Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected by something unknown to everyone?


  • Please log in to reply
11 replies to this topic

#1 Athlete

Athlete

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:06:56 PM

Posted 31 March 2015 - 06:36 AM

I apologize for not knowing where to post this exactly
 
I've noticed a process named yooyie.exe in my processes list and dont know what it is (even google can't find anything about this) but I think it's spying me or stealing my data because someone has already broken into my gmail and ebay accounts, not sure if it has anything to do with this yooyie.exe or if the process itself actually poses any threats
 
Here it is:
cbrVq9.png


BC AdBot (Login to Remove)

 


#2 McSheHe

McSheHe

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:56 PM

Posted 31 March 2015 - 07:14 AM

A lot of times these things have randomly generated names which is why your google searches come up empty. If you were to open msconfig you would most likely see this process set to run on startup possibly launching from program data. 

 

Have you run any anti-virus scans such as Malwarebytes? If not, it can be downloaded here.

Your best bet would be to scan with it while in safe mode so that process is not running



#3 Athlete

Athlete
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:06:56 PM

Posted 31 March 2015 - 07:24 AM

Thanks McSheHe

 

I'm using microsoft security essentials free

There is something in there, could this be this thing?

 

QWJ0uK.png



#4 McSheHe

McSheHe

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:56 PM

Posted 31 March 2015 - 07:27 AM

That definitely should not be there.

I would strongly suggest running Malwarebytes.



#5 Athlete

Athlete
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:06:56 PM

Posted 31 March 2015 - 12:00 PM

Performed a scan with Malwarebytes and discovered and cleared something, there was some worm and couple of other things

 

Got rid of that yooyie.exe but this buawiim thing is still here

 

Am I still infected? How can I be sure?



#6 Queen-Evie

Queen-Evie

    Official Bleepin' G.R.I.T.S. (and proud of it)


  • Members
  • 16,485 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:My own little corner of the universe (somewhere in Alabama). It's OK, they know me here
  • Local time:12:56 PM

Posted 31 March 2015 - 12:55 PM

Have you run any anti-virus scans such as Malwarebytes? If not, it can be downloaded here.


For the record Malwarebytes is not an anti-virus. This is the best explanation about MBAM.
 

Malwarebytes Anti-Malware is not an anti-virus program nor should it be used as a replacement. Malwarebytes does not act as a real-time protection scanner for every file like anti-virus software so it is intended to be a supplement, not a substitute. The following quote is a statement from the Malwarebytes Team.





Malwarebytes Anti-Malware is not meant to be a replacement for antivirus software. Malwarebytes Anti-Malware is a complementary but essential program which detects and removes zero-day malware and "Malware in the Wild". This includes malicious programs and files, such as viruses, worms, trojans, rootkits, dialers, spyware, and rogue applications that many antivirus programs do not detect or cannot fully remove. It is important to note that Malwarebytes Anti-Malware works well and should run alongside antivirus software without conflicts. In some rare instances, exclusions may need to be set for your specific antivirus product to achieve the best possible system performance.

Larry Tate
Product Support


Thus, you need both an anti-virus and an anti-malware program...together they provide the most comprehensive protection.


Edited by Queen-Evie, 31 March 2015 - 01:31 PM.
edit to correct spelling error


#7 Athlete

Athlete
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:06:56 PM

Posted 31 March 2015 - 01:07 PM

I'm using microsoft security essentials, ran a full scan and it didn't find any threats

 

But what is that buawiim thing then? How ti get rid of it? Does it pose any threat?



#8 Queen-Evie

Queen-Evie

    Official Bleepin' G.R.I.T.S. (and proud of it)


  • Members
  • 16,485 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:My own little corner of the universe (somewhere in Alabama). It's OK, they know me here
  • Local time:12:56 PM

Posted 31 March 2015 - 01:33 PM

Athlete, someone will be able to answer your questions. Please be patient (I know that is hard when you have issues you resolved ASAP) until one of the Am I Infected helpers replies.

#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:56 PM

Posted 31 March 2015 - 03:07 PM

Hi Athlete, Lets get a few looks.

3Al62Pm.pngMiniToolBox
  • Please download MiniToolBox, save it to your desktop and run it.
  • Checkmark the following checkboxes:
    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
SXvL3ZF.pngTDSSKiller
  • Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
zcMPezJ.pngAdwCleaner
  • Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool. Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
lv0mVRW.pngJunkware Removal Tool
  • Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
cvMlKv6.pngESET Online Scanner
  • Hold down Control and click on this link to open ESET Online Scanner in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE: Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 Athlete

Athlete
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:06:56 PM

Posted 18 April 2015 - 10:43 AM

Hi, sorry for the delay, had some serious thigns going on
 
 
Minitoolboox
 
MiniToolBox by Farbar  Version: 09-03-2015
Ran by xxx (administrator) on 18-04-2015 at 16:49:58
Running from "C:\Users\xxx\Downloads"
Microsoft Windows 7 Professional  Service Pack 1 (X86)
Model: IL9 Pro Manufacturer: System Manufacturer
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
 
 
 
========================= IP Configuration: ================================
 
Realtek RTL8139/810x Family Fast Ethernet NIC = Local Area Connection (Connected)
Realtek RTL8169/8110 Family PCI Gigabit Ethernet NIC (NDIS 6.20) = Local Area Connection 2 (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : xxx-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : lan
 
Ethernet adapter Local Area Connection 2:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Realtek RTL8169/8110 Family PCI Gigabit Ethernet NIC (NDIS 6.20)
   Physical Address. . . . . . . . . : 00-50-8D-CA-0A-EA
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter Local Area Connection:
 
   Connection-specific DNS Suffix  . : lan
   Description . . . . . . . . . . . : Realtek RTL8139/810x Family Fast Ethernet NIC
   Physical Address. . . . . . . . . : 00-11-3B-0E-60-94
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::d0b2:4330:a241:17be%11(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.24(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : 17. travnja 2015. 1:26:05
   Lease Expires . . . . . . . . . . : 19. travnja 2015. 10:59:38
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 234885435
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-36-20-EA-00-11-3B-0E-60-94
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter isatap.{CE624433-21D3-4B2B-BA61-0FC82798E8B6}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 11:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:90d7:304b:366a:a274:56ac(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::304b:366a:a274:56ac%13(Preferred) 
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
 
Tunnel adapter isatap.lan:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  dsldevice.lan
Address:  192.168.1.1
 
Name:    google.com
Addresses:  2a00:1450:4002:803::1007
 208.117.229.251
 208.117.229.244
 208.117.229.247
 208.117.229.245
 208.117.229.250
 208.117.229.248
 208.117.229.246
 208.117.229.249
 
 
Pinging google.com [208.117.229.244] with 32 bytes of data:
Reply from 208.117.229.244: bytes=32 time=20ms TTL=58
Reply from 208.117.229.244: bytes=32 time=20ms TTL=58
 
Ping statistics for 208.117.229.244:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 20ms, Maximum = 20ms, Average = 20ms
Server:  dsldevice.lan
Address:  192.168.1.1
 
Name:    yahoo.com
Addresses:  206.190.36.45
 98.139.183.24
 98.138.253.109
 
 
Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=141ms TTL=45
Reply from 98.139.183.24: bytes=32 time=138ms TTL=45
 
Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 138ms, Maximum = 141ms, Average = 139ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 14...00 50 8d ca 0a ea ......Realtek RTL8169/8110 Family PCI Gigabit Ethernet NIC (NDIS 6.20)
 11...00 11 3b 0e 60 94 ......Realtek RTL8139/810x Family Fast Ethernet NIC
  1...........................Software Loopback Interface 1
 12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1     192.168.1.24     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link      192.168.1.24    276
     192.168.1.24  255.255.255.255         On-link      192.168.1.24    276
    192.168.1.255  255.255.255.255         On-link      192.168.1.24    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.1.24    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.1.24    276
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 13     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 13     58 2001::/32                On-link
 13    306 2001:0:9d38:90d7:304b:366a:a274:56ac/128
                                    On-link
 11    276 fe80::/64                On-link
 13    306 fe80::/64                On-link
 13    306 fe80::304b:366a:a274:56ac/128
                                    On-link
 11    276 fe80::d0b2:4330:a241:17be/128
                                    On-link
  1    306 ff00::/8                 On-link
 13    306 ff00::/8                 On-link
 11    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (04/17/2015 10:58:55 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe_SysMain, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: sysmain.dll, version: 6.1.7601.17514, time stamp: 0x4ce7ba10
Exception code: 0xc0000005
Fault offset: 0x0003f1aa
Faulting process id: 0x690
Faulting application start time: 0xsvchost.exe_SysMain0
Faulting application path: svchost.exe_SysMain1
Faulting module path: svchost.exe_SysMain2
Report Id: svchost.exe_SysMain3
 
Error: (04/17/2015 01:27:46 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/16/2015 08:55:37 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe_SysMain, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: sysmain.dll, version: 6.1.7601.17514, time stamp: 0x4ce7ba10
Exception code: 0xc0000005
Fault offset: 0x00031256
Faulting process id: 0x710
Faulting application start time: 0xsvchost.exe_SysMain0
Faulting application path: svchost.exe_SysMain1
Faulting module path: svchost.exe_SysMain2
Report Id: svchost.exe_SysMain3
 
Error: (04/16/2015 08:46:27 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/16/2015 08:44:04 PM) (Source: Application Error) (User: )
Description: Faulting application name: chrome.exe, version: 42.0.2311.90, time stamp: 0x552c2225
Faulting module name: chrome.dll, version: 42.0.2311.90, time stamp: 0x552c1dea
Exception code: 0xc0000005
Fault offset: 0x0086641c
Faulting process id: 0x900
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3
 
Error: (04/16/2015 08:43:58 PM) (Source: Application Error) (User: )
Description: Faulting application name: chrome.exe, version: 42.0.2311.90, time stamp: 0x552c2225
Faulting module name: chrome.exe, version: 42.0.2311.90, time stamp: 0x552c2225
Exception code: 0x40000015
Fault offset: 0x0004bd69
Faulting process id: 0x900
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3
 
Error: (04/16/2015 06:54:08 PM) (Source: Application Error) (User: )
Description: Faulting application name: chrome.exe, version: 42.0.2311.90, time stamp: 0x552c2225
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea91c
Exception code: 0xc0000374
Fault offset: 0x000c3873
Faulting process id: 0x77c
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3
 
Error: (04/16/2015 06:53:09 PM) (Source: Application Error) (User: )
Description: Faulting application name: chrome.exe, version: 42.0.2311.90, time stamp: 0x552c2225
Faulting module name: chrome.dll, version: 42.0.2311.90, time stamp: 0x552c1dea
Exception code: 0x80000003
Fault offset: 0x0053ae0f
Faulting process id: 0x814
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3
 
Error: (04/16/2015 06:52:50 PM) (Source: Application Error) (User: )
Description: Faulting application name: chrome.exe, version: 42.0.2311.90, time stamp: 0x552c2225
Faulting module name: chrome.dll, version: 42.0.2311.90, time stamp: 0x552c1dea
Exception code: 0x80000003
Fault offset: 0x0053ae0f
Faulting process id: 0x4c4
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3
 
Error: (04/16/2015 06:52:38 PM) (Source: Application Error) (User: )
Description: Faulting application name: chrome.exe, version: 42.0.2311.90, time stamp: 0x552c2225
Faulting module name: chrome.dll, version: 42.0.2311.90, time stamp: 0x552c1dea
Exception code: 0x80000003
Fault offset: 0x0053ae0f
Faulting process id: 0x9cc
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3
 
 
System errors:
=============
Error: (04/18/2015 03:42:52 PM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
 
Error: (04/17/2015 10:58:55 PM) (Source: Service Control Manager) (User: )
Description: The Superfetch service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
 
Error: (04/17/2015 01:26:15 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
cdrom
 
Error: (04/16/2015 08:55:38 PM) (Source: Service Control Manager) (User: )
Description: The Superfetch service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
 
Error: (04/16/2015 08:44:51 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
cdrom
 
Error: (04/16/2015 07:19:31 PM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
 
Error: (04/16/2015 06:18:51 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
cdrom
 
Error: (04/16/2015 06:18:47 PM) (Source: BugCheck) (User: )
Description: 0x0000001a (0x00041790, 0xc08020ee, 0x0000ffff, 0x00000000)C:\Windows\MEMORY.DMP041615-29109-01
 
Error: (04/16/2015 06:18:47 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 18:21:04 on ?16.?4.?2015. was unexpected.
 
Error: (04/16/2015 05:27:57 PM) (Source: Service Control Manager) (User: )
Description: The Superfetch service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
 
 
Microsoft Office Sessions:
=========================
Error: (04/17/2015 10:58:55 PM) (Source: Application Error)(User: )
Description: svchost.exe_SysMain6.1.7600.163854a5bc100sysmain.dll6.1.7601.175144ce7ba10c00000050003f1aa69001d0789cbadda0e4C:\Windows\system32\svchost.exec:\windows\system32\sysmain.dll8ea2e013-e544-11e4-9a6c-00508dca0aea
 
Error: (04/17/2015 01:27:46 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/16/2015 08:55:37 PM) (Source: Application Error)(User: )
Description: svchost.exe_SysMain6.1.7600.163854a5bc100sysmain.dll6.1.7601.175144ce7ba10c00000050003125671001d078756bd76c72C:\Windows\system32\svchost.exec:\windows\system32\sysmain.dll2ac2dbb5-e46a-11e4-a2f3-00508dca0aea
 
Error: (04/16/2015 08:46:27 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/16/2015 08:44:04 PM) (Source: Application Error)(User: )
Description: chrome.exe42.0.2311.90552c2225chrome.dll42.0.2311.90552c1deac00000050086641c90001d078754ab1cef0C:\Program Files\Google\Chrome\Application\chrome.exeC:\Program Files\Google\Chrome\Application\42.0.2311.90\chrome.dll8ddaa3dc-e468-11e4-8e0b-00508dca0aea
 
Error: (04/16/2015 08:43:58 PM) (Source: Application Error)(User: )
Description: chrome.exe42.0.2311.90552c2225chrome.exe42.0.2311.90552c2225400000150004bd6990001d078754ab1cef0C:\Program Files\Google\Chrome\Application\chrome.exeC:\Program Files\Google\Chrome\Application\chrome.exe8a1046c6-e468-11e4-8e0b-00508dca0aea
 
Error: (04/16/2015 06:54:08 PM) (Source: Application Error)(User: )
Description: chrome.exe42.0.2311.90552c2225ntdll.dll6.1.7601.18247521ea91cc0000374000c387377c01d07865f415e389C:\Program Files\Google\Chrome\Application\chrome.exeC:\Windows\SYSTEM32\ntdll.dll327c66cf-e459-11e4-8e0b-00508dca0aea
 
Error: (04/16/2015 06:53:09 PM) (Source: Application Error)(User: )
Description: chrome.exe42.0.2311.90552c2225chrome.dll42.0.2311.90552c1dea800000030053ae0f81401d07865d0b88a10C:\Program Files\Google\Chrome\Application\chrome.exeC:\Program Files\Google\Chrome\Application\42.0.2311.90\chrome.dll0ee3728c-e459-11e4-8e0b-00508dca0aea
 
Error: (04/16/2015 06:52:50 PM) (Source: Application Error)(User: )
Description: chrome.exe42.0.2311.90552c2225chrome.dll42.0.2311.90552c1dea800000030053ae0f4c401d07865beebe9caC:\Program Files\Google\Chrome\Application\chrome.exeC:\Program Files\Google\Chrome\Application\42.0.2311.90\chrome.dll040992af-e459-11e4-8e0b-00508dca0aea
 
Error: (04/16/2015 06:52:38 PM) (Source: Application Error)(User: )
Description: chrome.exe42.0.2311.90552c2225chrome.dll42.0.2311.90552c1dea800000030053ae0f9cc01d07865be49c9e2C:\Program Files\Google\Chrome\Application\chrome.exeC:\Program Files\Google\Chrome\Application\42.0.2311.90\chrome.dllfca9261a-e458-11e4-8e0b-00508dca0aea
 
 
 
=========================== Installed Programs ============================
µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.37754 - BitTorrent Inc.)
888poker (HKLM\...\888poker) (Version:  - )
Adobe Flash Player 17 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Among The Heavens (HKLM\...\Among The Heavens1.1) (Version: 1.1 - Foxy Games)
Asterix Mega Madness (HKLM\...\{09C8B025-F0C5-4EF2-BC4F-399269BDE0C8}) (Version:  - )
Build-a-lot 2 - Town of the Year (HKLM\...\{1A292D38-BFA3-4132-9704-D9C94B7436B9}) (Version: 1.0.0 - LeeGTs Games)
CPUID HWMonitor Pro 1.22 (HKLM\...\CPUID HWMonitorPro_is1) (Version:  - )
Definition Update for Microsoft Office 2010 (KB2956079) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{03F28B72-0BEC-4998-95D9-4AA9418D0041}) (Version:  - Microsoft)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version:  - )
Google Chrome (HKLM\...\Google Chrome) (Version: 42.0.2311.90 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
LG United Mobile Drivers (HKLM\...\{55031CEF-CE75-4A5C-8DEA-60577820529B}) (Version: 3.10.1.0 - LG Electronics)
Malwarebytes Anti-Malware version 2.1.4.1018 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Version: 4.5.51209 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.7.0205.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (Version: 10.0.50908 - Microsoft Corporation) Hidden
MPC-HC 1.7.6 (HKLM\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.6 - MPC-HC Team)
NVIDIA Control Panel 307.83 (Version: 307.83 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 307.83 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 307.83 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.109.706 - NVIDIA Corporation) Hidden
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.10.8 - NVIDIA Corporation) Hidden
PowerISO (HKLM\...\PowerISO) (Version: 6.0 - Power Software Ltd)
Programmer's Notepad (HKLM\...\{52CF142B-7B0E-41E7-98F5-B834122523E7}_is1) (Version: 2.3.4.2350 - Simon Steele)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.)
Room Arranger (HKLM\...\Room Arranger) (Version: 7.5.4 - Jan Adamec)
Skype™ 7.2 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)
TypingTutorial_HR 4.41 (HKLM\...\TypingTutorial_HR) (Version:  - )
Update for Microsoft Office 2010 (KB2494150) (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Widevine Media Optimizer Chrome 6.0.0 (HKCU\...\optimizer_chrome) (Version: 6.0.0.12757 - Widevine Technologies)
Widevine Media Optimizer Chrome 6.0.0 (HKLM\...\optimizer_chrome) (Version: 6.0.0.12757 - Widevine Technologies)
Windows 7 USB/DVD Download Tool (HKLM\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
WinRAR 5.01 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 42%
Total physical RAM: 2943.3 MB
Available physical RAM: 1678.32 MB
Total Pagefile: 5884.9 MB
Available Pagefile: 3993.13 MB
Total Virtual: 2047.88 MB
Available Virtual: 1942.14 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:40 GB) (Free:8.2 GB) NTFS
2 Drive d: () (Fixed) (Total:34.43 GB) (Free:4.69 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\XXX-PC
 
Administrator            Guest                    UpdatusUser              
xxx                      
 
 
**** End of log ****
 
 
 
 
 
 
TDSSKiller
 
16:50:54.0583 0x12ac  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
16:50:59.0916 0x12ac  ============================================================
16:50:59.0916 0x12ac  Current date / time: 2015/04/18 16:50:59.0916
16:50:59.0917 0x12ac  SystemInfo:
16:50:59.0917 0x12ac  
16:50:59.0917 0x12ac  OS Version: 6.1.7601 ServicePack: 1.0
16:50:59.0917 0x12ac  Product type: Workstation
16:50:59.0917 0x12ac  ComputerName: XXX-PC
16:50:59.0918 0x12ac  UserName: xxx
16:50:59.0918 0x12ac  Windows directory: C:\Windows
16:50:59.0918 0x12ac  System windows directory: C:\Windows
16:50:59.0918 0x12ac  Processor architecture: Intel x86
16:50:59.0918 0x12ac  Number of processors: 2
16:50:59.0918 0x12ac  Page size: 0x1000
16:50:59.0918 0x12ac  Boot type: Normal boot
16:50:59.0918 0x12ac  ============================================================
16:51:02.0140 0x12ac  KLMD registered as C:\Windows\system32\drivers\44475416.sys
16:51:02.0960 0x12ac  System UUID: {C0AE4243-B5C7-F14B-E7B1-C3E68E29C394}
16:51:04.0016 0x12ac  Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 ( 74.53 Gb ), SectorSize: 0x200, Cylinders: 0x1430B, SectorsPerTrack: 0xE, TracksPerCylinder: 0x87, Type 'K0', Flags 0x00000050
16:51:05.0602 0x12ac  ============================================================
16:51:05.0602 0x12ac  \Device\Harddisk0\DR0:
16:51:05.0602 0x12ac  MBR partitions:
16:51:05.0602 0x12ac  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
16:51:05.0602 0x12ac  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x5000000
16:51:05.0602 0x12ac  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x5032800, BlocksNum 0x44DC800
16:51:05.0602 0x12ac  ============================================================
16:51:05.0632 0x12ac  C: <-> \Device\Harddisk0\DR0\Partition2
16:51:05.0666 0x12ac  D: <-> \Device\Harddisk0\DR0\Partition3
16:51:05.0666 0x12ac  ============================================================
16:51:05.0666 0x12ac  Initialize success
16:51:05.0666 0x12ac  ============================================================
16:51:08.0980 0x0570  ============================================================
16:51:08.0980 0x0570  Scan started
16:51:08.0980 0x0570  Mode: Manual; 
16:51:08.0980 0x0570  ============================================================
16:51:08.0980 0x0570  KSN ping started
16:51:11.0698 0x0570  KSN ping finished: true
16:51:12.0483 0x0570  ================ Scan system memory ========================
16:51:12.0483 0x0570  System memory - ok
16:51:12.0484 0x0570  ================ Scan services =============================
16:51:12.0632 0x0570  [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
16:51:12.0638 0x0570  1394ohci - ok
16:51:12.0685 0x0570  [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI            C:\Windows\system32\drivers\ACPI.sys
16:51:12.0693 0x0570  ACPI - ok
16:51:12.0718 0x0570  [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
16:51:12.0720 0x0570  AcpiPmi - ok
16:51:12.0792 0x0570  [ B04A4810C6CC205F9DC72DC22E4AB236, 547321F5C28C80D4818372D65E2A33D4BAC593015DD6613B24586FE4B4A95D5D ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
16:51:12.0801 0x0570  AdobeFlashPlayerUpdateSvc - ok
16:51:12.0863 0x0570  [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
16:51:12.0879 0x0570  adp94xx - ok
16:51:12.0916 0x0570  [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci         C:\Windows\system32\drivers\adpahci.sys
16:51:12.0928 0x0570  adpahci - ok
16:51:12.0946 0x0570  [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320         C:\Windows\system32\drivers\adpu320.sys
16:51:12.0952 0x0570  adpu320 - ok
16:51:12.0989 0x0570  [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
16:51:12.0995 0x0570  AeLookupSvc - ok
16:51:13.0055 0x0570  [ D0B388DA1D111A34366E04EB4A5DD156, 60D226F027F4025CC032CAFF73A80FAFB5FA75445654FDCF80CA8C0419C6E938 ] AFD             C:\Windows\system32\drivers\afd.sys
16:51:13.0075 0x0570  AFD - ok
16:51:13.0106 0x0570  [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\Windows\system32\drivers\agp440.sys
16:51:13.0109 0x0570  agp440 - ok
16:51:13.0138 0x0570  [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
16:51:13.0142 0x0570  aic78xx - ok
16:51:13.0182 0x0570  [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG             C:\Windows\System32\alg.exe
16:51:13.0191 0x0570  ALG - ok
16:51:13.0227 0x0570  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide          C:\Windows\system32\drivers\aliide.sys
16:51:13.0230 0x0570  aliide - ok
16:51:13.0252 0x0570  [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
16:51:13.0255 0x0570  amdagp - ok
16:51:13.0268 0x0570  [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide          C:\Windows\system32\drivers\amdide.sys
16:51:13.0271 0x0570  amdide - ok
16:51:13.0306 0x0570  [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
16:51:13.0310 0x0570  AmdK8 - ok
16:51:13.0332 0x0570  [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
16:51:13.0340 0x0570  AmdPPM - ok
16:51:13.0398 0x0570  [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
16:51:13.0402 0x0570  amdsata - ok
16:51:13.0423 0x0570  [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
16:51:13.0429 0x0570  amdsbs - ok
16:51:13.0443 0x0570  [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
16:51:13.0444 0x0570  amdxata - ok
16:51:13.0481 0x0570  [ E499E422412EF37576092A52648DB2B4, 95E9C11258CAF37060242BA4E1170CEDECF3376CF0A9A1E61D46706D7C7F36F8 ] AppID           C:\Windows\system32\drivers\appid.sys
16:51:13.0485 0x0570  AppID - ok
16:51:13.0501 0x0570  [ 89B6FA43B68A373B304DFB8F6776B255, 36ABD9AB89CBC7991DE9B04051B26014982953697862BC46EF8AE4ACC2404128 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
16:51:13.0503 0x0570  AppIDSvc - ok
16:51:13.0531 0x0570  [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo         C:\Windows\System32\appinfo.dll
16:51:13.0533 0x0570  Appinfo - ok
16:51:13.0566 0x0570  [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt         C:\Windows\System32\appmgmts.dll
16:51:13.0572 0x0570  AppMgmt - ok
16:51:13.0612 0x0570  [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc             C:\Windows\system32\drivers\arc.sys
16:51:13.0615 0x0570  arc - ok
16:51:13.0636 0x0570  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas          C:\Windows\system32\drivers\arcsas.sys
16:51:13.0640 0x0570  arcsas - ok
16:51:13.0725 0x0570  [ 537B2948976F5D9B5767B74A63EBB395, 1A14F8B582E74AD15B612EDA5B707AA3CB0B2A107ED14572B4232EAA7383B634 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
16:51:13.0731 0x0570  aspnet_state - ok
16:51:13.0761 0x0570  [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
16:51:13.0763 0x0570  AsyncMac - ok
16:51:13.0788 0x0570  [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi           C:\Windows\system32\drivers\atapi.sys
16:51:13.0790 0x0570  atapi - ok
16:51:13.0855 0x0570  [ F4157B3CECF19B1C266C83AFF051C97A, 26728B59B6003EB36BC322D189254574E94790CE23637228A669FAD6ED76ECE3 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:51:13.0870 0x0570  AudioEndpointBuilder - ok
16:51:13.0890 0x0570  [ F4157B3CECF19B1C266C83AFF051C97A, 26728B59B6003EB36BC322D189254574E94790CE23637228A669FAD6ED76ECE3 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
16:51:13.0903 0x0570  Audiosrv - ok
16:51:13.0935 0x0570  [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV        C:\Windows\System32\AxInstSV.dll
16:51:13.0939 0x0570  AxInstSV - ok
16:51:13.0975 0x0570  [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv         C:\Windows\system32\drivers\bxvbdx.sys
16:51:13.0990 0x0570  b06bdrv - ok
16:51:14.0017 0x0570  [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
16:51:14.0025 0x0570  b57nd60x - ok
16:51:14.0059 0x0570  [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC          C:\Windows\System32\bdesvc.dll
16:51:14.0063 0x0570  BDESVC - ok
16:51:14.0074 0x0570  [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep            C:\Windows\system32\drivers\Beep.sys
16:51:14.0076 0x0570  Beep - ok
16:51:14.0125 0x0570  [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE             C:\Windows\System32\bfe.dll
16:51:14.0141 0x0570  BFE - ok
16:51:14.0207 0x0570  [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS            C:\Windows\System32\qmgr.dll
16:51:14.0229 0x0570  BITS - ok
16:51:14.0252 0x0570  [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
16:51:14.0254 0x0570  blbdrive - ok
16:51:14.0281 0x0570  [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
16:51:14.0284 0x0570  bowser - ok
16:51:14.0297 0x0570  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
16:51:14.0298 0x0570  BrFiltLo - ok
16:51:14.0309 0x0570  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
16:51:14.0311 0x0570  BrFiltUp - ok
16:51:14.0339 0x0570  [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser         C:\Windows\System32\browser.dll
16:51:14.0344 0x0570  Browser - ok
16:51:14.0371 0x0570  [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
16:51:14.0379 0x0570  Brserid - ok
16:51:14.0393 0x0570  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
16:51:14.0396 0x0570  BrSerWdm - ok
16:51:14.0413 0x0570  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
16:51:14.0415 0x0570  BrUsbMdm - ok
16:51:14.0432 0x0570  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
16:51:14.0435 0x0570  BrUsbSer - ok
16:51:14.0452 0x0570  [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
16:51:14.0455 0x0570  BTHMODEM - ok
16:51:14.0486 0x0570  [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv         C:\Windows\system32\bthserv.dll
16:51:14.0490 0x0570  bthserv - ok
16:51:14.0516 0x0570  [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
16:51:14.0519 0x0570  cdfs - ok
16:51:14.0557 0x0570  [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
16:51:14.0562 0x0570  cdrom - ok
16:51:14.0584 0x0570  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc     C:\Windows\System32\certprop.dll
16:51:14.0587 0x0570  CertPropSvc - ok
16:51:14.0615 0x0570  [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass        C:\Windows\system32\drivers\circlass.sys
16:51:14.0632 0x0570  circlass - ok
16:51:14.0673 0x0570  [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS            C:\Windows\system32\CLFS.sys
16:51:14.0681 0x0570  CLFS - ok
16:51:14.0739 0x0570  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:51:14.0745 0x0570  clr_optimization_v2.0.50727_32 - ok
16:51:14.0791 0x0570  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:51:14.0796 0x0570  clr_optimization_v4.0.30319_32 - ok
16:51:14.0822 0x0570  [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
16:51:14.0824 0x0570  CmBatt - ok
16:51:14.0836 0x0570  [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
16:51:14.0838 0x0570  cmdide - ok
16:51:14.0882 0x0570  [ F516F1167EFBBC5ABC90687C94497869, AD650D56241533439419EA00236ABE14AB6E50B768620211D1A44047A9FA14EC ] CNG             C:\Windows\system32\Drivers\cng.sys
16:51:14.0894 0x0570  CNG - ok
16:51:14.0911 0x0570  [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
16:51:14.0913 0x0570  Compbatt - ok
16:51:14.0941 0x0570  [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
16:51:14.0943 0x0570  CompositeBus - ok
16:51:14.0960 0x0570  COMSysApp - ok
16:51:14.0975 0x0570  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
16:51:14.0977 0x0570  crcdisk - ok
16:51:15.0030 0x0570  [ 623E143F2DF17C0106A9988F5D7DC878, 9DA30262FF22FA9F1DB247CB3B4A2892D79730EF0ECC9589D399D24B4F58E565 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
16:51:15.0036 0x0570  CryptSvc - ok
16:51:15.0071 0x0570  [ 3C2177A897B4CA2788C6FB0C3FD81D4B, 98575CBD0664586E6211D02E71BDD52CBAA149A1658573550E29E74E5F7B1553 ] CSC             C:\Windows\system32\drivers\csc.sys
16:51:15.0083 0x0570  CSC - ok
16:51:15.0122 0x0570  [ 15F93B37F6801943360D9EB42485D5D3, DD6838C6496CB15F8BB57A6596F6A64ADD9C36B09F062295699131232712B558 ] CscService      C:\Windows\System32\cscsvc.dll
16:51:15.0139 0x0570  CscService - ok
16:51:15.0189 0x0570  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch      C:\Windows\system32\rpcss.dll
16:51:15.0203 0x0570  DcomLaunch - ok
16:51:15.0238 0x0570  [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc       C:\Windows\System32\defragsvc.dll
16:51:15.0246 0x0570  defragsvc - ok
16:51:15.0277 0x0570  [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
16:51:15.0280 0x0570  DfsC - ok
16:51:15.0326 0x0570  [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
16:51:15.0334 0x0570  Dhcp - ok
16:51:15.0350 0x0570  [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache        C:\Windows\system32\drivers\discache.sys
16:51:15.0353 0x0570  discache - ok
16:51:15.0389 0x0570  [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk            C:\Windows\system32\drivers\disk.sys
16:51:15.0391 0x0570  Disk - ok
16:51:15.0416 0x0570  [ 2A958EF85DB1B61FFCA65044FA4BCE9E, C83511685EE1CE85A5ADF9B5BE96C375A521601F66024BDC3EE044C0B6E85D69 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
16:51:15.0420 0x0570  dmvsc - ok
16:51:15.0448 0x0570  [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache        C:\Windows\System32\dnsrslvr.dll
16:51:15.0457 0x0570  Dnscache - ok
16:51:15.0488 0x0570  [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc         C:\Windows\System32\dot3svc.dll
16:51:15.0496 0x0570  dot3svc - ok
16:51:15.0536 0x0570  [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS             C:\Windows\system32\dps.dll
16:51:15.0541 0x0570  DPS - ok
16:51:15.0579 0x0570  [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
16:51:15.0580 0x0570  drmkaud - ok
16:51:15.0644 0x0570  [ 3583A5A8CC2E682BFFBD4630D0FEC08B, FD0F184B358FCECAA763444B414074BEF4E871EB7527D88385519FC158435C72 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
16:51:15.0668 0x0570  DXGKrnl - ok
16:51:15.0720 0x0570  [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost         C:\Windows\System32\eapsvc.dll
16:51:15.0727 0x0570  EapHost - ok
16:51:15.0883 0x0570  [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv           C:\Windows\system32\drivers\evbdx.sys
16:51:15.0979 0x0570  ebdrv - ok
16:51:16.0017 0x0570  [ BF08DE8E4FA1F143D41B3241F7FCE5F6, 4140BE0ECE0D4B8FDD413DBA120F5D7EF6F94628224320EDA2A85E50BEFDA638 ] EFS             C:\Windows\System32\lsass.exe
16:51:16.0020 0x0570  EFS - ok
16:51:16.0081 0x0570  [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
16:51:16.0099 0x0570  ehRecvr - ok
16:51:16.0118 0x0570  [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched         C:\Windows\ehome\ehsched.exe
16:51:16.0122 0x0570  ehSched - ok
16:51:16.0167 0x0570  [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
16:51:16.0182 0x0570  elxstor - ok
16:51:16.0200 0x0570  [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
16:51:16.0202 0x0570  ErrDev - ok
16:51:16.0247 0x0570  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem     C:\Windows\system32\es.dll
16:51:16.0255 0x0570  EventSystem - ok
16:51:16.0283 0x0570  [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat           C:\Windows\system32\drivers\exfat.sys
16:51:16.0289 0x0570  exfat - ok
16:51:16.0325 0x0570  [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
16:51:16.0331 0x0570  fastfat - ok
16:51:16.0381 0x0570  [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax             C:\Windows\system32\fxssvc.exe
16:51:16.0399 0x0570  Fax - ok
16:51:16.0423 0x0570  [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
16:51:16.0425 0x0570  fdc - ok
16:51:16.0450 0x0570  [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost         C:\Windows\system32\fdPHost.dll
16:51:16.0453 0x0570  fdPHost - ok
16:51:16.0469 0x0570  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub        C:\Windows\system32\fdrespub.dll
16:51:16.0471 0x0570  FDResPub - ok
16:51:16.0488 0x0570  [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
16:51:16.0490 0x0570  FileInfo - ok
16:51:16.0504 0x0570  [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
16:51:16.0512 0x0570  Filetrace - ok
16:51:16.0525 0x0570  [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
16:51:16.0527 0x0570  flpydisk - ok
16:51:16.0552 0x0570  [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
16:51:16.0558 0x0570  FltMgr - ok
16:51:16.0618 0x0570  [ AE4A64971268FAC8AEA0D0EFCE06BBE8, C1528A25FA771AE2866890AC03DF520739C6580F7DF0083B50D221C60BD0EE50 ] FontCache       C:\Windows\system32\FntCache.dll
16:51:16.0643 0x0570  FontCache - ok
16:51:16.0696 0x0570  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
16:51:16.0698 0x0570  FontCache3.0.0.0 - ok
16:51:16.0726 0x0570  [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
16:51:16.0729 0x0570  FsDepends - ok
16:51:16.0761 0x0570  [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
16:51:16.0763 0x0570  Fs_Rec - ok
16:51:16.0799 0x0570  [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
16:51:16.0806 0x0570  fvevol - ok
16:51:16.0825 0x0570  [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
16:51:16.0828 0x0570  gagp30kx - ok
16:51:16.0871 0x0570  [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc           C:\Windows\System32\gpsvc.dll
16:51:16.0890 0x0570  gpsvc - ok
16:51:16.0967 0x0570  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
16:51:16.0971 0x0570  gupdate - ok
16:51:16.0980 0x0570  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
16:51:16.0983 0x0570  gupdatem - ok
16:51:17.0017 0x0570  [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
16:51:17.0019 0x0570  hcw85cir - ok
16:51:17.0062 0x0570  [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:51:17.0073 0x0570  HdAudAddService - ok
16:51:17.0097 0x0570  [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
16:51:17.0102 0x0570  HDAudBus - ok
16:51:17.0113 0x0570  [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
16:51:17.0115 0x0570  HidBatt - ok
16:51:17.0130 0x0570  [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth          C:\Windows\system32\drivers\hidbth.sys
16:51:17.0134 0x0570  HidBth - ok
16:51:17.0161 0x0570  [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr           C:\Windows\system32\drivers\hidir.sys
16:51:17.0163 0x0570  HidIr - ok
16:51:17.0184 0x0570  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv         C:\Windows\system32\hidserv.dll
16:51:17.0187 0x0570  hidserv - ok
16:51:17.0219 0x0570  [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
16:51:17.0221 0x0570  HidUsb - ok
16:51:17.0248 0x0570  [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc          C:\Windows\system32\kmsvc.dll
16:51:17.0252 0x0570  hkmsvc - ok
16:51:17.0277 0x0570  [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:51:17.0286 0x0570  HomeGroupListener - ok
16:51:17.0319 0x0570  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:51:17.0327 0x0570  HomeGroupProvider - ok
16:51:17.0359 0x0570  [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
16:51:17.0363 0x0570  HpSAMD - ok
16:51:17.0398 0x0570  [ 871917B07A141BFF43D76D8844D48106, 30C702008D0EE57D63F74864967DD19A55A268E77E42B5B3CC73037AD51D2987 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
16:51:17.0414 0x0570  HTTP - ok
16:51:17.0426 0x0570  [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
16:51:17.0427 0x0570  hwpolicy - ok
16:51:17.0451 0x0570  [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
16:51:17.0455 0x0570  i8042prt - ok
16:51:17.0484 0x0570  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
16:51:17.0496 0x0570  iaStorV - ok
16:51:17.0565 0x0570  [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:51:17.0591 0x0570  idsvc - ok
16:51:17.0620 0x0570  [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp           C:\Windows\system32\drivers\iirsp.sys
16:51:17.0623 0x0570  iirsp - ok
16:51:17.0675 0x0570  [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT          C:\Windows\System32\ikeext.dll
16:51:17.0698 0x0570  IKEEXT - ok
16:51:17.0850 0x0570  [ 816EEF1A714ABF9A633F478EFAC8F24C, 362492F5922781CE1AD6EB3DC8415BBEC736A5046BF6D9E82C69BADDE86048B8 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
16:51:17.0935 0x0570  IntcAzAudAddService - ok
16:51:17.0969 0x0570  [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide        C:\Windows\system32\drivers\intelide.sys
16:51:17.0970 0x0570  intelide - ok
16:51:17.0998 0x0570  [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
16:51:18.0000 0x0570  intelppm - ok
16:51:18.0022 0x0570  [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
16:51:18.0027 0x0570  IPBusEnum - ok
16:51:18.0041 0x0570  [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:51:18.0043 0x0570  IpFilterDriver - ok
16:51:18.0088 0x0570  [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
16:51:18.0106 0x0570  iphlpsvc - ok
16:51:18.0129 0x0570  [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
16:51:18.0133 0x0570  IPMIDRV - ok
16:51:18.0149 0x0570  [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
16:51:18.0154 0x0570  IPNAT - ok
16:51:18.0171 0x0570  [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
16:51:18.0173 0x0570  IRENUM - ok
16:51:18.0219 0x0570  [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
16:51:18.0222 0x0570  isapnp - ok
16:51:18.0247 0x0570  [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
16:51:18.0257 0x0570  iScsiPrt - ok
16:51:18.0283 0x0570  [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
16:51:18.0285 0x0570  kbdclass - ok
16:51:18.0314 0x0570  [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
16:51:18.0316 0x0570  kbdhid - ok
16:51:18.0325 0x0570  [ BF08DE8E4FA1F143D41B3241F7FCE5F6, 4140BE0ECE0D4B8FDD413DBA120F5D7EF6F94628224320EDA2A85E50BEFDA638 ] KeyIso          C:\Windows\system32\lsass.exe
16:51:18.0328 0x0570  KeyIso - ok
16:51:18.0365 0x0570  [ EF88BAC2B489D9C46F4E41ACF0219CD0, BF0FAF51BB6D0E588E53E483EF48D8D96B33544113892CC723CDEFAE7E5FB97A ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
16:51:18.0368 0x0570  KSecDD - ok
16:51:18.0385 0x0570  [ 49D70660EE8266988C1F99A0297A1430, D17B7A3118DB42358DEA80D8A21C5F1B0CC33BF74F6570676D4708B36BB91FD4 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
16:51:18.0389 0x0570  KSecPkg - ok
16:51:18.0426 0x0570  [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm           C:\Windows\system32\msdtckrm.dll
16:51:18.0438 0x0570  KtmRm - ok
16:51:18.0469 0x0570  [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer    C:\Windows\system32\srvsvc.dll
16:51:18.0477 0x0570  LanmanServer - ok
16:51:18.0513 0x0570  [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:51:18.0546 0x0570  LanmanWorkstation - ok
16:51:18.0590 0x0570  [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
16:51:18.0594 0x0570  lltdio - ok
16:51:18.0640 0x0570  [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
16:51:18.0691 0x0570  lltdsvc - ok
16:51:18.0704 0x0570  [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts         C:\Windows\System32\lmhsvc.dll
16:51:18.0707 0x0570  lmhosts - ok
16:51:18.0735 0x0570  [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
16:51:18.0741 0x0570  LSI_FC - ok
16:51:18.0762 0x0570  [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
16:51:18.0766 0x0570  LSI_SAS - ok
16:51:18.0786 0x0570  [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
16:51:18.0789 0x0570  LSI_SAS2 - ok
16:51:18.0815 0x0570  [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
16:51:18.0820 0x0570  LSI_SCSI - ok
16:51:18.0847 0x0570  [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv           C:\Windows\system32\drivers\luafv.sys
16:51:18.0850 0x0570  luafv - ok
16:51:18.0895 0x0570  [ AB73A39A5E45F465B02C11C500BB0278, 6863B27DA7A0808F232B93CB74ACA09751B6F63FD9FB26EB3FA0282636CE9807 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
16:51:18.0897 0x0570  MBAMProtector - ok
16:51:18.0962 0x0570  [ E27891A49DF92004041FEC5C3A2D4230, A4679A1F10F84935875E35A83FC7075499B8F4CBB543209A38C0D946347CD264 ] MBAMService     C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
16:51:19.0001 0x0570  MBAMService - ok
16:51:19.0027 0x0570  [ 2A1B51A1FE8DC4DC0D52EC700CB02CEF, BF689A361F941F91B63D5F8E54925550333C068F65E59E4DBF0A7B66B8C7EDD6 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
16:51:19.0031 0x0570  MBAMWebAccessControl - ok
16:51:19.0052 0x0570  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
16:51:19.0057 0x0570  Mcx2Svc - ok
16:51:19.0080 0x0570  [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas         C:\Windows\system32\drivers\megasas.sys
16:51:19.0083 0x0570  megasas - ok
16:51:19.0112 0x0570  [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
16:51:19.0120 0x0570  MegaSR - ok
16:51:19.0197 0x0570  Microsoft SharePoint Workspace Audit Service - ok
16:51:19.0233 0x0570  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS           C:\Windows\system32\mmcss.dll
16:51:19.0239 0x0570  MMCSS - ok
16:51:19.0257 0x0570  [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem           C:\Windows\system32\drivers\modem.sys
16:51:19.0259 0x0570  Modem - ok
16:51:19.0300 0x0570  [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
16:51:19.0302 0x0570  monitor - ok
16:51:19.0327 0x0570  [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
16:51:19.0330 0x0570  mouclass - ok
16:51:19.0352 0x0570  [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
16:51:19.0354 0x0570  mouhid - ok
16:51:19.0369 0x0570  [ FC8771F45ECCCFD89684E38842539B9B, 806DDF2B4830CA866582FE74A521BB7DF26CA0E19013DAF584D3677FB48CC77A ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
16:51:19.0372 0x0570  mountmgr - ok
16:51:19.0432 0x0570  [ 7D2484C4995A3DB47345EFED2A0B579E, 55B3CDE0BEF743874793679692A6C744B2771C85A0FEE1904F28A51EEE9C0CEB ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
16:51:19.0440 0x0570  MpFilter - ok
16:51:19.0471 0x0570  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio            C:\Windows\system32\drivers\mpio.sys
16:51:19.0476 0x0570  mpio - ok
16:51:19.0623 0x0570  [ 65C34426C83EFA32D48380A97717997B, CD7EB6BFBB0BE382BA21055460D9A72323F09AF3194A22D8EDB28D5DB3BAE8E7 ] MpKsld23fb001   C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1CC340B3-C395-431F-988C-84A14308AB00}\MpKsld23fb001.sys
16:51:19.0624 0x0570  MpKsld23fb001 - ok
16:51:19.0648 0x0570  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
16:51:19.0651 0x0570  mpsdrv - ok
16:51:19.0695 0x0570  [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc          C:\Windows\system32\mpssvc.dll
16:51:19.0715 0x0570  MpsSvc - ok
16:51:19.0752 0x0570  [ 03F899F521D2AAED1C55008F734DF252, 4E56A51476A13F5630719018037B1F63DF9ACEA1CFE782AF04E669BD696954C5 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
16:51:19.0757 0x0570  MRxDAV - ok
16:51:19.0787 0x0570  [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
16:51:19.0791 0x0570  mrxsmb - ok
16:51:19.0815 0x0570  [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:51:19.0823 0x0570  mrxsmb10 - ok
16:51:19.0839 0x0570  [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:51:19.0842 0x0570  mrxsmb20 - ok
16:51:19.0871 0x0570  [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci          C:\Windows\system32\drivers\msahci.sys
16:51:19.0873 0x0570  msahci - ok
16:51:19.0904 0x0570  [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
16:51:19.0909 0x0570  msdsm - ok
16:51:19.0925 0x0570  [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC           C:\Windows\System32\msdtc.exe
16:51:19.0931 0x0570  MSDTC - ok
16:51:19.0956 0x0570  [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs            C:\Windows\system32\drivers\Msfs.sys
16:51:19.0957 0x0570  Msfs - ok
16:51:19.0969 0x0570  [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
16:51:19.0971 0x0570  mshidkmdf - ok
16:51:19.0980 0x0570  [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
16:51:19.0982 0x0570  msisadrv - ok
16:51:20.0015 0x0570  [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
16:51:20.0021 0x0570  MSiSCSI - ok
16:51:20.0028 0x0570  msiserver - ok
16:51:20.0066 0x0570  [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
16:51:20.0068 0x0570  MSKSSRV - ok
16:51:20.0152 0x0570  [ F26F7A5B18C717E57E3B6B306ABEC00B, 4C49C67A48F6B77E38A7FD28C960C92DFF371ACF0722C6EE4DF5F4B382937870 ] MsMpSvc         C:\Program Files\Microsoft Security Client\MsMpEng.exe
16:51:20.0154 0x0570  MsMpSvc - ok
16:51:20.0170 0x0570  [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
16:51:20.0171 0x0570  MSPCLOCK - ok
16:51:20.0185 0x0570  [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
16:51:20.0187 0x0570  MSPQM - ok
16:51:20.0207 0x0570  [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
16:51:20.0211 0x0570  MsRPC - ok
16:51:20.0232 0x0570  [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
16:51:20.0234 0x0570  mssmbios - ok
16:51:20.0249 0x0570  [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
16:51:20.0250 0x0570  MSTEE - ok
16:51:20.0273 0x0570  [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
16:51:20.0275 0x0570  MTConfig - ok
16:51:20.0289 0x0570  [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup             C:\Windows\system32\Drivers\mup.sys
16:51:20.0291 0x0570  Mup - ok
16:51:20.0330 0x0570  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent        C:\Windows\system32\qagentRT.dll
16:51:20.0342 0x0570  napagent - ok
16:51:20.0378 0x0570  [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
16:51:20.0387 0x0570  NativeWifiP - ok
16:51:20.0447 0x0570  [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS            C:\Windows\system32\drivers\ndis.sys
16:51:20.0468 0x0570  NDIS - ok
16:51:20.0500 0x0570  [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
16:51:20.0502 0x0570  NdisCap - ok
16:51:20.0532 0x0570  [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
16:51:20.0534 0x0570  NdisTapi - ok
16:51:20.0546 0x0570  [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
16:51:20.0550 0x0570  Ndisuio - ok
16:51:20.0568 0x0570  [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
16:51:20.0578 0x0570  NdisWan - ok
16:51:20.0602 0x0570  [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
16:51:20.0614 0x0570  NDProxy - ok
16:51:20.0651 0x0570  [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
16:51:20.0653 0x0570  NetBIOS - ok
16:51:20.0689 0x0570  [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
16:51:20.0696 0x0570  NetBT - ok
16:51:20.0716 0x0570  [ BF08DE8E4FA1F143D41B3241F7FCE5F6, 4140BE0ECE0D4B8FDD413DBA120F5D7EF6F94628224320EDA2A85E50BEFDA638 ] Netlogon        C:\Windows\system32\lsass.exe
16:51:20.0720 0x0570  Netlogon - ok
16:51:20.0759 0x0570  [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman          C:\Windows\System32\netman.dll
16:51:20.0771 0x0570  Netman - ok
16:51:20.0813 0x0570  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
16:51:20.0819 0x0570  NetMsmqActivator - ok
16:51:20.0832 0x0570  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
16:51:20.0836 0x0570  NetPipeActivator - ok
16:51:20.0868 0x0570  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm        C:\Windows\System32\netprofm.dll
16:51:20.0882 0x0570  netprofm - ok
16:51:20.0893 0x0570  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
16:51:20.0898 0x0570  NetTcpActivator - ok
16:51:20.0911 0x0570  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
16:51:20.0916 0x0570  NetTcpPortSharing - ok
16:51:20.0947 0x0570  [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
16:51:20.0950 0x0570  nfrd960 - ok
16:51:20.0999 0x0570  [ 94B8279FC0E27A8253944DFA47FC4A83, D799003BD163200F7DE0EC882756EF08AA70C45BF0518E3BC6DB8B8FB74BF663 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
16:51:21.0004 0x0570  NisDrv - ok
16:51:21.0051 0x0570  [ 1452F52471F2DC1515DD6C35B42FF06E, 57A2858B24D0C9C229A4C76F85DB453E867921C2B4E41835211C4EB5EBE99DE8 ] NisSrv          C:\Program Files\Microsoft Security Client\NisSrv.exe
16:51:21.0061 0x0570  NisSrv - ok
16:51:21.0107 0x0570  [ F115C5CD29E512F18BD7138A094B77E5, 90C2CE8B256EE9AABF674ADDE7F85E91DAF48EA368452D03C187A4AE027D4E39 ] NlaSvc          C:\Windows\System32\nlasvc.dll
16:51:21.0118 0x0570  NlaSvc - ok
16:51:21.0137 0x0570  [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
16:51:21.0139 0x0570  Npfs - ok
16:51:21.0161 0x0570  [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi             C:\Windows\system32\nsisvc.dll
16:51:21.0165 0x0570  nsi - ok
16:51:21.0192 0x0570  [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
16:51:21.0194 0x0570  nsiproxy - ok
16:51:21.0281 0x0570  [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
16:51:21.0327 0x0570  Ntfs - ok
16:51:21.0344 0x0570  [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null            C:\Windows\system32\drivers\Null.sys
16:51:21.0347 0x0570  Null - ok
16:51:21.0931 0x0570  [ 9A77B1C13BCCEDDF78DFD7AFC25B4F5E, 88FA632754A20025F03FE0970C93F572055919F53C8A50E5DB6CF1EF7B00B7FD ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:51:22.0427 0x0570  nvlddmkm - ok
16:51:22.0490 0x0570  [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
16:51:22.0495 0x0570  nvraid - ok
16:51:22.0512 0x0570  [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
16:51:22.0518 0x0570  nvstor - ok
16:51:22.0571 0x0570  [ 31B8835B003CAA6D31BEAD83DDBF98E5, FB7C7BD1E95BEFB9A8FFEB3FB1B6D9BCD923E48498CB23169EDAA025C84CDD33 ] nvsvc           C:\Windows\system32\nvvsvc.exe
16:51:22.0593 0x0570  nvsvc - ok
16:51:22.0686 0x0570  [ F935E817409F78FA50C5921DB39124B3, E1AB4B69E9C0AD89A5B9E99C7A0D77A1A50B4823C89E8687686B716957FBA2B3 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
16:51:22.0732 0x0570  nvUpdatusService - ok
16:51:22.0776 0x0570  [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
16:51:22.0780 0x0570  nv_agp - ok
16:51:22.0795 0x0570  [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
16:51:22.0799 0x0570  ohci1394 - ok
16:51:22.0882 0x0570  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:51:22.0888 0x0570  ose - ok
16:51:23.0172 0x0570  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7, F342100E2E9001F11FDF93F856B50FA43F9B85D2C6B5706EC0433E77206498DA ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:51:23.0312 0x0570  osppsvc - ok
16:51:23.0363 0x0570  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
16:51:23.0374 0x0570  p2pimsvc - ok
16:51:23.0401 0x0570  [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc          C:\Windows\system32\p2psvc.dll
16:51:23.0414 0x0570  p2psvc - ok
16:51:23.0448 0x0570  [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport         C:\Windows\system32\DRIVERS\parport.sys
16:51:23.0452 0x0570  Parport - ok
16:51:23.0474 0x0570  [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
16:51:23.0476 0x0570  partmgr - ok
16:51:23.0492 0x0570  [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
16:51:23.0495 0x0570  Parvdm - ok
16:51:23.0538 0x0570  [ 3A55D53687F16D9EF5BF307BBFEFCD9C, F1BB1B43442B151686500768C43A4D20CAA47427E78386953A42DDB42D9DDF0C ] PcaSvc          C:\Windows\System32\pcasvc.dll
16:51:23.0545 0x0570  PcaSvc - ok
16:51:23.0567 0x0570  [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci             C:\Windows\system32\drivers\pci.sys
16:51:23.0572 0x0570  pci - ok
16:51:23.0595 0x0570  [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide          C:\Windows\system32\drivers\pciide.sys
16:51:23.0597 0x0570  pciide - ok
16:51:23.0626 0x0570  [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
16:51:23.0633 0x0570  pcmcia - ok
16:51:23.0649 0x0570  [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw             C:\Windows\system32\drivers\pcw.sys
16:51:23.0651 0x0570  pcw - ok
16:51:23.0689 0x0570  [ 344D1FA0438A967F1A2BAA42C86D6E19, E9CB31CBD9075B84BA771CF82A4C3AB5BF57ADEA3E76ABE8FE36FEACFD681D89 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
16:51:23.0708 0x0570  PEAUTH - ok
16:51:23.0773 0x0570  [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
16:51:23.0808 0x0570  PeerDistSvc - ok
16:51:23.0930 0x0570  [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla             C:\Windows\system32\pla.dll
16:51:23.0981 0x0570  pla - ok
16:51:24.0032 0x0570  [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
16:51:24.0043 0x0570  PlugPlay - ok
16:51:24.0059 0x0570  [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
16:51:24.0064 0x0570  PNRPAutoReg - ok
16:51:24.0087 0x0570  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
16:51:24.0096 0x0570  PNRPsvc - ok
16:51:24.0153 0x0570  [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
16:51:24.0166 0x0570  PolicyAgent - ok
16:51:24.0197 0x0570  [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power           C:\Windows\system32\umpo.dll
16:51:24.0206 0x0570  Power - ok
16:51:24.0239 0x0570  [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
16:51:24.0243 0x0570  PptpMiniport - ok
16:51:24.0255 0x0570  [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor       C:\Windows\system32\drivers\processr.sys
16:51:24.0258 0x0570  Processor - ok
16:51:24.0307 0x0570  [ FD9692A3D31E021207D3C2A9DDDC2BE3, 5295EFAD9BD4B59996935A41825392C12A4C968D161BEEA37797F90AF8E54229 ] ProfSvc         C:\Windows\system32\profsvc.dll
16:51:24.0315 0x0570  ProfSvc - ok
16:51:24.0325 0x0570  [ BF08DE8E4FA1F143D41B3241F7FCE5F6, 4140BE0ECE0D4B8FDD413DBA120F5D7EF6F94628224320EDA2A85E50BEFDA638 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:51:24.0328 0x0570  ProtectedStorage - ok
16:51:24.0364 0x0570  [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
16:51:24.0368 0x0570  Psched - ok
16:51:24.0435 0x0570  [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300          C:\Windows\system32\drivers\ql2300.sys
16:51:24.0477 0x0570  ql2300 - ok
16:51:24.0498 0x0570  [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
16:51:24.0505 0x0570  ql40xx - ok
16:51:24.0534 0x0570  [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE           C:\Windows\system32\qwave.dll
16:51:24.0543 0x0570  QWAVE - ok
16:51:24.0566 0x0570  [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
16:51:24.0569 0x0570  QWAVEdrv - ok
16:51:24.0584 0x0570  [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
16:51:24.0587 0x0570  RasAcd - ok
16:51:24.0626 0x0570  [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
16:51:24.0644 0x0570  RasAgileVpn - ok
16:51:24.0674 0x0570  [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto         C:\Windows\System32\rasauto.dll
16:51:24.0681 0x0570  RasAuto - ok
16:51:24.0698 0x0570  [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
16:51:24.0701 0x0570  Rasl2tp - ok
16:51:24.0736 0x0570  [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan          C:\Windows\System32\rasmans.dll
16:51:24.0748 0x0570  RasMan - ok
16:51:24.0770 0x0570  [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
16:51:24.0774 0x0570  RasPppoe - ok
16:51:24.0805 0x0570  [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
16:51:24.0808 0x0570  RasSstp - ok
16:51:24.0829 0x0570  [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
16:51:24.0836 0x0570  rdbss - ok
16:51:24.0855 0x0570  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
16:51:24.0858 0x0570  rdpbus - ok
16:51:24.0870 0x0570  [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
16:51:24.0872 0x0570  RDPCDD - ok
16:51:24.0911 0x0570  [ B973FCFC50DC1434E1970A146F7E3885, BE797E5F5AE34D37F8DA1134CE94DD14DBE36D2BC405B97E992E2257848B7CA9 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
16:51:24.0916 0x0570  RDPDR - ok
16:51:24.0946 0x0570  [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
16:51:24.0947 0x0570  RDPENCDD - ok
16:51:24.0972 0x0570  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
16:51:24.0973 0x0570  RDPREFMP - ok
16:51:25.0007 0x0570  [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
16:51:25.0014 0x0570  RDPWD - ok
16:51:25.0042 0x0570  [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
16:51:25.0048 0x0570  rdyboost - ok
16:51:25.0076 0x0570  [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess    C:\Windows\System32\mprdim.dll
16:51:25.0081 0x0570  RemoteAccess - ok
16:51:25.0110 0x0570  [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry  C:\Windows\system32\regsvc.dll
16:51:25.0117 0x0570  RemoteRegistry - ok
16:51:25.0131 0x0570  [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
16:51:25.0136 0x0570  RpcEptMapper - ok
16:51:25.0158 0x0570  [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator      C:\Windows\system32\locator.exe
16:51:25.0161 0x0570  RpcLocator - ok
16:51:25.0188 0x0570  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs           C:\Windows\system32\rpcss.dll
16:51:25.0201 0x0570  RpcSs - ok
16:51:25.0230 0x0570  [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
16:51:25.0233 0x0570  rspndr - ok
16:51:25.0273 0x0570  [ 4E20765744BFBC16F6D6E5BD5598786B, CDB5AB7F8BE3C0085D08DC00CC8DB3266ABA16228B2F022380482C9D05070839 ] RTL8023xp       C:\Windows\system32\DRIVERS\Rtnicxp.sys
16:51:25.0276 0x0570  RTL8023xp - ok
16:51:25.0294 0x0570  [ 7DFD48E24479B68B258D8770121155A0, 3B5F7309403C46855DB888CF2058B07C9029690DBC7FB3224BAC7BE5547D2D57 ] RTL8167         C:\Windows\system32\DRIVERS\Rt86win7.sys
16:51:25.0300 0x0570  RTL8167 - ok
16:51:25.0324 0x0570  [ 7FA7F2E249A5DCBB7970630E15E1F482, 9633B193F3FDA67BC551C6DCA4788AB83E9F45F77763EE579D02FE5D6B80DEDF ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
16:51:25.0326 0x0570  s3cap - ok
16:51:25.0341 0x0570  [ BF08DE8E4FA1F143D41B3241F7FCE5F6, 4140BE0ECE0D4B8FDD413DBA120F5D7EF6F94628224320EDA2A85E50BEFDA638 ] SamSs           C:\Windows\system32\lsass.exe
16:51:25.0343 0x0570  SamSs - ok
16:51:25.0368 0x0570  [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
16:51:25.0372 0x0570  sbp2port - ok
16:51:25.0403 0x0570  [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
16:51:25.0411 0x0570  SCardSvr - ok
16:51:25.0462 0x0570  [ 8FD232296FA71EF605DE50B41CE537DF, 8D64B2A4CCA63A4530DE89B064DD85498B7A830265E0AD88D770A6248FEED611 ] SCDEmu          C:\Windows\system32\drivers\SCDEmu.sys
16:51:25.0542 0x0570  SCDEmu - ok
16:51:25.0555 0x0570  [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
16:51:25.0557 0x0570  scfilter - ok
16:51:25.0627 0x0570  [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule        C:\Windows\system32\schedsvc.dll
16:51:25.0654 0x0570  Schedule - ok
16:51:25.0675 0x0570  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc     C:\Windows\System32\certprop.dll
16:51:25.0677 0x0570  SCPolicySvc - ok
16:51:25.0711 0x0570  [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
16:51:25.0718 0x0570  SDRSVC - ok
16:51:25.0748 0x0570  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
16:51:25.0750 0x0570  secdrv - ok
16:51:25.0759 0x0570  [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon        C:\Windows\system32\seclogon.dll
16:51:25.0764 0x0570  seclogon - ok
16:51:25.0775 0x0570  [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS            C:\Windows\System32\sens.dll
16:51:25.0780 0x0570  SENS - ok
16:51:25.0808 0x0570  [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
16:51:25.0813 0x0570  SensrSvc - ok
16:51:25.0836 0x0570  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
16:51:25.0837 0x0570  Serenum - ok
16:51:25.0860 0x0570  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial          C:\Windows\system32\DRIVERS\serial.sys
16:51:25.0864 0x0570  Serial - ok
16:51:25.0880 0x0570  [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse        C:\Windows\system32\drivers\sermouse.sys
16:51:25.0882 0x0570  sermouse - ok
16:51:25.0923 0x0570  [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv      C:\Windows\system32\sessenv.dll
16:51:25.0930 0x0570  SessionEnv - ok
16:51:25.0957 0x0570  [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
16:51:25.0958 0x0570  sffdisk - ok
16:51:25.0973 0x0570  [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
16:51:25.0975 0x0570  sffp_mmc - ok
16:51:25.0984 0x0570  [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
16:51:25.0986 0x0570  sffp_sd - ok
16:51:25.0997 0x0570  [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
16:51:25.0999 0x0570  sfloppy - ok
16:51:26.0036 0x0570  [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
16:51:26.0046 0x0570  SharedAccess - ok
16:51:26.0073 0x0570  [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:51:26.0086 0x0570  ShellHWDetection - ok
16:51:26.0119 0x0570  [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp          C:\Windows\system32\drivers\sisagp.sys
16:51:26.0122 0x0570  sisagp - ok
16:51:26.0148 0x0570  [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
16:51:26.0150 0x0570  SiSRaid2 - ok
16:51:26.0162 0x0570  [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
16:51:26.0166 0x0570  SiSRaid4 - ok
16:51:26.0228 0x0570  [ A9C057A9463C25490CF99EA8DF8A4B35, 8F4D1C40D0F17EDBF84ED455B8946F782C7552383F0A07E410A9B6CFF7F51D63 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
16:51:26.0238 0x0570  SkypeUpdate - ok
16:51:26.0261 0x0570  [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
16:51:26.0265 0x0570  Smb - ok
16:51:26.0309 0x0570  [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
16:51:26.0314 0x0570  SNMPTRAP - ok
16:51:26.0342 0x0570  [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr           C:\Windows\system32\drivers\spldr.sys
16:51:26.0343 0x0570  spldr - ok
16:51:26.0386 0x0570  [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler         C:\Windows\System32\spoolsv.exe
16:51:26.0400 0x0570  Spooler - ok
16:51:26.0541 0x0570  [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc          C:\Windows\system32\sppsvc.exe
16:51:26.0637 0x0570  sppsvc - ok
16:51:26.0660 0x0570  [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify     C:\Windows\system32\sppuinotify.dll
16:51:26.0666 0x0570  sppuinotify - ok
16:51:26.0702 0x0570  [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv             C:\Windows\system32\DRIVERS\srv.sys
16:51:26.0711 0x0570  srv - ok
16:51:26.0732 0x0570  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
16:51:26.0742 0x0570  srv2 - ok
16:51:26.0774 0x0570  [ 682FCF7D2EB5158CD30408E976562408, F54477B6A140E975CBF41DE853822F5F453FE7AF9F6A256335CD52A5ECC29423 ] SrvHsfPCI       C:\Windows\system32\DRIVERS\VSTBS23.SYS
16:51:26.0784 0x0570  SrvHsfPCI - ok
16:51:26.0834 0x0570  [ CEB4E3B6890E1E42DCA6694D9E59E1A0, 00D841690A88F1051A238F67AACCE905E8A59C86070F215A8D31FA3E68C6BF35 ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV3.SYS
16:51:26.0865 0x0570  SrvHsfV92 - ok
16:51:26.0906 0x0570  [ BC0C7EA89194C299F051C24119000E17, F5FB21F7AD7370F3D5DF7C23F33118ECF19865B995AF12E9A8A8D893E7E6264F ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
16:51:26.0927 0x0570  SrvHsfWinac - ok
16:51:26.0955 0x0570  [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
16:51:26.0959 0x0570  srvnet - ok
16:51:26.0987 0x0570  [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
16:51:26.0995 0x0570  SSDPSRV - ok
16:51:27.0012 0x0570  [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
16:51:27.0018 0x0570  SstpSvc - ok
16:51:27.0040 0x0570  [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor        C:\Windows\system32\drivers\stexstor.sys
16:51:27.0041 0x0570  stexstor - ok
16:51:27.0083 0x0570  [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc          C:\Windows\System32\wiaservc.dll
16:51:27.0101 0x0570  StiSvc - ok
16:51:27.0128 0x0570  [ 472AF0311073DCECEAA8FA18BA2BDF89, 089414057EB2047E42C96C1ACE79D509967461DC5A4D2836F63C04268637A3FC ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
16:51:27.0130 0x0570  storflt - ok
16:51:27.0155 0x0570  [ 0BF669F0A910BEDA4A32258D363AF2A5, 83EEBACDE4F69A2866B69CAA633F5C8B3CB01D88CEDB01B6EA5988E0A25CEE47 ] StorSvc         C:\Windows\system32\storsvc.dll
16:51:27.0159 0x0570  StorSvc - ok
16:51:27.0179 0x0570  [ DCAFFD62259E0BDB433DD67B5BB37619, CBD12FF9BBF33D18B0F3D322B12EC62E7DF3BF45C6AD43D2E91FF4C4762E05D0 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
16:51:27.0182 0x0570  storvsc - ok
16:51:27.0191 0x0570  [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
16:51:27.0193 0x0570  swenum - ok
16:51:27.0222 0x0570  [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv           C:\Windows\System32\swprv.dll
16:51:27.0235 0x0570  swprv - ok
16:51:27.0289 0x0570  [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain         C:\Windows\system32\sysmain.dll
16:51:27.0327 0x0570  SysMain - ok
16:51:27.0348 0x0570  [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
16:51:27.0355 0x0570  TabletInputService - ok
16:51:27.0384 0x0570  [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv         C:\Windows\System32\tapisrv.dll
16:51:27.0397 0x0570  TapiSrv - ok
16:51:27.0410 0x0570  [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS             C:\Windows\System32\tbssvc.dll
16:51:27.0416 0x0570  TBS - ok
16:51:27.0493 0x0570  [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
16:51:27.0532 0x0570  Tcpip - ok
16:51:27.0594 0x0570  [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
16:51:27.0626 0x0570  TCPIP6 - ok
16:51:27.0666 0x0570  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
16:51:27.0669 0x0570  tcpipreg - ok
16:51:27.0696 0x0570  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
16:51:27.0698 0x0570  TDPIPE - ok
16:51:27.0722 0x0570  [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
16:51:27.0724 0x0570  TDTCP - ok
16:51:27.0761 0x0570  [ 7FE680A3DFA421C4A8E4879AE4C5AAB0, A4C64E155AB2843823CD3586756BA7681CFDEA50812095468221503BBAD30DCD ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
16:51:27.0766 0x0570  tdx - ok
16:51:27.0777 0x0570  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
16:51:27.0780 0x0570  TermDD - ok
16:51:27.0839 0x0570  [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService     C:\Windows\System32\termsrv.dll
16:51:27.0859 0x0570  TermService - ok
16:51:27.0881 0x0570  [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes          C:\Windows\system32\themeservice.dll
16:51:27.0886 0x0570  Themes - ok
16:51:27.0898 0x0570  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER     C:\Windows\system32\mmcss.dll
16:51:27.0902 0x0570  THREADORDER - ok
16:51:27.0937 0x0570  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks          C:\Windows\System32\trkwks.dll
16:51:27.0944 0x0570  TrkWks - ok
16:51:28.0001 0x0570  [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:51:28.0009 0x0570  TrustedInstaller - ok
16:51:28.0056 0x0570  [ 6C5139E4283249518F7743D7043775B3, 58684E8C90EBAC65459A97C905CDCFE3A915CFF7E8E96071DE1AC3489F85E67F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
16:51:28.0058 0x0570  tssecsrv - ok
16:51:28.0072 0x0570  [ FD1D6C73E6333BE727CBCC6054247654, 6F7B9AE1A5986204DB3348D13B303F30FC17624939DA74D6BD114FAEED0FB30E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
16:51:28.0075 0x0570  TsUsbFlt - ok
16:51:28.0099 0x0570  [ 01246F0BAAD7B68EC0F472AA41E33282, 51F975AF029AD015576FFFA3E88F5DBB8B40C7CD30ECDEDE8AFABCB08C954199 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
16:51:28.0102 0x0570  TsUsbGD - ok
16:51:28.0142 0x0570  [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
16:51:28.0146 0x0570  tunnel - ok
16:51:28.0160 0x0570  [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
16:51:28.0163 0x0570  uagp35 - ok
16:51:28.0187 0x0570  [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
16:51:28.0196 0x0570  udfs - ok
16:51:28.0237 0x0570  [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect       C:\Windows\system32\UI0Detect.exe
16:51:28.0259 0x0570  UI0Detect - ok
16:51:28.0357 0x0570  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
16:51:28.0375 0x0570  uliagpkx - ok
16:51:28.0405 0x0570  [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
16:51:28.0408 0x0570  umbus - ok
16:51:28.0420 0x0570  [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass          C:\Windows\system32\drivers\umpass.sys
16:51:28.0421 0x0570  UmPass - ok
16:51:28.0457 0x0570  [ 409994A8EACEEE4E328749C0353527A0, FFC57B647147DE2957A7DE4B330CC534DE7AC892A2FCE3BB164F7A516CAB1B56 ] UmRdpService    C:\Windows\System32\umrdp.dll
16:51:28.0465 0x0570  UmRdpService - ok
16:51:28.0493 0x0570  [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost        C:\Windows\System32\upnphost.dll
16:51:28.0504 0x0570  upnphost - ok
16:51:28.0536 0x0570  [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
16:51:28.0540 0x0570  usbccgp - ok
16:51:28.0555 0x0570  [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir          C:\Windows\system32\drivers\usbcir.sys
16:51:28.0560 0x0570  usbcir - ok
16:51:28.0589 0x0570  [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
16:51:28.0592 0x0570  usbehci - ok
16:51:28.0624 0x0570  [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
16:51:28.0632 0x0570  usbhub - ok
16:51:28.0646 0x0570  [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
16:51:28.0648 0x0570  usbohci - ok
16:51:28.0682 0x0570  [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint        C:\Windows\system32\drivers\usbprint.sys
16:51:28.0684 0x0570  usbprint - ok
16:51:28.0719 0x0570  [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:51:28.0723 0x0570  USBSTOR - ok
16:51:28.0735 0x0570  [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
16:51:28.0737 0x0570  usbuhci - ok
16:51:28.0769 0x0570  [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms           C:\Windows\System32\uxsms.dll
16:51:28.0774 0x0570  UxSms - ok
16:51:28.0791 0x0570  [ BF08DE8E4FA1F143D41B3241F7FCE5F6, 4140BE0ECE0D4B8FDD413DBA120F5D7EF6F94628224320EDA2A85E50BEFDA638 ] VaultSvc        C:\Windows\system32\lsass.exe
16:51:28.0793 0x0570  VaultSvc - ok
16:51:28.0811 0x0570  [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
16:51:28.0813 0x0570  vdrvroot - ok
16:51:28.0846 0x0570  [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds             C:\Windows\System32\vds.exe
16:51:28.0864 0x0570  vds - ok
16:51:28.0894 0x0570  [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
16:51:28.0896 0x0570  vga - ok
16:51:28.0909 0x0570  [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave         C:\Windows\System32\drivers\vga.sys
16:51:28.0912 0x0570  VgaSave - ok
16:51:28.0935 0x0570  [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
16:51:28.0940 0x0570  vhdmp - ok
16:51:28.0964 0x0570  [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
16:51:28.0967 0x0570  viaagp - ok
16:51:28.0979 0x0570  [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
16:51:28.0982 0x0570  ViaC7 - ok
16:51:29.0010 0x0570  [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide          C:\Windows\system32\drivers\viaide.sys
16:51:29.0012 0x0570  viaide - ok
16:51:29.0043 0x0570  [ C2F2911156FDC7817C52829C86DA494E, FE499F189B5016FCE0018AA3DE3970B72275B7B15F3D4D608117F6DDEC6B90DC ] vmbus           C:\Windows\system32\drivers\vmbus.sys
16:51:29.0050 0x0570  vmbus - ok
16:51:29.0062 0x0570  [ D4D77455211E204F370D08F4963063CE, 2018B2A84C73E0834200A594C02A9D28C74906F126DAD3CCDDFC9CD9A61669E2 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
16:51:29.0064 0x0570  VMBusHID - ok
16:51:29.0083 0x0570  [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
16:51:29.0085 0x0570  volmgr - ok
16:51:29.0114 0x0570  [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
16:51:29.0124 0x0570  volmgrx - ok
16:51:29.0146 0x0570  [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
16:51:29.0154 0x0570  volsnap - ok
16:51:29.0178 0x0570  [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
16:51:29.0183 0x0570  vsmraid - ok
16:51:29.0250 0x0570  [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS             C:\Windows\system32\vssvc.exe
16:51:29.0287 0x0570  VSS - ok
16:51:29.0303 0x0570  [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
16:51:29.0305 0x0570  vwifibus - ok
16:51:29.0333 0x0570  [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time         C:\Windows\system32\w32time.dll
16:51:29.0345 0x0570  W32Time - ok
16:51:29.0377 0x0570  [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
16:51:29.0379 0x0570  WacomPen - ok
16:51:29.0403 0x0570  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
16:51:29.0407 0x0570  WANARP - ok
16:51:29.0413 0x0570  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
16:51:29.0416 0x0570  Wanarpv6 - ok
16:51:29.0526 0x0570  [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
16:51:29.0567 0x0570  WatAdminSvc - ok
16:51:29.0647 0x0570  [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine        C:\Windows\system32\wbengine.exe
16:51:29.0686 0x0570  wbengine - ok
16:51:29.0706 0x0570  [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
16:51:29.0714 0x0570  WbioSrvc - ok
16:51:29.0740 0x0570  [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc         C:\Windows\System32\wcncsvc.dll
16:51:29.0751 0x0570  wcncsvc - ok
16:51:29.0766 0x0570  [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:51:29.0772 0x0570  WcsPlugInService - ok
16:51:29.0801 0x0570  [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd              C:\Windows\system32\drivers\wd.sys
16:51:29.0803 0x0570  Wd - ok
16:51:29.0846 0x0570  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
16:51:29.0863 0x0570  Wdf01000 - ok
16:51:29.0891 0x0570  [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiServiceHost  C:\Windows\system32\wdi.dll
16:51:29.0898 0x0570  WdiServiceHost - ok
16:51:29.0905 0x0570  [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiSystemHost   C:\Windows\system32\wdi.dll
16:51:29.0911 0x0570  WdiSystemHost - ok
16:51:29.0943 0x0570  [ 75E8EBD7040CE238684333F97014762A, 2CA0B267FBAEB303D1F8B639D733DC0DE17BA1276CC9096035B4F2BBBED3EF7F ] WebClient       C:\Windows\System32\webclnt.dll
16:51:29.0953 0x0570  WebClient - ok
16:51:29.0983 0x0570  [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc          C:\Windows\system32\wecsvc.dll
16:51:29.0992 0x0570  Wecsvc - ok
16:51:30.0011 0x0570  [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
16:51:30.0018 0x0570  wercplsupport - ok
16:51:30.0042 0x0570  [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc          C:\Windows\System32\WerSvc.dll
16:51:30.0048 0x0570  WerSvc - ok
16:51:30.0085 0x0570  [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
16:51:30.0087 0x0570  WfpLwf - ok
16:51:30.0104 0x0570  [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
16:51:30.0106 0x0570  WIMMount - ok
16:51:30.0176 0x0570  [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
16:51:30.0197 0x0570  WinDefend - ok
16:51:30.0221 0x0570  WinHttpAutoProxySvc - ok
16:51:30.0281 0x0570  [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
16:51:30.0291 0x0570  Winmgmt - ok
16:51:30.0367 0x0570  [ 1DE9BD23AFA36150586C732D876D9B74, 32CF2C8EC18CFDA677AB72A182EB4B839DCC72BFCD6CA309BE2F434991CAE973 ] WinRM           C:\Windows\system32\WsmSvc.dll
16:51:30.0406 0x0570  WinRM - ok
16:51:30.0473 0x0570  [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
16:51:30.0476 0x0570  WinUsb - ok
16:51:30.0536 0x0570  [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc         C:\Windows\System32\wlansvc.dll
16:51:30.0564 0x0570  Wlansvc - ok
16:51:30.0582 0x0570  [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
16:51:30.0583 0x0570  WmiAcpi - ok
16:51:30.0625 0x0570  [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
16:51:30.0630 0x0570  wmiApSrv - ok
16:51:30.0749 0x0570  [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
16:51:30.0783 0x0570  WMPNetworkSvc - ok
16:51:30.0820 0x0570  [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
16:51:30.0825 0x0570  WPCSvc - ok
16:51:30.0845 0x0570  [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
16:51:30.0852 0x0570  WPDBusEnum - ok
16:51:30.0871 0x0570  [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
16:51:30.0882 0x0570  ws2ifsl - ok
16:51:30.0907 0x0570  [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc          C:\Windows\System32\wscsvc.dll
16:51:30.0913 0x0570  wscsvc - ok
16:51:30.0919 0x0570  WSearch - ok
16:51:31.0040 0x0570  [ D9B0134913E5EF007AF82A418C503322, 7418DD28C8E968674382F8352AAFFC4DE77887E2B71B8844D615F19432B4C55A ] wuauserv        C:\Windows\system32\wuaueng.dll
16:51:31.0101 0x0570  wuauserv - ok
16:51:31.0130 0x0570  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
16:51:31.0133 0x0570  WudfPf - ok
16:51:31.0172 0x0570  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
16:51:31.0178 0x0570  WUDFRd - ok
16:51:31.0217 0x0570  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
16:51:31.0223 0x0570  wudfsvc - ok
16:51:31.0250 0x0570  [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc         C:\Windows\System32\wwansvc.dll
16:51:31.0260 0x0570  WwanSvc - ok
16:51:31.0275 0x0570  ================ Scan global ===============================
16:51:31.0309 0x0570  [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll
16:51:31.0340 0x0570  [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
16:51:31.0358 0x0570  [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
16:51:31.0388 0x0570  [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
16:51:31.0408 0x0570  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\Windows\system32\services.exe
16:51:31.0418 0x0570  [ Global ] - ok
16:51:31.0418 0x0570  ================ Scan MBR ==================================
16:51:31.0431 0x0570  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:51:31.0961 0x0570  \Device\Harddisk0\DR0 - ok
16:51:31.0962 0x0570  ================ Scan VBR ==================================
16:51:31.0966 0x0570  [ 747C659B1E0F9486F47D6FFCCCF34ABE ] \Device\Harddisk0\DR0\Partition1
16:51:31.0967 0x0570  \Device\Harddisk0\DR0\Partition1 - ok
16:51:31.0973 0x0570  [ C9FD1AC456EC9D395BCC954EEE2B98DB ] \Device\Harddisk0\DR0\Partition2
16:51:31.0976 0x0570  \Device\Harddisk0\DR0\Partition2 - ok
16:51:31.0981 0x0570  [ 335C88571D68EB6486DEC016F709EF14 ] \Device\Harddisk0\DR0\Partition3
16:51:31.0982 0x0570  \Device\Harddisk0\DR0\Partition3 - ok
16:51:31.0984 0x0570  ================ Scan generic autorun ======================
16:51:32.0509 0x0570  [ D70D4FE47BCBE1EF9170F110A19BEC34, 3BC9313F3A188CA61A05C958EFB519EA1E82F051A4C44BB82FD3A6CD42BE38AB ] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
16:51:33.0000 0x0570  RTHDVCPL - ok
16:51:33.0154 0x0570  [ 67BD916F01424DEB8AB8CD9E0096F277, D1E4A7BA332DA229138E89E5C4550A58ADD896B85728DF6BA33F1DE57D586E77 ] C:\Program Files\Microsoft Office\Office14\BCSSync.exe
16:51:33.0197 0x0570  BCSSync - ok
16:51:33.0294 0x0570  [ 88DC3C525EE37F443DBB65B97DF409D4, CA14209203784695897EB25C50AEC6FC66C22AE9E40189A12DCB4FBB155ABB80 ] C:\Program Files\PowerISO\PWRISOVM.EXE
16:51:33.0305 0x0570  PWRISOVM.EXE - ok
16:51:33.0400 0x0570  [ BBD1BA710A00842064BA038570C13CB2, 155FABD8323C95932C9F552E8827A87356E9FCED471B8F5E06466F920EEB56A4 ] C:\Program Files\Microsoft Security Client\msseces.exe
16:51:33.0442 0x0570  MSC - ok
16:51:33.0563 0x0570  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
16:51:33.0597 0x0570  Sidebar - ok
16:51:33.0629 0x0570  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
16:51:33.0667 0x0570  mctadmin - ok
16:51:33.0709 0x0570  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
16:51:33.0738 0x0570  Sidebar - ok
16:51:33.0750 0x0570  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
16:51:33.0753 0x0570  mctadmin - ok
16:51:33.0778 0x0570  buawiim - ok
16:51:33.0851 0x0570  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
16:51:33.0881 0x0570  Sidebar - ok
16:51:33.0893 0x0570  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
16:51:33.0898 0x0570  mctadmin - ok
16:51:33.0899 0x0570  Waiting for KSN requests completion. In queue: 24
16:51:34.0899 0x0570  Waiting for KSN requests completion. In queue: 24
16:51:35.0899 0x0570  Waiting for KSN requests completion. In queue: 24
16:51:36.0919 0x0570  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.7.205.0 ), 0x61000 ( enabled : updated )
16:51:36.0934 0x0570  Win FW state via NFP2: enabled
16:51:39.0351 0x0570  ============================================================
16:51:39.0351 0x0570  Scan finished
16:51:39.0351 0x0570  ============================================================
16:51:39.0367 0x1324  Detected object count: 0
16:51:39.0367 0x1324  Actual detected object count: 0
17:00:37.0114 0x1110  Deinitialize success
 
 
 
 
 
Adwcleaner
 
# AdwCleaner v4.201 - Logfile created 18/04/2015 at 17:03:26
# Updated 08/04/2015 by Xplode
# Database : 2015-04-18.3 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x86)
# Username : xxx - XXX-PC
# Running from : C:\Users\xxx\Downloads\adwcleaner_4.201.exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\Users\xxx\AppData\Local\Temp\apn
File Deleted : C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
File Deleted : C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal
 
***** [ Scheduled tasks ] *****
 
Task Deleted : ASP
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{54739D49-AC03-4C57-9264-C5195596B3A1}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\systweak
Key Deleted : HKLM\SOFTWARE\GamesBarSetup
Key Deleted : HKLM\SOFTWARE\systweak
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v8.0.7601.18715
 
 
-\\ Google Chrome v42.0.2311.90
 
[C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : booedmolknjekdopkepjjeckmjkdpfgl
[C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : flpcjncodpafbgdpnkljologafpionhb
 
-\\ Opera v0.0.0.0
 
 
*************************
 
AdwCleaner[R0].txt - [4442 bytes] - [01/04/2015 23:51:57]
AdwCleaner[R1].txt - [4501 bytes] - [01/04/2015 23:55:46]
AdwCleaner[R2].txt - [4560 bytes] - [03/04/2015 12:49:24]
AdwCleaner[R3].txt - [2428 bytes] - [18/04/2015 16:53:37]
AdwCleaner[R4].txt - [2487 bytes] - [18/04/2015 17:02:17]
AdwCleaner[S0].txt - [2446 bytes] - [18/04/2015 17:03:26]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2505  bytes] ##########
 
 
 
 
 
JRT
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.5.8 (04.17.2015:1)
OS: Windows 7 Professional x86
Ran by xxx on sub 18.04.2015. at 17:10:26,10
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Tasks
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on sub 18.04.2015. at 17:12:21,06
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
I will post ESET scanner log as soon when it's done


#11 Athlete

Athlete
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:06:56 PM

Posted 18 April 2015 - 02:13 PM

Well it completed the scan but nothing popped out

 

I have already completed the scan 2 weeks ago and it found something what is already quarantined, shall I copy that list?


Edited by Athlete, 18 April 2015 - 02:14 PM.


#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:56 PM

Posted 20 April 2015 - 01:58 PM

Very sorry, had to take my dad to hospital and was not able to reply..
No, don't need the ESET log.
How is it now? Do you still need help.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users