windows 7 Professional Service Pack 1
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * No malware processes found to kill.
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * No issues found.
 
Checking Windows Service Integrity: 
 
 * Windows Update (wuauserv) is not Running.
   Startup Type set to: Automatic (Delayed Start)
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * HOSTS file entries found: 
 
  127.0.0.1       localhost
 
Program finished at: 09/13/2014 12:42:53 PM
Execution time: 0 hours(s), 4 minute(s), and 49 seconds(s)
 
12:43 - I started TDSSKiller, Alureon.J was found by MSE and quarantined twice.  During the scan, at 12:44 and 12:45, Alureon.J was found and quarantined twice more.
 
12:45 - TDSSKiller ended, found nothing.
12:43:38.0945 0x11f8  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
12:43:41.0690 0x11f8  ============================================================
12:43:41.0690 0x11f8  Current date / time: 2014/09/13 12:43:41.0690
12:43:41.0690 0x11f8  SystemInfo:
12:43:41.0690 0x11f8  
12:43:41.0690 0x11f8  OS Version: 6.1.7601 ServicePack: 1.0
12:43:41.0690 0x11f8  Product type: Workstation
12:43:41.0690 0x11f8  ComputerName: COLLINS-PC-MKII
12:43:41.0690 0x11f8  UserName: Tom Collins
12:43:41.0690 0x11f8  Windows directory: C:\Windows
12:43:41.0690 0x11f8  System windows directory: C:\Windows
12:43:41.0690 0x11f8  Running under WOW64
12:43:41.0690 0x11f8  Processor architecture: Intel x64
12:43:41.0690 0x11f8  Number of processors: 4
12:43:41.0690 0x11f8  Page size: 0x1000
12:43:41.0690 0x11f8  Boot type: Normal boot
12:43:41.0690 0x11f8  ============================================================
12:43:50.0567 0x11f8  KLMD registered as C:\Windows\system32\drivers\00311315.sys
12:43:51.0159 0x11f8  System UUID: {6BE0CF95-FF3B-5624-B2C9-AC22F0EB46AF}
12:43:52.0173 0x11f8  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:43:52.0205 0x11f8  Drive \Device\Harddisk1\DR1 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:43:52.0236 0x11f8  Drive \Device\Harddisk2\DR2 - Size: 0x3D400000 ( 0.96 Gb ), SectorSize: 0x200, Cylinders: 0x7C, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:43:52.0236 0x11f8  Drive \Device\Harddisk3\DR3 - Size: 0x2BA9F400000 ( 2794.49 Gb ), SectorSize: 0x1000, Cylinders: 0xB21F, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:43:52.0236 0x11f8  ============================================================
12:43:52.0236 0x11f8  \Device\Harddisk0\DR0:
12:43:52.0236 0x11f8  MBR partitions:
12:43:52.0236 0x11f8  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
12:43:52.0236 0x11f8  \Device\Harddisk1\DR1:
12:43:52.0251 0x11f8  MBR partitions:
12:43:52.0251 0x11f8  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2542D800
12:43:52.0251 0x11f8  \Device\Harddisk2\DR2:
12:43:52.0251 0x11f8  MBR partitions:
12:43:52.0251 0x11f8  \Device\Harddisk2\DR2\Partition1: MBR, Type 0xB, StartLBA 0x80, BlocksNum 0x1E9F80
12:43:52.0251 0x11f8  \Device\Harddisk3\DR3:
12:43:52.0251 0x11f8  MBR partitions:
12:43:52.0251 0x11f8  \Device\Harddisk3\DR3\Partition1: MBR, Type 0x7, StartLBA 0x100, BlocksNum 0x2BA9F300
12:43:52.0251 0x11f8  ============================================================
12:43:52.0361 0x11f8  C: <-> \Device\Harddisk1\DR1\Partition1
12:43:52.0361 0x11f8  F: <-> \Device\Harddisk3\DR3\Partition1
12:43:52.0376 0x11f8  T: <-> \Device\Harddisk0\DR0\Partition1
12:43:52.0376 0x11f8  ============================================================
12:43:52.0376 0x11f8  Initialize success
12:43:52.0376 0x11f8  ============================================================
12:44:00.0894 0x03c0  ============================================================
12:44:00.0894 0x03c0  Scan started
12:44:00.0894 0x03c0  Mode: Manual; 
12:44:00.0894 0x03c0  ============================================================
12:44:00.0894 0x03c0  KSN ping started
12:44:04.0154 0x03c0  KSN ping finished: true
12:44:06.0759 0x03c0  ================ Scan system memory ========================
12:44:06.0759 0x03c0  System memory - ok
12:44:06.0759 0x03c0  ================ Scan services =============================
12:44:07.0118 0x03c0  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
12:44:07.0118 0x03c0  1394ohci - ok
12:44:07.0181 0x03c0  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
12:44:07.0196 0x03c0  ACPI - ok
12:44:07.0243 0x03c0  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
12:44:07.0243 0x03c0  AcpiPmi - ok
12:44:07.0383 0x03c0  [ 62B7936F9036DD6ED36E6A7EFA805DC0, C58EA1B46CB3595386C9217A7785F2A436916FB1E0BDC0E4BE484292C55AA455 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:44:07.0383 0x03c0  AdobeARMservice - ok
12:44:07.0446 0x03c0  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
12:44:07.0446 0x03c0  adp94xx - ok
12:44:07.0508 0x03c0  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
12:44:07.0524 0x03c0  adpahci - ok
12:44:07.0649 0x03c0  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
12:44:07.0649 0x03c0  adpu320 - ok
12:44:07.0711 0x03c0  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
12:44:07.0711 0x03c0  AeLookupSvc - ok
12:44:07.0867 0x03c0  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
12:44:07.0883 0x03c0  AFD - ok
12:44:07.0898 0x03c0  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
12:44:07.0898 0x03c0  agp440 - ok
12:44:07.0945 0x03c0  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
12:44:07.0961 0x03c0  ALG - ok
12:44:08.0054 0x03c0  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
12:44:08.0054 0x03c0  aliide - ok
12:44:08.0101 0x03c0  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
12:44:08.0117 0x03c0  amdide - ok
12:44:08.0210 0x03c0  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
12:44:08.0210 0x03c0  AmdK8 - ok
12:44:08.0304 0x03c0  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
12:44:08.0319 0x03c0  AmdPPM - ok
12:44:08.0413 0x03c0  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
12:44:08.0413 0x03c0  amdsata - ok
12:44:08.0522 0x03c0  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
12:44:08.0522 0x03c0  amdsbs - ok
12:44:08.0585 0x03c0  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
12:44:08.0585 0x03c0  amdxata - ok
12:44:08.0678 0x03c0  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
12:44:08.0678 0x03c0  AppID - ok
12:44:08.0756 0x03c0  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
12:44:08.0772 0x03c0  AppIDSvc - ok
12:44:08.0834 0x03c0  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
12:44:08.0834 0x03c0  Appinfo - ok
12:44:09.0193 0x03c0  [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:44:09.0224 0x03c0  Apple Mobile Device - ok
12:44:09.0287 0x03c0  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
12:44:09.0287 0x03c0  AppMgmt - ok
12:44:09.0349 0x03c0  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
12:44:09.0349 0x03c0  arc - ok
12:44:09.0365 0x03c0  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
12:44:09.0365 0x03c0  arcsas - ok
12:44:09.0427 0x03c0  [ 6FE3237C1177E66437E7AD0E8AC1A6E5, 3223D4E57150DE8F768BC1BE0E6DCFFC6CA5B09DC7D7ADF283C90929100B0B7B ] asmthub3        C:\Windows\system32\DRIVERS\asmthub3.sys
12:44:09.0427 0x03c0  asmthub3 - ok
12:44:09.0567 0x03c0  [ C4043E39A2ABBC56581CA25DF161E9F7, 1B53A8BEE4823EA842A00F5304428F0B4D14078045CF84ED20D8DF0FB8826040 ] asmtxhci        C:\Windows\system32\DRIVERS\asmtxhci.sys
12:44:09.0583 0x03c0  asmtxhci - ok
12:44:10.0067 0x03c0  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:44:10.0082 0x03c0  aspnet_state - ok
12:44:10.0160 0x03c0  [ 912A215CE180A6E7C923C662D7EC777D, 2828D6403F693B1CF4AD4F47A4C096E6B31E680665F5BBCCAA69416FFA7FF2E0 ] AsrAppCharger   C:\Windows\system32\DRIVERS\AsrAppCharger.sys
12:44:10.0160 0x03c0  AsrAppCharger - ok
12:44:10.0207 0x03c0  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
12:44:10.0207 0x03c0  AsyncMac - ok
12:44:10.0254 0x03c0  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
12:44:10.0254 0x03c0  atapi - ok
12:44:10.0457 0x03c0  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:44:10.0472 0x03c0  AudioEndpointBuilder - ok
12:44:10.0566 0x03c0  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
12:44:10.0566 0x03c0  AudioSrv - ok
12:44:10.0628 0x03c0  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
12:44:10.0644 0x03c0  AxInstSV - ok
12:44:10.0722 0x03c0  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
12:44:10.0737 0x03c0  b06bdrv - ok
12:44:10.0800 0x03c0  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
12:44:10.0815 0x03c0  b57nd60a - ok
12:44:11.0096 0x03c0  [ 6FA3557EA5FA09BA705298CC6B0E9F5A, 3C8EA2080973619DEC613FC2F2022AA1A931EE9640C32C6DF6B50C46671BE5F5 ] BCMH43XX        C:\Windows\system32\DRIVERS\bcmwlhigh664.sys
12:44:11.0112 0x03c0  BCMH43XX - ok
12:44:11.0221 0x03c0  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
12:44:11.0221 0x03c0  BDESVC - ok
12:44:11.0283 0x03c0  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
12:44:11.0283 0x03c0  Beep - ok
12:44:11.0439 0x03c0  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
12:44:11.0455 0x03c0  BFE - ok
12:44:11.0689 0x03c0  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\system32\qmgr.dll
12:44:11.0705 0x03c0  BITS - ok
12:44:11.0767 0x03c0  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
12:44:11.0767 0x03c0  blbdrive - ok
12:44:11.0970 0x03c0  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:44:11.0985 0x03c0  Bonjour Service - ok
12:44:12.0110 0x03c0  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
12:44:12.0110 0x03c0  bowser - ok
12:44:12.0188 0x03c0  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
12:44:12.0188 0x03c0  BrFiltLo - ok
12:44:12.0219 0x03c0  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
12:44:12.0219 0x03c0  BrFiltUp - ok
12:44:12.0375 0x03c0  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
12:44:12.0375 0x03c0  BridgeMP - ok
12:44:12.0485 0x03c0  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
12:44:12.0485 0x03c0  Browser - ok
12:44:12.0547 0x03c0  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
12:44:12.0547 0x03c0  Brserid - ok
12:44:12.0625 0x03c0  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
12:44:12.0625 0x03c0  BrSerWdm - ok
12:44:12.0641 0x03c0  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
12:44:12.0641 0x03c0  BrUsbMdm - ok
12:44:12.0672 0x03c0  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
12:44:12.0672 0x03c0  BrUsbSer - ok
12:44:12.0719 0x03c0  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
12:44:12.0719 0x03c0  BTHMODEM - ok
12:44:12.0765 0x03c0  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
12:44:12.0828 0x03c0  bthserv - ok
12:44:12.0859 0x03c0  catchme - ok
12:44:13.0202 0x03c0  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
12:44:13.0202 0x03c0  cdfs - ok
12:44:13.0296 0x03c0  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
12:44:13.0296 0x03c0  cdrom - ok
12:44:13.0405 0x03c0  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
12:44:13.0405 0x03c0  CertPropSvc - ok
12:44:13.0452 0x03c0  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
12:44:13.0452 0x03c0  circlass - ok
12:44:13.0561 0x03c0  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
12:44:13.0561 0x03c0  CLFS - ok
12:44:13.0670 0x03c0  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:44:13.0686 0x03c0  clr_optimization_v2.0.50727_32 - ok
12:44:13.0795 0x03c0  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:44:13.0811 0x03c0  clr_optimization_v2.0.50727_64 - ok
12:44:14.0045 0x03c0  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:44:14.0076 0x03c0  clr_optimization_v4.0.30319_32 - ok
12:44:14.0091 0x03c0  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:44:14.0107 0x03c0  clr_optimization_v4.0.30319_64 - ok
12:44:14.0169 0x03c0  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
12:44:14.0169 0x03c0  CmBatt - ok
12:44:14.0216 0x03c0  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
12:44:14.0232 0x03c0  cmdide - ok
12:44:14.0450 0x03c0  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
12:44:14.0466 0x03c0  CNG - ok
12:44:14.0513 0x03c0  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
12:44:14.0513 0x03c0  Compbatt - ok
12:44:14.0575 0x03c0  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
12:44:14.0575 0x03c0  CompositeBus - ok
12:44:14.0606 0x03c0  COMSysApp - ok
12:44:15.0059 0x03c0  [ 08F934092E0429BADF88E9F91DB0F61E, 6E9091C006FFFF261DC61C8E9A45219E47C351296E5355FC4B7242F30E1DDFE3 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
12:44:15.0090 0x03c0  cphs - ok
12:44:15.0121 0x03c0  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
12:44:15.0121 0x03c0  crcdisk - ok
12:44:15.0183 0x03c0  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
12:44:15.0183 0x03c0  CryptSvc - ok
12:44:15.0261 0x03c0  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
12:44:15.0261 0x03c0  CSC - ok
12:44:15.0324 0x03c0  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
12:44:15.0355 0x03c0  CscService - ok
12:44:15.0433 0x03c0  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
12:44:15.0449 0x03c0  DcomLaunch - ok
12:44:15.0542 0x03c0  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
12:44:15.0558 0x03c0  defragsvc - ok
12:44:15.0620 0x03c0  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
12:44:15.0620 0x03c0  DfsC - ok
12:44:15.0683 0x03c0  [ E428DFFA96FAD07D8CA3C9082563A225, F3D2E94A9FF2CF68CC99A8B42B8DEA5E57D46000D1845DC0908224493480C79F ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
12:44:15.0683 0x03c0  dg_ssudbus - ok
12:44:15.0839 0x03c0  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
12:44:15.0854 0x03c0  Dhcp - ok
12:44:15.0870 0x03c0  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
12:44:15.0870 0x03c0  discache - ok
12:44:16.0041 0x03c0  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
12:44:16.0041 0x03c0  Disk - ok
12:44:16.0104 0x03c0  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
12:44:16.0104 0x03c0  dmvsc - ok
12:44:16.0291 0x03c0  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
12:44:16.0291 0x03c0  Dnscache - ok
12:44:16.0385 0x03c0  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
12:44:16.0400 0x03c0  dot3svc - ok
12:44:16.0509 0x03c0  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
12:44:16.0525 0x03c0  DPS - ok
12:44:16.0665 0x03c0  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
12:44:16.0665 0x03c0  drmkaud - ok
12:44:16.0790 0x03c0  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
12:44:16.0806 0x03c0  DXGKrnl - ok
12:44:17.0009 0x03c0  EagleX64 - ok
12:44:17.0165 0x03c0  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
12:44:17.0180 0x03c0  EapHost - ok
12:44:17.0539 0x03c0  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
12:44:17.0586 0x03c0  ebdrv - ok
12:44:17.0648 0x03c0  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
12:44:17.0648 0x03c0  EFS - ok
12:44:17.0835 0x03c0  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
12:44:17.0851 0x03c0  ehRecvr - ok
12:44:17.0913 0x03c0  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
12:44:17.0929 0x03c0  ehSched - ok
12:44:18.0101 0x03c0  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
12:44:18.0116 0x03c0  elxstor - ok
12:44:18.0147 0x03c0  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
12:44:18.0147 0x03c0  ErrDev - ok
12:44:18.0272 0x03c0  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
12:44:18.0288 0x03c0  EventSystem - ok
12:44:18.0397 0x03c0  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
12:44:18.0413 0x03c0  exfat - ok
12:44:18.0444 0x03c0  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
12:44:18.0459 0x03c0  fastfat - ok
12:44:18.0647 0x03c0  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
12:44:18.0662 0x03c0  Fax - ok
12:44:18.0678 0x03c0  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
12:44:18.0678 0x03c0  fdc - ok
12:44:18.0740 0x03c0  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
12:44:18.0740 0x03c0  fdPHost - ok
12:44:18.0756 0x03c0  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
12:44:18.0756 0x03c0  FDResPub - ok
12:44:18.0818 0x03c0  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
12:44:18.0818 0x03c0  FileInfo - ok
12:44:18.0834 0x03c0  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
12:44:18.0834 0x03c0  Filetrace - ok
12:44:19.0271 0x03c0  [ BB0667B0171B632B97EA759515476F07, 07A123B2182D5813D2898928C231638353CF086606E9D5A5AF4A2A73E17CEC27 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
12:44:19.0317 0x03c0  FLEXnet Licensing Service - ok
12:44:19.0317 0x03c0  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
12:44:19.0317 0x03c0  flpydisk - ok
12:44:19.0364 0x03c0  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
12:44:19.0364 0x03c0  FltMgr - ok
12:44:19.0505 0x03c0  [ FE95AE537B41A7E2F4CFE353064DC4AF, 1C354CAF4A8FB599BD252133C4C3845624C6F9B692E3F4C68573486FE8236EB3 ] FNETTBOH_305    C:\Windows\system32\drivers\FNETTBOH_305.SYS
12:44:19.0505 0x03c0  FNETTBOH_305 - ok
12:44:19.0567 0x03c0  [ 7C3C4B4C951EC1BDFD4F769D05E2CC68, 7B9DA195D3CF0E7BE6BB532CC5D058BC6658B7538B5C5CF09B1A4ABEF1ECACB4 ] FNETURPX        C:\Windows\system32\drivers\FNETURPX.SYS
12:44:19.0567 0x03c0  FNETURPX - ok
12:44:19.0754 0x03c0  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
12:44:19.0770 0x03c0  FontCache - ok
12:44:19.0863 0x03c0  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:44:19.0863 0x03c0  FontCache3.0.0.0 - ok
12:44:19.0895 0x03c0  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
12:44:19.0895 0x03c0  FsDepends - ok
12:44:19.0988 0x03c0  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
12:44:19.0988 0x03c0  Fs_Rec - ok
12:44:20.0144 0x03c0  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
12:44:20.0160 0x03c0  fvevol - ok
12:44:20.0207 0x03c0  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
12:44:20.0207 0x03c0  gagp30kx - ok
12:44:20.0394 0x03c0  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:44:20.0394 0x03c0  GEARAspiWDM - ok
12:44:20.0565 0x03c0  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
12:44:20.0581 0x03c0  gpsvc - ok
12:44:20.0659 0x03c0  [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
12:44:20.0659 0x03c0  gusvc - ok
12:44:20.0690 0x03c0  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
12:44:20.0690 0x03c0  hcw85cir - ok
12:44:20.0862 0x03c0  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:44:20.0877 0x03c0  HdAudAddService - ok
12:44:20.0971 0x03c0  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
12:44:20.0971 0x03c0  HDAudBus - ok
12:44:20.0987 0x03c0  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
12:44:21.0002 0x03c0  HidBatt - ok
12:44:21.0018 0x03c0  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
12:44:21.0018 0x03c0  HidBth - ok
12:44:21.0096 0x03c0  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
12:44:21.0096 0x03c0  HidIr - ok
12:44:21.0143 0x03c0  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
12:44:21.0143 0x03c0  hidserv - ok
12:44:21.0283 0x03c0  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
12:44:21.0283 0x03c0  HidUsb - ok
12:44:21.0408 0x03c0  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
12:44:21.0423 0x03c0  hkmsvc - ok
12:44:21.0501 0x03c0  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:44:21.0548 0x03c0  HomeGroupListener - ok
12:44:21.0626 0x03c0  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:44:21.0657 0x03c0  HomeGroupProvider - ok
12:44:21.0767 0x03c0  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
12:44:21.0767 0x03c0  HpSAMD - ok
12:44:22.0032 0x03c0  [ 5C8BC8A28798FD010E7ABC4E0D588CAA, 622CAFD3DCBB05E15539589FDD4002DA6F24790FC55BDF05AA3D043E8A34E53E ] HTCMonitorService C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
12:44:22.0047 0x03c0  HTCMonitorService - ok
12:44:22.0141 0x03c0  [ B8B1B284362E1D8135112573395D5DA5, 97BC6A7B2DCD7CC854B912A85BB2FCF199592E8E16A7C405EAF89B02D5DE4AEE ] htcnprot        C:\Windows\system32\DRIVERS\htcnprot.sys
12:44:22.0141 0x03c0  htcnprot - ok
12:44:22.0281 0x03c0  [ 7C7C986776D00E575BFBDE5DCBDC615D, 4CF12851A5A45917C3A9139B19D79434F2038611B617F83A714506CC7A1A6C61 ] HtcVCom32       C:\Windows\system32\DRIVERS\HtcVComV64.sys
12:44:22.0281 0x03c0  HtcVCom32 - ok
12:44:22.0406 0x03c0  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
12:44:22.0422 0x03c0  HTTP - ok
12:44:22.0437 0x03c0  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
12:44:22.0437 0x03c0  hwpolicy - ok
12:44:22.0531 0x03c0  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
12:44:22.0531 0x03c0  i8042prt - ok
12:44:22.0656 0x03c0  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
12:44:22.0671 0x03c0  iaStorV - ok
12:44:22.0827 0x03c0  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:44:22.0859 0x03c0  idsvc - ok
12:44:22.0952 0x03c0  IEEtwCollectorService - ok
12:44:23.0389 0x03c0  [ 8C44E6B688790E2AD3846C97661C54F1, CB487D167EDA3C1E30BD5FB8F98C15EB9E75A6FB793009C2F1BBCAAB4285F772 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
12:44:23.0451 0x03c0  igfx - ok
12:44:23.0561 0x03c0  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
12:44:23.0561 0x03c0  iirsp - ok
12:44:23.0779 0x03c0  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
12:44:23.0795 0x03c0  IKEEXT - ok
12:44:24.0403 0x03c0  [ 718A4008EE5DA174400396B27509EF82, 01F563AFF8156B3B72FB0ED1F25F6F451157FE0C4C5671072FD62FD1ED7F73AA ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
12:44:24.0434 0x03c0  IntcAzAudAddService - ok
12:44:24.0653 0x03c0  [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
12:44:24.0668 0x03c0  IntcDAud - ok
12:44:24.0715 0x03c0  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
12:44:24.0715 0x03c0  intelide - ok
12:44:24.0840 0x03c0  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
12:44:24.0840 0x03c0  intelppm - ok
12:44:24.0949 0x03c0  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
12:44:24.0965 0x03c0  IPBusEnum - ok
12:44:24.0996 0x03c0  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:44:24.0996 0x03c0  IpFilterDriver - ok
12:44:25.0573 0x03c0  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
12:44:25.0604 0x03c0  iphlpsvc - ok
12:44:25.0635 0x03c0  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
12:44:25.0635 0x03c0  IPMIDRV - ok
12:44:25.0682 0x03c0  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
12:44:25.0682 0x03c0  IPNAT - ok
12:44:26.0213 0x03c0  [ 33B286326BD2B1A7748C43391058FB19, C6240C9ED5B7C227595E953E3D1AB5F2D45CCD86FDBDF985836A970B4B6467FE ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
12:44:26.0259 0x03c0  iPod Service - ok
12:44:26.0322 0x03c0  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
12:44:26.0322 0x03c0  IRENUM - ok
12:44:26.0400 0x03c0  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
12:44:26.0400 0x03c0  isapnp - ok
12:44:26.0556 0x03c0  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
12:44:26.0556 0x03c0  iScsiPrt - ok
12:44:26.0681 0x03c0  [ 4EE2423C38F43D37F8497A672FD10BDC, 031C5272DD28809255CF4FA8E6DE45DBFBD9A363BBD5156D0AEE0787C4297980 ] ISCT            C:\Windows\system32\DRIVERS\ISCTD64.sys
12:44:26.0681 0x03c0  ISCT - ok
12:44:26.0805 0x03c0  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
12:44:26.0805 0x03c0  kbdclass - ok
12:44:27.0071 0x03c0  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
12:44:27.0071 0x03c0  kbdhid - ok
12:44:27.0164 0x03c0  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
12:44:27.0164 0x03c0  KeyIso - ok
12:44:27.0211 0x03c0  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
12:44:27.0211 0x03c0  KSecDD - ok
12:44:27.0320 0x03c0  [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
12:44:27.0320 0x03c0  KSecPkg - ok
12:44:27.0851 0x03c0  [ BB0A9B209826D6FB0606D1B1E162E823, 377164DAC54C078D4141EFAD6971BE689B0C2FA805AE2CAF5458FA0DF8B4C222 ] KSS             C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
12:44:27.0882 0x03c0  KSS - ok
12:44:27.0929 0x03c0  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
12:44:27.0929 0x03c0  ksthunk - ok
12:44:28.0007 0x03c0  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
12:44:28.0022 0x03c0  KtmRm - ok
12:44:28.0256 0x03c0  [ F33C5D79D3273530E1892A0922283A7B, 06345FC5758D619FE049931BAFF99215C2A73385385EC8004B08071A27B58DEC ] L8042Kbd        C:\Windows\system32\DRIVERS\L8042Kbd.sys
12:44:28.0256 0x03c0  L8042Kbd - ok
12:44:28.0428 0x03c0  [ 305BB2AC00D46542E0A653AB63F4ABB1, E3BE57A0EBB1194656D20C11688863A7864B06223419F688D82881F9F49604B6 ] LADF_CaptureOnly C:\Windows\system32\DRIVERS\ladfGSCamd64.sys
12:44:28.0428 0x03c0  LADF_CaptureOnly - ok
12:44:28.0490 0x03c0  [ 28CDDC7D478A6313F55077416DCBD0DE, EE4174FC9444856DF0693D1A5F16EB88352A3B012AA82D49C462980703981A7A ] LADF_RenderOnly C:\Windows\system32\DRIVERS\ladfGSRamd64.sys
12:44:28.0490 0x03c0  LADF_RenderOnly - ok
12:44:28.0599 0x03c0  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
12:44:28.0615 0x03c0  LanmanServer - ok
12:44:28.0724 0x03c0  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:44:28.0740 0x03c0  LanmanWorkstation - ok
12:44:29.0145 0x03c0  [ 88E52495B47C67126B510AF53FDB0BC7, 75027CE5F578592BBA29F4FB8D820AC5D4E5C8F3095CAF9441818B14128BB4E4 ] LBTServ         C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
12:44:29.0161 0x03c0  LBTServ - ok
12:44:29.0426 0x03c0  [ FA529FB35694C24BF98A9EF67C1CD9D0, 7B3C587C38CF13D514140F0A55E58997D6071D1DEFD97E274E3F490660AC6075 ] LGBusEnum       C:\Windows\system32\drivers\LGBusEnum.sys
12:44:29.0426 0x03c0  LGBusEnum - ok
12:44:29.0520 0x03c0  [ 94B29CE153765E768F004FB3440BE2B0, E74C01CEBDA589CDDE35CBCBAA18700E3742DD3B48A90DB3630992467FFC5024 ] LGVirHid        C:\Windows\system32\drivers\LGVirHid.sys
12:44:29.0535 0x03c0  LGVirHid - ok
12:44:29.0567 0x03c0  [ B6552D382FF070B4ED34CBD6737277C0, 7C2C24454037170311B0267DEFB797E8DF8D157D62157D271BF7F5F74B2A12F3 ] LHidFilt        C:\Windows\system32\DRIVERS\LHidFilt.Sys
12:44:29.0582 0x03c0  LHidFilt - ok
12:44:29.0707 0x03c0  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
12:44:29.0707 0x03c0  lltdio - ok
12:44:29.0832 0x03c0  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
12:44:29.0847 0x03c0  lltdsvc - ok
12:44:29.0894 0x03c0  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
12:44:29.0910 0x03c0  lmhosts - ok
12:44:29.0925 0x03c0  [ 73C1F563AB73D459DFFE682D66476558, 9B8BEE384C968DC6C37DD54B9128D9C2BA92EDBF7BDF49D753AA7DB165F18D00 ] LMouFilt        C:\Windows\system32\DRIVERS\LMouFilt.Sys
12:44:29.0925 0x03c0  LMouFilt - ok
12:44:30.0128 0x03c0  [ 9AD4BEE2FE76D4CA39AC969B617E94FB, 1DE5FC59CDA5C7D63C9C60B9FC70A09F755196DFA25E8FAC0FBF262C44731CF0 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
12:44:30.0144 0x03c0  LMS - ok
12:44:30.0191 0x03c0  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
12:44:30.0206 0x03c0  LSI_FC - ok
12:44:30.0300 0x03c0  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
12:44:30.0300 0x03c0  LSI_SAS - ok
12:44:30.0331 0x03c0  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
12:44:30.0331 0x03c0  LSI_SAS2 - ok
12:44:30.0362 0x03c0  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
12:44:30.0362 0x03c0  LSI_SCSI - ok
12:44:30.0425 0x03c0  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
12:44:30.0425 0x03c0  luafv - ok
12:44:30.0487 0x03c0  [ 8FF2D95CBA49B405C5DE27039FF0BF35, 03BF7FC7F1C2C76EDB583BA342EA1C325DB8058517744EF2A78529D3938F4DC1 ] MBfilt          C:\Windows\system32\drivers\MBfilt64.sys
12:44:30.0487 0x03c0  MBfilt - ok
12:44:30.0690 0x03c0  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
12:44:30.0721 0x03c0  Mcx2Svc - ok
12:44:30.0768 0x03c0  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
12:44:30.0768 0x03c0  megasas - ok
12:44:30.0893 0x03c0  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
12:44:30.0908 0x03c0  MegaSR - ok
12:44:30.0971 0x03c0  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
12:44:30.0971 0x03c0  MEIx64 - ok
12:44:31.0033 0x03c0  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
12:44:31.0064 0x03c0  MMCSS - ok
12:44:31.0095 0x03c0  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
12:44:31.0095 0x03c0  Modem - ok
12:44:31.0205 0x03c0  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
12:44:31.0220 0x03c0  monitor - ok
12:44:31.0314 0x03c0  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
12:44:31.0329 0x03c0  mouclass - ok
12:44:31.0485 0x03c0  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
12:44:31.0501 0x03c0  mouhid - ok
12:44:31.0719 0x03c0  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
12:44:31.0719 0x03c0  mountmgr - ok
12:44:32.0078 0x03c0  [ 4E9D8041D352A33332FD6F59A3A78B03, D4E6229B07EF9866993EEE4F6223DC7F1FF1108273FE14A3DC74E65C181DE56A ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:44:32.0156 0x03c0  MozillaMaintenance - ok
12:44:32.0484 0x03c0  [ 6439D1E559D08BD8A1465A8943357053, 0E300508C22D12FBA3BE566B722F574CBE1B4A1A305356B92B8EA8B86267071B ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
12:44:32.0484 0x03c0  MpFilter - ok
12:44:32.0905 0x03c0  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
12:44:32.0905 0x03c0  mpio - ok
12:44:33.0217 0x03c0  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
12:44:33.0233 0x03c0  mpsdrv - ok
12:44:33.0685 0x03c0  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
12:44:33.0919 0x03c0  MpsSvc - ok
12:44:34.0091 0x03c0  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
12:44:34.0091 0x03c0  MRxDAV - ok
12:44:34.0215 0x03c0  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
12:44:34.0215 0x03c0  mrxsmb - ok
12:44:34.0293 0x03c0  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:44:34.0293 0x03c0  mrxsmb10 - ok
12:44:34.0356 0x03c0  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:44:34.0356 0x03c0  mrxsmb20 - ok
12:44:34.0403 0x03c0  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
12:44:34.0403 0x03c0  msahci - ok
12:44:34.0496 0x03c0  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
12:44:34.0496 0x03c0  msdsm - ok
12:44:34.0527 0x03c0  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
12:44:34.0543 0x03c0  MSDTC - ok
12:44:34.0590 0x03c0  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
12:44:34.0590 0x03c0  Msfs - ok
12:44:34.0652 0x03c0  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
12:44:34.0652 0x03c0  mshidkmdf - ok
12:44:34.0668 0x03c0  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
12:44:34.0668 0x03c0  msisadrv - ok
12:44:34.0793 0x03c0  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
12:44:34.0793 0x03c0  MSiSCSI - ok
12:44:34.0808 0x03c0  msiserver - ok
12:44:34.0855 0x03c0  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
12:44:34.0855 0x03c0  MSKSSRV - ok
12:44:35.0058 0x03c0  [ F0D5494D8B177C37E16966262F5D0F68, DD63427DFFD9DD2BEC8336F6AD1BEFE347012331631DC5FEC65E83B1EACDBC67 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
12:44:35.0058 0x03c0  MsMpSvc - ok
12:44:35.0151 0x03c0  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
12:44:35.0151 0x03c0  MSPCLOCK - ok
12:44:35.0229 0x03c0  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
12:44:35.0229 0x03c0  MSPQM - ok
12:44:35.0307 0x03c0  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
12:44:35.0323 0x03c0  MsRPC - ok
12:44:35.0339 0x03c0  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
12:44:35.0339 0x03c0  mssmbios - ok
12:44:35.0354 0x03c0  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
12:44:35.0354 0x03c0  MSTEE - ok
12:44:35.0417 0x03c0  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
12:44:35.0417 0x03c0  MTConfig - ok
12:44:35.0432 0x03c0  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
12:44:35.0432 0x03c0  Mup - ok
12:44:35.0526 0x03c0  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
12:44:35.0541 0x03c0  napagent - ok
12:44:35.0744 0x03c0  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
12:44:35.0760 0x03c0  NativeWifiP - ok
12:44:35.0947 0x03c0  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
12:44:35.0978 0x03c0  NDIS - ok
12:44:36.0025 0x03c0  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
12:44:36.0025 0x03c0  NdisCap - ok
12:44:36.0087 0x03c0  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
12:44:36.0087 0x03c0  NdisTapi - ok
12:44:36.0197 0x03c0  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
12:44:36.0197 0x03c0  Ndisuio - ok
12:44:36.0228 0x03c0  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
12:44:36.0228 0x03c0  NdisWan - ok
12:44:36.0259 0x03c0  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
12:44:36.0259 0x03c0  NDProxy - ok
12:44:36.0306 0x03c0  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
12:44:36.0306 0x03c0  NetBIOS - ok
12:44:36.0353 0x03c0  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
12:44:36.0353 0x03c0  NetBT - ok
12:44:36.0415 0x03c0  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
12:44:36.0415 0x03c0  Netlogon - ok
12:44:36.0524 0x03c0  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
12:44:36.0540 0x03c0  Netman - ok
12:44:36.0961 0x03c0  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:44:36.0977 0x03c0  NetMsmqActivator - ok
12:44:37.0257 0x03c0  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:44:37.0257 0x03c0  NetPipeActivator - ok
12:44:37.0320 0x03c0  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
12:44:37.0335 0x03c0  netprofm - ok
12:44:37.0476 0x03c0  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:44:37.0491 0x03c0  NetTcpActivator - ok
12:44:37.0491 0x03c0  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:44:37.0491 0x03c0  NetTcpPortSharing - ok
12:44:37.0601 0x03c0  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
12:44:37.0601 0x03c0  nfrd960 - ok
12:44:37.0772 0x03c0  [ F9EEFFC65C68A45001D1349E652B8B6F, E5F223129416083A12A85D48C65B2C8D1BF1124110399938E144308C89F9241D ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
12:44:37.0772 0x03c0  NisDrv - ok
12:44:37.0866 0x03c0  [ 9690F420A99364C1E5C439914B0DE25C, 6C6E0B27C4255001FE5F1EAD911DE1A8BF922C405B0C8031A6BD253CEB1D02A6 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
12:44:37.0866 0x03c0  NisSrv - ok
12:44:37.0944 0x03c0  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
12:44:37.0959 0x03c0  NlaSvc - ok
12:44:37.0975 0x03c0  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
12:44:37.0975 0x03c0  Npfs - ok
12:44:38.0022 0x03c0  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
12:44:38.0022 0x03c0  nsi - ok
12:44:38.0037 0x03c0  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
12:44:38.0037 0x03c0  nsiproxy - ok
12:44:38.0318 0x03c0  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
12:44:38.0334 0x03c0  Ntfs - ok
12:44:38.0365 0x03c0  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
12:44:38.0365 0x03c0  Null - ok
12:44:38.0427 0x03c0  [ 554964B900AE2954B8B589B6287034AC, C6C9EA3ADAFEBBF2AF944E4A0656BD795AD37706008CC0CA3F2150BD709476E7 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
12:44:38.0427 0x03c0  NVHDA - ok
12:44:40.0596 0x03c0  [ F554291C0A11F5B713B54C5886D4AA31, 65B7DF4BB3DFF616DC2C863988E30F901E14221C00E2A99A2079E19D91D93BAE ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:44:40.0767 0x03c0  nvlddmkm - ok
12:44:41.0189 0x03c0  [ C50CD479FD1BB886244E2663DFFBCF6A, CCFB60425E56A12C097EC05A9E5549B4F4A10379818ABC64945487C16F882E3D ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
12:44:41.0235 0x03c0  NvNetworkService - ok
12:44:41.0345 0x03c0  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
12:44:41.0345 0x03c0  nvraid - ok
12:44:41.0407 0x03c0  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
12:44:41.0407 0x03c0  nvstor - ok
12:44:41.0625 0x03c0  [ AD7A2F3AF147B2CF302EBF7C1E01E027, B8DAAE7FE4B13C9CA3F1DEE7C98F5CA49D4D1678C82C51D6801210838319BAE5 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
12:44:41.0625 0x03c0  NvStreamKms - ok
12:44:41.0657 0x03c0  NvStreamSvc - ok
12:44:42.0062 0x03c0  [ 8E99BF264C1F20934A67E91BC9F4FB20, 89AA8823B751F4CEF4E862F1270E7EFDA81A6E5D9C5F72625CBF83C70B312353 ] nvsvc           C:\Windows\system32\nvvsvc.exe
12:44:42.0062 0x03c0  nvsvc - ok
12:44:42.0140 0x03c0  [ 75034A4D7C02327D150B617571D4196A, 8E7DAFEC4307E883D52BD0B5F0732E26E019C953770B52ACBBAD3074A66393CB ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
12:44:42.0140 0x03c0  nvvad_WaveExtensible - ok
12:44:42.0234 0x03c0  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
12:44:42.0234 0x03c0  nv_agp - ok
12:44:42.0234 0x03c0  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
12:44:42.0234 0x03c0  ohci1394 - ok
12:44:42.0296 0x03c0  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
12:44:42.0312 0x03c0  p2pimsvc - ok
12:44:42.0405 0x03c0  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
12:44:42.0421 0x03c0  p2psvc - ok
12:44:42.0483 0x03c0  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
12:44:42.0483 0x03c0  Parport - ok
12:44:42.0561 0x03c0  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
12:44:42.0561 0x03c0  partmgr - ok
12:44:42.0811 0x03c0  [ 446462BBA744DA60379574926FD51EAB, 4A79E8EF28670333F4733FA0016508DC88E9BDC566B455DA5EDEDC514612180A ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
12:44:43.0092 0x03c0  PassThru Service - ok
12:44:43.0170 0x03c0  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
12:44:43.0185 0x03c0  PcaSvc - ok
12:44:43.0310 0x03c0  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
12:44:43.0310 0x03c0  pci - ok
12:44:43.0357 0x03c0  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
12:44:43.0357 0x03c0  pciide - ok
12:44:43.0466 0x03c0  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
12:44:43.0466 0x03c0  pcmcia - ok
12:44:43.0513 0x03c0  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
12:44:43.0529 0x03c0  pcw - ok
12:44:43.0685 0x03c0  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
12:44:43.0716 0x03c0  PEAUTH - ok
12:44:44.0090 0x03c0  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
12:44:44.0121 0x03c0  PeerDistSvc - ok
12:44:44.0558 0x03c0  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
12:44:44.0558 0x03c0  PerfHost - ok
12:44:44.0855 0x03c0  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
12:44:44.0901 0x03c0  pla - ok
12:44:45.0011 0x03c0  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
12:44:45.0042 0x03c0  PlugPlay - ok
12:44:45.0073 0x03c0  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
12:44:45.0104 0x03c0  PNRPAutoReg - ok
12:44:45.0182 0x03c0  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
12:44:45.0182 0x03c0  PNRPsvc - ok
12:44:45.0260 0x03c0  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
12:44:45.0276 0x03c0  PolicyAgent - ok
12:44:45.0338 0x03c0  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
12:44:45.0354 0x03c0  Power - ok
12:44:45.0432 0x03c0  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
12:44:45.0432 0x03c0  PptpMiniport - ok
12:44:45.0479 0x03c0  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
12:44:45.0494 0x03c0  Processor - ok
12:44:45.0572 0x03c0  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
12:44:45.0775 0x03c0  ProfSvc - ok
12:44:45.0806 0x03c0  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:44:45.0806 0x03c0  ProtectedStorage - ok
12:44:45.0931 0x03c0  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
12:44:45.0931 0x03c0  Psched - ok
12:44:45.0978 0x03c0  [ C32ECB99AD25E9A04F01C8665DF29EF8, 0489B3DEC6A33E50D8A48A8DAD3F5B923A81F7300E4A71358D90D2879BAC9AA2 ] pwdrvio         C:\Windows\system32\pwdrvio.sys
12:44:45.0978 0x03c0  pwdrvio - ok
12:44:46.0009 0x03c0  [ D619356B955EEFA642F5FF72755E8B3C, 1FD54978A77ACD6FBF1236E177ED074894743A9141E4169FE9AFE28680FC93C5 ] pwdspio         C:\Windows\system32\pwdspio.sys
12:44:46.0009 0x03c0  pwdspio - ok
12:44:46.0196 0x03c0  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
12:44:46.0212 0x03c0  ql2300 - ok
12:44:46.0227 0x03c0  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
12:44:46.0227 0x03c0  ql40xx - ok
12:44:46.0290 0x03c0  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
12:44:46.0321 0x03c0  QWAVE - ok
12:44:46.0337 0x03c0  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
12:44:46.0337 0x03c0  QWAVEdrv - ok
12:44:46.0383 0x03c0  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
12:44:46.0383 0x03c0  RasAcd - ok
12:44:46.0461 0x03c0  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
12:44:46.0461 0x03c0  RasAgileVpn - ok
12:44:46.0493 0x03c0  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
12:44:46.0508 0x03c0  RasAuto - ok
12:44:46.0555 0x03c0  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
12:44:46.0555 0x03c0  Rasl2tp - ok
12:44:46.0633 0x03c0  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
12:44:46.0664 0x03c0  RasMan - ok
12:44:46.0680 0x03c0  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
12:44:46.0680 0x03c0  RasPppoe - ok
12:44:46.0742 0x03c0  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
12:44:46.0742 0x03c0  RasSstp - ok
12:44:46.0773 0x03c0  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
12:44:46.0789 0x03c0  rdbss - ok
12:44:46.0805 0x03c0  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
12:44:46.0805 0x03c0  rdpbus - ok
12:44:46.0914 0x03c0  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
12:44:46.0914 0x03c0  RDPCDD - ok
12:44:46.0992 0x03c0  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
12:44:46.0992 0x03c0  RDPDR - ok
12:44:47.0054 0x03c0  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
12:44:47.0054 0x03c0  RDPENCDD - ok
12:44:47.0117 0x03c0  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
12:44:47.0117 0x03c0  RDPREFMP - ok
12:44:47.0273 0x03c0  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
12:44:47.0273 0x03c0  RdpVideoMiniport - ok
12:44:47.0335 0x03c0  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
12:44:47.0351 0x03c0  RDPWD - ok
12:44:47.0429 0x03c0  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
12:44:47.0444 0x03c0  rdyboost - ok
12:44:47.0507 0x03c0  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
12:44:47.0507 0x03c0  RemoteAccess - ok
12:44:47.0647 0x03c0  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
12:44:47.0647 0x03c0  RemoteRegistry - ok
12:44:47.0850 0x03c0  [ 7F7EBF43F4789DDC044098D696149391, 4B493F15BA35383CD3139FC1FE3101062090EE2C2748019E483CF96639E26D7E ] RosettaStoneLtdController C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneLtdController.exe
12:44:47.0928 0x03c0  RosettaStoneLtdController - ok
12:44:47.0959 0x03c0  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
12:44:47.0975 0x03c0  RpcEptMapper - ok
12:44:48.0006 0x03c0  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
12:44:48.0021 0x03c0  RpcLocator - ok
12:44:48.0068 0x03c0  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
12:44:48.0084 0x03c0  RpcSs - ok
12:44:48.0146 0x03c0  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
12:44:48.0146 0x03c0  rspndr - ok
12:44:48.0209 0x03c0  [ F4C374B1C46DE294B573BB43723AC3F6, 9B8A40BF54262A1949661596CB753D0B591E94577470ED44D498042BD3EA7C10 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
12:44:48.0224 0x03c0  RTL8167 - ok
12:44:48.0411 0x03c0  [ B3F36B4B3F192EA87DDC119F3A0B3E45, DE80502994ED9977AD64483385A0BC0C6060EA9E9C08645E72FBBCFE8B2358C7 ] RTL8192su       C:\Windows\system32\DRIVERS\RTL8192su.sys
12:44:48.0427 0x03c0  RTL8192su - ok
12:44:48.0552 0x03c0  [ B674400273552406F11A02387222CD0F, 4937F1CE214193B990375B813FC12EFC4DBAE69F290CA44AAF9509C6B37DB44B ] rzjoystk        C:\Windows\system32\DRIVERS\rzjoystk.sys
12:44:48.0552 0x03c0  rzjoystk - ok
12:44:48.0645 0x03c0  [ 8AE50D19F97CFCDD46E0C7764CBA33FA, 95DF4F287FBF14863D18B4504D1F1A155CEE00787F4A916BE7DC1E51425BDEF0 ] rzjstk          C:\Windows\system32\DRIVERS\rzjstk.sys
12:44:48.0645 0x03c0  rzjstk - ok
12:44:48.0770 0x03c0  [ 569C8A4382058EB17C76AF1E48F7A379, 4F2A3779E430D53FA529808CA419452F108FEA1C32FD878B1AF0E04C9CD61657 ] rzkeypadendpt   C:\Windows\system32\DRIVERS\rzkeypadendpt.sys
12:44:48.0770 0x03c0  rzkeypadendpt - ok
12:44:49.0035 0x03c0  [ 95CBC73E98F4A5EF4366DBB4B4E5D436, 65FAC4B83FB8B5F75A04B0CB1D8AEF5BEFB2E628DCFF0B35A463533C3585FE42 ] RzSynapse       C:\Windows\system32\DRIVERS\RzSynapse.sys
12:44:49.0051 0x03c0  RzSynapse - ok
12:44:49.0176 0x03c0  [ D30A8C2D23A7AB6664028A9C72E1809E, 1F2486F02A332CA68BA82B69B0188861EA0BA470D0A8CA1C0A4A771D84BC3613 ] rzudd           C:\Windows\system32\DRIVERS\rzudd.sys
12:44:49.0191 0x03c0  rzudd - ok
12:44:49.0332 0x03c0  [ E5E981893D519D28ED3554BF618F8B92, 6CADF1BC93F57D6A93CFE326939A518A727D0C33A71CAD99630A7A579989C12C ] RzWizardService C:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe
12:44:49.0363 0x03c0  RzWizardService - ok
12:44:49.0394 0x03c0  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
12:44:49.0394 0x03c0  s3cap - ok
12:44:49.0425 0x03c0  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
12:44:49.0425 0x03c0  SamSs - ok
12:44:49.0472 0x03c0  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
12:44:49.0488 0x03c0  sbp2port - ok
12:44:49.0535 0x03c0  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
12:44:49.0550 0x03c0  SCardSvr - ok
12:44:49.0644 0x03c0  [ 8356DD6C4F1744701B94FE85743A6A78, E803690C7C1FA01533BB0C06C8A9EB8FD2081877FC97EB7F45374D1E89BB96E0 ] SCDEmu          C:\Windows\system32\drivers\SCDEmu.sys
12:44:49.0691 0x03c0  SCDEmu - ok
12:44:49.0706 0x03c0  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
12:44:49.0706 0x03c0  scfilter - ok
12:44:49.0847 0x03c0  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
12:44:49.0862 0x03c0  Schedule - ok
12:44:49.0940 0x03c0  [ 6011CDF54BB6F4C69F38FACCDAD73D7E, 4EE85F5E87A65E55EFCB5940A09993C54C5528ADA6194F3AED314F1AC2795A73 ] SCMNdisP        C:\Windows\system32\DRIVERS\scmndisp.sys
12:44:49.0940 0x03c0  SCMNdisP - ok
12:44:49.0987 0x03c0  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
12:44:49.0987 0x03c0  SCPolicySvc - ok
12:44:50.0065 0x03c0  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
12:44:50.0065 0x03c0  SDRSVC - ok
12:44:50.0143 0x03c0  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
12:44:50.0159 0x03c0  secdrv - ok
12:44:50.0174 0x03c0  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
12:44:50.0190 0x03c0  seclogon - ok
12:44:50.0221 0x03c0  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
12:44:50.0221 0x03c0  SENS - ok
12:44:50.0252 0x03c0  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
12:44:50.0252 0x03c0  SensrSvc - ok
12:44:50.0330 0x03c0  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
12:44:50.0330 0x03c0  Serenum - ok
12:44:50.0377 0x03c0  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
12:44:50.0393 0x03c0  Serial - ok
12:44:50.0486 0x03c0  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
12:44:50.0486 0x03c0  sermouse - ok
12:44:50.0533 0x03c0  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
12:44:50.0549 0x03c0  SessionEnv - ok
12:44:50.0564 0x03c0  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
12:44:50.0564 0x03c0  sffdisk - ok
12:44:50.0564 0x03c0  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
12:44:50.0564 0x03c0  sffp_mmc - ok
12:44:50.0580 0x03c0  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
12:44:50.0580 0x03c0  sffp_sd - ok
12:44:50.0611 0x03c0  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
12:44:50.0611 0x03c0  sfloppy - ok
12:44:50.0705 0x03c0  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
12:44:50.0720 0x03c0  SharedAccess - ok
12:44:50.0798 0x03c0  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:44:50.0798 0x03c0  ShellHWDetection - ok
12:44:50.0876 0x03c0  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
12:44:50.0892 0x03c0  SiSRaid2 - ok
12:44:50.0939 0x03c0  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
12:44:50.0939 0x03c0  SiSRaid4 - ok
12:44:51.0297 0x03c0  [ 050A4112B00BCA2E13314CDE48C1DEEE, 86C679CD494DEEB984372BF954EFBB8982AC7995FBF89FCF83BC228991D1B825 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
12:44:51.0313 0x03c0  SkypeUpdate - ok
12:44:51.0422 0x03c0  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
12:44:51.0422 0x03c0  Smb - ok
12:44:51.0531 0x03c0  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
12:44:51.0547 0x03c0  SNMPTRAP - ok
12:44:51.0563 0x03c0  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
12:44:51.0563 0x03c0  spldr - ok
12:44:51.0687 0x03c0  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
12:44:51.0703 0x03c0  Spooler - ok
12:44:52.0187 0x03c0  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
12:44:52.0233 0x03c0  sppsvc - ok
12:44:52.0249 0x03c0  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
12:44:52.0265 0x03c0  sppuinotify - ok
12:44:52.0374 0x03c0  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
12:44:52.0374 0x03c0  srv - ok
12:44:52.0452 0x03c0  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
12:44:52.0467 0x03c0  srv2 - ok
12:44:52.0530 0x03c0  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
12:44:52.0530 0x03c0  srvnet - ok
12:44:52.0592 0x03c0  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
12:44:52.0592 0x03c0  SSDPSRV - ok
12:44:52.0639 0x03c0  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
12:44:52.0639 0x03c0  SstpSvc - ok
12:44:52.0764 0x03c0  [ AAF6F247F1DC370C593B4430974EAD9C, 232D0D62EC83A5537ADB28B5DC01074BA812FE6C70C54F70CD7A5EF1BC19D3E1 ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
12:44:52.0764 0x03c0  ssudmdm - ok
12:44:53.0107 0x03c0  [ 8ABBE9996AFB085E080783C2FDEE6480, E8F865DBC0F7EA9CB07EB56F18E898EFEA04FC3DD230B34ED98EC3CACCEAEFC1 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
12:44:53.0669 0x03c0  Steam Client Service - ok
12:44:53.0856 0x03c0  [ 49D9C17FDDFAC66F27FA735E94923216, 18C8FE5B794927989CDD3BB7A5500C73CCC23559470EEB37D42FD9AD04098C0D ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
12:44:53.0871 0x03c0  Stereo Service - ok
12:44:53.0918 0x03c0  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
12:44:53.0918 0x03c0  stexstor - ok
12:44:53.0996 0x03c0  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
12:44:54.0012 0x03c0  stisvc - ok
12:44:54.0059 0x03c0  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
12:44:54.0059 0x03c0  storflt - ok
12:44:54.0137 0x03c0  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
12:44:54.0152 0x03c0  StorSvc - ok
12:44:54.0199 0x03c0  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
12:44:54.0199 0x03c0  storvsc - ok
12:44:54.0230 0x03c0  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
12:44:54.0230 0x03c0  swenum - ok
12:44:54.0308 0x03c0  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
12:44:54.0324 0x03c0  swprv - ok
12:44:54.0589 0x03c0  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
12:44:54.0620 0x03c0  SysMain - ok
12:44:54.0683 0x03c0  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:44:54.0683 0x03c0  TabletInputService - ok
12:44:54.0745 0x03c0  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
12:44:54.0761 0x03c0  TapiSrv - ok
12:44:54.0792 0x03c0  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
12:44:54.0807 0x03c0  TBS - ok
12:44:55.0088 0x03c0  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
12:44:55.0119 0x03c0  Tcpip - ok
12:44:55.0260 0x03c0  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
12:44:55.0291 0x03c0  TCPIP6 - ok
12:44:55.0353 0x03c0  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
12:44:55.0353 0x03c0  tcpipreg - ok
12:44:55.0400 0x03c0  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
12:44:55.0400 0x03c0  TDPIPE - ok
12:44:55.0416 0x03c0  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
12:44:55.0431 0x03c0  TDTCP - ok
12:44:55.0447 0x03c0  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
12:44:55.0447 0x03c0  tdx - ok
12:44:55.0509 0x03c0  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
12:44:55.0509 0x03c0  TermDD - ok
12:44:55.0619 0x03c0  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
12:44:55.0634 0x03c0  TermService - ok
12:44:55.0681 0x03c0  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
12:44:55.0697 0x03c0  Themes - ok
12:44:55.0759 0x03c0  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
12:44:55.0759 0x03c0  THREADORDER - ok
12:44:55.0806 0x03c0  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
12:44:55.0821 0x03c0  TrkWks - ok
12:44:55.0915 0x03c0  TrueSight - ok
12:44:56.0071 0x03c0  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:44:56.0071 0x03c0  TrustedInstaller - ok
12:44:56.0149 0x03c0  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
12:44:56.0149 0x03c0  tssecsrv - ok
12:44:56.0243 0x03c0  [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
12:44:56.0258 0x03c0  TsUsbFlt - ok
12:44:56.0274 0x03c0  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
12:44:56.0289 0x03c0  TsUsbGD - ok
12:44:56.0383 0x03c0  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
12:44:56.0399 0x03c0  tunnel - ok
12:44:56.0414 0x03c0  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
12:44:56.0430 0x03c0  uagp35 - ok
12:44:56.0477 0x03c0  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
12:44:56.0477 0x03c0  udfs - ok
12:44:56.0570 0x03c0  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
12:44:56.0570 0x03c0  UI0Detect - ok
12:44:56.0633 0x03c0  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
12:44:56.0648 0x03c0  uliagpkx - ok
12:44:56.0742 0x03c0  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
12:44:56.0773 0x03c0  umbus - ok
12:44:56.0851 0x03c0  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
12:44:56.0867 0x03c0  UmPass - ok
12:44:57.0225 0x03c0  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
12:44:57.0241 0x03c0  UmRdpService - ok
12:44:57.0725 0x03c0  [ CD114CE02A10FA79C229770788106842, A02E0FE0865CE7E14D27F23CE748F5EFBE3F14CA350B0F26623E174227F30643 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
12:44:57.0771 0x03c0  UNS - ok
12:44:57.0881 0x03c0  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
12:44:57.0881 0x03c0  upnphost - ok
12:44:58.0161 0x03c0  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
12:44:58.0177 0x03c0  USBAAPL64 - ok
12:44:58.0271 0x03c0  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
12:44:58.0271 0x03c0  usbaudio - ok
12:44:58.0380 0x03c0  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
12:44:58.0380 0x03c0  usbccgp - ok
12:44:58.0473 0x03c0  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
12:44:58.0473 0x03c0  usbcir - ok
12:44:58.0583 0x03c0  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
12:44:58.0583 0x03c0  usbehci - ok
12:44:58.0723 0x03c0  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
12:44:58.0723 0x03c0  usbhub - ok
12:44:58.0739 0x03c0  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
12:44:58.0754 0x03c0  usbohci - ok
12:44:58.0832 0x03c0  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
12:44:58.0863 0x03c0  usbprint - ok
12:44:59.0004 0x03c0  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
12:44:59.0004 0x03c0  usbscan - ok
12:44:59.0051 0x03c0  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:44:59.0066 0x03c0  USBSTOR - ok
12:44:59.0097 0x03c0  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
12:44:59.0097 0x03c0  usbuhci - ok
12:44:59.0160 0x03c0  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
12:44:59.0160 0x03c0  UxSms - ok
12:44:59.0175 0x03c0  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
12:44:59.0191 0x03c0  VaultSvc - ok
12:44:59.0238 0x03c0  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
12:44:59.0238 0x03c0  vdrvroot - ok
12:44:59.0363 0x03c0  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
12:44:59.0378 0x03c0  vds - ok
12:44:59.0441 0x03c0  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
12:44:59.0441 0x03c0  vga - ok
12:44:59.0456 0x03c0  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
12:44:59.0456 0x03c0  VgaSave - ok
12:44:59.0503 0x03c0  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
12:44:59.0519 0x03c0  vhdmp - ok
12:44:59.0581 0x03c0  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
12:44:59.0581 0x03c0  viaide - ok
12:44:59.0753 0x03c0  [ D7D9E7C0C64350259C355EFE37AD9CE6, 7A6E285279C8B0617B0FF8AA68119C54A396A9C36304B58B5C83B562346E53A9 ] VirtuWDDM       C:\Windows\system32\DRIVERS\VirtuWDDM.sys
12:44:59.0784 0x03c0  VirtuWDDM - ok
12:44:59.0846 0x03c0  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
12:44:59.0862 0x03c0  vmbus - ok
12:44:59.0877 0x03c0  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
12:44:59.0877 0x03c0  VMBusHID - ok
12:44:59.0909 0x03c0  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
12:44:59.0924 0x03c0  volmgr - ok
12:44:59.0971 0x03c0  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
12:44:59.0987 0x03c0  volmgrx - ok
12:45:00.0018 0x03c0  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
12:45:00.0033 0x03c0  volsnap - ok
12:45:00.0143 0x03c0  [ B4A73CA4EF9A02B9738CEA9AD5FE5917, B6A8086189FE2F1C3FE5B3F484FBA3DB2E5E1836F3154D30090F136C27D16166 ] vpcbus          C:\Windows\system32\DRIVERS\vpchbus.sys
12:45:00.0143 0x03c0  vpcbus - ok
12:45:00.0283 0x03c0  [ E675FB2B48C54F09895482E2253B289C, 68BBFBF2356C849722E429CA753CC309A3CCE8CF00EBDBBD2695ECD292324DF2 ] vpcnfltr        C:\Windows\system32\DRIVERS\vpcnfltr.sys
12:45:00.0299 0x03c0  vpcnfltr - ok
12:45:00.0408 0x03c0  [ 5FB42082B0D19A0268705F1DD343DF20, 62F8EEE6A507CE6A8BD638020118D71B78332F79BA82654AB702AE46B04767D9 ] vpcusb          C:\Windows\system32\DRIVERS\vpcusb.sys
12:45:00.0408 0x03c0  vpcusb - ok
12:45:00.0626 0x03c0  [ 207B6539799CC1C112661A9B620DD233, 6B915CC7F77C867516D94865D7BF2E5C815402EF0A4488C3EB2FEF7CFA6C98F6 ] vpcvmm          C:\Windows\system32\drivers\vpcvmm.sys
12:45:00.0642 0x03c0  vpcvmm - ok
12:45:00.0751 0x03c0  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
12:45:00.0767 0x03c0  vsmraid - ok
12:45:00.0985 0x03c0  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
12:45:01.0016 0x03c0  VSS - ok
12:45:01.0032 0x03c0  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
12:45:01.0032 0x03c0  vwifibus - ok
12:45:01.0110 0x03c0  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
12:45:01.0141 0x03c0  vwififlt - ok
12:45:01.0235 0x03c0  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
12:45:01.0250 0x03c0  W32Time - ok
12:45:01.0266 0x03c0  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
12:45:01.0266 0x03c0  WacomPen - ok
12:45:01.0391 0x03c0  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
12:45:01.0391 0x03c0  WANARP - ok
12:45:01.0437 0x03c0  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
12:45:01.0453 0x03c0  Wanarpv6 - ok
12:45:01.0781 0x03c0  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
12:45:01.0812 0x03c0  WatAdminSvc - ok
12:45:02.0093 0x03c0  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
12:45:02.0124 0x03c0  wbengine - ok
12:45:02.0171 0x03c0  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
12:45:02.0171 0x03c0  WbioSrvc - ok
12:45:02.0233 0x03c0  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
12:45:02.0249 0x03c0  wcncsvc - ok
12:45:02.0280 0x03c0  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:45:02.0295 0x03c0  WcsPlugInService - ok
12:45:02.0358 0x03c0  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
12:45:02.0373 0x03c0  Wd - ok
12:45:02.0498 0x03c0  [ A3D04EBF5227886029B4532F20D026F7, D90F7B9C176008675DA0B5FD7E4973CBC2A04172CEDF8FB7D3B3B4F27B5440D7 ] WDC_SAM         C:\Windows\system32\DRIVERS\wdcsam64.sys
12:45:02.0529 0x03c0  WDC_SAM - ok
12:45:02.0685 0x03c0  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
12:45:02.0717 0x03c0  Wdf01000 - ok
12:45:02.0763 0x03c0  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
12:45:02.0779 0x03c0  WdiServiceHost - ok
12:45:02.0779 0x03c0  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
12:45:02.0795 0x03c0  WdiSystemHost - ok
12:45:02.0873 0x03c0  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
12:45:02.0888 0x03c0  WebClient - ok
12:45:02.0966 0x03c0  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
12:45:02.0982 0x03c0  Wecsvc - ok
12:45:02.0997 0x03c0  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
12:45:03.0013 0x03c0  wercplsupport - ok
12:45:03.0075 0x03c0  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
12:45:03.0075 0x03c0  WerSvc - ok
12:45:03.0169 0x03c0  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
12:45:03.0169 0x03c0  WfpLwf - ok
12:45:03.0231 0x03c0  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
12:45:03.0231 0x03c0  WIMMount - ok
12:45:03.0294 0x03c0  WinDefend - ok
12:45:03.0325 0x03c0  WinHttpAutoProxySvc - ok
12:45:03.0450 0x03c0  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
12:45:03.0465 0x03c0  Winmgmt - ok
12:45:03.0902 0x03c0  WinRing0_1_2_0 - ok
12:45:04.0261 0x03c0  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
12:45:04.0292 0x03c0  WinRM - ok
12:45:04.0417 0x03c0  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUSB          C:\Windows\system32\DRIVERS\WinUSB.sys
12:45:04.0433 0x03c0  WinUSB - ok
12:45:04.0589 0x03c0  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
12:45:04.0620 0x03c0  Wlansvc - ok
12:45:05.0041 0x03c0  [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:45:05.0088 0x03c0  wlidsvc - ok
12:45:05.0213 0x03c0  [ 680A7846370000D20D7E74917D5B7936, 55B77B358039672845D361CA4205F3482D1F30A4654B610FD785A1337EFDC316 ] WmBEnum         C:\Windows\system32\drivers\WmBEnum.sys
12:45:05.0213 0x03c0  WmBEnum - ok
12:45:05.0400 0x03c0  [ 14C35BA8189C6F65D839163AA285E954, 8981AA488320C75E26E1ABDF884B721A4065F5D28F54782598B03F21B8CDC020 ] WmFilter        C:\Windows\system32\drivers\WmFilter.sys
12:45:05.0400 0x03c0  WmFilter - ok
12:45:05.0462 0x03c0  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
12:45:05.0462 0x03c0  WmiAcpi - ok
12:45:05.0525 0x03c0  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
12:45:05.0540 0x03c0  wmiApSrv - ok
12:45:05.0634 0x03c0  WMPNetworkSvc - ok
12:45:05.0868 0x03c0  [ 8488DD91A3EE54A8E29F02AD7BB8201E, D428ED991D9E4A8765C240B21884A262854278698D60862117AC5949713231F9 ] WmVirHid        C:\Windows\system32\drivers\WmVirHid.sys
12:45:05.0868 0x03c0  WmVirHid - ok
12:45:06.0055 0x03c0  [ 14802B3A30AA849C97CB968CCC813BF3, 330AD828ABD040ECDBF58F7162978CD61BFC093CAD404FD2BCAC74E3F2EC542A ] WmXlCore        C:\Windows\system32\drivers\WmXlCore.sys
12:45:06.0055 0x03c0  WmXlCore - ok
12:45:06.0274 0x03c0  [ 83B6CA03C846FCD47F9883D77D1EB27B, 1616DBBC95085B6618B7F884383507E2A54D561A41288E79FA6DC99218C02802 ] WMZuneComm      C:\Program Files\Zune\WMZuneComm.exe
12:45:06.0289 0x03c0  WMZuneComm - ok
12:45:06.0336 0x03c0  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
12:45:06.0336 0x03c0  WPCSvc - ok
12:45:06.0352 0x03c0  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
12:45:06.0367 0x03c0  WPDBusEnum - ok
12:45:06.0414 0x03c0  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
12:45:06.0414 0x03c0  ws2ifsl - ok
12:45:06.0570 0x03c0  [ AD12F5C7251BB8D575D560894E73CBBA, FAAA1440CBBDC889C0B8917065B932A9CC86E5C0FD5845D8830482915AF83F40 ] WsAudio_DeviceS(1) C:\Windows\system32\drivers\WsAudio_DeviceS(1).sys
12:45:06.0601 0x03c0  WsAudio_DeviceS(1) - ok
12:45:06.0648 0x03c0  [ AD12F5C7251BB8D575D560894E73CBBA, FAAA1440CBBDC889C0B8917065B932A9CC86E5C0FD5845D8830482915AF83F40 ] WsAudio_DeviceS(2) C:\Windows\system32\drivers\WsAudio_DeviceS(2).sys
12:45:06.0664 0x03c0  WsAudio_DeviceS(2) - ok
12:45:06.0742 0x03c0  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
12:45:06.0757 0x03c0  wscsvc - ok
12:45:06.0757 0x03c0  WSearch - ok
12:45:06.0851 0x03c0  [ D0697918519A4CF059C2C7E3B9E93A53, 27B811A5483870FFEE70404E7DCAD16B76132E775773C582829A489D5EE883FA ] WSWNA3100       C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe
12:45:06.0898 0x03c0  WSWNA3100 - ok
12:45:07.0319 0x03c0  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
12:45:07.0366 0x03c0  wuauserv - ok
12:45:07.0412 0x03c0  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
12:45:07.0428 0x03c0  WudfPf - ok
12:45:07.0522 0x03c0  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
12:45:07.0537 0x03c0  WUDFRd - ok
12:45:07.0600 0x03c0  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
12:45:07.0615 0x03c0  wudfsvc - ok
12:45:07.0693 0x03c0  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
12:45:07.0709 0x03c0  WwanSvc - ok
12:45:07.0849 0x03c0  [ 2EE48CFCE7CA8E0DB4C44C7476C0943B, 2C324592F3F2D50BABA7123B6F9FC922667CC132777E019FF615F2D6F273A45E ] xusb21          C:\Windows\system32\DRIVERS\xusb21.sys
12:45:07.0865 0x03c0  xusb21 - ok
12:45:09.0160 0x03c0  [ 67B787C34FB2888D01B130AE007042D8, E44878E53F265C89F271B08B81C129105E42D1C78C14467B2D96E28A9A428B1A ] ZuneNetworkSvc  C:\Program Files\Zune\ZuneNss.exe
12:45:09.0425 0x03c0  ZuneNetworkSvc - ok
12:45:09.0565 0x03c0  [ 4D89FC1C20CF655739EFAC5DA81A67BC, 788D0A5B9972ED6D80242C0C5E80AB0FAB44A708B896D5F724AC1559A291C8DD ] ZuneWlanCfgSvc  C:\Program Files\Zune\ZuneWlanCfgSvc.exe
12:45:09.0581 0x03c0  ZuneWlanCfgSvc - ok
12:45:09.0690 0x03c0  ================ Scan global ===============================
12:45:09.0752 0x03c0  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
12:45:09.0815 0x03c0  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:45:09.0846 0x03c0  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:45:09.0908 0x03c0  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
12:45:09.0986 0x03c0  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
12:45:10.0002 0x03c0  [ Global ] - ok
12:45:10.0002 0x03c0  ================ Scan MBR ==================================
12:45:10.0002 0x03c0  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:45:10.0018 0x03c0  \Device\Harddisk0\DR0 - ok
12:45:10.0033 0x03c0  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
12:45:10.0954 0x03c0  \Device\Harddisk1\DR1 - ok
12:45:10.0954 0x03c0  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
12:45:10.0969 0x03c0  \Device\Harddisk2\DR2 - ok
12:45:10.0969 0x03c0  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk3\DR3
12:45:10.0969 0x03c0  \Device\Harddisk3\DR3 - ok
12:45:10.0985 0x03c0  ================ Scan VBR ==================================
12:45:10.0985 0x03c0  [ F2FEF87B7D1E5A9F8307A510F848689F ] \Device\Harddisk0\DR0\Partition1
12:45:11.0016 0x03c0  \Device\Harddisk0\DR0\Partition1 - ok
12:45:11.0032 0x03c0  [ 0D6E7873C86E000DC11A2AC35684F59D ] \Device\Harddisk1\DR1\Partition1
12:45:11.0047 0x03c0  \Device\Harddisk1\DR1\Partition1 - ok
12:45:11.0047 0x03c0  [ 3F7B9C7259D8F33AF3C9FD1D506CEB11 ] \Device\Harddisk2\DR2\Partition1
12:45:11.0047 0x03c0  \Device\Harddisk2\DR2\Partition1 - ok
12:45:11.0047 0x03c0  [ 56A94F02C80039E90636552A3370E776 ] \Device\Harddisk3\DR3\Partition1
12:45:11.0047 0x03c0  \Device\Harddisk3\DR3\Partition1 - ok
12:45:11.0047 0x03c0  ================ Scan generic autorun ======================
12:45:11.0952 0x03c0  [ 023FAC742820932580B68DB91E0D7B6A, 9B2AF05CBA9BB153A2EE959BA9911A93E9C75CFDF8E040D8E3D86CB9BD505091 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
12:45:12.0280 0x03c0  RTHDVCPL - ok
12:45:12.0732 0x03c0  [ A6AAD37CDCAE75CB62D039E3A4D8F5E3, 4FF763B0D129175BA1B1E794BA313E6C63F7A89D377C786BF5E730AF2A1D95D1 ] C:\Program Files\Microsoft Security Client\msseces.exe
12:45:12.0763 0x03c0  MSC - ok
12:45:12.0841 0x03c0  [ 74354790ECAE60C11631BD7856C0AFD0, 4932908C79842CFDB4882A767BCAECB97F663892C9715D4FA1F4AE902335DCB5 ] C:\Windows\KHALMNPR.EXE
12:45:12.0857 0x03c0  Kernel and Hardware Abstraction Layer - ok
12:45:12.0857 0x03c0  Nvtmru - ok
12:45:12.0919 0x03c0  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
12:45:12.0919 0x03c0  ShadowPlay - ok
12:45:13.0278 0x03c0  [ 5EA707336336DDFADE5FD3726CEA1523, 6136D88012140B3A43C7DC6CD0CBDB867BC6BA62D718269B73ED9F1B340F6768 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
12:45:13.0309 0x03c0  NvBackend - ok
12:45:13.0403 0x03c0  [ 28062B17191C9450BF6C6C3EF8C7EB27, 4859C5708DFD119021F7B7FFB38F0B316675E1E4D5D51A10D4265F712CF8CDB6 ] C:\Windows\system32\igfxtray.exe
12:45:13.0403 0x03c0  IgfxTray - ok
12:45:13.0481 0x03c0  [ 28FC280487F0BAAE5E8119257C4EEF8C, F574BC70B79B77912FC683B3EB0BE6929E7758284ED5B47008E18B0E4A4A09FD ] C:\Windows\system32\hkcmd.exe
12:45:13.0512 0x03c0  HotKeysCmds - ok
12:45:13.0606 0x03c0  [ F29BEA821C753E4F00177690F70CDC13, 0EDB40F4A4C23553C0288E6E3AD65E7B523F6764C87C6C36C3ECB0C1940C5176 ] C:\Windows\system32\igfxpers.exe
12:45:13.0606 0x03c0  Persistence - ok
12:45:14.0557 0x03c0  [ C840E193B58F94CC671EBF66BB84CA75, 7994786935D6F5331639EA0C03B568D9F7F85234156DA3AAEEA562C12E6B75E8 ] C:\Program Files\Logitech Gaming Software\LCore.exe
12:45:14.0776 0x03c0  Launch LCore - ok
12:45:14.0916 0x03c0  [ 0104F4CA73154C23FFB449501F6D2D53, 0610AC01C06CC15D67F11C0EE00097A4D0A56B9EED16489FD3306EC2E1E6F301 ] C:\Program Files\Logitech\Gaming Software\LWEMon.exe
12:45:14.0932 0x03c0  Start WingMan Profiler - ok
12:45:15.0010 0x03c0  [ EBC0E8C0A4DDA2C32A7D5863462A321A, 2F410138DB66D0219254339F1F098E401CEDAA032596F1F67BC54F394256FC68 ] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
12:45:15.0010 0x03c0  amd_dc_opt - ok
12:45:15.0306 0x03c0  [ DA5FBAA5D62B4FD393947DE5EE8715BE, BA3FDF00AFCF2859585FB9D934E67D31CC7960C093A09F73F8F6AEFE86E9528E ] C:\Users\Tom Collins\AppData\Local\FluxSoftware\Flux\flux.exe
12:45:15.0322 0x03c0  F.lux - ok
12:45:15.0322 0x03c0  Waiting for KSN requests completion. In queue: 144
12:45:16.0336 0x03c0  Waiting for KSN requests completion. In queue: 144
12:45:17.0350 0x03c0  Waiting for KSN requests completion. In queue: 144
12:45:18.0364 0x03c0  Waiting for KSN requests completion. In queue: 144
12:45:19.0378 0x03c0  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.6.305.0 ), 0x61000 ( enabled : updated )
12:45:19.0378 0x03c0  Win FW state via NFP2: enabled
12:45:22.0217 0x03c0  ============================================================
12:45:22.0217 0x03c0  Scan finished
12:45:22.0217 0x03c0  ============================================================
12:45:22.0217 0x1178  Detected object count: 0
12:45:22.0217 0x1178  Actual detected object count: 0
 
12:47 - MSE turned from green to yellow, alerted me that my PC status was potentially unprotected as I hadn't run a scan in a while.
 
As of right now, nothing additional has happened, but my computer has been making a clicking noise since it has been turned on.  Ever since MSE started detecting Alureon.J yesterday, my computer has been clicking whenever it is on.
 
EDit 12:55 - As I went to turn off my computer, MSE detected and quarantined Alureon.J once again.  Every time, the same error occurs.

Edited by GinAndRamune, 13 September 2014 - 12:56 PM.


#3 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:24 PM

Posted 14 September 2014 - 06:00 AM

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

  • Important: To help me reviewing your logs, please post them in code boxes. You can create them by clicking on the <>-symbol on top of the reply window.

 
 
 
 
HijackThis is not the preferred initial scanning tool in this forum. With today's malware, a more comprehensive set of logs is required to determine the presence of malware.
 
 
 
 
Scan with FRST in normal mode

Please download Farbar's Recovery Scan Tool to your desktop: FRST 32bit or FRST 64bit (If not sure: Start --> Computer (right click) --> properties)
 
  • Run FRST.
  • Don´t change one of the checkboxes and hit Scan.
  • Logfiles are created on your desktop.
  • Poste the FRST.txt and (after the first scan only!) the Addition.txt.

 
 
 
 
 Scan with aswMBR

Please download aswMBR ( 4.5MB ) to your desktop.
  • Double click the aswMBR.exe icon, and click Run.
  • There will be a short delay before the next dialog box comes up. Please just wait a minute or two.
  • When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
  • Typically this is about a 100MB download so depending on your connection speed it can take a short while to download and become ready.
  • Click the Scan button to start the scan once the update has finished downloading
  • On completion of the scan, click the save log button, save it to your desktop, then copy and paste it in your next reply.

Note: There will also be a file on your desktop named MBR.dat do not delete this for now. It is an actual backup of the MBR (master boot record).


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#4 GinAndRamune

GinAndRamune
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:05:24 PM

Posted 14 September 2014 - 03:18 PM

Thank you, Marius, for your support in this matter .  However, I figured out how to solve my problem on my own.  

It turns out whatever I was infected with made an extremely small partition on my main hard drive and was operating from there.  Even when using a command line, this partition couldn't be recognized.  However, I ended up formatting my hard drive and re-installing Windows; during installation, I saw that .1 GB of my 280 GB hard drive was unavailable for use, and the virus was present as soon as I started use of my computer.  I reformatted again after using DBAN, the Boot and Nuke utility, and after a three round pass, everything was fine.  My other two hard drives were not infected, so that's good at least, and my main hard drive was pretty much only used for my OS, so I didn't really lose much data.

Thank you for your help anyway!



#5 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:24 PM

Posted 15 September 2014 - 07:42 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users