Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Multiple IE in Task Manager/Volume goes mute


  • This topic is locked This topic is locked
17 replies to this topic

#1 woch2331

woch2331

  • Members
  • 91 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:29 PM

Posted 15 October 2014 - 11:37 AM

Any help with this issue?

 

 

dds,txt:

 

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 10.0.9200.17116
Run by Antiebabs at 11:30:12 on 2014-10-15
Microsoft Windows 7 Professional   6.1.7601.1.1252.1.1033.18.3543.799 [GMT -5:00]
.
AV: Bitdefender Antivirus Free Edition *Enabled/Updated* {9B5F5313-CAF9-DD97-C460-E778420237B4}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Bitdefender Antivirus Free Edition *Enabled/Updated* {203EB2F7-ECC3-D219-FED0-DC0A39857D09}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\Intel\AMT\LMS.exe
C:\Program Files\PDF Complete\pdfsvc.exe
C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\explorer.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\dllhost.exe
C:\Windows\System32\dllhost.exe
C:\Windows\System32\dllhost.exe
C:\Windows\System32\dllhost.exe
C:\Windows\System32\dllhost.exe
C:\Windows\System32\dllhost.exe
C:\Windows\System32\dllhost.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\system32\sppsvc.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\System32\dllhost.exe
C:\Windows\System32\dllhost.exe
C:\Windows\System32\dllhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Bitdefender\Antivirus Free Edition\update.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k secsvcs
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://www.google.com/
mStart Page = about:blank
uURLSearchHooks: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - <orphaned>
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe
mRun: [picon] "c:\program files\common files\intel\privacy icon\PrivacyIconClient.exe" -startup
mRun: [LogMeIn GUI] "c:\program files\logmein\x86\LogMeInSystray.exe"
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
dRunOnce: [SPReview] "c:\windows\system32\spreview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\micros~1\office11\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 10.0.0.1
TCP: Interfaces\{DAABFE73-7357-426A-A369-26735FD72D2A} : DHCPNameServer = 10.0.0.1
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs= IESearchPlugin32.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\37.0.2062.124\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
============= SERVICES / DRIVERS ===============
.
R0 avc3;avc3;c:\windows\system32\drivers\avc3.sys [2014-8-21 633344]
R1 bdfwfpf;bdfwfpf;c:\program files\bitdefender\antivirus free edition\bdfwfpf.sys [2014-8-21 108008]
R1 gzflt;gzflt;c:\windows\system32\drivers\gzflt.sys [2014-8-21 164952]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
R2 gzserv;Bitdefender Antivirus Free Edition;c:\program files\bitdefender\antivirus free edition\gzserv.exe [2014-8-21 57520]
R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\logmein\x86\LMIGuardianSvc.exe [2013-8-2 375120]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\logmein\x86\rainfo.sys [2008-7-24 13624]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2013-8-2 47640]
R2 pdfcDispatcher;PDF Document Manager;c:\program files\pdf complete\pdfsvc.exe [2010-12-21 635416]
R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-4-17 11032]
R2 UNS;Intel® Management and Security Application User Notification Service;c:\program files\common files\intel\privacy icon\uns\UNS.exe [2010-12-21 2066968]
R3 e1kexpress;Intel® Network Connections Driver K;c:\windows\system32\drivers\e1k6232.sys [2013-10-1 369416]
S3 avckf;avckf;c:\windows\system32\drivers\avckf.sys [2014-8-21 486536]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 hitmanpro37;HitmanPro 3.7 Support Driver;c:\windows\system32\drivers\hitmanpro37.sys [2014-8-21 30976]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2013-8-5 14848]
S3 StorSvc;Storage Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2013-11-15 49152]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2013-7-21 1343400]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2008-5-6 11520]
.
=============== Created Last 30 ================
.
2014-10-15 11:30:11 62576 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{4c3273b4-79ce-4ced-9219-972a8d515bcd}\offreg.dll
2014-10-15 10:59:17 8806800 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{4c3273b4-79ce-4ced-9219-972a8d515bcd}\mpengine.dll
2014-10-10 03:20:41 0 ----a-w- c:\windows\system32\kmusqdm.dll
2014-10-10 03:18:57 49152 ----a-w- c:\windows\system32\napzj.dll
2014-10-01 10:11:01 519680 ----a-w- c:\windows\system32\qdvd.dll
2014-10-01 02:31:18 -------- d--h--w- c:\programdata\{D9E629DC-CB1C-4A97-9900-81922B4EFFD4}
2014-09-23 22:05:31 2048 ----a-w- c:\windows\system32\tzres.dll
2014-09-20 19:07:40 24832 ----a-w- c:\windows\system32\drivers\lgusbmodem.sys
2014-09-20 19:07:40 19968 ----a-w- c:\windows\system32\drivers\lgusbdiag.sys
2014-09-20 19:07:40 13056 ----a-w- c:\windows\system32\drivers\lgusbbus.sys
2014-09-20 19:07:40 -------- d-----w- c:\program files\LG Electronics
2014-09-20 19:07:24 77824 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\ctor.dll
2014-09-20 19:07:24 614532 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\IKernel.exe
2014-09-20 19:07:24 32768 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\objectps.dll
2014-09-20 19:07:24 225280 ----a-w- c:\program files\common files\installshield\iscript\iscript.dll
2014-09-20 19:07:24 176128 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\iuser.dll
2014-09-18 20:39:54 -------- d-----w- c:\users\antiebabs\appdata\local\LogMeInIgnition
.
==================== Find3M  ====================
.
2014-10-15 16:01:51 110296 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-10-10 01:44:58 230912 ----a-w- c:\windows\system32\generaltel.dll
2014-10-10 01:44:35 396288 ----a-w- c:\windows\system32\aepdu.dll
2014-10-10 01:39:38 302592 ----a-w- c:\windows\system32\aeinv.dll
2014-09-29 00:41:36 2379264 ----a-w- c:\windows\system32\win32k.sys
2014-09-23 20:57:03 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-09-23 20:57:03 701104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-09-20 03:57:57 1762816 ----a-w- c:\windows\system32\wininet.dll
2014-09-20 03:57:04 2861568 ----a-w- c:\windows\system32\jscript9.dll
2014-09-20 03:57:01 61440 ----a-w- c:\windows\system32\iesetup.dll
2014-09-20 03:57:01 109056 ----a-w- c:\windows\system32\iesysprep.dll
2014-09-20 03:56:33 1440768 ----a-w- c:\windows\system32\inetcpl.cpl
2014-09-20 03:33:44 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2014-09-20 02:35:33 71680 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2014-09-18 01:32:52 2363904 ----a-w- c:\windows\system32\msi.dll
2014-09-15 14:06:04 231568 ------w- c:\windows\system32\MpSigStub.exe
2014-09-13 01:40:05 67072 ----a-w- c:\windows\system32\packager.dll
2014-09-05 01:52:41 5703168 ----a-w- c:\windows\system32\mstscax.dll
2014-09-04 05:04:15 372736 ----a-w- c:\windows\system32\rastls.dll
2014-08-29 01:44:52 2744320 ----a-w- c:\windows\system32\rdpcorets.dll
2014-08-23 01:46:55 305152 ----a-w- c:\windows\system32\gdi32.dll
2014-08-21 17:46:05 210374 ----a-w- c:\programdata\1408642808.bdinstall.bin
2014-08-21 17:39:05 30976 ----a-w- c:\windows\system32\drivers\hitmanpro37.sys
2014-08-21 17:38:00 40242 ----a-w- c:\programdata\1408642668.2812.bin
2014-08-21 17:38:00 2061 ----a-w- c:\programdata\1408642668.2684.bin
2014-08-21 17:36:49 44102 ----a-w- c:\programdata\1408642588.bdinstall.bin
2014-08-19 02:41:38 50176 ----a-w- c:\windows\system32\setbcdlocale.dll
2014-08-19 02:41:22 50688 ----a-w- c:\windows\system32\appidapi.dll
2014-08-19 02:41:22 27648 ----a-w- c:\windows\system32\appidsvc.dll
2014-08-19 02:40:49 96768 ----a-w- c:\windows\system32\appidpolicyconverter.exe
2014-08-19 02:40:49 16896 ----a-w- c:\windows\system32\appidcertstorecheck.exe
2014-08-19 01:48:34 50176 ----a-w- c:\windows\system32\drivers\appid.sys
2014-08-01 11:35:06 793600 ----a-w- c:\windows\system32\TSWorkspace.dll
2014-07-25 07:35:46 875688 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
2014-07-19 12:23:03 86888 ----a-w- c:\windows\system32\LMIRfsClientNP.dll
2014-07-19 12:23:02 53064 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\LMIproc.dll
2014-07-19 12:23:01 85832 ----a-w- c:\windows\system32\LMIinit.dll
2014-07-19 12:23:01 31560 ----a-w- c:\windows\system32\LMIport.dll
.
============= FINISH: 11:32:16.92 ===============
 

Attached Files



BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 39,586 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:29 PM

Posted 20 October 2014 - 09:00 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Download the version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
===

Please paste the logs in your next reply DO NOT ATTACH THEM unless specified.
To attach a file select the "More Reply Option" and follow the instructions.

Wait for further instructions.

#3 woch2331

woch2331
  • Topic Starter

  • Members
  • 91 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:29 PM

Posted 21 October 2014 - 09:32 PM

As requested:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 21-10-2014
Ran by Antiebabs (administrator) on ANTIEBABS-HP on 21-10-2014 21:24:53
Running from C:\Users\Antiebabs\Desktop\Mike - Scan Info
Loaded Profiles: Antiebabs & LogMeInRemoteUser (Available profiles: Antiebabs & LogMeInRemoteUser)
Platform: Microsoft Windows 7 Professional  Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 10
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
(InterVideo) C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn\x86\ramaint.exe
(Intel Corporation) C:\Program Files\Intel\AMT\LMS.exe
(PDF Complete Inc) C:\Program Files\PDF Complete\pdfsvc.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Intel Corporation) C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Microsoft Corporation) C:\Windows\System32\regsvr32.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(LogMeIn, Inc.) C:\Program Files\LogMeIn\x86\LogMeIn.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(LogMeIn, Inc.) C:\Program Files\LogMeIn\x86\LogMeIn.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\update.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Users\Antiebabs\AppData\LocalLow\WhiskySoftware\vjqailxw\yeltptszlit\Equgojcdp.exe
(Google Inc.) C:\Users\Antiebabs\AppData\LocalLow\WhiskySoftware\vjqailxw\yeltptszlit\Equgojcdp.exe
(Google Inc.) C:\Users\Antiebabs\AppData\LocalLow\WhiskySoftware\vjqailxw\yeltptszlit\Equgojcdp.exe
(Google Inc.) C:\Users\Antiebabs\AppData\LocalLow\WhiskySoftware\vjqailxw\yeltptszlit\Equgojcdp.exe
(Google Inc.) C:\Users\Antiebabs\AppData\LocalLow\WhiskySoftware\vjqailxw\yeltptszlit\Equgojcdp.exe
(Google Inc.) C:\Users\Antiebabs\AppData\LocalLow\WhiskySoftware\vjqailxw\yeltptszlit\Equgojcdp.exe
(Google Inc.) C:\Users\Antiebabs\AppData\LocalLow\WhiskySoftware\vjqailxw\yeltptszlit\Equgojcdp.exe
(Google Inc.) C:\Users\Antiebabs\AppData\LocalLow\WhiskySoftware\vjqailxw\yeltptszlit\Equgojcdp.exe
(Google Inc.) C:\Users\Antiebabs\AppData\LocalLow\WhiskySoftware\vjqailxw\yeltptszlit\Equgojcdp.exe
(Google Inc.) C:\Users\Antiebabs\AppData\LocalLow\WhiskySoftware\vjqailxw\yeltptszlit\Equgojcdp.exe
(Google Inc.) C:\Users\Antiebabs\AppData\LocalLow\WhiskySoftware\vjqailxw\yeltptszlit\Equgojcdp.exe
(Google Inc.) C:\Users\Antiebabs\AppData\LocalLow\WhiskySoftware\vjqailxw\yeltptszlit\Equgojcdp.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7596576 2009-07-02] (Realtek Semiconductor)
HKLM\...\Run: [picon] => C:\Program Files\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe [796696 2009-07-24] (Intel Corporation)
HKLM\...\Run: [LogMeIn GUI] => C:\Program Files\LogMeIn\x86\LogMeInSystray.exe [63048 2008-07-24] (LogMeIn, Inc.)
HKLM\...\Run: [TelevisionFanatic AppIntegrator 32-bit] => C:\PROGRA~1\TELEVI~2\bar\1.bin\AppIntegrator.exe
HKU\S-1-5-21-127378507-629014918-4234696336-1002\...\Run: [caoneey] => regsvr32.exe /s "C:\Users\Antiebabs\AppData\Local\PDFC\caoneey.dll" <===== ATTENTION
HKU\S-1-5-21-127378507-629014918-4234696336-1002\...\Run: [SlimCleaner Plus] => "C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe" /minimize
HKU\S-1-5-21-127378507-629014918-4234696336-1002\...\MountPoints2: {6e90266b-4acd-11e2-aeae-806e6f6e6963} - E:\setup\autorun\autorun.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2013-07-24] (Microsoft Corporation)
AppInit_DLLs: IESearchPlugin32.dll => IESearchPlugin32.dll File Not Found
IFEO\ehshell.exe: [Debugger] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe" -MceShellRedirect
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKCU - (No Name) - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} -  No File
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {a5b9c0f5-5616-47cd-a95f-e43b488faccf} URL = http://search.tb.ask.com/search/GGmain.jhtml?p2=^XP^xdm307^S10970^us&si=CPjI28r4ucECFStgMgodTRoAng&ptb=27B0BF22-1F27-4CB8-8614-C053DFADB3DA&psa=&ind=2014101920&st=sb&n=780cc1a0&searchfor={searchTerms}
SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMDTDF
SearchScopes: HKCU - DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL =
SearchScopes: HKCU - {77C538F4-8ACD-42F6-B228-63B217BA524E} URL = http://search.yahoo.com/search?p={searchTerms}&ei=UTF-8&fr=w3i&type=W3i_DS,136,0_0,Search,20140102,20028,0,25,0
SearchScopes: HKCU - {a5b9c0f5-5616-47cd-a95f-e43b488faccf} URL = http://search.tb.ask.com/search/GGmain.jhtml?p2=^XP^xdm307^S10970^us&si=CPjI28r4ucECFStgMgodTRoAng&ptb=27B0BF22-1F27-4CB8-8614-C053DFADB3DA&psa=&ind=2014101920&st=sb&n=780cc1a0&searchfor={searchTerms}
BHO: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} ->  No File
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.1

FireFox:
========
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Antiebabs\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Antiebabs\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-20]
CHR Extension: (Google Drive) - C:\Users\Antiebabs\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-20]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Antiebabs\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-15]
CHR Extension: (YouTube) - C:\Users\Antiebabs\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-20]
CHR Extension: (Google Search) - C:\Users\Antiebabs\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-20]
CHR Extension: (Google Wallet) - C:\Users\Antiebabs\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-20]
CHR Extension: (Gmail) - C:\Users\Antiebabs\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-20]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 gzserv; C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [57520 2013-10-23] (Bitdefender)
R2 pdfcDispatcher; C:\Program Files\PDF Complete\pdfsvc.exe [635416 2009-06-18] (PDF Complete Inc)
R2 UNS; C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2066968 2009-07-24] (Intel Corporation)
S2 HP Health Check Service; "C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe" [X]
S3 hpqwmiex; "C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [633344 2013-04-17] (BitDefender)
S3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [486536 2013-04-17] (BitDefender)
R1 bdfwfpf; C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [108008 2013-07-02] (Bitdefender SRL)
R1 bdselfpr; C:\Program Files\Bitdefender\Antivirus Free Edition\bdselfpr.sys [135472 2013-07-16] (BitDefender LLC)
R3 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [164952 2013-04-22] (BitDefender LLC)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [30976 2014-08-21] ()
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [355744 2013-05-28] (BitDefender S.R.L.)
S3 usbbus; C:\Windows\System32\DRIVERS\lgusbbus.sys [13056 2008-11-11] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgusbdiag.sys [19968 2008-11-11] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgusbmodem.sys [24832 2008-11-11] (LG Electronics Inc.)
S4 LMIRfsClientNP; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-21 21:24 - 2014-10-21 21:25 - 00000000 ____D () C:\FRST
2014-10-21 21:14 - 2014-10-19 19:10 - 01037896 _____ (Mindspark) C:\Program Files\64Uninstall TelevisionFanatic.dll
2014-10-21 21:14 - 2014-10-19 19:10 - 00196496 _____ (Mindspark) C:\Program Files\64res.dll
2014-10-21 21:10 - 2014-10-21 21:24 - 00000000 ____D () C:\Users\Antiebabs\Desktop\Mike - Scan Info
2014-10-20 17:15 - 2014-10-20 17:15 - 00049152 _____ () C:\Windows\system32\napzj.dll.135991.gzquar
2014-10-20 17:11 - 2014-10-21 21:17 - 00000374 _____ () C:\Windows\Tasks\SlimCleaner Plus (Scheduled Scan - Antiebabs).job
2014-10-20 17:11 - 2014-10-21 21:13 - 00000000 ____D () C:\Program Files\SlimCleaner Plus
2014-10-20 17:11 - 2014-10-20 17:11 - 00000000 ____D () C:\ProgramData\SlimWare Utilities Inc
2014-10-20 17:10 - 2014-10-20 17:10 - 00000000 ____D () C:\Users\Antiebabs\AppData\Local\Downloaded Installers
2014-10-19 19:10 - 2014-10-19 19:10 - 00000000 ____D () C:\Users\Antiebabs\AppData\Local\IAC
2014-10-18 14:16 - 2014-10-21 21:21 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cfeb07fac18c25.job
2014-10-18 14:16 - 2014-10-21 21:17 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cfeb07f7608435.job
2014-10-15 11:32 - 2014-10-15 11:33 - 00012206 _____ () C:\Users\Antiebabs\Documents\DDS.txt
2014-10-15 11:28 - 2014-10-15 11:28 - 00688992 _____ (Swearware) C:\Users\Antiebabs\Downloads\dds (1).com
2014-10-15 11:26 - 2014-10-15 11:26 - 00688992 ____R (Swearware) C:\Users\Antiebabs\Downloads\dds.com
2014-10-15 05:48 - 2014-09-17 20:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-15 05:48 - 2014-09-12 20:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-15 05:48 - 2014-08-18 21:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2014-10-15 05:48 - 2014-08-18 21:41 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2014-10-15 05:48 - 2014-08-18 21:41 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2014-10-15 05:48 - 2014-08-18 21:40 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2014-10-15 05:48 - 2014-08-18 21:40 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2014-10-15 05:48 - 2014-08-18 20:48 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2014-10-15 05:48 - 2014-07-06 20:40 - 11411456 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-10-15 05:48 - 2014-07-06 20:40 - 03208704 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-10-15 05:48 - 2014-07-06 20:40 - 01329664 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-10-15 05:48 - 2014-07-06 20:40 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-10-15 05:48 - 2014-07-06 20:40 - 01005056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2014-10-15 05:48 - 2014-07-06 20:40 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2014-10-15 05:48 - 2014-07-06 20:40 - 00744960 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2014-10-15 05:48 - 2014-07-06 20:40 - 00617984 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2014-10-15 05:48 - 2014-07-06 20:40 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2014-10-15 05:48 - 2014-07-06 20:40 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2014-10-15 05:48 - 2014-07-06 20:40 - 00473600 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-10-15 05:48 - 2014-07-06 20:40 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-10-15 05:48 - 2014-07-06 20:40 - 00406016 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2014-10-15 05:48 - 2014-07-06 20:40 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-10-15 05:48 - 2014-07-06 20:40 - 00354816 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-10-15 05:48 - 2014-07-06 20:40 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-10-15 05:48 - 2014-07-06 20:40 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2014-10-15 05:48 - 2014-07-06 20:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-10-15 05:48 - 2014-07-06 20:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-10-15 05:48 - 2014-07-06 20:40 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2014-10-15 05:48 - 2014-07-06 20:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-10-15 05:48 - 2014-07-06 20:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-10-15 05:48 - 2014-07-06 20:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2014-10-15 05:48 - 2014-07-06 20:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2014-10-15 05:48 - 2014-07-06 20:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-10-15 05:48 - 2014-07-06 20:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-10-15 05:48 - 2014-07-06 20:39 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-10-15 05:48 - 2014-07-06 20:39 - 03970488 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2014-10-15 05:48 - 2014-07-06 20:39 - 03914680 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-10-15 05:48 - 2014-07-06 20:39 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-10-15 05:48 - 2014-07-06 20:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-10-15 05:48 - 2014-07-06 20:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-10-15 05:48 - 2014-07-06 20:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-10-15 05:48 - 2014-07-06 20:28 - 00593920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2014-10-15 05:48 - 2014-06-27 19:21 - 00521384 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-10-15 05:48 - 2014-06-27 19:21 - 00455752 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-10-15 05:48 - 2014-06-27 19:21 - 00409272 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-10-15 05:48 - 2014-06-18 17:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-15 05:48 - 2014-06-18 17:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-15 05:48 - 2014-06-18 17:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-15 05:47 - 2014-10-09 20:44 - 00396288 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-15 05:47 - 2014-10-09 20:44 - 00230912 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-15 05:47 - 2014-10-09 20:39 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-15 05:47 - 2014-09-28 19:41 - 02379264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-15 05:47 - 2014-09-19 22:58 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-15 05:47 - 2014-09-19 22:57 - 14368768 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-15 05:47 - 2014-09-19 22:57 - 13757952 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-15 05:47 - 2014-09-19 22:57 - 02861568 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-15 05:47 - 2014-09-19 22:57 - 02055168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-15 05:47 - 2014-09-19 22:57 - 01762816 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-15 05:47 - 2014-09-19 22:57 - 01180672 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-15 05:47 - 2014-09-19 22:57 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-10-15 05:47 - 2014-09-19 22:57 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-15 05:47 - 2014-09-19 22:57 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-15 05:47 - 2014-09-19 22:57 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-15 05:47 - 2014-09-19 22:57 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-15 05:47 - 2014-09-19 22:57 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-10-15 05:47 - 2014-09-19 22:57 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-15 05:47 - 2014-09-19 22:57 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-15 05:47 - 2014-09-19 22:57 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-15 05:47 - 2014-09-19 22:57 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-15 05:47 - 2014-09-19 22:56 - 01440768 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-15 05:47 - 2014-09-19 22:56 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-15 05:47 - 2014-09-19 22:56 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-15 05:47 - 2014-09-19 22:33 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-15 05:47 - 2014-09-19 21:35 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-10-15 05:47 - 2014-09-04 20:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-15 05:47 - 2014-09-04 00:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-15 05:47 - 2014-08-28 20:44 - 02744320 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-15 05:47 - 2014-07-16 20:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-15 05:47 - 2014-07-16 20:39 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-15 05:47 - 2014-07-16 20:39 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-15 05:47 - 2014-07-16 20:39 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-15 05:47 - 2014-07-16 20:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-15 05:47 - 2014-07-16 20:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-15 05:47 - 2014-07-16 20:03 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-15 05:47 - 2014-07-16 20:02 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-11 13:14 - 2014-10-11 13:14 - 00000028 _____ () C:\Windows\system32\u
2014-10-09 22:20 - 2014-10-09 22:20 - 00000000 _____ () C:\Windows\system32\kmusqdm.dll
2014-10-01 05:11 - 2014-09-24 20:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-09-30 21:31 - 2014-10-21 21:17 - 00000000 ___HD () C:\ProgramData\{D9E629DC-CB1C-4A97-9900-81922B4EFFD4}
2014-09-23 17:05 - 2014-09-09 16:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-21 21:19 - 2010-12-21 23:37 - 01357190 _____ () C:\Windows\WindowsUpdate.log
2014-10-21 21:18 - 2014-01-28 00:10 - 00000855 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Client.lnk
2014-10-21 21:18 - 2014-01-28 00:10 - 00000839 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Control Panel.lnk
2014-10-21 21:17 - 2014-01-20 18:42 - 00000888 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-21 21:17 - 2009-07-13 23:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-21 21:17 - 2009-07-13 23:39 - 00053053 _____ () C:\Windows\setupact.log
2014-10-21 21:16 - 2012-12-20 12:48 - 00863592 _____ () C:\Windows\PFRO.log
2014-10-21 21:15 - 2013-08-02 22:49 - 00000000 ____D () C:\ProgramData\LogMeIn
2014-10-21 21:15 - 2009-07-13 23:34 - 00021680 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-21 21:15 - 2009-07-13 23:34 - 00021680 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-20 17:11 - 2013-08-02 22:43 - 00000000 ____D () C:\Users\Antiebabs\AppData\Local\Slimware Utilities Inc
2014-10-20 08:19 - 2013-08-02 22:19 - 00000000 ____D () C:\Users\Antiebabs\AppData\Local\PDFC
2014-10-19 08:55 - 2009-07-13 23:52 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-10-17 10:21 - 2009-07-13 21:37 - 00000000 ____D () C:\Windows\rescache
2014-10-15 22:15 - 2014-01-20 18:42 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-15 21:57 - 2013-08-03 09:19 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-15 14:31 - 2009-07-13 21:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-10-15 11:01 - 2014-08-09 21:34 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-15 06:12 - 2009-07-13 23:46 - 00001515 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-10-15 06:09 - 2009-07-13 23:33 - 00403920 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-15 06:06 - 2014-04-29 05:46 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-15 05:59 - 2013-08-05 05:38 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-15 05:53 - 2013-07-20 07:04 - 100290944 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-14 21:21 - 2013-08-02 22:54 - 00019509 _____ () C:\Users\Antiebabs\Documents\outlook express.txt
2014-10-08 05:49 - 2013-08-02 22:40 - 00000131 _____ () C:\Windows\CRC.INI
2014-10-08 05:46 - 2013-08-02 22:25 - 00000000 ____D () C:\ProgramData\TEMP
2014-10-08 05:45 - 2013-08-02 22:25 - 00000000 ____D () C:\Program Files\SpywareBlaster
2014-10-08 05:30 - 2009-07-13 21:37 - 00000000 ____D () C:\Windows\Branding
2014-10-02 15:53 - 2013-07-20 06:50 - 00231568 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-23 15:57 - 2013-08-03 09:19 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-09-23 15:57 - 2013-08-03 09:19 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

Some content of TEMP:
====================
C:\Users\Antiebabs\AppData\Local\Temp\MouseKeyboardCenterx86_1033.exe
C:\Users\Antiebabs\AppData\Local\Temp\MSNC0F0.exe
C:\Users\Antiebabs\AppData\Local\Temp\SlimCleanerPlus.x86.exe
C:\Users\Antiebabs\AppData\Local\Temp\vlc-2.0.7-win32.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-10-06 00:37

==================== End Of Log ============================

Attached Files



#4 nasdaq

nasdaq

  • Malware Response Team
  • 39,586 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:29 PM

Posted 22 October 2014 - 10:20 AM

--RogueKiller--
  • Download & SAVE to your Desktop For 32bit system or For 64bit system
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller+
=======

Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.
start

HKLM\...\Run: [TelevisionFanatic AppIntegrator 32-bit] => C:\PROGRA~1\TELEVI~2\bar\1.bin\AppIntegrator.exe
HKU\S-1-5-21-127378507-629014918-4234696336-1002\...\Run: [caoneey] => regsvr32.exe /s "C:\Users\Antiebabs\AppData\Local\PDFC\caoneey.dll" <===== ATTENTION
AppInit_DLLs: IESearchPlugin32.dll => IESearchPlugin32.dll File Not Found
IFEO\ehshell.exe: [Debugger] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe" -MceShellRedirect
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
URLSearchHook: HKCU - (No Name) - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} -  No File
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {a5b9c0f5-5616-47cd-a95f-e43b488faccf} URL = http://search.tb.ask.com/search/GGmain.jhtml?p2=^XP^xdm307^S10970^us&si=CPjI28r4ucECFStgMgodTRoAng&ptb=27B0BF22-1F27-4CB8-8614-C053DFADB3DA&psa=&ind=2014101920&st=sb&n=780cc1a0&searchfor={searchTerms}
SearchScopes: HKCU - {a5b9c0f5-5616-47cd-a95f-e43b488faccf} URL = http://search.tb.ask.com/search/GGmain.jhtml?p2=^XP^xdm307^S10970^us&si=CPjI28r4ucECFStgMgodTRoAng&ptb=27B0BF22-1F27-4CB8-8614-C053DFADB3DA&psa=&ind=2014101920&st=sb&n=780cc1a0&searchfor={searchTerms}
BHO: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} ->  No File
FF Plugin: @microsoft.com/GENUINE -> disabled No File
S2 HP Health Check Service; "C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe" [X]
S3 hpqwmiex; "C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe" [X]
S4 LMIRfsClientNP; No ImagePath
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34

End
Save the files as fixlist.txt into the same folder as FRST

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log Fixlog.txt please post it to your reply.
===

How is the computer running now?

#5 woch2331

woch2331
  • Topic Starter

  • Members
  • 91 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:29 PM

Posted 22 October 2014 - 08:31 PM

Computer appears top be running better.

Not seeing multiple instances of IE in Task Manager

After reboot, the speakers are still set to 'muted' mode.

 

As requested:

 

RougeKiller

*******************************************************************

RogueKiller V10.0.3.0 [Oct 22 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Started in : Normal mode
User : Antiebabs [Administrator]
Mode : Delete -- Date : 10/22/2014  20:00:21

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 13 ¤¤¤
[PUP] HKEY_CLASSES_ROOT\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D} -> Not selected
[PUP] HKEY_CLASSES_ROOT\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472} -> Not selected
[PUP] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670} -> Not selected
[PUM.Dns] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.1  -> Not selected
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.1  -> Not selected
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.1  -> Not selected
[PUM.Dns] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{DAABFE73-7357-426A-A369-26735FD72D2A} | DhcpNameServer : 10.0.0.1  -> Not selected
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{DAABFE73-7357-426A-A369-26735FD72D2A} | DhcpNameServer : 10.0.0.1  -> Not selected
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{DAABFE73-7357-426A-A369-26735FD72D2A} | DhcpNameServer : 10.0.0.1  -> Not selected
[PUM.Policies] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0  -> Not selected
[PUM.StartMenu] HKEY_USERS\S-1-5-21-127378507-629014918-4234696336-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0  -> Not selected
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> Not selected
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> Not selected

¤¤¤ Tasks : 2 ¤¤¤
[Suspicious.Path] \\Registration -- "C:\Program Files\Hewlett-Packard\HP Setup\RemEngine.exe" (Registration ShowMessageTask2D) -> Deleted
[Suspicious.Path] \\{B875304A-659B-417A-9A15-406D49B2C8F1} -- C:\Users\Antiebabs\Desktop\HP 932\930-enu-xpinfu.exe -> Deleted

¤¤¤ Files : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: Hitachi HDS721025CLA382 +++++
--- User ---
[MBR] 5c4c89907e80df2e0ebe558760ad7e13
[BSP] f1e483ae528323c8b234198106633591 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 2047 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 4194304 | Size: 229257 MB
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 473712640 | Size: 7160 MB
User = LL1 ... OK
User = LL2 ... OK

============================================
RKreport_SCN_10222014_195852.log

 

 

 

 

Fixlog.txt

*******************************************************************

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 22-10-2014
Ran by Antiebabs at 2014-10-22 20:03:23 Run:1
Running from C:\Users\Antiebabs\Desktop\Bleeping Computer
Loaded Profiles: Antiebabs & LogMeInRemoteUser (Available profiles: Antiebabs & LogMeInRemoteUser)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
start

HKLM\...\Run: [TelevisionFanatic AppIntegrator 32-bit] => C:\PROGRA~1\TELEVI~2\bar\1.bin\AppIntegrator.exe
HKU\S-1-5-21-127378507-629014918-4234696336-1002\...\Run: [caoneey] => regsvr32.exe /s "C:\Users\Antiebabs\AppData\Local\PDFC\caoneey.dll" <===== ATTENTION
AppInit_DLLs: IESearchPlugin32.dll => IESearchPlugin32.dll File Not Found
IFEO\ehshell.exe: [Debugger] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe" -MceShellRedirect
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
URLSearchHook: HKCU - (No Name) - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} -  No File
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {a5b9c0f5-5616-47cd-a95f-e43b488faccf} URL = http://search.tb.ask.com/search/GGmain.jhtml?p2=^XP^xdm307^S10970^us&si=CPjI28r4ucECFStgMgodTRoAng&ptb=27B0BF22-1F27-4CB8-8614-C053DFADB3DA&psa=&ind=2014101920&st=sb&n=780cc1a0&searchfor={searchTerms}
SearchScopes: HKCU - {a5b9c0f5-5616-47cd-a95f-e43b488faccf} URL = http://search.tb.ask.com/search/GGmain.jhtml?p2=^XP^xdm307^S10970^us&si=CPjI28r4ucECFStgMgodTRoAng&ptb=27B0BF22-1F27-4CB8-8614-C053DFADB3DA&psa=&ind=2014101920&st=sb&n=780cc1a0&searchfor={searchTerms}
BHO: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} ->  No File
FF Plugin: @microsoft.com/GENUINE -> disabled No File
S2 HP Health Check Service; "C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe" [X]
S3 hpqwmiex; "C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe" [X]
S4 LMIRfsClientNP; No ImagePath
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34

End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\TelevisionFanatic AppIntegrator 32-bit => Value not found.
HKU\S-1-5-21-127378507-629014918-4234696336-1002\Software\Microsoft\Windows\CurrentVersion\Run\\caoneey => Value not found.
"IESearchPlugin32.dll" => Value Data removed successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\ehshell.exe" => Key deleted successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => Key deleted successfully.
"HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}" => Key not found.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{81017EA9-9AA8-4A6A-9734-7AF40E7D593F} => value deleted successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
"HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{a5b9c0f5-5616-47cd-a95f-e43b488faccf}" => Key deleted successfully.
"HKCR\CLSID\{a5b9c0f5-5616-47cd-a95f-e43b488faccf}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{a5b9c0f5-5616-47cd-a95f-e43b488faccf}" => Key deleted successfully.
"HKCR\CLSID\{a5b9c0f5-5616-47cd-a95f-e43b488faccf}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}" => Key deleted successfully.
"HKCR\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}" => Key not found.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
HP Health Check Service => Service deleted successfully.
hpqwmiex => Service deleted successfully.
LMIRfsClientNP => Service deleted successfully.
C:\ProgramData\TEMP => ":5C321E34" ADS removed successfully.

==== End of Fixlog ====



#6 woch2331

woch2331
  • Topic Starter

  • Members
  • 91 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:29 PM

Posted 23 October 2014 - 05:11 AM

Update:

 

1. Speakers still muted after reboot

2. Home page reverts back to: about;blank after reboot



#7 nasdaq

nasdaq

  • Malware Response Team
  • 39,586 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:29 PM

Posted 23 October 2014 - 10:03 AM

Speakers still muted after reboot

Open your Control panel and select the Sound option.

Change some of the setting and hit the apply button.
Any luck in getting the sound back?
===

Home page reverts back to: about;blank after reboot

Look at the setting in the Default browser.

If you are unable to change it let me know which browser you normally use.

#8 woch2331

woch2331
  • Topic Starter

  • Members
  • 91 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:29 PM

Posted 23 October 2014 - 01:54 PM

Sorry, I should have given more details.

 

1) Currently using IE v10. I change the Home Page through the Internet Options > General tab. I set it to www.google.com, but then it was changing back to the about: blank option. With the last several reboot attempts, the home page is not changing at this time.

 

2) The speakers are muted in the System Tray. I click on the icon and uncheck the mute option. Speakers then function properly. After reboot, the speakers are again muted. This action has not varied.


Edited by woch2331, 23 October 2014 - 01:54 PM.


#9 nasdaq

nasdaq

  • Malware Response Team
  • 39,586 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:29 PM

Posted 24 October 2014 - 07:25 AM

The speakers are muted in the System Tray. I click on the icon and uncheck the mute option. Speakers then function properly. After reboot, the speakers are again muted. This action has not varied.


Try this.
Open your Control Panel > Sound
Select the Sound Tab.

Add one item to the sound list

Click the Apply button.

Restart the computer normally.

How is it now?

#10 woch2331

woch2331
  • Topic Starter

  • Members
  • 91 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:29 PM

Posted 24 October 2014 - 08:06 AM

Not sure what you mean by 'sound list'.

There is a drop-down list for Sound Schemes and also a listing for Program Event with corresponding sounds.

I unchecked the 'Play Windows Startup sound', clicked Apply, then OK.

I unmuted the speakers from the System Tray, then rebooted.

 

After reboot the speakers are again muted.



#11 nasdaq

nasdaq

  • Malware Response Team
  • 39,586 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:29 PM

Posted 24 October 2014 - 08:23 AM

We will check your BIOS and Master boot record.

Read carefully and follow these steps.
TDSS
  • Download TDSSKiller and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application.
  • Then click on Start Scan.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.

    TDSSKillerSuspicious-1.png
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • Important: Do NOT change the default action on your own unless instructed by a malware Helper! Doing so may render your computer unbootable.
    TDSSKillerMal-1.png
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.

    TDSSKillerCompleted.png
  • If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.
===

Download http://public.avast.com/~gmerek/aswMBR.exe (aswMBR.exe) to your desktop. Double click the aswMBR.exe to run it.
  • Click the "Scan" button to start scan.
  • Upon completion of the scan, click Save log, and save it to your desktop. (Note - do not select any Fix at this time) <- IMPORTANT
  • Please paste the contents of that log in your next reply.
There shall also be a file on your desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) folder. Please attach that zipped file in your next reply.
===

Wait for further instructions.

#12 woch2331

woch2331
  • Topic Starter

  • Members
  • 91 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:29 PM

Posted 24 October 2014 - 09:03 AM

Rebooted after scans were completed

Speaker icon still is muted after reboot.

 

 

Downloaded Kaspersky TDSS Killer

Scan Completed

No threats found

No reboot required

 

Log file:

08:35:40.0859 0x0e4c  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
08:35:46.0754 0x0e4c  ============================================================
08:35:46.0754 0x0e4c  Current date / time: 2014/10/24 08:35:46.0754
08:35:46.0754 0x0e4c  SystemInfo:
08:35:46.0754 0x0e4c 
08:35:46.0754 0x0e4c  OS Version: 6.1.7601 ServicePack: 1.0
08:35:46.0754 0x0e4c  Product type: Workstation
08:35:46.0754 0x0e4c  ComputerName: ANTIEBABS-HP
08:35:46.0754 0x0e4c  UserName: Antiebabs
08:35:46.0754 0x0e4c  Windows directory: C:\Windows
08:35:46.0754 0x0e4c  System windows directory: C:\Windows
08:35:46.0755 0x0e4c  Processor architecture: Intel x86
08:35:46.0755 0x0e4c  Number of processors: 2
08:35:46.0755 0x0e4c  Page size: 0x1000
08:35:46.0755 0x0e4c  Boot type: Normal boot
08:35:46.0755 0x0e4c  ============================================================
08:35:47.0008 0x0e4c  KLMD registered as C:\Windows\system32\drivers\13580321.sys
08:35:47.0391 0x0e4c  System UUID: {DD2658A5-DA28-F0E7-83E7-363CB343D0F4}
08:35:47.0751 0x0e4c  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
08:35:47.0752 0x0e4c  ============================================================
08:35:47.0752 0x0e4c  \Device\Harddisk0\DR0:
08:35:47.0753 0x0e4c  MBR partitions:
08:35:47.0753 0x0e4c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3FF800
08:35:47.0753 0x0e4c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x400000, BlocksNum 0x1BFC4800
08:35:47.0753 0x0e4c  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1C3C4800, BlocksNum 0xDFC000
08:35:47.0753 0x0e4c  ============================================================
08:35:47.0769 0x0e4c  C: <-> \Device\Harddisk0\DR0\Partition2
08:35:47.0823 0x0e4c  D: <-> \Device\Harddisk0\DR0\Partition3
08:35:47.0823 0x0e4c  ============================================================
08:35:47.0823 0x0e4c  Initialize success
08:35:47.0823 0x0e4c  ============================================================
08:35:50.0512 0x0da0  ============================================================
08:35:50.0513 0x0da0  Scan started
08:35:50.0513 0x0da0  Mode: Manual;
08:35:50.0513 0x0da0  ============================================================
08:35:50.0513 0x0da0  KSN ping started
08:35:53.0260 0x0da0  KSN ping finished: true
08:35:53.0974 0x0da0  ================ Scan system memory ========================
08:35:53.0974 0x0da0  System memory - ok
08:35:53.0975 0x0da0  ================ Scan services =============================
08:35:54.0122 0x0da0  [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
08:35:54.0125 0x0da0  1394ohci - ok
08:35:54.0190 0x0da0  [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI            C:\Windows\system32\drivers\ACPI.sys
08:35:54.0197 0x0da0  ACPI - ok
08:35:54.0235 0x0da0  [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
08:35:54.0236 0x0da0  AcpiPmi - ok
08:35:54.0285 0x0da0  [ 2637233632CCD1837A1A57A43CAF00A4, 848026C6C9B38FD9F70BC7B2306BF4F5DD395726D4FDD6A18B29354921191DC5 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
08:35:54.0290 0x0da0  AdobeFlashPlayerUpdateSvc - ok
08:35:54.0340 0x0da0  [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
08:35:54.0348 0x0da0  adp94xx - ok
08:35:54.0363 0x0da0  [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
08:35:54.0368 0x0da0  adpahci - ok
08:35:54.0388 0x0da0  [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
08:35:54.0391 0x0da0  adpu320 - ok
08:35:54.0419 0x0da0  [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
08:35:54.0420 0x0da0  AeLookupSvc - ok
08:35:54.0475 0x0da0  [ D0B388DA1D111A34366E04EB4A5DD156, 60D226F027F4025CC032CAFF73A80FAFB5FA75445654FDCF80CA8C0419C6E938 ] AFD             C:\Windows\system32\drivers\afd.sys
08:35:54.0480 0x0da0  AFD - ok
08:35:54.0514 0x0da0  [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\Windows\system32\drivers\agp440.sys
08:35:54.0516 0x0da0  agp440 - ok
08:35:54.0553 0x0da0  [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys
08:35:54.0554 0x0da0  aic78xx - ok
08:35:54.0592 0x0da0  [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG             C:\Windows\System32\alg.exe
08:35:54.0594 0x0da0  ALG - ok
08:35:54.0641 0x0da0  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide          C:\Windows\system32\drivers\aliide.sys
08:35:54.0642 0x0da0  aliide - ok
08:35:54.0680 0x0da0  [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
08:35:54.0682 0x0da0  amdagp - ok
08:35:54.0756 0x0da0  [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide          C:\Windows\system32\drivers\amdide.sys
08:35:54.0757 0x0da0  amdide - ok
08:35:54.0779 0x0da0  [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
08:35:54.0781 0x0da0  AmdK8 - ok
08:35:54.0793 0x0da0  [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
08:35:54.0795 0x0da0  AmdPPM - ok
08:35:54.0815 0x0da0  [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
08:35:54.0817 0x0da0  amdsata - ok
08:35:54.0836 0x0da0  [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
08:35:54.0840 0x0da0  amdsbs - ok
08:35:54.0852 0x0da0  [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
08:35:54.0853 0x0da0  amdxata - ok
08:35:54.0892 0x0da0  [ E499E422412EF37576092A52648DB2B4, 95E9C11258CAF37060242BA4E1170CEDECF3376CF0A9A1E61D46706D7C7F36F8 ] AppID           C:\Windows\system32\drivers\appid.sys
08:35:54.0893 0x0da0  AppID - ok
08:35:54.0908 0x0da0  [ 89B6FA43B68A373B304DFB8F6776B255, 36ABD9AB89CBC7991DE9B04051B26014982953697862BC46EF8AE4ACC2404128 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
08:35:54.0909 0x0da0  AppIDSvc - ok
08:35:54.0951 0x0da0  [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo         C:\Windows\System32\appinfo.dll
08:35:54.0953 0x0da0  Appinfo - ok
08:35:55.0026 0x0da0  [ 221564CC7BE37611FE15EACF443E1BF6, 381BDF17418C779D72332431BA174C2AD76CD9C7C1711FF5142EA9B05D5555E4 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
08:35:55.0027 0x0da0  Apple Mobile Device - ok
08:35:55.0059 0x0da0  [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt         C:\Windows\System32\appmgmts.dll
08:35:55.0062 0x0da0  AppMgmt - ok
08:35:55.0093 0x0da0  [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc             C:\Windows\system32\DRIVERS\arc.sys
08:35:55.0094 0x0da0  arc - ok
08:35:55.0099 0x0da0  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
08:35:55.0101 0x0da0  arcsas - ok
08:35:55.0184 0x0da0  [ 9D768C43FEF254DD50B1DBF8AD5C4C0B, A50854EA5C08605133B8BB4DFDC6090357C5665314AA72E0BFA1E07D4E451F09 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
08:35:55.0186 0x0da0  aspnet_state - ok
08:35:55.0204 0x0da0  [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
08:35:55.0205 0x0da0  AsyncMac - ok
08:35:55.0260 0x0da0  [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi           C:\Windows\system32\drivers\atapi.sys
08:35:55.0261 0x0da0  atapi - ok
08:35:55.0311 0x0da0  [ 9A34927D722AD16841263636A4BF069B, 4A92A84E3E4A8BA9551CFB765D0E6FE50E7CBD5695568FB3A37E1556770A369F ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
08:35:55.0322 0x0da0  AudioEndpointBuilder - ok
08:35:55.0338 0x0da0  [ 9A34927D722AD16841263636A4BF069B, 4A92A84E3E4A8BA9551CFB765D0E6FE50E7CBD5695568FB3A37E1556770A369F ] Audiosrv        C:\Windows\System32\Audiosrv.dll
08:35:55.0346 0x0da0  Audiosrv - ok
08:35:55.0402 0x0da0  [ B5B8FC2C4D520F1F1EED52A980ED5091, 31C853FAC89A145AC999DC779C3865E6DE666229085F3E963C50BD78A980B2D5 ] avc3            C:\Windows\system32\DRIVERS\avc3.sys
08:35:55.0412 0x0da0  avc3 - ok
08:35:55.0436 0x0da0  [ 818E7E029DB594DCB8D6218A7D6FA575, A78A9C9F689C228BF49EB806CDB4EBB88F0FE6E62DF21108ED33F901C5E2A267 ] avckf           C:\Windows\system32\DRIVERS\avckf.sys
08:35:55.0443 0x0da0  avckf - ok
08:35:55.0477 0x0da0  [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV        C:\Windows\System32\AxInstSV.dll
08:35:55.0478 0x0da0  AxInstSV - ok
08:35:55.0515 0x0da0  [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
08:35:55.0523 0x0da0  b06bdrv - ok
08:35:55.0556 0x0da0  [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
08:35:55.0560 0x0da0  b57nd60x - ok
08:35:55.0601 0x0da0  [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC          C:\Windows\System32\bdesvc.dll
08:35:55.0603 0x0da0  BDESVC - ok
08:35:55.0639 0x0da0  [ BC0795019263D9421003008C5211350C, E2B18089784CB1EB6F587137704C960A789C47E8686AA50F9246EA6F10F0A732 ] bdfwfpf         C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys
08:35:55.0641 0x0da0  bdfwfpf - ok
08:35:55.0680 0x0da0  [ 66668490AC6165FDA83089BF71511BF4, ADD6BE1B7ABC91F2B29E996BDA30A2A906E76C50D9D47B5F73A779DF593C78B6 ] bdselfpr        C:\Program Files\Bitdefender\Antivirus Free Edition\bdselfpr.sys
08:35:55.0682 0x0da0  bdselfpr - ok
08:35:55.0714 0x0da0  [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep            C:\Windows\system32\drivers\Beep.sys
08:35:55.0715 0x0da0  Beep - ok
08:35:55.0761 0x0da0  [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE             C:\Windows\System32\bfe.dll
08:35:55.0770 0x0da0  BFE - ok
08:35:55.0814 0x0da0  [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS            C:\Windows\System32\qmgr.dll
08:35:55.0826 0x0da0  BITS - ok
08:35:55.0840 0x0da0  [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
08:35:55.0841 0x0da0  blbdrive - ok
08:35:55.0892 0x0da0  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
08:35:55.0897 0x0da0  Bonjour Service - ok
08:35:55.0930 0x0da0  [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
08:35:55.0931 0x0da0  bowser - ok
08:35:55.0945 0x0da0  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
08:35:55.0946 0x0da0  BrFiltLo - ok
08:35:55.0955 0x0da0  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
08:35:55.0955 0x0da0  BrFiltUp - ok
08:35:55.0985 0x0da0  [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser         C:\Windows\System32\browser.dll
08:35:55.0987 0x0da0  Browser - ok
08:35:56.0016 0x0da0  [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
08:35:56.0022 0x0da0  Brserid - ok
08:35:56.0035 0x0da0  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
08:35:56.0037 0x0da0  BrSerWdm - ok
08:35:56.0045 0x0da0  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
08:35:56.0046 0x0da0  BrUsbMdm - ok
08:35:56.0056 0x0da0  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
08:35:56.0057 0x0da0  BrUsbSer - ok
08:35:56.0069 0x0da0  [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
08:35:56.0071 0x0da0  BTHMODEM - ok
08:35:56.0098 0x0da0  [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv         C:\Windows\system32\bthserv.dll
08:35:56.0100 0x0da0  bthserv - ok
08:35:56.0116 0x0da0  [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
08:35:56.0118 0x0da0  cdfs - ok
08:35:56.0163 0x0da0  [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom           C:\Windows\system32\drivers\cdrom.sys
08:35:56.0166 0x0da0  cdrom - ok
08:35:56.0202 0x0da0  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc     C:\Windows\System32\certprop.dll
08:35:56.0204 0x0da0  CertPropSvc - ok
08:35:56.0232 0x0da0  [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
08:35:56.0234 0x0da0  circlass - ok
08:35:56.0264 0x0da0  [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS            C:\Windows\system32\CLFS.sys
08:35:56.0271 0x0da0  CLFS - ok
08:35:56.0334 0x0da0  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:35:56.0336 0x0da0  clr_optimization_v2.0.50727_32 - ok
08:35:56.0360 0x0da0  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:35:56.0363 0x0da0  clr_optimization_v4.0.30319_32 - ok
08:35:56.0373 0x0da0  [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
08:35:56.0374 0x0da0  CmBatt - ok
08:35:56.0416 0x0da0  [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
08:35:56.0417 0x0da0  cmdide - ok
08:35:56.0448 0x0da0  [ 85449EEBE8F8EBD6481EFBF0F352B4EB, E6FF04970C5A5BFDE7297A86C1C7B9BFE2E0F976A1A1AFB874CEB488DC6151CC ] CNG             C:\Windows\system32\Drivers\cng.sys
08:35:56.0455 0x0da0  CNG - ok
08:35:56.0476 0x0da0  [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
08:35:56.0477 0x0da0  Compbatt - ok
08:35:56.0519 0x0da0  [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
08:35:56.0520 0x0da0  CompositeBus - ok
08:35:56.0535 0x0da0  COMSysApp - ok
08:35:56.0560 0x0da0  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
08:35:56.0561 0x0da0  crcdisk - ok
08:35:56.0627 0x0da0  [ 623E143F2DF17C0106A9988F5D7DC878, 9DA30262FF22FA9F1DB247CB3B4A2892D79730EF0ECC9589D399D24B4F58E565 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
08:35:56.0631 0x0da0  CryptSvc - ok
08:35:56.0674 0x0da0  [ 3C2177A897B4CA2788C6FB0C3FD81D4B, 98575CBD0664586E6211D02E71BDD52CBAA149A1658573550E29E74E5F7B1553 ] CSC             C:\Windows\system32\drivers\csc.sys
08:35:56.0686 0x0da0  CSC - ok
08:35:56.0733 0x0da0  [ 15F93B37F6801943360D9EB42485D5D3, DD6838C6496CB15F8BB57A6596F6A64ADD9C36B09F062295699131232712B558 ] CscService      C:\Windows\System32\cscsvc.dll
08:35:56.0747 0x0da0  CscService - ok
08:35:56.0813 0x0da0  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch      C:\Windows\system32\rpcss.dll
08:35:56.0820 0x0da0  DcomLaunch - ok
08:35:56.0850 0x0da0  [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc       C:\Windows\System32\defragsvc.dll
08:35:56.0854 0x0da0  defragsvc - ok
08:35:56.0889 0x0da0  [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
08:35:56.0890 0x0da0  DfsC - ok
08:35:56.0938 0x0da0  [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
08:35:56.0942 0x0da0  Dhcp - ok
08:35:56.0969 0x0da0  [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache        C:\Windows\system32\drivers\discache.sys
08:35:56.0970 0x0da0  discache - ok
08:35:56.0994 0x0da0  [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
08:35:56.0995 0x0da0  Disk - ok
08:35:57.0015 0x0da0  [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache        C:\Windows\System32\dnsrslvr.dll
08:35:57.0018 0x0da0  Dnscache - ok
08:35:57.0054 0x0da0  [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc         C:\Windows\System32\dot3svc.dll
08:35:57.0057 0x0da0  dot3svc - ok
08:35:57.0100 0x0da0  [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS             C:\Windows\system32\dps.dll
08:35:57.0103 0x0da0  DPS - ok
08:35:57.0141 0x0da0  [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
08:35:57.0141 0x0da0  drmkaud - ok
08:35:57.0197 0x0da0  [ 3583A5A8CC2E682BFFBD4630D0FEC08B, FD0F184B358FCECAA763444B414074BEF4E871EB7527D88385519FC158435C72 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
08:35:57.0209 0x0da0  DXGKrnl - ok
08:35:57.0246 0x0da0  [ E7DD83584042EE5F9B0CF0C8C6B064D5, 42071768937F00FAEEF338EB6BC4C1BC0E762076EA1109FB0CFA54BF4C2D12F6 ] e1kexpress      C:\Windows\system32\DRIVERS\e1k6232.sys
08:35:57.0252 0x0da0  e1kexpress - ok
08:35:57.0286 0x0da0  [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost         C:\Windows\System32\eapsvc.dll
08:35:57.0288 0x0da0  EapHost - ok
08:35:57.0402 0x0da0  [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
08:35:57.0461 0x0da0  ebdrv - ok
08:35:57.0495 0x0da0  [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] EFS             C:\Windows\System32\lsass.exe
08:35:57.0497 0x0da0  EFS - ok
08:35:57.0571 0x0da0  [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
08:35:57.0585 0x0da0  ehRecvr - ok
08:35:57.0613 0x0da0  [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched         C:\Windows\ehome\ehsched.exe
08:35:57.0615 0x0da0  ehSched - ok
08:35:57.0663 0x0da0  [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
08:35:57.0674 0x0da0  elxstor - ok
08:35:57.0705 0x0da0  [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
08:35:57.0705 0x0da0  ErrDev - ok
08:35:57.0743 0x0da0  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem     C:\Windows\system32\es.dll
08:35:57.0749 0x0da0  EventSystem - ok
08:35:57.0768 0x0da0  [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat           C:\Windows\system32\drivers\exfat.sys
08:35:57.0771 0x0da0  exfat - ok
08:35:57.0790 0x0da0  [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
08:35:57.0794 0x0da0  fastfat - ok
08:35:57.0849 0x0da0  [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax             C:\Windows\system32\fxssvc.exe
08:35:57.0859 0x0da0  Fax - ok
08:35:57.0880 0x0da0  [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
08:35:57.0881 0x0da0  fdc - ok
08:35:57.0900 0x0da0  [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost         C:\Windows\system32\fdPHost.dll
08:35:57.0901 0x0da0  fdPHost - ok
08:35:57.0913 0x0da0  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub        C:\Windows\system32\fdrespub.dll
08:35:57.0915 0x0da0  FDResPub - ok
08:35:57.0923 0x0da0  [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
08:35:57.0925 0x0da0  FileInfo - ok
08:35:57.0950 0x0da0  [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
08:35:57.0951 0x0da0  Filetrace - ok
08:35:57.0964 0x0da0  [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
08:35:57.0965 0x0da0  flpydisk - ok
08:35:57.0986 0x0da0  [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
08:35:57.0991 0x0da0  FltMgr - ok
08:35:58.0043 0x0da0  [ E12C4928B32ACE04610259647F072635, B71B9C2DF45F33C4DAC88435129B08B0BCDBBE82E8C3AD0A95F00137CC8B619F ] FontCache       C:\Windows\system32\FntCache.dll
08:35:58.0061 0x0da0  FontCache - ok
08:35:58.0101 0x0da0  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
08:35:58.0103 0x0da0  FontCache3.0.0.0 - ok
08:35:58.0126 0x0da0  [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
08:35:58.0127 0x0da0  FsDepends - ok
08:35:58.0146 0x0da0  [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
08:35:58.0147 0x0da0  Fs_Rec - ok
08:35:58.0175 0x0da0  [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
08:35:58.0179 0x0da0  fvevol - ok
08:35:58.0205 0x0da0  [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
08:35:58.0207 0x0da0  gagp30kx - ok
08:35:58.0255 0x0da0  [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
08:35:58.0256 0x0da0  GEARAspiWDM - ok
08:35:58.0309 0x0da0  [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc           C:\Windows\System32\gpsvc.dll
08:35:58.0321 0x0da0  gpsvc - ok
08:35:58.0420 0x0da0  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
08:35:58.0423 0x0da0  gupdate - ok
08:35:58.0438 0x0da0  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
08:35:58.0441 0x0da0  gupdatem - ok
08:35:58.0469 0x0da0  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
08:35:58.0473 0x0da0  gusvc - ok
08:35:58.0510 0x0da0  [ 46524E4F27A44A86F28772D80BC3CE02, DEDAB3CE5CE0417962D49C58F0557339EF83365372E28A485F3999411C3519AF ] gzflt           C:\Windows\system32\DRIVERS\gzflt.sys
08:35:58.0514 0x0da0  gzflt - ok
08:35:58.0528 0x0da0  [ 771676DB364B444C6333B5F30C7A1755, F77B6DD7A9DA6E06B6EFC0639E63EA6365B89C0D0904D28A5829D2F5D1A0ADEA ] gzserv          C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
08:35:58.0529 0x0da0  gzserv - ok
08:35:58.0551 0x0da0  [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
08:35:58.0552 0x0da0  hcw85cir - ok
08:35:58.0605 0x0da0  [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
08:35:58.0612 0x0da0  HdAudAddService - ok
08:35:58.0633 0x0da0  [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
08:35:58.0636 0x0da0  HDAudBus - ok
08:35:58.0667 0x0da0  [ 88A67C34E37186665E916FD347B50D19, 23C4F11E421DE7D8330418118524D345A905300816E3D7D486DB18C670226EE1 ] HECI            C:\Windows\system32\DRIVERS\HECI.sys
08:35:58.0668 0x0da0  HECI - ok
08:35:58.0701 0x0da0  [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
08:35:58.0702 0x0da0  HidBatt - ok
08:35:58.0722 0x0da0  [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
08:35:58.0724 0x0da0  HidBth - ok
08:35:58.0770 0x0da0  [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
08:35:58.0772 0x0da0  HidIr - ok
08:35:58.0800 0x0da0  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv         C:\Windows\system32\hidserv.dll
08:35:58.0803 0x0da0  hidserv - ok
08:35:58.0849 0x0da0  [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
08:35:58.0853 0x0da0  HidUsb - ok
08:35:58.0897 0x0da0  [ CE77439BAF613019D6B7658292D1E4A6, EF0BCD841FB884F409102DED41EEB4B9E093B3B2FF9C2D932CE581767D892007 ] hitmanpro37     C:\Windows\system32\drivers\hitmanpro37.sys
08:35:58.0898 0x0da0  hitmanpro37 - ok
08:35:58.0930 0x0da0  [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc          C:\Windows\system32\kmsvc.dll
08:35:58.0933 0x0da0  hkmsvc - ok
08:35:58.0988 0x0da0  [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
08:35:58.0993 0x0da0  HomeGroupListener - ok
08:35:59.0030 0x0da0  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
08:35:59.0037 0x0da0  HomeGroupProvider - ok
08:35:59.0074 0x0da0  [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
08:35:59.0076 0x0da0  HpSAMD - ok
08:35:59.0131 0x0da0  [ 871917B07A141BFF43D76D8844D48106, 30C702008D0EE57D63F74864967DD19A55A268E77E42B5B3CC73037AD51D2987 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
08:35:59.0143 0x0da0  HTTP - ok
08:35:59.0175 0x0da0  [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
08:35:59.0175 0x0da0  hwpolicy - ok
08:35:59.0217 0x0da0  [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
08:35:59.0219 0x0da0  i8042prt - ok
08:35:59.0261 0x0da0  [ 26541A068572F650A2FA490726FE81BE, 9D6EF745731D45C4482274BE9C56300BBE8843D6C182F0E5C621AB121DBE371E ] iaStor          C:\Windows\system32\drivers\iastor.sys
08:35:59.0268 0x0da0  iaStor - ok
08:35:59.0293 0x0da0  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
08:35:59.0298 0x0da0  iaStorV - ok
08:35:59.0361 0x0da0  [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
08:35:59.0378 0x0da0  idsvc - ok
08:35:59.0619 0x0da0  [ DCE0B53570703CCE580D066F89EF58CD, C5C2C4F51F2DB2BB6E7F1218472AEAAD996514AB99EA84946A473CB7A64D9E15 ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
08:35:59.0840 0x0da0  igfx - ok
08:35:59.0896 0x0da0  [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
08:35:59.0897 0x0da0  iirsp - ok
08:35:59.0939 0x0da0  [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT          C:\Windows\System32\ikeext.dll
08:35:59.0952 0x0da0  IKEEXT - ok
08:36:00.0039 0x0da0  [ D0A6C0CEB3B74A91884F804FF4F031C0, 86F1839A466A745FBB0607949C5715E441F4296F610A8E44DB6AD2F104F3A38C ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
08:36:00.0078 0x0da0  IntcAzAudAddService - ok
08:36:00.0118 0x0da0  [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide        C:\Windows\system32\drivers\intelide.sys
08:36:00.0119 0x0da0  intelide - ok
08:36:00.0150 0x0da0  [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
08:36:00.0151 0x0da0  intelppm - ok
08:36:00.0173 0x0da0  [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
08:36:00.0175 0x0da0  IPBusEnum - ok
08:36:00.0188 0x0da0  [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:36:00.0189 0x0da0  IpFilterDriver - ok
08:36:00.0237 0x0da0  [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
08:36:00.0246 0x0da0  iphlpsvc - ok
08:36:00.0284 0x0da0  [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
08:36:00.0286 0x0da0  IPMIDRV - ok
08:36:00.0314 0x0da0  [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
08:36:00.0317 0x0da0  IPNAT - ok
08:36:00.0374 0x0da0  [ 463790AEF94D8EAB674631257F53252E, A02972457F45AD6816CB5F60DE4CD15D68256695FA0F3E4EAD6F9E36CBE54576 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
08:36:00.0386 0x0da0  iPod Service - ok
08:36:00.0413 0x0da0  [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
08:36:00.0414 0x0da0  IRENUM - ok
08:36:00.0426 0x0da0  [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
08:36:00.0427 0x0da0  isapnp - ok
08:36:00.0463 0x0da0  [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
08:36:00.0467 0x0da0  iScsiPrt - ok
08:36:00.0496 0x0da0  [ 213822072085B5BBAD9AF30AB577D817, 2C373B804D840933EC3A5F3ABFC43E47C2636CDB2431AB51846C565077B7C468 ] IviRegMgr       C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
08:36:00.0498 0x0da0  IviRegMgr - ok
08:36:00.0522 0x0da0  [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
08:36:00.0523 0x0da0  kbdclass - ok
08:36:00.0555 0x0da0  [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
08:36:00.0556 0x0da0  kbdhid - ok
08:36:00.0563 0x0da0  [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] KeyIso          C:\Windows\system32\lsass.exe
08:36:00.0565 0x0da0  KeyIso - ok
08:36:00.0597 0x0da0  [ 4120DA10AA42A9996F4575DB9E3E6E6E, 1C6E790772EA327ACB885D731A030408160534997DD56FEE4D6CEE6929873BB8 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
08:36:00.0598 0x0da0  KSecDD - ok
08:36:00.0611 0x0da0  [ D3964885F0A11ACF51DA3AAA776973B2, 417ED5A3201FC50FBC0D646F8F2114A1E8A91E7919A62508DCBC156C0BFB2FBA ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
08:36:00.0615 0x0da0  KSecPkg - ok
08:36:00.0638 0x0da0  [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm           C:\Windows\system32\msdtckrm.dll
08:36:00.0644 0x0da0  KtmRm - ok
08:36:00.0700 0x0da0  [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer    C:\Windows\system32\srvsvc.dll
08:36:00.0705 0x0da0  LanmanServer - ok
08:36:00.0785 0x0da0  [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
08:36:00.0790 0x0da0  LanmanWorkstation - ok
08:36:00.0824 0x0da0  [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
08:36:00.0826 0x0da0  lltdio - ok
08:36:00.0854 0x0da0  [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
08:36:00.0858 0x0da0  lltdsvc - ok
08:36:00.0869 0x0da0  [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts         C:\Windows\System32\lmhsvc.dll
08:36:00.0871 0x0da0  lmhosts - ok
08:36:00.0944 0x0da0  [ 2DBE437F190686B191A44E9688EA1AD5, 7E9545F21C334C035465EC81DCFE18D56B227692A24E5D2D6858CD98291EAF1A ] LMIGuardianSvc  C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
08:36:00.0952 0x0da0  LMIGuardianSvc - ok
08:36:00.0995 0x0da0  [ 26E3BEC8F2F0CFAF9FFE4C7AEF1BC049, CFB86B860FF4F856DA75EB132E06B77C71DC5D994799C08EDC01F2CA8B47AB44 ] LMIInfo         C:\Program Files\LogMeIn\x86\RaInfo.sys
08:36:00.0995 0x0da0  LMIInfo - ok
08:36:01.0015 0x0da0  [ F1BF7AB2B04B3AA0E50BBF23B17EC8D2, 2275FDF3593564BDDDFDE20E2E5CC299C8C9E55F3847D2AF030EC17777DCFFA5 ] LMIMaint        C:\Program Files\LogMeIn\x86\RaMaint.exe
08:36:01.0018 0x0da0  LMIMaint - ok
08:36:01.0043 0x0da0  [ 4477689E2D8AE6B78BA34C9AF4CC1ED1, 0BC8AF546901E6C20611C5250BD65ACD0C4A8613BD8F8835F0D4680B5777F051 ] lmimirr         C:\Windows\system32\DRIVERS\lmimirr.sys
08:36:01.0044 0x0da0  lmimirr - ok
08:36:01.0061 0x0da0  [ 3FAA563DDF853320F90259D455A01D79, D81B5FCC0CBCF9CE18E44A31071D357B12F5016159E24954E50E68D80C9F61B8 ] LMIRfsDriver    C:\Windows\system32\drivers\LMIRfsDriver.sys
08:36:01.0062 0x0da0  LMIRfsDriver - ok
08:36:01.0086 0x0da0  [ 2763A02188FFB04287F5034EC5B6B451, 679C9316FC101A9135D788BC3D910F3EF4146AF56D97143149D1767F581535F7 ] LMS             C:\Program Files\Intel\AMT\LMS.exe
08:36:01.0089 0x0da0  LMS - ok
08:36:01.0115 0x0da0  [ 432618FA75B61059D2C57D6A7E55147A, 0E7D771AE9F98667A68C8C07A664D70B71B78EC08D7FEA92AD979E1E049EC0B1 ] LogMeIn         C:\Program Files\LogMeIn\x86\LogMeIn.exe
08:36:01.0121 0x0da0  LogMeIn - ok
08:36:01.0148 0x0da0  [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
08:36:01.0150 0x0da0  LSI_FC - ok
08:36:01.0155 0x0da0  [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
08:36:01.0156 0x0da0  LSI_SAS - ok
08:36:01.0166 0x0da0  [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
08:36:01.0168 0x0da0  LSI_SAS2 - ok
08:36:01.0172 0x0da0  [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
08:36:01.0174 0x0da0  LSI_SCSI - ok
08:36:01.0197 0x0da0  [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv           C:\Windows\system32\drivers\luafv.sys
08:36:01.0198 0x0da0  luafv - ok
08:36:01.0223 0x0da0  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
08:36:01.0225 0x0da0  Mcx2Svc - ok
08:36:01.0254 0x0da0  [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
08:36:01.0255 0x0da0  megasas - ok
08:36:01.0279 0x0da0  [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
08:36:01.0284 0x0da0  MegaSR - ok
08:36:01.0311 0x0da0  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS           C:\Windows\system32\mmcss.dll
08:36:01.0313 0x0da0  MMCSS - ok
08:36:01.0319 0x0da0  [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem           C:\Windows\system32\drivers\modem.sys
08:36:01.0320 0x0da0  Modem - ok
08:36:01.0328 0x0da0  [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
08:36:01.0329 0x0da0  monitor - ok
08:36:01.0348 0x0da0  [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
08:36:01.0349 0x0da0  mouclass - ok
08:36:01.0371 0x0da0  [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
08:36:01.0372 0x0da0  mouhid - ok
08:36:01.0412 0x0da0  [ FC8771F45ECCCFD89684E38842539B9B, 806DDF2B4830CA866582FE74A521BB7DF26CA0E19013DAF584D3677FB48CC77A ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
08:36:01.0413 0x0da0  mountmgr - ok
08:36:01.0424 0x0da0  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio            C:\Windows\system32\drivers\mpio.sys
08:36:01.0426 0x0da0  mpio - ok
08:36:01.0448 0x0da0  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
08:36:01.0449 0x0da0  mpsdrv - ok
08:36:01.0492 0x0da0  [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc          C:\Windows\system32\mpssvc.dll
08:36:01.0503 0x0da0  MpsSvc - ok
08:36:01.0541 0x0da0  [ 21F4B24ACFC79A483515BD986DD9043F, 22681907E02E0B723ABE2CEF0602D36C8EF862E7E2B62A9B40A5EF582E58D7BA ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
08:36:01.0543 0x0da0  MRxDAV - ok
08:36:01.0571 0x0da0  [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
08:36:01.0573 0x0da0  mrxsmb - ok
08:36:01.0585 0x0da0  [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
08:36:01.0589 0x0da0  mrxsmb10 - ok
08:36:01.0602 0x0da0  [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
08:36:01.0604 0x0da0  mrxsmb20 - ok
08:36:01.0637 0x0da0  [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci          C:\Windows\system32\drivers\msahci.sys
08:36:01.0638 0x0da0  msahci - ok
08:36:01.0679 0x0da0  [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
08:36:01.0683 0x0da0  msdsm - ok
08:36:01.0720 0x0da0  [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC           C:\Windows\System32\msdtc.exe
08:36:01.0723 0x0da0  MSDTC - ok
08:36:01.0756 0x0da0  [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs            C:\Windows\system32\drivers\Msfs.sys
08:36:01.0757 0x0da0  Msfs - ok
08:36:01.0765 0x0da0  [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
08:36:01.0766 0x0da0  mshidkmdf - ok
08:36:01.0798 0x0da0  [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
08:36:01.0798 0x0da0  msisadrv - ok
08:36:01.0822 0x0da0  [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
08:36:01.0825 0x0da0  MSiSCSI - ok
08:36:01.0831 0x0da0  msiserver - ok
08:36:01.0848 0x0da0  [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
08:36:01.0849 0x0da0  MSKSSRV - ok
08:36:01.0863 0x0da0  [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
08:36:01.0863 0x0da0  MSPCLOCK - ok
08:36:01.0874 0x0da0  [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
08:36:01.0875 0x0da0  MSPQM - ok
08:36:01.0891 0x0da0  [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
08:36:01.0894 0x0da0  MsRPC - ok
08:36:01.0930 0x0da0  [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
08:36:01.0931 0x0da0  mssmbios - ok
08:36:01.0941 0x0da0  [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
08:36:01.0942 0x0da0  MSTEE - ok
08:36:01.0954 0x0da0  [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
08:36:01.0954 0x0da0  MTConfig - ok
08:36:01.0961 0x0da0  [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup             C:\Windows\system32\Drivers\mup.sys
08:36:01.0962 0x0da0  Mup - ok
08:36:02.0012 0x0da0  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent        C:\Windows\system32\qagentRT.dll
08:36:02.0019 0x0da0  napagent - ok
08:36:02.0051 0x0da0  [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
08:36:02.0056 0x0da0  NativeWifiP - ok
08:36:02.0109 0x0da0  [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS            C:\Windows\system32\drivers\ndis.sys
08:36:02.0123 0x0da0  NDIS - ok
08:36:02.0153 0x0da0  [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
08:36:02.0153 0x0da0  NdisCap - ok
08:36:02.0173 0x0da0  [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
08:36:02.0173 0x0da0  NdisTapi - ok
08:36:02.0209 0x0da0  [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
08:36:02.0210 0x0da0  Ndisuio - ok
08:36:02.0244 0x0da0  [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
08:36:02.0246 0x0da0  NdisWan - ok
08:36:02.0282 0x0da0  [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
08:36:02.0284 0x0da0  NDProxy - ok
08:36:02.0306 0x0da0  [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
08:36:02.0307 0x0da0  NetBIOS - ok
08:36:02.0327 0x0da0  [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
08:36:02.0332 0x0da0  NetBT - ok
08:36:02.0346 0x0da0  [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] Netlogon        C:\Windows\system32\lsass.exe
08:36:02.0348 0x0da0  Netlogon - ok
08:36:02.0372 0x0da0  [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman          C:\Windows\System32\netman.dll
08:36:02.0381 0x0da0  Netman - ok
08:36:02.0431 0x0da0  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
08:36:02.0436 0x0da0  NetMsmqActivator - ok
08:36:02.0443 0x0da0  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
08:36:02.0446 0x0da0  NetPipeActivator - ok
08:36:02.0462 0x0da0  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm        C:\Windows\System32\netprofm.dll
08:36:02.0471 0x0da0  netprofm - ok
08:36:02.0476 0x0da0  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
08:36:02.0479 0x0da0  NetTcpActivator - ok
08:36:02.0489 0x0da0  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
08:36:02.0492 0x0da0  NetTcpPortSharing - ok
08:36:02.0528 0x0da0  [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
08:36:02.0530 0x0da0  nfrd960 - ok
08:36:02.0568 0x0da0  [ 374071043F9E4231EE43BE2BB48DD36D, C4FA3FC40CC49DBBB91901D14210A55D3831FAC9F9B3FF45FCA7F5CF242C9E92 ] NlaSvc          C:\Windows\System32\nlasvc.dll
08:36:02.0573 0x0da0  NlaSvc - ok
08:36:02.0580 0x0da0  [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
08:36:02.0582 0x0da0  Npfs - ok
08:36:02.0620 0x0da0  [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi             C:\Windows\system32\nsisvc.dll
08:36:02.0622 0x0da0  nsi - ok
08:36:02.0641 0x0da0  [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
08:36:02.0642 0x0da0  nsiproxy - ok
08:36:02.0769 0x0da0  [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
08:36:02.0792 0x0da0  Ntfs - ok
08:36:02.0816 0x0da0  [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null            C:\Windows\system32\drivers\Null.sys
08:36:02.0817 0x0da0  Null - ok
08:36:02.0837 0x0da0  [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
08:36:02.0839 0x0da0  nvraid - ok
08:36:02.0873 0x0da0  [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
08:36:02.0876 0x0da0  nvstor - ok
08:36:02.0893 0x0da0  [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
08:36:02.0895 0x0da0  nv_agp - ok
08:36:02.0943 0x0da0  [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
08:36:02.0944 0x0da0  ohci1394 - ok
08:36:02.0985 0x0da0  [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:36:02.0987 0x0da0  ose - ok
08:36:03.0019 0x0da0  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
08:36:03.0025 0x0da0  p2pimsvc - ok
08:36:03.0044 0x0da0  [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc          C:\Windows\system32\p2psvc.dll
08:36:03.0051 0x0da0  p2psvc - ok
08:36:03.0082 0x0da0  [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport         C:\Windows\system32\DRIVERS\parport.sys
08:36:03.0085 0x0da0  Parport - ok
08:36:03.0115 0x0da0  [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
08:36:03.0116 0x0da0  partmgr - ok
08:36:03.0131 0x0da0  [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
08:36:03.0132 0x0da0  Parvdm - ok
08:36:03.0168 0x0da0  [ 3A55D53687F16D9EF5BF307BBFEFCD9C, F1BB1B43442B151686500768C43A4D20CAA47427E78386953A42DDB42D9DDF0C ] PcaSvc          C:\Windows\System32\pcasvc.dll
08:36:03.0174 0x0da0  PcaSvc - ok
08:36:03.0185 0x0da0  [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci             C:\Windows\system32\drivers\pci.sys
08:36:03.0190 0x0da0  pci - ok
08:36:03.0223 0x0da0  [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide          C:\Windows\system32\drivers\pciide.sys
08:36:03.0224 0x0da0  pciide - ok
08:36:03.0249 0x0da0  [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
08:36:03.0254 0x0da0  pcmcia - ok
08:36:03.0263 0x0da0  [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw             C:\Windows\system32\drivers\pcw.sys
08:36:03.0264 0x0da0  pcw - ok
08:36:03.0284 0x0da0  pdfcDispatcher - ok
08:36:03.0330 0x0da0  [ 344D1FA0438A967F1A2BAA42C86D6E19, E9CB31CBD9075B84BA771CF82A4C3AB5BF57ADEA3E76ABE8FE36FEACFD681D89 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
08:36:03.0339 0x0da0  PEAUTH - ok
08:36:03.0383 0x0da0  [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
08:36:03.0403 0x0da0  PeerDistSvc - ok
08:36:03.0482 0x0da0  [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla             C:\Windows\system32\pla.dll
08:36:03.0513 0x0da0  pla - ok
08:36:03.0543 0x0da0  [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
08:36:03.0549 0x0da0  PlugPlay - ok
08:36:03.0556 0x0da0  [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
08:36:03.0558 0x0da0  PNRPAutoReg - ok
08:36:03.0577 0x0da0  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
08:36:03.0583 0x0da0  PNRPsvc - ok
08:36:03.0619 0x0da0  [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
08:36:03.0625 0x0da0  PolicyAgent - ok
08:36:03.0660 0x0da0  [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power           C:\Windows\system32\umpo.dll
08:36:03.0664 0x0da0  Power - ok
08:36:03.0721 0x0da0  [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
08:36:03.0723 0x0da0  PptpMiniport - ok
08:36:03.0732 0x0da0  [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
08:36:03.0733 0x0da0  Processor - ok
08:36:03.0768 0x0da0  [ CADEFAC453040E370A1BDFF3973BE00D, 2E3DD8DA702468D8AB0F3CE27188B1991D4CB015FB36BAE4C6E7996B61CF49B8 ] ProfSvc         C:\Windows\system32\profsvc.dll
08:36:03.0772 0x0da0  ProfSvc - ok
08:36:03.0779 0x0da0  [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] ProtectedStorage C:\Windows\system32\lsass.exe
08:36:03.0780 0x0da0  ProtectedStorage - ok
08:36:03.0805 0x0da0  [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
08:36:03.0807 0x0da0  Psched - ok
08:36:03.0827 0x0da0  [ A6A7AD767BF5141665F5C675F671B3E1, 11D43F732C3B82679E53516F83E675B60B0EFEDE3F4EE3C42AC752AD8D5155AF ] PSI_SVC_2       C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
08:36:03.0830 0x0da0  PSI_SVC_2 - ok
08:36:03.0883 0x0da0  [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
08:36:03.0909 0x0da0  ql2300 - ok
08:36:03.0921 0x0da0  [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
08:36:03.0923 0x0da0  ql40xx - ok
08:36:03.0950 0x0da0  [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE           C:\Windows\system32\qwave.dll
08:36:03.0955 0x0da0  QWAVE - ok
08:36:03.0965 0x0da0  [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
08:36:03.0966 0x0da0  QWAVEdrv - ok
08:36:03.0984 0x0da0  [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
08:36:03.0985 0x0da0  RasAcd - ok
08:36:04.0013 0x0da0  [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
08:36:04.0014 0x0da0  RasAgileVpn - ok
08:36:04.0043 0x0da0  [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto         C:\Windows\System32\rasauto.dll
08:36:04.0047 0x0da0  RasAuto - ok
08:36:04.0057 0x0da0  [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
08:36:04.0058 0x0da0  Rasl2tp - ok
08:36:04.0095 0x0da0  [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan          C:\Windows\System32\rasmans.dll
08:36:04.0101 0x0da0  RasMan - ok
08:36:04.0124 0x0da0  [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
08:36:04.0126 0x0da0  RasPppoe - ok
08:36:04.0154 0x0da0  [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
08:36:04.0155 0x0da0  RasSstp - ok
08:36:04.0191 0x0da0  [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
08:36:04.0197 0x0da0  rdbss - ok
08:36:04.0210 0x0da0  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
08:36:04.0211 0x0da0  rdpbus - ok
08:36:04.0239 0x0da0  [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
08:36:04.0240 0x0da0  RDPCDD - ok
08:36:04.0276 0x0da0  [ B973FCFC50DC1434E1970A146F7E3885, BE797E5F5AE34D37F8DA1134CE94DD14DBE36D2BC405B97E992E2257848B7CA9 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
08:36:04.0280 0x0da0  RDPDR - ok
08:36:04.0293 0x0da0  [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
08:36:04.0294 0x0da0  RDPENCDD - ok
08:36:04.0317 0x0da0  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
08:36:04.0317 0x0da0  RDPREFMP - ok
08:36:04.0389 0x0da0  [ 65375DF758CA1872AB7EBBBA457FD5E6, 8AC7681F51277E799C22FF95FA0B833E9E260D37C0416319FF05B66FB3948005 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
08:36:04.0390 0x0da0  RdpVideoMiniport - ok
08:36:04.0421 0x0da0  [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
08:36:04.0425 0x0da0  RDPWD - ok
08:36:04.0464 0x0da0  [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
08:36:04.0468 0x0da0  rdyboost - ok
08:36:04.0510 0x0da0  [ 001B4278407F4303EFC902A2B16F2453, 92A95B0EFAAE7ADC6380D5207C86CB45BEEAE6974417A13669484A9D179E69AC ] regi            C:\Windows\system32\drivers\regi.sys
08:36:04.0510 0x0da0  regi - ok
08:36:04.0536 0x0da0  [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess    C:\Windows\System32\mprdim.dll
08:36:04.0539 0x0da0  RemoteAccess - ok
08:36:04.0563 0x0da0  [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry  C:\Windows\system32\regsvc.dll
08:36:04.0566 0x0da0  RemoteRegistry - ok
08:36:04.0597 0x0da0  [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
08:36:04.0599 0x0da0  RpcEptMapper - ok
08:36:04.0606 0x0da0  [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator      C:\Windows\system32\locator.exe
08:36:04.0608 0x0da0  RpcLocator - ok
08:36:04.0621 0x0da0  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs           C:\Windows\system32\rpcss.dll
08:36:04.0628 0x0da0  RpcSs - ok
08:36:04.0656 0x0da0  [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
08:36:04.0657 0x0da0  rspndr - ok
08:36:04.0731 0x0da0  [ 7FA7F2E249A5DCBB7970630E15E1F482, 9633B193F3FDA67BC551C6DCA4788AB83E9F45F77763EE579D02FE5D6B80DEDF ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
08:36:04.0732 0x0da0  s3cap - ok
08:36:04.0779 0x0da0  [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] SamSs           C:\Windows\system32\lsass.exe
08:36:04.0781 0x0da0  SamSs - ok
08:36:04.0937 0x0da0  [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
08:36:04.0939 0x0da0  sbp2port - ok
08:36:04.0994 0x0da0  [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
08:36:04.0999 0x0da0  SCardSvr - ok
08:36:05.0035 0x0da0  [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
08:36:05.0036 0x0da0  scfilter - ok
08:36:05.0094 0x0da0  [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule        C:\Windows\system32\schedsvc.dll
08:36:05.0110 0x0da0  Schedule - ok
08:36:05.0143 0x0da0  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc     C:\Windows\System32\certprop.dll
08:36:05.0145 0x0da0  SCPolicySvc - ok
08:36:05.0160 0x0da0  [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
08:36:05.0163 0x0da0  SDRSVC - ok
08:36:05.0181 0x0da0  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
08:36:05.0182 0x0da0  secdrv - ok
08:36:05.0202 0x0da0  [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon        C:\Windows\system32\seclogon.dll
08:36:05.0205 0x0da0  seclogon - ok
08:36:05.0213 0x0da0  [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS            C:\Windows\System32\sens.dll
08:36:05.0215 0x0da0  SENS - ok
08:36:05.0231 0x0da0  [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
08:36:05.0233 0x0da0  SensrSvc - ok
08:36:05.0254 0x0da0  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
08:36:05.0255 0x0da0  Serenum - ok
08:36:05.0279 0x0da0  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial          C:\Windows\system32\DRIVERS\serial.sys
08:36:05.0281 0x0da0  Serial - ok
08:36:05.0324 0x0da0  [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
08:36:05.0325 0x0da0  sermouse - ok
08:36:05.0361 0x0da0  [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv      C:\Windows\system32\sessenv.dll
08:36:05.0365 0x0da0  SessionEnv - ok
08:36:05.0373 0x0da0  [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
08:36:05.0374 0x0da0  sffdisk - ok
08:36:05.0385 0x0da0  [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
08:36:05.0386 0x0da0  sffp_mmc - ok
08:36:05.0389 0x0da0  [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
08:36:05.0390 0x0da0  sffp_sd - ok
08:36:05.0400 0x0da0  [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
08:36:05.0401 0x0da0  sfloppy - ok
08:36:05.0433 0x0da0  [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
08:36:05.0439 0x0da0  SharedAccess - ok
08:36:05.0486 0x0da0  [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
08:36:05.0493 0x0da0  ShellHWDetection - ok
08:36:05.0523 0x0da0  [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp          C:\Windows\system32\drivers\sisagp.sys
08:36:05.0524 0x0da0  sisagp - ok
08:36:05.0558 0x0da0  [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
08:36:05.0559 0x0da0  SiSRaid2 - ok
08:36:05.0571 0x0da0  [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
08:36:05.0573 0x0da0  SiSRaid4 - ok
08:36:05.0596 0x0da0  [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
08:36:05.0598 0x0da0  Smb - ok
08:36:05.0628 0x0da0  [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
08:36:05.0631 0x0da0  SNMPTRAP - ok
08:36:05.0644 0x0da0  [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr           C:\Windows\system32\drivers\spldr.sys
08:36:05.0645 0x0da0  spldr - ok
08:36:05.0678 0x0da0  [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler         C:\Windows\System32\spoolsv.exe
08:36:05.0684 0x0da0  Spooler - ok
08:36:05.0805 0x0da0  [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc          C:\Windows\system32\sppsvc.exe
08:36:05.0852 0x0da0  sppsvc - ok
08:36:05.0902 0x0da0  [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify     C:\Windows\system32\sppuinotify.dll
08:36:05.0906 0x0da0  sppuinotify - ok
08:36:05.0930 0x0da0  [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv             C:\Windows\system32\DRIVERS\srv.sys
08:36:05.0938 0x0da0  srv - ok
08:36:05.0952 0x0da0  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
08:36:05.0960 0x0da0  srv2 - ok
08:36:05.0990 0x0da0  [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
08:36:05.0992 0x0da0  srvnet - ok
08:36:06.0016 0x0da0  [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
08:36:06.0021 0x0da0  SSDPSRV - ok
08:36:06.0036 0x0da0  [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
08:36:06.0039 0x0da0  SstpSvc - ok
08:36:06.0060 0x0da0  [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
08:36:06.0060 0x0da0  stexstor - ok
08:36:06.0105 0x0da0  [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc          C:\Windows\System32\wiaservc.dll
08:36:06.0115 0x0da0  StiSvc - ok
08:36:06.0148 0x0da0  [ 472AF0311073DCECEAA8FA18BA2BDF89, 089414057EB2047E42C96C1ACE79D509967461DC5A4D2836F63C04268637A3FC ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
08:36:06.0149 0x0da0  storflt - ok
08:36:06.0175 0x0da0  [ 0BF669F0A910BEDA4A32258D363AF2A5, 83EEBACDE4F69A2866B69CAA633F5C8B3CB01D88CEDB01B6EA5988E0A25CEE47 ] StorSvc         C:\Windows\system32\storsvc.dll
08:36:06.0177 0x0da0  StorSvc - ok
08:36:06.0212 0x0da0  [ DCAFFD62259E0BDB433DD67B5BB37619, CBD12FF9BBF33D18B0F3D322B12EC62E7DF3BF45C6AD43D2E91FF4C4762E05D0 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
08:36:06.0213 0x0da0  storvsc - ok
08:36:06.0223 0x0da0  [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum          C:\Windows\system32\drivers\swenum.sys
08:36:06.0224 0x0da0  swenum - ok
08:36:06.0251 0x0da0  [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv           C:\Windows\System32\swprv.dll
08:36:06.0258 0x0da0  swprv - ok
08:36:06.0319 0x0da0  [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain         C:\Windows\system32\sysmain.dll
08:36:06.0343 0x0da0  SysMain - ok
08:36:06.0374 0x0da0  [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
08:36:06.0377 0x0da0  TabletInputService - ok
08:36:06.0415 0x0da0  [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv         C:\Windows\System32\tapisrv.dll
08:36:06.0421 0x0da0  TapiSrv - ok
08:36:06.0449 0x0da0  [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS             C:\Windows\System32\tbssvc.dll
08:36:06.0452 0x0da0  TBS - ok
08:36:06.0509 0x0da0  [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
08:36:06.0534 0x0da0  Tcpip - ok
08:36:06.0564 0x0da0  [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
08:36:06.0583 0x0da0  TCPIP6 - ok
08:36:06.0620 0x0da0  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
08:36:06.0621 0x0da0  tcpipreg - ok
08:36:06.0646 0x0da0  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
08:36:06.0647 0x0da0  TDPIPE - ok
08:36:06.0650 0x0da0  [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
08:36:06.0651 0x0da0  TDTCP - ok
08:36:06.0693 0x0da0  [ B459575348C20E8121D6039DA063C704, 1B4328A9EA39FF5A57F258E02254D04B73455F1DF7C997C13702A8B2F12D0347 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
08:36:06.0717 0x0da0  tdx - ok
08:36:06.0775 0x0da0  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD          C:\Windows\system32\drivers\termdd.sys
08:36:06.0777 0x0da0  TermDD - ok
08:36:06.0854 0x0da0  [ E05E31F7BF577228E27CFFCA5B54ABBD, BF053DE7FA6DF33E15D0DD421F34962D92575ED163E4A605FE6B8DA9CEA5CF55 ] TermService     C:\Windows\System32\termsrv.dll
08:36:06.0866 0x0da0  TermService - ok
08:36:06.0898 0x0da0  [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes          C:\Windows\system32\themeservice.dll
08:36:06.0900 0x0da0  Themes - ok
08:36:06.0910 0x0da0  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER     C:\Windows\system32\mmcss.dll
08:36:06.0912 0x0da0  THREADORDER - ok
08:36:06.0949 0x0da0  [ 5AD05191DC8B444A7BA4D79B76C42A30, 6166E939A5A240388EBA5AF7FF335DC413F2BBCF74C2E1D310F4BE2A5454A610 ] TPM             C:\Windows\system32\drivers\tpm.sys
08:36:06.0950 0x0da0  TPM - ok
08:36:06.0975 0x0da0  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks          C:\Windows\System32\trkwks.dll
08:36:06.0979 0x0da0  TrkWks - ok
08:36:07.0021 0x0da0  [ 88E0F99FDB8DDCB6E6A15380E164FEA2, 794C084B60DAC803E35BE933143A77EF2888D53B9EBEDAE4825C40A05A04F7E4 ] trufos          C:\Windows\system32\DRIVERS\trufos.sys
08:36:07.0027 0x0da0  trufos - ok
08:36:07.0087 0x0da0  [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
08:36:07.0092 0x0da0  TrustedInstaller - ok
08:36:07.0130 0x0da0  [ 6C5139E4283249518F7743D7043775B3, 58684E8C90EBAC65459A97C905CDCFE3A915CFF7E8E96071DE1AC3489F85E67F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
08:36:07.0131 0x0da0  tssecsrv - ok
08:36:07.0163 0x0da0  [ C6A5FBD4977305E1FA23E02C042DB463, A6EB5E4B8051A258D40A385609E930318EAA3494C8466F48542B806FE6A7C47A ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
08:36:07.0165 0x0da0  TsUsbFlt - ok
08:36:07.0224 0x0da0  [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
08:36:07.0227 0x0da0  tunnel - ok
08:36:07.0254 0x0da0  [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
08:36:07.0256 0x0da0  uagp35 - ok
08:36:07.0302 0x0da0  [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
08:36:07.0307 0x0da0  udfs - ok
08:36:07.0332 0x0da0  [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect       C:\Windows\system32\UI0Detect.exe
08:36:07.0337 0x0da0  UI0Detect - ok
08:36:07.0359 0x0da0  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
08:36:07.0361 0x0da0  uliagpkx - ok
08:36:07.0399 0x0da0  [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus           C:\Windows\system32\drivers\umbus.sys
08:36:07.0401 0x0da0  umbus - ok
08:36:07.0435 0x0da0  [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
08:36:07.0436 0x0da0  UmPass - ok
08:36:07.0477 0x0da0  [ 409994A8EACEEE4E328749C0353527A0, FFC57B647147DE2957A7DE4B330CC534DE7AC892A2FCE3BB164F7A516CAB1B56 ] UmRdpService    C:\Windows\System32\umrdp.dll
08:36:07.0484 0x0da0  UmRdpService - ok
08:36:07.0573 0x0da0  [ D47E82866A6FF02DAE9CEDF127C4BEE0, 15F2F637470859672FE93EAE03062C966FFE72F38FADB586B9C0DBC0C635A797 ] UNS             C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe
08:36:07.0603 0x0da0  UNS - ok
08:36:07.0634 0x0da0  [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost        C:\Windows\System32\upnphost.dll
08:36:07.0642 0x0da0  upnphost - ok
08:36:07.0679 0x0da0  [ 9419FAAC6552A51542DBBA02971C841C, 979CBE1DF641B74023030B180F31C2E48B5DFAE776679FACE2A2C0BC5B3F2DC5 ] usbbus          C:\Windows\system32\DRIVERS\lgusbbus.sys
08:36:07.0680 0x0da0  usbbus - ok
08:36:07.0730 0x0da0  [ 8455C4ED038EFD09E99327F9D2D48FFA, D166F98EA3D85F7DD6B5258949C186714A17EF89B6FDC9804165F7B4FA811C30 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
08:36:07.0731 0x0da0  usbccgp - ok
08:36:07.0775 0x0da0  [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir          C:\Windows\system32\drivers\usbcir.sys
08:36:07.0776 0x0da0  usbcir - ok
08:36:07.0815 0x0da0  [ C0A466FA4FFEC464320E159BC1BBDC0C, AD54E992D75B3EC744224682DBFC4C26013AE91042A137A902A7EF2D443BC7FC ] UsbDiag         C:\Windows\system32\DRIVERS\lgusbdiag.sys
08:36:07.0816 0x0da0  UsbDiag - ok
08:36:07.0847 0x0da0  [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
08:36:07.0848 0x0da0  usbehci - ok
08:36:07.0876 0x0da0  [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
08:36:07.0880 0x0da0  usbhub - ok
08:36:07.0929 0x0da0  [ F74A54774A9B0AFEB3C40ADEC68AA600, 708A3658CDD0CB5EA7339AB498F876F5545F25F61EE184B79D03CC0F76B720D9 ] USBModem        C:\Windows\system32\DRIVERS\lgusbmodem.sys
08:36:07.0929 0x0da0  USBModem - ok
08:36:07.0967 0x0da0  [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
08:36:07.0968 0x0da0  usbohci - ok
08:36:07.0995 0x0da0  [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
08:36:07.0997 0x0da0  usbprint - ok
08:36:08.0007 0x0da0  [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
08:36:08.0009 0x0da0  USBSTOR - ok
08:36:08.0037 0x0da0  [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
08:36:08.0038 0x0da0  usbuhci - ok
08:36:08.0059 0x0da0  [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms           C:\Windows\System32\uxsms.dll
08:36:08.0063 0x0da0  UxSms - ok
08:36:08.0070 0x0da0  [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] VaultSvc        C:\Windows\system32\lsass.exe
08:36:08.0072 0x0da0  VaultSvc - ok
08:36:08.0095 0x0da0  [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
08:36:08.0096 0x0da0  vdrvroot - ok
08:36:08.0136 0x0da0  [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds             C:\Windows\System32\vds.exe
08:36:08.0147 0x0da0  vds - ok
08:36:08.0167 0x0da0  [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
08:36:08.0168 0x0da0  vga - ok
08:36:08.0181 0x0da0  [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave         C:\Windows\System32\drivers\vga.sys
08:36:08.0182 0x0da0  VgaSave - ok
08:36:08.0220 0x0da0  [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
08:36:08.0223 0x0da0  vhdmp - ok
08:36:08.0244 0x0da0  [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
08:36:08.0246 0x0da0  viaagp - ok
08:36:08.0271 0x0da0  [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys
08:36:08.0273 0x0da0  ViaC7 - ok
08:36:08.0302 0x0da0  [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide          C:\Windows\system32\drivers\viaide.sys
08:36:08.0303 0x0da0  viaide - ok
08:36:08.0340 0x0da0  [ C2F2911156FDC7817C52829C86DA494E, FE499F189B5016FCE0018AA3DE3970B72275B7B15F3D4D608117F6DDEC6B90DC ] vmbus           C:\Windows\system32\drivers\vmbus.sys
08:36:08.0344 0x0da0  vmbus - ok
08:36:08.0357 0x0da0  [ D4D77455211E204F370D08F4963063CE, 2018B2A84C73E0834200A594C02A9D28C74906F126DAD3CCDDFC9CD9A61669E2 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
08:36:08.0358 0x0da0  VMBusHID - ok
08:36:08.0373 0x0da0  [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
08:36:08.0374 0x0da0  volmgr - ok
08:36:08.0402 0x0da0  [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
08:36:08.0407 0x0da0  volmgrx - ok
08:36:08.0422 0x0da0  [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
08:36:08.0427 0x0da0  volsnap - ok
08:36:08.0450 0x0da0  [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
08:36:08.0452 0x0da0  vsmraid - ok
08:36:08.0508 0x0da0  [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS             C:\Windows\system32\vssvc.exe
08:36:08.0528 0x0da0  VSS - ok
08:36:08.0548 0x0da0  [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
08:36:08.0549 0x0da0  vwifibus - ok
08:36:08.0573 0x0da0  [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time         C:\Windows\system32\w32time.dll
08:36:08.0579 0x0da0  W32Time - ok
08:36:08.0593 0x0da0  [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
08:36:08.0593 0x0da0  WacomPen - ok
08:36:08.0624 0x0da0  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
08:36:08.0625 0x0da0  WANARP - ok
08:36:08.0628 0x0da0  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
08:36:08.0630 0x0da0  Wanarpv6 - ok
08:36:08.0732 0x0da0  [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
08:36:08.0758 0x0da0  WatAdminSvc - ok
08:36:08.0808 0x0da0  [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine        C:\Windows\system32\wbengine.exe
08:36:08.0833 0x0da0  wbengine - ok
08:36:08.0907 0x0da0  [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
08:36:08.0911 0x0da0  WbioSrvc - ok
08:36:08.0950 0x0da0  [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc         C:\Windows\System32\wcncsvc.dll
08:36:08.0957 0x0da0  wcncsvc - ok
08:36:08.0974 0x0da0  [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
08:36:08.0977 0x0da0  WcsPlugInService - ok
08:36:09.0004 0x0da0  [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
08:36:09.0005 0x0da0  Wd - ok
08:36:09.0030 0x0da0  [ D6EFAF429FD30C5DF613D220E344CCE7, 807D4563E8AD4073688691078EB13AF240E14BA5E0C8506A48B3060A20B90082 ] WDC_SAM         C:\Windows\system32\DRIVERS\wdcsam.sys
08:36:09.0031 0x0da0  WDC_SAM - ok
08:36:09.0061 0x0da0  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
08:36:09.0072 0x0da0  Wdf01000 - ok
08:36:09.0092 0x0da0  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost  C:\Windows\system32\wdi.dll
08:36:09.0096 0x0da0  WdiServiceHost - ok
08:36:09.0099 0x0da0  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost   C:\Windows\system32\wdi.dll
08:36:09.0103 0x0da0  WdiSystemHost - ok
08:36:09.0141 0x0da0  [ 75E8EBD7040CE238684333F97014762A, 2CA0B267FBAEB303D1F8B639D733DC0DE17BA1276CC9096035B4F2BBBED3EF7F ] WebClient       C:\Windows\System32\webclnt.dll
08:36:09.0147 0x0da0  WebClient - ok
08:36:09.0182 0x0da0  [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc          C:\Windows\system32\wecsvc.dll
08:36:09.0186 0x0da0  Wecsvc - ok
08:36:09.0203 0x0da0  [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
08:36:09.0206 0x0da0  wercplsupport - ok
08:36:09.0218 0x0da0  [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc          C:\Windows\System32\WerSvc.dll
08:36:09.0221 0x0da0  WerSvc - ok
08:36:09.0248 0x0da0  [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
08:36:09.0249 0x0da0  WfpLwf - ok
08:36:09.0271 0x0da0  [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
08:36:09.0272 0x0da0  WIMMount - ok
08:36:09.0350 0x0da0  [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
08:36:09.0368 0x0da0  WinDefend - ok
08:36:09.0376 0x0da0  WinHttpAutoProxySvc - ok
08:36:09.0417 0x0da0  [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
08:36:09.0420 0x0da0  Winmgmt - ok
08:36:09.0480 0x0da0  [ 1B91CD34EA3A90AB6A4EF0550174F4CC, 5B6618615EBFBA594C945AD35F5C68DA8C6053892B6D12D626BB6120910D80DC ] WinRM           C:\Windows\system32\WsmSvc.dll
08:36:09.0504 0x0da0  WinRM - ok
08:36:09.0534 0x0da0  [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
08:36:09.0535 0x0da0  WinUsb - ok
08:36:09.0581 0x0da0  [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc         C:\Windows\System32\wlansvc.dll
08:36:09.0601 0x0da0  Wlansvc - ok
08:36:09.0675 0x0da0  [ 5144AE67D60EC653F97DDF3FEED29E77, F6238767284B2356A9F502E2ACCFAAC283FA13CBF238E98B5115A55179526B10 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
08:36:09.0699 0x0da0  wlidsvc - ok
08:36:09.0741 0x0da0  [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
08:36:09.0742 0x0da0  WmiAcpi - ok
08:36:09.0772 0x0da0  [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
08:36:09.0776 0x0da0  wmiApSrv - ok
08:36:09.0865 0x0da0  [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
08:36:09.0889 0x0da0  WMPNetworkSvc - ok
08:36:09.0914 0x0da0  [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
08:36:09.0916 0x0da0  WPCSvc - ok
08:36:09.0949 0x0da0  [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
08:36:09.0953 0x0da0  WPDBusEnum - ok
08:36:09.0972 0x0da0  [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
08:36:09.0973 0x0da0  ws2ifsl - ok
08:36:09.0992 0x0da0  [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc          C:\Windows\System32\wscsvc.dll
08:36:09.0996 0x0da0  wscsvc - ok
08:36:10.0000 0x0da0  WSearch - ok
08:36:10.0088 0x0da0  [ D9B0134913E5EF007AF82A418C503322, 7418DD28C8E968674382F8352AAFFC4DE77887E2B71B8844D615F19432B4C55A ] wuauserv        C:\Windows\system32\wuaueng.dll
08:36:10.0128 0x0da0  wuauserv - ok
08:36:10.0155 0x0da0  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
08:36:10.0157 0x0da0  WudfPf - ok
08:36:10.0179 0x0da0  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
08:36:10.0181 0x0da0  WUDFRd - ok
08:36:10.0206 0x0da0  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
08:36:10.0210 0x0da0  wudfsvc - ok
08:36:10.0245 0x0da0  [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc         C:\Windows\System32\wwansvc.dll
08:36:10.0250 0x0da0  WwanSvc - ok
08:36:10.0263 0x0da0  ================ Scan global ===============================
08:36:10.0296 0x0da0  [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll
08:36:10.0333 0x0da0  [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
08:36:10.0342 0x0da0  [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
08:36:10.0366 0x0da0  [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
08:36:10.0383 0x0da0  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\Windows\system32\services.exe
08:36:10.0388 0x0da0  [ Global ] - ok
08:36:10.0389 0x0da0  ================ Scan MBR ==================================
08:36:10.0401 0x0da0  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
08:36:10.0714 0x0da0  \Device\Harddisk0\DR0 - ok
08:36:10.0715 0x0da0  ================ Scan VBR ==================================
08:36:10.0732 0x0da0  [ 17C524CAE5364819C0C67C5DFF2CDB71 ] \Device\Harddisk0\DR0\Partition1
08:36:10.0735 0x0da0  \Device\Harddisk0\DR0\Partition1 - ok
08:36:10.0750 0x0da0  [ 9D0C5824645E2F98F06447F3E29C8E03 ] \Device\Harddisk0\DR0\Partition2
08:36:10.0755 0x0da0  \Device\Harddisk0\DR0\Partition2 - ok
08:36:10.0794 0x0da0  [ 0F78685E2DA5BACE7C300B7ABCF0434E ] \Device\Harddisk0\DR0\Partition3
08:36:10.0796 0x0da0  \Device\Harddisk0\DR0\Partition3 - ok
08:36:10.0797 0x0da0  ================ Scan generic autorun ======================
08:36:11.0033 0x0da0  [ 8C48FEDC3FAA7F14C72557D49DC4FDF6, 51DA51F18348C42702DD1D1CFA149D6E1173FC77A8F5D43C9DC9A305FF6EBFC6 ] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
08:36:11.0139 0x0da0  RtHDVCpl - ok
08:36:11.0186 0x0da0  [ 1E69319B2F7C46070DC8E6BAF0941FE2, 709FF756E6A09857F1C84F384903C6A64B36D2702F1568E404D97CE2649F6D74 ] C:\Program Files\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe
08:36:11.0199 0x0da0  picon - ok
08:36:11.0239 0x0da0  [ 234051C0D242A6F4A79AE5212C1323D4, CA40BDB2AC40D1685310B4D56E97C91B72626D5C2CC3A986139CB37BA1071E7E ] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
08:36:11.0240 0x0da0  LogMeIn GUI - ok
08:36:11.0277 0x0da0  [ 2C1B1E9174D94E9F6EE3CF373ABAB7DD, 729D283DF70F727824EBCA223D5E5B27D16E3E2B5312B1B34CAE1E763192D7B5 ] C:\Windows\system32\igfxtray.exe
08:36:11.0279 0x0da0  IgfxTray - ok
08:36:11.0288 0x0da0  [ 87D78CF6365BDDACBE9D34B60FE0E23B, 4561DE7171FD9035FEDF7EEA059859732996A5E72364D0D9F230563A1A6AE3D4 ] C:\Windows\system32\hkcmd.exe
08:36:11.0292 0x0da0  HotKeysCmds - ok
08:36:11.0375 0x0da0  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
08:36:11.0397 0x0da0  Sidebar - ok
08:36:11.0422 0x0da0  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
08:36:11.0425 0x0da0  mctadmin - ok
08:36:11.0465 0x0da0  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
08:36:11.0482 0x0da0  Sidebar - ok
08:36:11.0488 0x0da0  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
08:36:11.0490 0x0da0  mctadmin - ok
08:36:11.0515 0x0da0  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
08:36:11.0531 0x0da0  Sidebar - ok
08:36:11.0537 0x0da0  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
08:36:11.0540 0x0da0  mctadmin - ok
08:36:11.0540 0x0da0  Waiting for KSN requests completion. In queue: 351
08:36:12.0540 0x0da0  Waiting for KSN requests completion. In queue: 40
08:36:13.0540 0x0da0  Waiting for KSN requests completion. In queue: 40
08:36:14.0554 0x0da0  AV detected via SS2: Bitdefender Antivirus Free Edition, C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe ( 1.0.21.1099 ), 0x41000 ( enabled : updated )
08:36:14.0558 0x0da0  Win FW state via NFP2: enabled
08:36:17.0343 0x0da0  ============================================================
08:36:17.0343 0x0da0  Scan finished
08:36:17.0343 0x0da0  ============================================================
08:36:17.0351 0x06f8  Detected object count: 0
08:36:17.0351 0x06f8  Actual detected object count: 0

 

Downloaded aswMBR.exe

Updated definitions

Scan completed

 

Log file:

aswMBR version 1.0.1.2161 Copyright© 2014 AVAST Software
Run date: 2014-10-24 08:40:18
-----------------------------
08:40:18.440    OS Version: Windows 6.1.7601 Service Pack 1
08:40:18.440    Number of processors: 2 586 0x170A
08:40:18.441    ComputerName: ANTIEBABS-HP  UserName: Antiebabs
08:40:23.582    Initialize success
08:40:23.647    VM: initialized successfully
08:40:23.658    VM: Intel CPU BiosDisabled
08:40:31.826    VM: not used
08:40:31.848    supported disk I/O iastor.sys
08:42:48.188    AVAST engine defs: 14102400
08:42:50.354    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
08:42:50.358    Disk 0 Vendor: Hitachi_ JP1O Size: 238475MB BusType: 3
08:42:50.480    Disk 0 MBR read successfully I/O
08:42:50.486    Disk 0 MBR scan
08:42:50.569    Disk 0 Windows 7 default MBR code
08:42:50.579    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS         2047 MB offset 2048
08:42:50.589    Disk 0 default boot code
08:42:50.605    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       229257 MB offset 4194304
08:42:50.648    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS         7160 MB offset 473712640
08:42:50.663    Disk 0 scanning sectors +488376320
08:42:50.859    Disk 0 scanning C:\Windows\system32\drivers
08:43:03.804    Service scanning
08:43:07.408    Service bdfwfpf C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys **LOCKED** 5
08:43:07.466    Service bdselfpr C:\Program Files\Bitdefender\Antivirus Free Edition\bdselfpr.sys **LOCKED** 5
08:43:42.782    Modules scanning
08:43:58.312    Disk 0 trace - called modules:
08:43:58.336    ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll iastor.sys
08:43:58.346    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x88126aa0]
08:43:58.357    3 CLASSPNP.SYS[8ccc659e] -> nt!IofCallDriver -> [0x86229e40]
08:43:58.367    5 ACPI.sys[8c2113d4] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x861ef028]
08:44:02.846    AVAST engine scan C:\Windows
08:44:05.329    AVAST engine scan C:\Windows\system32
08:47:03.611    AVAST engine scan C:\Windows\system32\drivers
08:47:18.435    AVAST engine scan C:\Users\Antiebabs
08:47:53.894    Disk 0 MBR has been saved successfully to "C:\Users\Antiebabs\Desktop\Bleeping Computer\MBR.dat"
08:47:53.910    The log file has been saved successfully to "C:\Users\Antiebabs\Desktop\Bleeping Computer\aswMBR.txt"

 

 

 

Attached Files

  • Attached File  MBR.zip   571bytes   0 downloads


#13 nasdaq

nasdaq

  • Malware Response Team
  • 39,586 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:29 PM

Posted 24 October 2014 - 01:21 PM

All OK>

Try this suggestion I just found.

Check to make sure that you haven't hit the Mute function key by accident. It may be F11 (or close to it!)
Some systems require you to hold down a function key while doing that. That key is usually near the bottom
left of the keyboard, next to the CTRL key or the Windows Logo key.

#14 woch2331

woch2331
  • Topic Starter

  • Members
  • 91 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:29 PM

Posted 25 October 2014 - 03:20 PM

It appears that the problem is related to a LogMeIn connection issue:

 

  1. Open Regedit (Start > Run > TYPE regedit [ENTER]
  2. Navigate to HKLM\SOFTWARE\LogMeIn\V5\RemoteControl
  3. Right click on the right panel New > DWORD Value
  4. Rename it to SndAutoStart and set the value to 0
  5. Reconnect to ensure settings have taken effect.

 

All appears to be working correctly.



#15 nasdaq

nasdaq

  • Malware Response Team
  • 39,586 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:29 PM

Posted 26 October 2014 - 07:27 AM

Glad you found the solution.

One last scan.

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
p.s.
If the SecurityCheck program fails to run for any reason, run it as an Administrator.

If the site is busy or not available use this mirror site:
http://www.bleepingcomputer.com/download/securitycheck/




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users