Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Help badly needed removing viruses


  • Please log in to reply

#16
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,025 posts
  • MVP

The only thing that really looks bad is

c:\documents and settings\Administrator\cuwkqjazuy.tmp

 

The rest of it where it starts with $ is a hidden backup file for some MS update except it didn't follow the rules and start with a K so it got deleted.  It also took out your winpcap so if you need it for something you will need to reinstall it.  Winpcap is sometimes used by malware to steal passwords and such so it's on the hit list.  The last think it deleted

c:\windows\wininit.ini
.is a text file that can be used to load malware.  It's not really used for normal stuff any more.  Leftover from earlier windows.

 

Did not really find anything exciting so go on with the other scans.


  • 0

Advertisements


#17
Johnonml

Johnonml

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts

aswMBR.txt is below. Anything significant?

 

 

 

 

aswMBR version 1.0.1.2290 Copyright© 2014 AVAST Software
Run date: 2015-07-27 18:35:24
-----------------------------
18:35:24.531    OS Version: Windows 5.1.2600 Service Pack 3
18:35:24.531    Number of processors: 4 586 0xF0B
18:35:24.531    ComputerName: JOHN-A1D9946862  UserName: Administrator
18:35:25.062    Initialize success
18:35:25.140    VM: initialized successfully
18:35:25.140    VM: Intel CPU BiosDisabled
18:37:16.500    AVAST engine defs: 15072705
18:37:44.562    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
18:37:44.562    Disk 0 Vendor: SAMSUNG_ JF10 Size: 152587MB BusType: 3
18:37:44.750    Disk 0 MBR read successfully
18:37:44.750    Disk 0 MBR scan
18:37:44.796    Disk 0 Windows XP default MBR code
18:37:44.796    Disk 0 Partition 1 80 (A) 07      HPFS/NTFS NTFS       152578 MB offset 63
18:37:44.796    Disk 0 default boot code
18:37:44.796    Disk 0 scanning sectors +312480315
18:37:44.828    Disk 0 scanning C:\WINDOWS\system32\drivers
18:37:54.000    Service scanning
18:38:10.343    Modules scanning
18:38:11.296    AVAST engine scan C:\WINDOWS
18:38:16.203    AVAST engine scan C:\WINDOWS\system32
18:40:34.312    AVAST engine scan C:\WINDOWS\system32\drivers
18:40:46.390    AVAST engine scan C:\Documents and Settings\Administrator
19:02:05.078    AVAST engine scan C:\Documents and Settings\All Users
19:05:10.140    Disk 0 statistics 2856097/0/0 @ 1.08 MB/s
19:05:10.140    Scan finished successfully
19:08:49.937    Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Administrator\Desktop\MBR.dat"
19:08:49.937    The log file has been saved successfully to "C:\Documents and Settings\Administrator\Desktop\aswMBR.txt"


  • 0

#18
Johnonml

Johnonml

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts

Here is one of the TDSSKiller logs.

 

2011/08/30 17:56:46.0281 2744    TDSS rootkit removing tool 2.5.17.0 Aug 22 2011 15:46:57
2011/08/30 17:56:46.0562 2744    ================================================================================
2011/08/30 17:56:46.0562 2744    SystemInfo:
2011/08/30 17:56:46.0562 2744    
2011/08/30 17:56:46.0562 2744    OS Version: 5.1.2600 ServicePack: 3.0
2011/08/30 17:56:46.0562 2744    Product type: Workstation
2011/08/30 17:56:46.0562 2744    ComputerName: JOHN-A1D9946862
2011/08/30 17:56:46.0562 2744    UserName: Administrator
2011/08/30 17:56:46.0562 2744    Windows directory: C:\WINDOWS
2011/08/30 17:56:46.0562 2744    System windows directory: C:\WINDOWS
2011/08/30 17:56:46.0562 2744    Processor architecture: Intel x86
2011/08/30 17:56:46.0562 2744    Number of processors: 4
2011/08/30 17:56:46.0562 2744    Page size: 0x1000
2011/08/30 17:56:46.0562 2744    Boot type: Normal boot
2011/08/30 17:56:46.0562 2744    ================================================================================
2011/08/30 17:56:46.0781 2744    Initialize success
2011/08/30 17:57:01.0203 0588    ================================================================================
2011/08/30 17:57:01.0203 0588    Scan started
2011/08/30 17:57:01.0203 0588    Mode: Manual;
2011/08/30 17:57:01.0203 0588    ================================================================================
2011/08/30 17:57:01.0546 0588    ACPI            (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/08/30 17:57:01.0625 0588    ACPIEC          (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/08/30 17:57:01.0671 0588    ADIHdAudAddService (307f5e03b02a3022d664c36d1ea25f2c) C:\WINDOWS\system32\drivers\ADIHdAud.sys
2011/08/30 17:57:01.0734 0588    aec             (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/08/30 17:57:01.0796 0588    Afc             (a7b8a3a79d35215d798a300df49ed23f) C:\WINDOWS\system32\drivers\Afc.sys
2011/08/30 17:57:01.0875 0588    AFD             (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
2011/08/30 17:57:01.0984 0588    AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/08/30 17:57:02.0000 0588    atapi           (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/08/30 17:57:02.0031 0588    Atmarpc         (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/08/30 17:57:02.0078 0588    audstub         (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/08/30 17:57:02.0109 0588    Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/08/30 17:57:02.0171 0588    cbidf2k         (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/08/30 17:57:02.0187 0588    Cdaudio         (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/08/30 17:57:02.0203 0588    Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/08/30 17:57:02.0203 0588    Cdrom           (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/08/30 17:57:02.0250 0588    cercsr6         (84853b3fd012251690570e9e7e43343f) C:\WINDOWS\system32\drivers\cercsr6.sys
2011/08/30 17:57:02.0281 0588    Compbatt        (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
2011/08/30 17:57:02.0343 0588    Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/08/30 17:57:02.0375 0588    dmboot          (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
2011/08/30 17:57:02.0421 0588    dmio            (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
2011/08/30 17:57:02.0437 0588    dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/08/30 17:57:02.0453 0588    DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/08/30 17:57:02.0468 0588    drmkaud         (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/08/30 17:57:02.0531 0588    e1express       (34aaa3b298a852b3663e6e0d94d12945) C:\WINDOWS\system32\DRIVERS\e1e5132.sys
2011/08/30 17:57:02.0625 0588    fabrikhomeFilter (e896775837a8bce436348df460522394) C:\WINDOWS\system32\DRIVERS\fabrikhome.sys
2011/08/30 17:57:02.0656 0588    Fastfat         (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/08/30 17:57:02.0718 0588    Fdc             (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
2011/08/30 17:57:02.0765 0588    Fips            (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
2011/08/30 17:57:02.0765 0588    Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
2011/08/30 17:57:02.0796 0588    FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/08/30 17:57:02.0812 0588    Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/08/30 17:57:02.0843 0588    Ftdisk          (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/08/30 17:57:02.0906 0588    Gpc             (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/08/30 17:57:02.0921 0588    HDAudBus        (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/08/30 17:57:02.0968 0588    HECI            (0bf1d760b05caaaf231123d53c4789e2) C:\WINDOWS\system32\DRIVERS\HECI.sys
2011/08/30 17:57:03.0015 0588    HidBatt         (748031ff4fe45ccc47546294905feab8) C:\WINDOWS\system32\DRIVERS\HidBatt.sys
2011/08/30 17:57:03.0046 0588    hidusb          (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/08/30 17:57:03.0109 0588    HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/08/30 17:57:03.0140 0588    i8042prt        (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\drivers\i8042prt.sys
2011/08/30 17:57:03.0296 0588    ialm            (b2768350bb50469aeb1afe694372b613) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
2011/08/30 17:57:03.0531 0588    iastor          (2358c53f30cb9dcd1d3843c4e2f299b2) C:\WINDOWS\system32\DRIVERS\iaStor.sys
2011/08/30 17:57:03.0625 0588    Imapi           (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/08/30 17:57:03.0718 0588    intelppm        (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/08/30 17:57:03.0765 0588    Ip6Fw           (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/08/30 17:57:03.0796 0588    IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/08/30 17:57:03.0828 0588    IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/08/30 17:57:03.0859 0588    IpNat           (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/08/30 17:57:03.0875 0588    IPSec           (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/08/30 17:57:03.0906 0588    IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/08/30 17:57:03.0921 0588    isapnp          (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/08/30 17:57:03.0953 0588    Kbdclass        (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/08/30 17:57:03.0968 0588    kbdhid          (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/08/30 17:57:04.0000 0588    kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/08/30 17:57:04.0031 0588    KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/08/30 17:57:04.0062 0588    mnmdd           (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/08/30 17:57:04.0078 0588    Modem           (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
2011/08/30 17:57:04.0093 0588    Mouclass        (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/08/30 17:57:04.0109 0588    mouhid          (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/08/30 17:57:04.0125 0588    MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/08/30 17:57:04.0140 0588    MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/08/30 17:57:04.0218 0588    MRxSmb          (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/08/30 17:57:04.0234 0588    Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/08/30 17:57:04.0265 0588    MSKSSRV         (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/08/30 17:57:04.0281 0588    MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/08/30 17:57:04.0296 0588    MSPQM           (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/08/30 17:57:04.0328 0588    mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/08/30 17:57:04.0359 0588    Mup             (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
2011/08/30 17:57:04.0375 0588    NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/08/30 17:57:04.0421 0588    NdisTapi        (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/08/30 17:57:04.0437 0588    Ndisuio         (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/08/30 17:57:04.0437 0588    NdisWan         (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/08/30 17:57:04.0468 0588    NDProxy         (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/08/30 17:57:04.0484 0588    NetBIOS         (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/08/30 17:57:04.0515 0588    NetBT           (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/08/30 17:57:04.0531 0588    Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/08/30 17:57:04.0625 0588    Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/08/30 17:57:04.0734 0588    Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/08/30 17:57:04.0921 0588    nv              (23b95a09677e62ec8d1641ecf39b9bfb) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2011/08/30 17:57:05.0093 0588    NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/08/30 17:57:05.0109 0588    NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/08/30 17:57:05.0140 0588    Parport         (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/08/30 17:57:05.0171 0588    PartMgr         (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/08/30 17:57:05.0218 0588    ParVdm          (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/08/30 17:57:05.0234 0588    PCI             (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/08/30 17:57:05.0265 0588    PCIIde          (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/08/30 17:57:05.0296 0588    Pcmcia          (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/08/30 17:57:05.0390 0588    PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/08/30 17:57:05.0406 0588    PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/08/30 17:57:05.0421 0588    Ptilink         (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/08/30 17:57:05.0484 0588    RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/08/30 17:57:05.0500 0588    Rasl2tp         (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/08/30 17:57:05.0500 0588    RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/08/30 17:57:05.0515 0588    Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/08/30 17:57:05.0531 0588    Rdbss           (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/08/30 17:57:05.0546 0588    RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/08/30 17:57:05.0640 0588    rdpdr           (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/08/30 17:57:05.0687 0588    RDPWD           (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/08/30 17:57:05.0703 0588    redbook         (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/08/30 17:57:05.0765 0588    Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/08/30 17:57:05.0796 0588    serenum         (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/08/30 17:57:05.0812 0588    Serial          (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
2011/08/30 17:57:05.0828 0588    Sfloppy         (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/08/30 17:57:05.0859 0588    splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/08/30 17:57:05.0875 0588    sr              (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/08/30 17:57:05.0937 0588    Srv             (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/08/30 17:57:05.0984 0588    SSFMONM         (3199c2d24366ee02b279f0a065936703) C:\WINDOWS\system32\Drivers\SSFMONM.SYS
2011/08/30 17:57:05.0984 0588    SSHRMD          (44533a8b02355f05015dbeac869c1d91) C:\WINDOWS\system32\Drivers\SSHRMD.SYS
2011/08/30 17:57:06.0000 0588    SSIDRV          (22ff2bde8b5362b29778de58b3261514) C:\WINDOWS\system32\Drivers\SSIDRV.SYS
2011/08/30 17:57:06.0015 0588    swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/08/30 17:57:06.0015 0588    swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/08/30 17:57:06.0062 0588    sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/08/30 17:57:06.0109 0588    Tcpip           (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/08/30 17:57:06.0140 0588    TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/08/30 17:57:06.0156 0588    TDTCP           (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/08/30 17:57:06.0156 0588    TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/08/30 17:57:06.0187 0588    Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/08/30 17:57:06.0250 0588    Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/08/30 17:57:06.0312 0588    usbccgp         (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/08/30 17:57:06.0359 0588    USBCCID         (6b5e4d5e6e5ecd6acd14aed59768ce5c) C:\WINDOWS\system32\DRIVERS\usbccid.sys
2011/08/30 17:57:06.0375 0588    usbehci         (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/08/30 17:57:06.0406 0588    usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/08/30 17:57:06.0421 0588    usbprint        (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/08/30 17:57:06.0453 0588    usbscan         (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/08/30 17:57:06.0484 0588    USBSTOR         (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/08/30 17:57:06.0515 0588    usbuhci         (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/08/30 17:57:06.0531 0588    VgaSave         (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/08/30 17:57:06.0562 0588    VolSnap         (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/08/30 17:57:06.0609 0588    Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/08/30 17:57:06.0671 0588    wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/08/30 17:57:06.0750 0588    WudfPf          (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/08/30 17:57:06.0781 0588    WudfRd          (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/08/30 17:57:06.0796 0588    MBR (0x1B8)     (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
2011/08/30 17:57:06.0906 0588    Boot (0x1200)   (3f97960c8a124ebaa5a7df08817e6b5e) \Device\Harddisk0\DR0\Partition0
2011/08/30 17:57:06.0921 0588    ================================================================================
2011/08/30 17:57:06.0921 0588    Scan finished
2011/08/30 17:57:06.0921 0588    ================================================================================
2011/08/30 17:57:06.0921 2704    Detected object count: 0
2011/08/30 17:57:06.0921 2704    Actual detected object count: 0
2011/08/30 17:57:21.0109 3064    ================================================================================
2011/08/30 17:57:21.0109 3064    Scan started
2011/08/30 17:57:21.0109 3064    Mode: Manual;
2011/08/30 17:57:21.0109 3064    ================================================================================
2011/08/30 17:57:21.0359 3064    ACPI            (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/08/30 17:57:21.0406 3064    ACPIEC          (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/08/30 17:57:21.0453 3064    ADIHdAudAddService (307f5e03b02a3022d664c36d1ea25f2c) C:\WINDOWS\system32\drivers\ADIHdAud.sys
2011/08/30 17:57:21.0484 3064    aec             (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/08/30 17:57:21.0531 3064    Afc             (a7b8a3a79d35215d798a300df49ed23f) C:\WINDOWS\system32\drivers\Afc.sys
2011/08/30 17:57:21.0578 3064    AFD             (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
2011/08/30 17:57:21.0718 3064    AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/08/30 17:57:21.0718 3064    atapi           (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/08/30 17:57:21.0750 3064    Atmarpc         (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/08/30 17:57:21.0796 3064    audstub         (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/08/30 17:57:21.0859 3064    Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/08/30 17:57:21.0890 3064    cbidf2k         (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/08/30 17:57:21.0906 3064    Cdaudio         (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/08/30 17:57:21.0906 3064    Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/08/30 17:57:21.0921 3064    Cdrom           (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/08/30 17:57:21.0953 3064    cercsr6         (84853b3fd012251690570e9e7e43343f) C:\WINDOWS\system32\drivers\cercsr6.sys
2011/08/30 17:57:22.0000 3064    Compbatt        (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
2011/08/30 17:57:22.0046 3064    Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/08/30 17:57:22.0093 3064    dmboot          (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
2011/08/30 17:57:22.0125 3064    dmio            (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
2011/08/30 17:57:22.0125 3064    dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/08/30 17:57:22.0156 3064    DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/08/30 17:57:22.0171 3064    drmkaud         (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/08/30 17:57:22.0234 3064    e1express       (34aaa3b298a852b3663e6e0d94d12945) C:\WINDOWS\system32\DRIVERS\e1e5132.sys
2011/08/30 17:57:22.0265 3064    fabrikhomeFilter (e896775837a8bce436348df460522394) C:\WINDOWS\system32\DRIVERS\fabrikhome.sys
2011/08/30 17:57:22.0296 3064    Fastfat         (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/08/30 17:57:22.0312 3064    Fdc             (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
2011/08/30 17:57:22.0328 3064    Fips            (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
2011/08/30 17:57:22.0343 3064    Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
2011/08/30 17:57:22.0375 3064    FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/08/30 17:57:22.0390 3064    Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/08/30 17:57:22.0421 3064    Ftdisk          (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/08/30 17:57:22.0468 3064    Gpc             (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/08/30 17:57:22.0484 3064    HDAudBus        (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/08/30 17:57:22.0531 3064    HECI            (0bf1d760b05caaaf231123d53c4789e2) C:\WINDOWS\system32\DRIVERS\HECI.sys
2011/08/30 17:57:22.0578 3064    HidBatt         (748031ff4fe45ccc47546294905feab8) C:\WINDOWS\system32\DRIVERS\HidBatt.sys
2011/08/30 17:57:22.0609 3064    hidusb          (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/08/30 17:57:22.0671 3064    HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/08/30 17:57:22.0718 3064    i8042prt        (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\drivers\i8042prt.sys
2011/08/30 17:57:22.0875 3064    ialm            (b2768350bb50469aeb1afe694372b613) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
2011/08/30 17:57:22.0984 3064    iastor          (2358c53f30cb9dcd1d3843c4e2f299b2) C:\WINDOWS\system32\DRIVERS\iaStor.sys
2011/08/30 17:57:23.0046 3064    Imapi           (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/08/30 17:57:23.0109 3064    intelppm        (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/08/30 17:57:23.0140 3064    Ip6Fw           (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/08/30 17:57:23.0171 3064    IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/08/30 17:57:23.0203 3064    IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/08/30 17:57:23.0234 3064    IpNat           (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/08/30 17:57:23.0250 3064    IPSec           (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/08/30 17:57:23.0281 3064    IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/08/30 17:57:23.0281 3064    isapnp          (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/08/30 17:57:23.0312 3064    Kbdclass        (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/08/30 17:57:23.0328 3064    kbdhid          (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/08/30 17:57:23.0343 3064    kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/08/30 17:57:23.0375 3064    KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/08/30 17:57:23.0421 3064    mnmdd           (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/08/30 17:57:23.0437 3064    Modem           (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
2011/08/30 17:57:23.0437 3064    Mouclass        (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/08/30 17:57:23.0484 3064    mouhid          (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/08/30 17:57:23.0484 3064    MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/08/30 17:57:23.0515 3064    MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/08/30 17:57:23.0578 3064    MRxSmb          (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/08/30 17:57:23.0593 3064    Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/08/30 17:57:23.0640 3064    MSKSSRV         (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/08/30 17:57:23.0656 3064    MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/08/30 17:57:23.0687 3064    MSPQM           (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/08/30 17:57:23.0718 3064    mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/08/30 17:57:23.0734 3064    Mup             (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
2011/08/30 17:57:23.0750 3064    NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/08/30 17:57:23.0781 3064    NdisTapi        (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/08/30 17:57:23.0796 3064    Ndisuio         (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/08/30 17:57:23.0812 3064    NdisWan         (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/08/30 17:57:23.0843 3064    NDProxy         (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/08/30 17:57:23.0843 3064    NetBIOS         (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/08/30 17:57:23.0875 3064    NetBT           (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/08/30 17:57:23.0890 3064    Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/08/30 17:57:23.0921 3064    Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/08/30 17:57:23.0968 3064    Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/08/30 17:57:24.0171 3064    nv              (23b95a09677e62ec8d1641ecf39b9bfb) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2011/08/30 17:57:24.0312 3064    NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/08/30 17:57:24.0328 3064    NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/08/30 17:57:24.0375 3064    Parport         (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/08/30 17:57:24.0390 3064    PartMgr         (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/08/30 17:57:24.0437 3064    ParVdm          (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/08/30 17:57:24.0453 3064    PCI             (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/08/30 17:57:24.0484 3064    PCIIde          (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/08/30 17:57:24.0515 3064    Pcmcia          (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/08/30 17:57:24.0609 3064    PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/08/30 17:57:24.0625 3064    PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/08/30 17:57:24.0625 3064    Ptilink         (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/08/30 17:57:24.0687 3064    RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/08/30 17:57:24.0718 3064    Rasl2tp         (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/08/30 17:57:24.0734 3064    RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/08/30 17:57:24.0750 3064    Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/08/30 17:57:24.0765 3064    Rdbss           (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/08/30 17:57:24.0781 3064    RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/08/30 17:57:24.0796 3064    rdpdr           (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/08/30 17:57:24.0859 3064    RDPWD           (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/08/30 17:57:24.0875 3064    redbook         (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/08/30 17:57:24.0890 3064    Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/08/30 17:57:24.0906 3064    serenum         (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/08/30 17:57:24.0921 3064    Serial          (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
2011/08/30 17:57:24.0953 3064    Sfloppy         (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/08/30 17:57:24.0984 3064    splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/08/30 17:57:25.0000 3064    sr              (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/08/30 17:57:25.0062 3064    Srv             (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/08/30 17:57:25.0093 3064    SSFMONM         (3199c2d24366ee02b279f0a065936703) C:\WINDOWS\system32\Drivers\SSFMONM.SYS
2011/08/30 17:57:25.0109 3064    SSHRMD          (44533a8b02355f05015dbeac869c1d91) C:\WINDOWS\system32\Drivers\SSHRMD.SYS
2011/08/30 17:57:25.0125 3064    SSIDRV          (22ff2bde8b5362b29778de58b3261514) C:\WINDOWS\system32\Drivers\SSIDRV.SYS
2011/08/30 17:57:25.0125 3064    swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/08/30 17:57:25.0140 3064    swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/08/30 17:57:25.0187 3064    sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/08/30 17:57:25.0234 3064    Tcpip           (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/08/30 17:57:25.0281 3064    TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/08/30 17:57:25.0281 3064    TDTCP           (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/08/30 17:57:25.0296 3064    TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/08/30 17:57:25.0328 3064    Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/08/30 17:57:25.0375 3064    Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/08/30 17:57:25.0406 3064    usbccgp         (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/08/30 17:57:25.0453 3064    USBCCID         (6b5e4d5e6e5ecd6acd14aed59768ce5c) C:\WINDOWS\system32\DRIVERS\usbccid.sys
2011/08/30 17:57:25.0468 3064    usbehci         (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/08/30 17:57:25.0500 3064    usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/08/30 17:57:25.0515 3064    usbprint        (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/08/30 17:57:25.0546 3064    usbscan         (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/08/30 17:57:25.0578 3064    USBSTOR         (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/08/30 17:57:25.0609 3064    usbuhci         (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/08/30 17:57:25.0625 3064    VgaSave         (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/08/30 17:57:25.0656 3064    VolSnap         (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/08/30 17:57:25.0718 3064    Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/08/30 17:57:25.0796 3064    wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/08/30 17:57:25.0875 3064    WudfPf          (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/08/30 17:57:25.0890 3064    WudfRd          (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/08/30 17:57:25.0906 3064    MBR (0x1B8)     (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
2011/08/30 17:57:26.0046 3064    Boot (0x1200)   (3f97960c8a124ebaa5a7df08817e6b5e) \Device\Harddisk0\DR0\Partition0
2011/08/30 17:57:26.0062 3064    ================================================================================
2011/08/30 17:57:26.0062 3064    Scan finished
2011/08/30 17:57:26.0062 3064    ================================================================================
2011/08/30 17:57:26.0062 3448    Detected object count: 0
2011/08/30 17:57:26.0062 3448    Actual detected object count: 0
2011/08/30 17:57:44.0671 3744    Deinitialize success
 


  • 0

#19
Johnonml

Johnonml

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts

Here is the 2nd TDSSKiller log.

 

 

 

19:46:46.0781 0x156c  TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
19:46:55.0250 0x156c  ============================================================
19:46:55.0250 0x156c  Current date / time: 2015/07/27 19:46:55.0250
19:46:55.0250 0x156c  SystemInfo:
19:46:55.0250 0x156c  
19:46:55.0250 0x156c  OS Version: 5.1.2600 ServicePack: 3.0
19:46:55.0250 0x156c  Product type: Workstation
19:46:55.0250 0x156c  ComputerName: JOHN-A1D9946862
19:46:55.0250 0x156c  UserName: Administrator
19:46:55.0250 0x156c  Windows directory: C:\WINDOWS
19:46:55.0250 0x156c  System windows directory: C:\WINDOWS
19:46:55.0250 0x156c  Processor architecture: Intel x86
19:46:55.0250 0x156c  Number of processors: 4
19:46:55.0250 0x156c  Page size: 0x1000
19:46:55.0250 0x156c  Boot type: Normal boot
19:46:55.0250 0x156c  ============================================================
19:46:55.0437 0x156c  KLMD registered as C:\WINDOWS\system32\drivers\58385873.sys
19:46:55.0718 0x156c  System UUID: {1E279153-2C2D-8F6E-A366-C9086DFAD8E5}
19:46:56.0453 0x156c  Drive \Device\Harddisk0\DR0 - Size: 0x2540BE4000 ( 149.01 Gb ), SectorSize: 0x200, Cylinders: 0x4BFC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:46:56.0453 0x156c  ============================================================
19:46:56.0453 0x156c  \Device\Harddisk0\DR0:
19:46:56.0453 0x156c  MBR partitions:
19:46:56.0453 0x156c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x12A011FC
19:46:56.0453 0x156c  ============================================================
19:46:56.0500 0x156c  C: <-> \Device\Harddisk0\DR0\Partition1
19:46:56.0500 0x156c  ============================================================
19:46:56.0500 0x156c  Initialize success
19:46:56.0500 0x156c  ============================================================
19:48:15.0687 0x17d4  ============================================================
19:48:15.0687 0x17d4  Scan started
19:48:15.0687 0x17d4  Mode: Manual;
19:48:15.0687 0x17d4  ============================================================
19:48:15.0687 0x17d4  KSN ping started
19:48:30.0109 0x17d4  KSN ping finished: true
19:48:30.0343 0x17d4  ================ Scan system memory ========================
19:48:30.0343 0x17d4  System memory - ok
19:48:30.0343 0x17d4  ================ Scan services =============================
19:48:30.0484 0x17d4  Abiosdsk - ok
19:48:30.0484 0x17d4  abp480n5 - ok
19:48:30.0546 0x17d4  [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
19:48:30.0562 0x17d4  ACPI - ok
19:48:30.0687 0x17d4  [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
19:48:30.0703 0x17d4  ACPIEC - ok
19:48:30.0750 0x17d4  [ 307F5E03B02A3022D664C36D1EA25F2C, 89E5315DC7C54D215353C9DF9A519D1AF3518E3E0D872E10F7B2CAA2DB1AD5F8 ] ADIHdAudAddService C:\WINDOWS\system32\drivers\ADIHdAud.sys
19:48:30.0765 0x17d4  ADIHdAudAddService - ok
19:48:30.0765 0x17d4  adpu160m - ok
19:48:30.0781 0x17d4  [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec             C:\WINDOWS\system32\drivers\aec.sys
19:48:30.0781 0x17d4  aec - ok
19:48:30.0828 0x17d4  [ A7B8A3A79D35215D798A300DF49ED23F, D441633C0F8E22F8976B95D6A3DCD552AA07C616AC5FE4379472954F7BE6075E ] Afc             C:\WINDOWS\system32\drivers\Afc.sys
19:48:30.0828 0x17d4  Afc - ok
19:48:30.0890 0x17d4  [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
19:48:30.0890 0x17d4  AFD - ok
19:48:30.0890 0x17d4  Aha154x - ok
19:48:30.0906 0x17d4  aic78u2 - ok
19:48:30.0906 0x17d4  aic78xx - ok
19:48:30.0937 0x17d4  [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
19:48:30.0937 0x17d4  Alerter - ok
19:48:30.0968 0x17d4  [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG             C:\WINDOWS\System32\alg.exe
19:48:30.0968 0x17d4  ALG - ok
19:48:30.0984 0x17d4  AliIde - ok
19:48:30.0984 0x17d4  amsint - ok
19:48:31.0125 0x17d4  [ C2C250888ADB92A2F62BFC773A0550FC, D648D40239DF22C32438DE6C5C003BF775615321F6CDDE9AC08C3E87BE6E67E5 ] AntiVirMailService C:\Program Files\Avira\Antivirus\avmailc.exe
19:48:31.0140 0x17d4  AntiVirMailService - ok
19:48:31.0203 0x17d4  [ 58FB167B287CAA05F7DD5AA1018FD52C, D9EB68E1C2B99E5F59A0DA4C9FA46E15C6E470F7445E232C03C82790F546A6AA ] AntiVirSchedulerService C:\Program Files\Avira\Antivirus\sched.exe
19:48:31.0234 0x17d4  AntiVirSchedulerService - ok
19:48:31.0265 0x17d4  [ 58FB167B287CAA05F7DD5AA1018FD52C, D9EB68E1C2B99E5F59A0DA4C9FA46E15C6E470F7445E232C03C82790F546A6AA ] AntiVirService  C:\Program Files\Avira\Antivirus\avguard.exe
19:48:31.0281 0x17d4  AntiVirService - ok
19:48:31.0359 0x17d4  [ 26EFFECBF1E7AC821B60DDD26141467D, C30D46493C4FBEEBE6DF7F15EC4457F749AD847728ADF272DCD79368F4237057 ] AntiVirWebService C:\Program Files\Avira\Antivirus\AVWEBGRD.EXE
19:48:31.0390 0x17d4  AntiVirWebService - ok
19:48:31.0437 0x17d4  [ DC45AB27932447B598848B10650313C5, 350BC3BBC714A392F369619C384EFC80A361B97F6D68EA33D414DCBB40BF0547 ] APC UPS Service C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
19:48:31.0453 0x17d4  APC UPS Service - ok
19:48:31.0500 0x17d4  [ D8849F77C0B66226335A59D26CB4EDC6, 4990031453204C57E36E850252A39B05D6ECDAB9E71A8136FB4900F17E59C9CA ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
19:48:31.0500 0x17d4  AppMgmt - ok
19:48:31.0500 0x17d4  asc - ok
19:48:31.0500 0x17d4  asc3350p - ok
19:48:31.0515 0x17d4  asc3550 - ok
19:48:31.0640 0x17d4  [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
19:48:31.0656 0x17d4  aspnet_state - ok
19:48:31.0703 0x17d4  [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
19:48:31.0703 0x17d4  AsyncMac - ok
19:48:31.0718 0x17d4  [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
19:48:31.0734 0x17d4  atapi - ok
19:48:31.0843 0x17d4  [ 5B38D6E5FEDBCC7925597412554798BB, 628FFA1F0C2F38E7AD631CEF509FA5A703CA4B6255FDC68DFA8271F6982ED7AB ] atchksrv        C:\Program Files\Intel\AMT\atchksrv.exe
19:48:31.0843 0x17d4  atchksrv - ok
19:48:31.0843 0x17d4  Atdisk - ok
19:48:31.0875 0x17d4  [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
19:48:31.0875 0x17d4  Atmarpc - ok
19:48:31.0921 0x17d4  [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
19:48:31.0921 0x17d4  AudioSrv - ok
19:48:31.0984 0x17d4  [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
19:48:31.0984 0x17d4  audstub - ok
19:48:32.0015 0x17d4  [ 0FFC36573D7541155F84AC8F8F9D87A6, 50CE44B544CF365C4E99133C69582154C58DEB263892E3EF02C9886C8D652F60 ] avgntflt        C:\WINDOWS\system32\DRIVERS\avgntflt.sys
19:48:32.0015 0x17d4  avgntflt - ok
19:48:32.0062 0x17d4  [ B9D3418110A6B4EAADCB2BD1A8CEC617, 2252E518FB0A69699ECF7A940A20E9D77822F7FF7CE14FE5E30E4DDB34546D56 ] avipbb          C:\WINDOWS\system32\DRIVERS\avipbb.sys
19:48:32.0062 0x17d4  avipbb - ok
19:48:32.0156 0x17d4  [ 17348FE28C0A0AB4A6CB86D177770335, 633FEDA61F62504534B47090EA142F73C5D80C0D52A22A6C81DF64CD3EAFDAA8 ] Avira.ServiceHost C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
19:48:32.0156 0x17d4  Avira.ServiceHost - ok
19:48:32.0171 0x17d4  [ F80F5DCA8A5D9D93CC5BE933D20CAF05, 2AFBB2D62127FACBCABBB3E78F3568A6BA016ED4A97A1490BAA29A1EFB7A4408 ] avkmgr          C:\WINDOWS\system32\DRIVERS\avkmgr.sys
19:48:32.0171 0x17d4  avkmgr - ok
19:48:32.0218 0x17d4  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
19:48:32.0218 0x17d4  Beep - ok
19:48:32.0281 0x17d4  [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS            C:\WINDOWS\system32\qmgr.dll
19:48:32.0343 0x17d4  BITS - ok
19:48:32.0421 0x17d4  [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] Browser         C:\WINDOWS\System32\browser.dll
19:48:32.0421 0x17d4  Browser - ok
19:48:32.0578 0x17d4  catchme - ok
19:48:32.0609 0x17d4  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
19:48:32.0609 0x17d4  cbidf2k - ok
19:48:32.0609 0x17d4  cd20xrnt - ok
19:48:32.0656 0x17d4  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
19:48:32.0656 0x17d4  Cdaudio - ok
19:48:32.0718 0x17d4  [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
19:48:32.0718 0x17d4  Cdfs - ok
19:48:32.0734 0x17d4  [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
19:48:32.0734 0x17d4  Cdrom - ok
19:48:32.0781 0x17d4  [ 84853B3FD012251690570E9E7E43343F, 65CACFA643E52A0C0E6B2D901228A8A0AD4993CAFA3C287E65395F4B7C521089 ] cercsr6         C:\WINDOWS\system32\drivers\cercsr6.sys
19:48:32.0781 0x17d4  cercsr6 - ok
19:48:32.0781 0x17d4  Changer - ok
19:48:32.0812 0x17d4  [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc           C:\WINDOWS\system32\cisvc.exe
19:48:32.0828 0x17d4  CiSvc - ok
19:48:32.0843 0x17d4  [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
19:48:32.0843 0x17d4  ClipSrv - ok
19:48:32.0875 0x17d4  [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:48:32.0875 0x17d4  clr_optimization_v2.0.50727_32 - ok
19:48:32.0968 0x17d4  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:48:32.0968 0x17d4  clr_optimization_v4.0.30319_32 - ok
19:48:32.0968 0x17d4  CmdIde - ok
19:48:33.0000 0x17d4  [ 6E4C9F21F0FAE8940661144F41B13203, 731202A0DD021FCF9287FEA631212603AAAC23F9E7F76B2882F913B18A971F1C ] Compbatt        C:\WINDOWS\system32\DRIVERS\compbatt.sys
19:48:33.0000 0x17d4  Compbatt - ok
19:48:33.0000 0x17d4  COMSysApp - ok
19:48:33.0015 0x17d4  Cpqarray - ok
19:48:33.0046 0x17d4  [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
19:48:33.0046 0x17d4  CryptSvc - ok
19:48:33.0046 0x17d4  dac2w2k - ok
19:48:33.0046 0x17d4  dac960nt - ok
19:48:33.0125 0x17d4  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
19:48:33.0125 0x17d4  DcomLaunch - ok
19:48:33.0187 0x17d4  [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
19:48:33.0203 0x17d4  Dhcp - ok
19:48:33.0234 0x17d4  [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
19:48:33.0234 0x17d4  Disk - ok
19:48:33.0234 0x17d4  dmadmin - ok
19:48:33.0265 0x17d4  [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
19:48:33.0281 0x17d4  dmboot - ok
19:48:33.0328 0x17d4  [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
19:48:33.0343 0x17d4  dmio - ok
19:48:33.0390 0x17d4  [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
19:48:33.0390 0x17d4  dmload - ok
19:48:33.0421 0x17d4  [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver        C:\WINDOWS\System32\dmserver.dll
19:48:33.0437 0x17d4  dmserver - ok
19:48:33.0453 0x17d4  [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
19:48:33.0453 0x17d4  DMusic - ok
19:48:33.0484 0x17d4  [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
19:48:33.0484 0x17d4  Dnscache - ok
19:48:33.0515 0x17d4  [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
19:48:33.0515 0x17d4  Dot3svc - ok
19:48:33.0515 0x17d4  dpti2o - ok
19:48:33.0546 0x17d4  [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
19:48:33.0546 0x17d4  drmkaud - ok
19:48:33.0609 0x17d4  [ 34AAA3B298A852B3663E6E0D94D12945, 908BDC3E67780E7B97A08985A938AB5F461967F74D81135ACEF31FF3F73BBBA2 ] e1express       C:\WINDOWS\system32\DRIVERS\e1e5132.sys
19:48:33.0609 0x17d4  e1express - ok
19:48:33.0656 0x17d4  [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost         C:\WINDOWS\System32\eapsvc.dll
19:48:33.0656 0x17d4  EapHost - ok
19:48:33.0765 0x17d4  [ 68B88C464743467301ADE150E2CDE967, 38B887D830B3D64ACC08818CDEE54931620C9D57E68D6CDDA01CD91CC9706A58 ] EpsonCustomerParticipation C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
19:48:33.0781 0x17d4  EpsonCustomerParticipation - ok
19:48:33.0812 0x17d4  [ B538590B338F5379D4B33E266902008B, D73C4152DE0E9D225E29533FC5451D1C4DD344FE66024E6A8122B59ADD1611C8 ] EpsonScanSvc    C:\WINDOWS\system32\EscSvc.exe
19:48:33.0828 0x17d4  EpsonScanSvc - ok
19:48:33.0828 0x17d4  [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc           C:\WINDOWS\System32\ersvc.dll
19:48:33.0828 0x17d4  ERSvc - ok
19:48:33.0875 0x17d4  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog        C:\WINDOWS\system32\services.exe
19:48:33.0875 0x17d4  Eventlog - ok
19:48:33.0937 0x17d4  [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] EventSystem     C:\WINDOWS\system32\es.dll
19:48:33.0953 0x17d4  EventSystem - ok
19:48:33.0984 0x17d4  [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
19:48:34.0000 0x17d4  Fastfat - ok
19:48:34.0046 0x17d4  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
19:48:34.0046 0x17d4  FastUserSwitchingCompatibility - ok
19:48:34.0062 0x17d4  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc             C:\WINDOWS\system32\drivers\Fdc.sys
19:48:34.0062 0x17d4  Fdc - ok
19:48:34.0078 0x17d4  [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
19:48:34.0078 0x17d4  Fips - ok
19:48:34.0078 0x17d4  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys
19:48:34.0078 0x17d4  Flpydisk - ok
19:48:34.0140 0x17d4  [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
19:48:34.0140 0x17d4  FltMgr - ok
19:48:34.0234 0x17d4  [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
19:48:34.0234 0x17d4  FontCache3.0.0.0 - ok
19:48:34.0234 0x17d4  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:48:34.0234 0x17d4  Fs_Rec - ok
19:48:34.0265 0x17d4  [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:48:34.0265 0x17d4  Ftdisk - ok
19:48:34.0343 0x17d4  [ C6B9F48D46C13389EA2AF2065AE66612, BFB2CFF1B9BFE55E027F01C3714DF9BF8E0C5CFD0EF0BF6B8DA029D98C1288D7 ] GoToAssist      C:\Program Files\Citrix\GoToAssist\896\g2aservice.exe
19:48:34.0343 0x17d4  GoToAssist - ok
19:48:34.0390 0x17d4  [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:48:34.0406 0x17d4  Gpc - ok
19:48:34.0515 0x17d4  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
19:48:34.0531 0x17d4  gupdate - ok
19:48:34.0531 0x17d4  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
19:48:34.0531 0x17d4  gupdatem - ok
19:48:34.0593 0x17d4  [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
19:48:34.0593 0x17d4  HDAudBus - ok
19:48:34.0656 0x17d4  [ 0BF1D760B05CAAAF231123D53C4789E2, 53EB2FAEFC6267BA29831D2AFF6EDBF6916B25509D8C206D34FD52E76965856B ] HECI            C:\WINDOWS\system32\DRIVERS\HECI.sys
19:48:34.0656 0x17d4  HECI - ok
19:48:34.0765 0x17d4  [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
19:48:34.0765 0x17d4  helpsvc - ok
19:48:34.0828 0x17d4  [ 748031FF4FE45CCC47546294905FEAB8, 451E5988529997C60CC4A43B71D35BDA8596D799E86A44218B32CBEC8F8BBF27 ] HidBatt         C:\WINDOWS\system32\DRIVERS\HidBatt.sys
19:48:34.0828 0x17d4  HidBatt - ok
19:48:34.0859 0x17d4  [ DEB04DA35CC871B6D309B77E1443C796, F66A15C9528D661940F1F4CA453B3E95036D68C74C3B8AB53644211DBD3D2F32 ] HidServ         C:\WINDOWS\System32\hidserv.dll
19:48:34.0859 0x17d4  HidServ - ok
19:48:34.0890 0x17d4  [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] hidusb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
19:48:34.0890 0x17d4  hidusb - ok
19:48:34.0937 0x17d4  [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
19:48:34.0953 0x17d4  hkmsvc - ok
19:48:34.0953 0x17d4  hpn - ok
19:48:35.0000 0x17d4  [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
19:48:35.0000 0x17d4  HTTP - ok
19:48:35.0046 0x17d4  [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
19:48:35.0046 0x17d4  HTTPFilter - ok
19:48:35.0046 0x17d4  i2omgmt - ok
19:48:35.0046 0x17d4  i2omp - ok
19:48:35.0078 0x17d4  [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt        C:\WINDOWS\system32\drivers\i8042prt.sys
19:48:35.0078 0x17d4  i8042prt - ok
19:48:35.0328 0x17d4  [ B2768350BB50469AEB1AFE694372B613, 7FBF31F52D66EE16306F454E637E6CDB68C8E2F7530810BB54086CEBD234CC52 ] ialm            C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
19:48:35.0500 0x17d4  ialm - ok
19:48:35.0562 0x17d4  [ 2358C53F30CB9DCD1D3843C4E2F299B2, C3E5F2D60133B10DEA52AF11E192DFDC4160611F5F0A86ED66138DB91532CA4A ] iastor          C:\WINDOWS\system32\DRIVERS\iaStor.sys
19:48:35.0562 0x17d4  iastor - ok
19:48:35.0640 0x17d4  [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:48:35.0656 0x17d4  idsvc - ok
19:48:35.0703 0x17d4  [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
19:48:35.0703 0x17d4  Imapi - ok
19:48:35.0750 0x17d4  [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService    C:\WINDOWS\system32\imapi.exe
19:48:35.0765 0x17d4  ImapiService - ok
19:48:35.0765 0x17d4  ini910u - ok
19:48:35.0828 0x17d4  [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
19:48:35.0828 0x17d4  intelppm - ok
19:48:35.0937 0x17d4  [ 0895CDD7F1542FFCC5BBB560EC78BC16, 383D9FFE7FB313EA201DE877F3D48B5116FFA261EDEF5D0D0FE79F14E9682D25 ] IntuitUpdateServiceV4 C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
19:48:35.0937 0x17d4  IntuitUpdateServiceV4 - ok
19:48:35.0953 0x17d4  [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
19:48:35.0953 0x17d4  Ip6Fw - ok
19:48:35.0984 0x17d4  [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:48:35.0984 0x17d4  IpFilterDriver - ok
19:48:36.0000 0x17d4  [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:48:36.0000 0x17d4  IpInIp - ok
19:48:36.0031 0x17d4  [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:48:36.0031 0x17d4  IpNat - ok
19:48:36.0046 0x17d4  [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:48:36.0046 0x17d4  IPSec - ok
19:48:36.0078 0x17d4  [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
19:48:36.0078 0x17d4  IRENUM - ok
19:48:36.0093 0x17d4  [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:48:36.0093 0x17d4  isapnp - ok
19:48:36.0109 0x17d4  [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:48:36.0109 0x17d4  Kbdclass - ok
19:48:36.0109 0x17d4  [ 9EF487A186DEA361AA06913A75B3FA99, B94EBA4EC6D85E11C81AF9927E9EF0AF2E6FE134CFF1FDB0535B7C5A794B4261 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
19:48:36.0109 0x17d4  kbdhid - ok
19:48:36.0140 0x17d4  [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
19:48:36.0140 0x17d4  kmixer - ok
19:48:36.0171 0x17d4  [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
19:48:36.0171 0x17d4  KSecDD - ok
19:48:36.0218 0x17d4  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
19:48:36.0218 0x17d4  lanmanserver - ok
19:48:36.0265 0x17d4  [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
19:48:36.0281 0x17d4  lanmanworkstation - ok
19:48:36.0281 0x17d4  lbrtfdc - ok
19:48:36.0312 0x17d4  [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
19:48:36.0328 0x17d4  LmHosts - ok
19:48:36.0328 0x17d4  [ CEDA82048C4958171674D0E9373B1A68, 3FB093DD108D2457A169CA9EE230A3299AC7483BBBC7565360C4E6AB2242368C ] LMS             C:\Program Files\Intel\AMT\LMS.exe
19:48:36.0328 0x17d4  LMS - ok
19:48:36.0390 0x17d4  [ DDF15A42E27E8EFE27B18FD403151A86, D6FAA6B1C70065DFCF53DF0509119233ADAE4B1C8B5ACAAEBC62A3D546EB7423 ] MatSvc          C:\Program Files\Microsoft Fix it Center\Matsvc.exe
19:48:36.0390 0x17d4  MatSvc - ok
19:48:36.0421 0x17d4  [ B4CD87E78A01562E3DA67FE1C2779204, 536AC01C53A18E7B43F02F345FC3088C189A2D01F5E060714C0534FE7ECA2356 ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
19:48:36.0421 0x17d4  MBAMProtector - ok
19:48:36.0546 0x17d4  [ 301E3FDFCF33640BB8763BA444BC5093, 362B069BB9A313A06B376CE27E6F7F8D569F6CA39A8ABC96D9DF231EE462C604 ] MBAMScheduler   C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
19:48:36.0593 0x17d4  MBAMScheduler - ok
19:48:36.0671 0x17d4  [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F606A16768A11DB0C ] MBAMService     C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
19:48:36.0687 0x17d4  MBAMService - ok
19:48:36.0718 0x17d4  [ 739164A8B8FB2F1B50A498F20AF7B21E, 8E7A387C3726A863BF251E638D072FA472B698EF6868E9A7A00EF1272F809C64 ] MBAMSwissArmy   C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
19:48:36.0718 0x17d4  MBAMSwissArmy - ok
19:48:36.0750 0x17d4  [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
19:48:36.0750 0x17d4  Messenger - ok
19:48:36.0781 0x17d4  [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
19:48:36.0781 0x17d4  mnmdd - ok
19:48:36.0828 0x17d4  [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
19:48:36.0843 0x17d4  mnmsrvc - ok
19:48:36.0859 0x17d4  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
19:48:36.0859 0x17d4  Modem - ok
19:48:36.0890 0x17d4  [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:48:36.0890 0x17d4  Mouclass - ok
19:48:36.0906 0x17d4  [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
19:48:36.0906 0x17d4  mouhid - ok
19:48:36.0921 0x17d4  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
19:48:36.0921 0x17d4  MountMgr - ok
19:48:36.0984 0x17d4  [ 22A7042C70F90F8261840740DDBB5176, AD0075C97D2D7C568D5CFB1C3A02DCE3BC01941844A759B29CD4DE4AF2F5FC45 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
19:48:36.0984 0x17d4  MozillaMaintenance - ok
19:48:37.0015 0x17d4  [ EE728AF83850DDAD9A3FCAC0AAB3AD97, F392EA3B26974593512F7441E8BC4DA91DD771216DB908F005D844C513A2DDB7 ] MpFilter        C:\WINDOWS\system32\DRIVERS\MpFilter.sys
19:48:37.0015 0x17d4  MpFilter - ok
19:48:37.0015 0x17d4  mraid35x - ok
19:48:37.0046 0x17d4  [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:48:37.0062 0x17d4  MRxDAV - ok
19:48:37.0125 0x17d4  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:48:37.0140 0x17d4  MRxSmb - ok
19:48:37.0140 0x17d4  [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
19:48:37.0140 0x17d4  MSDTC - ok
19:48:37.0140 0x17d4  [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
19:48:37.0140 0x17d4  Msfs - ok
19:48:37.0140 0x17d4  MSIServer - ok
19:48:37.0171 0x17d4  [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:48:37.0171 0x17d4  MSKSSRV - ok
19:48:37.0187 0x17d4  [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:48:37.0187 0x17d4  MSPCLOCK - ok
19:48:37.0203 0x17d4  [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
19:48:37.0203 0x17d4  MSPQM - ok
19:48:37.0234 0x17d4  [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:48:37.0234 0x17d4  mssmbios - ok
19:48:37.0265 0x17d4  [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
19:48:37.0265 0x17d4  Mup - ok
19:48:37.0312 0x17d4  [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent        C:\WINDOWS\System32\qagentrt.dll
19:48:37.0328 0x17d4  napagent - ok
19:48:37.0328 0x17d4  [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
19:48:37.0328 0x17d4  NDIS - ok
19:48:37.0375 0x17d4  [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:48:37.0375 0x17d4  NdisTapi - ok
19:48:37.0390 0x17d4  [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:48:37.0390 0x17d4  Ndisuio - ok
19:48:37.0390 0x17d4  [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:48:37.0390 0x17d4  NdisWan - ok
19:48:37.0421 0x17d4  [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
19:48:37.0421 0x17d4  NDProxy - ok
19:48:37.0453 0x17d4  [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
19:48:37.0453 0x17d4  NetBIOS - ok
19:48:37.0468 0x17d4  [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
19:48:37.0468 0x17d4  NetBT - ok
19:48:37.0515 0x17d4  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE          C:\WINDOWS\system32\netdde.exe
19:48:37.0515 0x17d4  NetDDE - ok
19:48:37.0515 0x17d4  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
19:48:37.0531 0x17d4  NetDDEdsdm - ok
19:48:37.0546 0x17d4  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon        C:\WINDOWS\system32\lsass.exe
19:48:37.0546 0x17d4  Netlogon - ok
19:48:37.0578 0x17d4  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman          C:\WINDOWS\System32\netman.dll
19:48:37.0578 0x17d4  Netman - ok
19:48:37.0625 0x17d4  [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:48:37.0625 0x17d4  NetTcpPortSharing - ok
19:48:37.0687 0x17d4  [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] Nla             C:\WINDOWS\System32\mswsock.dll
19:48:37.0687 0x17d4  Nla - ok
19:48:37.0687 0x17d4  [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
19:48:37.0687 0x17d4  Npfs - ok
19:48:37.0765 0x17d4  [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
19:48:37.0781 0x17d4  Ntfs - ok
19:48:37.0781 0x17d4  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
19:48:37.0781 0x17d4  NtLmSsp - ok
19:48:37.0828 0x17d4  [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
19:48:37.0843 0x17d4  NtmsSvc - ok
19:48:37.0859 0x17d4  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null            C:\WINDOWS\system32\drivers\Null.sys
19:48:37.0875 0x17d4  Null - ok
19:48:38.0187 0x17d4  [ 23B95A09677E62EC8D1641ECF39B9BFB, C690B047950FE0B22A3176031C229EB3DA8C756C613545FA23B25C906D3074EA ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
19:48:38.0343 0x17d4  nv - ok
19:48:38.0375 0x17d4  [ C501206816F35D20422B4C3F88D62860, BF815B59B3C6F26108AB349FA354236FE3782C18C43F9DDCD3574664F4E2F20F ] NVSvc           C:\WINDOWS\system32\nvsvc32.exe
19:48:38.0390 0x17d4  NVSvc - ok
19:48:38.0421 0x17d4  [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:48:38.0421 0x17d4  NwlnkFlt - ok
19:48:38.0437 0x17d4  [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:48:38.0437 0x17d4  NwlnkFwd - ok
19:48:38.0578 0x17d4  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:48:38.0593 0x17d4  odserv - ok
19:48:38.0609 0x17d4  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:48:38.0625 0x17d4  ose - ok
19:48:38.0671 0x17d4  [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
19:48:38.0671 0x17d4  Parport - ok
19:48:38.0687 0x17d4  [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
19:48:38.0687 0x17d4  PartMgr - ok
19:48:38.0734 0x17d4  [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
19:48:38.0734 0x17d4  ParVdm - ok
19:48:38.0750 0x17d4  [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
19:48:38.0750 0x17d4  PCI - ok
19:48:38.0750 0x17d4  PCIDump - ok
19:48:38.0750 0x17d4  [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
19:48:38.0750 0x17d4  PCIIde - ok
19:48:38.0781 0x17d4  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
19:48:38.0781 0x17d4  Pcmcia - ok
19:48:38.0781 0x17d4  PDCOMP - ok
19:48:38.0781 0x17d4  PDFRAME - ok
19:48:38.0796 0x17d4  PDRELI - ok
19:48:38.0796 0x17d4  PDRFRAME - ok
19:48:38.0796 0x17d4  perc2 - ok
19:48:38.0796 0x17d4  perc2hib - ok
19:48:38.0843 0x17d4  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] PlugPlay        C:\WINDOWS\system32\services.exe
19:48:38.0843 0x17d4  PlugPlay - ok
19:48:38.0859 0x17d4  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
19:48:38.0859 0x17d4  PolicyAgent - ok
19:48:38.0875 0x17d4  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
19:48:38.0875 0x17d4  PptpMiniport - ok
19:48:38.0875 0x17d4  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
19:48:38.0875 0x17d4  ProtectedStorage - ok
19:48:38.0875 0x17d4  [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
19:48:38.0875 0x17d4  PSched - ok
19:48:38.0875 0x17d4  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
19:48:38.0890 0x17d4  Ptilink - ok
19:48:38.0890 0x17d4  ql1080 - ok
19:48:38.0890 0x17d4  Ql10wnt - ok
19:48:38.0890 0x17d4  ql12160 - ok
19:48:38.0890 0x17d4  ql1240 - ok
19:48:38.0890 0x17d4  ql1280 - ok
19:48:38.0906 0x17d4  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:48:38.0906 0x17d4  RasAcd - ok
19:48:38.0953 0x17d4  [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto         C:\WINDOWS\System32\rasauto.dll
19:48:38.0953 0x17d4  RasAuto - ok
19:48:38.0984 0x17d4  [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
19:48:38.0984 0x17d4  Rasl2tp - ok
19:48:39.0046 0x17d4  [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan          C:\WINDOWS\System32\rasmans.dll
19:48:39.0046 0x17d4  RasMan - ok
19:48:39.0046 0x17d4  [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:48:39.0046 0x17d4  RasPppoe - ok
19:48:39.0062 0x17d4  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
19:48:39.0062 0x17d4  Raspti - ok
19:48:39.0078 0x17d4  [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:48:39.0078 0x17d4  Rdbss - ok
19:48:39.0078 0x17d4  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
19:48:39.0078 0x17d4  RDPCDD - ok
19:48:39.0109 0x17d4  [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
19:48:39.0109 0x17d4  rdpdr - ok
19:48:39.0156 0x17d4  [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
19:48:39.0171 0x17d4  RDPWD - ok
19:48:39.0187 0x17d4  [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
19:48:39.0187 0x17d4  RDSessMgr - ok
19:48:39.0187 0x17d4  [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
19:48:39.0203 0x17d4  redbook - ok
19:48:39.0234 0x17d4  [ 7E699FF5F59B5D9DE5390E3C34C67CF5, 3FCF0442D80AB181FED4303E570378736AA1F8718C0B8B70F689A1E45200FFE4 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
19:48:39.0234 0x17d4  RemoteAccess - ok
19:48:39.0281 0x17d4  [ 5B19B557B0C188210A56A6B699D90B8F, 0FA880B81AE615206FD1738B83428AAA491D54B24168339DE6E87FDE8C6C14B0 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
19:48:39.0281 0x17d4  RemoteRegistry - ok
19:48:39.0281 0x17d4  [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator      C:\WINDOWS\system32\locator.exe
19:48:39.0281 0x17d4  RpcLocator - ok
19:48:39.0312 0x17d4  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] RpcSs           C:\WINDOWS\System32\rpcss.dll
19:48:39.0328 0x17d4  RpcSs - ok
19:48:39.0343 0x17d4  [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP            C:\WINDOWS\system32\rsvp.exe
19:48:39.0359 0x17d4  RSVP - ok
19:48:39.0375 0x17d4  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs           C:\WINDOWS\system32\lsass.exe
19:48:39.0375 0x17d4  SamSs - ok
19:48:39.0390 0x17d4  [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
19:48:39.0390 0x17d4  SCardSvr - ok
19:48:39.0406 0x17d4  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
19:48:39.0421 0x17d4  Schedule - ok
19:48:39.0453 0x17d4  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
19:48:39.0453 0x17d4  Secdrv - ok
19:48:39.0453 0x17d4  [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon        C:\WINDOWS\System32\seclogon.dll
19:48:39.0453 0x17d4  seclogon - ok
19:48:39.0453 0x17d4  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS            C:\WINDOWS\system32\sens.dll
19:48:39.0453 0x17d4  SENS - ok
19:48:39.0484 0x17d4  [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
19:48:39.0484 0x17d4  serenum - ok
19:48:39.0500 0x17d4  [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
19:48:39.0500 0x17d4  Serial - ok
19:48:39.0515 0x17d4  [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
19:48:39.0515 0x17d4  Sfloppy - ok
19:48:39.0578 0x17d4  [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
19:48:39.0593 0x17d4  SharedAccess - ok
19:48:39.0609 0x17d4  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
19:48:39.0609 0x17d4  ShellHWDetection - ok
19:48:39.0609 0x17d4  Simbad - ok
19:48:39.0625 0x17d4  Sparrow - ok
19:48:39.0687 0x17d4  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
19:48:39.0687 0x17d4  splitter - ok
19:48:39.0750 0x17d4  [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
19:48:39.0750 0x17d4  Spooler - ok
19:48:39.0828 0x17d4  [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
19:48:39.0828 0x17d4  sr - ok
19:48:39.0828 0x17d4  [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice       C:\WINDOWS\system32\srsvc.dll
19:48:39.0843 0x17d4  srservice - ok
19:48:39.0890 0x17d4  [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
19:48:39.0906 0x17d4  Srv - ok
19:48:39.0937 0x17d4  [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
19:48:39.0937 0x17d4  SSDPSRV - ok
19:48:39.0968 0x17d4  [ 424566865D82AA4BD8D6546C1F2065FA, 37B4C04C7C0EE0F3347A9E9F35B095478299F7324CA87AAE487BF989B0E6AE03 ] ssmdrv          C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
19:48:39.0968 0x17d4  ssmdrv - ok
19:48:40.0031 0x17d4  [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
19:48:40.0046 0x17d4  stisvc - ok
19:48:40.0062 0x17d4  [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
19:48:40.0062 0x17d4  swenum - ok
19:48:40.0078 0x17d4  [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
19:48:40.0078 0x17d4  swmidi - ok
19:48:40.0078 0x17d4  SwPrv - ok
19:48:40.0078 0x17d4  symc810 - ok
19:48:40.0078 0x17d4  symc8xx - ok
19:48:40.0093 0x17d4  sym_hi - ok
19:48:40.0093 0x17d4  sym_u3 - ok
19:48:40.0109 0x17d4  [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
19:48:40.0109 0x17d4  sysaudio - ok
19:48:40.0125 0x17d4  [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
19:48:40.0140 0x17d4  SysmonLog - ok
19:48:40.0156 0x17d4  [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
19:48:40.0171 0x17d4  TapiSrv - ok
19:48:40.0218 0x17d4  [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:48:40.0234 0x17d4  Tcpip - ok
19:48:40.0265 0x17d4  [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
19:48:40.0265 0x17d4  TDPIPE - ok
19:48:40.0281 0x17d4  [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
19:48:40.0281 0x17d4  TDTCP - ok
19:48:40.0296 0x17d4  [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
19:48:40.0296 0x17d4  TermDD - ok
19:48:40.0296 0x17d4  [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService     C:\WINDOWS\System32\termsrv.dll
19:48:40.0312 0x17d4  TermService - ok
19:48:40.0343 0x17d4  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] Themes          C:\WINDOWS\System32\shsvcs.dll
19:48:40.0359 0x17d4  Themes - ok
19:48:40.0390 0x17d4  [ DB7205804759FF62C34E3EFD8A4CC76A, 13A4248F528CE98ACA66898E56822E4FC49B11F491FF1F61A687BA601BF0A802 ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe
19:48:40.0390 0x17d4  TlntSvr - ok
19:48:40.0390 0x17d4  TosIde - ok
19:48:40.0406 0x17d4  [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks          C:\WINDOWS\system32\trkwks.dll
19:48:40.0406 0x17d4  TrkWks - ok
19:48:40.0421 0x17d4  [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
19:48:40.0437 0x17d4  Udfs - ok
19:48:40.0437 0x17d4  ultra - ok
19:48:40.0578 0x17d4  [ 641572746179865BA2AFD8FE2987541A, 9C3F1AF6874B637B239A02A6ADD40097DB0DDB576ABA45D6B07B642D74E2256A ] UNS             C:\Program Files\Intel\AMT\UNS.exe
19:48:40.0640 0x17d4  UNS - ok
19:48:40.0718 0x17d4  [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
19:48:40.0718 0x17d4  Update - ok
19:48:40.0765 0x17d4  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost        C:\WINDOWS\System32\upnphost.dll
19:48:40.0781 0x17d4  upnphost - ok
19:48:40.0796 0x17d4  [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS             C:\WINDOWS\System32\ups.exe
19:48:40.0796 0x17d4  UPS - ok
19:48:40.0859 0x17d4  [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
19:48:40.0859 0x17d4  usbccgp - ok
19:48:40.0906 0x17d4  [ 6B5E4D5E6E5ECD6ACD14AED59768CE5C, 2DA40F2035D86EA1AF0DC498D36658E330953E4F4BA846103CB4C3D0FBD3FBE5 ] USBCCID         C:\WINDOWS\system32\DRIVERS\usbccid.sys
19:48:40.0906 0x17d4  USBCCID - ok
19:48:40.0921 0x17d4  [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
19:48:40.0921 0x17d4  usbehci - ok
19:48:40.0953 0x17d4  [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
19:48:40.0953 0x17d4  usbhub - ok
19:48:40.0984 0x17d4  [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
19:48:40.0984 0x17d4  usbprint - ok
19:48:41.0015 0x17d4  [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
19:48:41.0015 0x17d4  usbscan - ok
19:48:41.0031 0x17d4  [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
19:48:41.0031 0x17d4  USBSTOR - ok
19:48:41.0062 0x17d4  [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
19:48:41.0062 0x17d4  usbuhci - ok
19:48:41.0078 0x17d4  [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
19:48:41.0078 0x17d4  VgaSave - ok
19:48:41.0078 0x17d4  ViaIde - ok
19:48:41.0078 0x17d4  [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
19:48:41.0093 0x17d4  VolSnap - ok
19:48:41.0109 0x17d4  [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS             C:\WINDOWS\System32\vssvc.exe
19:48:41.0125 0x17d4  VSS - ok
19:48:41.0140 0x17d4  [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] W32Time         C:\WINDOWS\system32\w32time.dll
19:48:41.0156 0x17d4  W32Time - ok
19:48:41.0156 0x17d4  [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:48:41.0156 0x17d4  Wanarp - ok
19:48:41.0156 0x17d4  WDICA - ok
19:48:41.0171 0x17d4  [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
19:48:41.0187 0x17d4  wdmaud - ok
19:48:41.0203 0x17d4  [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient       C:\WINDOWS\System32\webclnt.dll
19:48:41.0203 0x17d4  WebClient - ok
19:48:41.0312 0x17d4  [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
19:48:41.0328 0x17d4  winmgmt - ok
19:48:41.0484 0x17d4  [ D9250B31B353EE3322C1CAD411997E38, D3EE89549A76E335B1DA774280FDC31184DCA714B99489AE96B90006CF6A0BA1 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:48:41.0531 0x17d4  wlidsvc - ok
19:48:41.0562 0x17d4  [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
19:48:41.0562 0x17d4  WmdmPmSN - ok
19:48:41.0625 0x17d4  [ E76F8807070ED04E7408A86D6D3A6137, BFCF5361B7335760A7AE4B6958DE516A27AC60AA09135A46F0B49F588FAFE3A0 ] Wmi             C:\WINDOWS\System32\advapi32.dll
19:48:41.0640 0x17d4  Wmi - ok
19:48:41.0687 0x17d4  [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
19:48:41.0687 0x17d4  WmiApSrv - ok
19:48:41.0812 0x17d4  [ F74E3D9A7FA9556C3BBB14D4E5E63D3B, C71FAAC752F6D58BF8556661252DBF8C5DDD090CAE002A2C7E09C9A014526066 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\WMPNetwk.exe
19:48:41.0843 0x17d4  WMPNetworkSvc - ok
19:48:41.0953 0x17d4  [ 15673BD0B86150CB8E27766059C72A9B, 56C23289A8BFF4945EE532CF6D62D3EC81B827CA15A359F30A327789F9FE9CAF ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
19:48:41.0984 0x17d4  WPFFontCache_v0400 - ok
19:48:42.0015 0x17d4  [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL         C:\WINDOWS\System32\drivers\ws2ifsl.sys
19:48:42.0015 0x17d4  WS2IFSL - ok
19:48:42.0046 0x17d4  [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
19:48:42.0046 0x17d4  wscsvc - ok
19:48:42.0062 0x17d4  WSearch - ok
19:48:42.0078 0x17d4  [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
19:48:42.0078 0x17d4  wuauserv - ok
19:48:42.0109 0x17d4  [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
19:48:42.0109 0x17d4  WudfPf - ok
19:48:42.0140 0x17d4  [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
19:48:42.0140 0x17d4  WudfRd - ok
19:48:42.0156 0x17d4  [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
19:48:42.0156 0x17d4  WudfSvc - ok
19:48:42.0218 0x17d4  [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
19:48:42.0234 0x17d4  WZCSVC - ok
19:48:42.0265 0x17d4  [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
19:48:42.0265 0x17d4  xmlprov - ok
19:48:42.0265 0x17d4  ================ Scan global ===============================
19:48:42.0312 0x17d4  [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll
19:48:42.0375 0x17d4  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
19:48:42.0390 0x17d4  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
19:48:42.0406 0x17d4  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe
19:48:42.0421 0x17d4  [ Global ] - ok
19:48:42.0421 0x17d4  ================ Scan MBR ==================================
19:48:42.0437 0x17d4  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
19:48:42.0687 0x17d4  \Device\Harddisk0\DR0 - ok
19:48:42.0687 0x17d4  ================ Scan VBR ==================================
19:48:42.0687 0x17d4  [ 3F97960C8A124EBAA5A7DF08817E6B5E ] \Device\Harddisk0\DR0\Partition1
19:48:42.0734 0x17d4  \Device\Harddisk0\DR0\Partition1 - ok
19:48:42.0734 0x17d4  ================ Scan generic autorun ======================
19:48:42.0781 0x17d4  [ 037B1E7798960E0420003D05BB577EE6, DEE53D6D332DADD40C0CE34A425A6C0781F611765DCD4299D869F2B1EE80AE66 ] C:\WINDOWS\system32\RUNDLL32.EXE
19:48:42.0781 0x17d4  NvCplDaemon - ok
19:48:42.0828 0x17d4  [ 28DEF0EFB36D172EAA5A08EB09CF75DF, 62D07A28167AEBFB9511830BFBBEAAB17CC24D57FF8D07F1414D921135BC9024 ] C:\Program Files\Avira\Antivirus\avgnt.exe
19:48:42.0843 0x17d4  avgnt - ok
19:48:42.0890 0x17d4  [ 5120CD65A74A5E054FB2B0577688024C, 2C771743C797ED2F94E4C0CD7472D20532DB6C3E95DEB0DA4D14D6B5469EE273 ] C:\Program Files\Avira\Launcher\Avira.Systray.exe
19:48:42.0890 0x17d4  Avira Systray - ok
19:48:43.0078 0x17d4  [ 0DBE9F1DD2D6198A3DE94EB1DEBF6CEE, DAAC98F6CA6EC3E61D727BAE0E02B2C52E0CCF4B0110A9F13CE2DA086F7E0B18 ] C:\Program Files\Epson Software\FAX Utility\FUFAXRCV.exe
19:48:43.0093 0x17d4  FUFAXRCV - ok
19:48:43.0156 0x17d4  [ 8F12F29774281DE44A9F0FDA546FD98A, 8B7456619B77CBC6C5281099523B6B2440AD43B6401D3538031B93164F58E2EA ] C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe
19:48:43.0171 0x17d4  FUFAXSTM - ok
19:48:43.0265 0x17d4  [ 4ABA86D5B0D440F33BDBDBDAEA065C42, 434E035E4748D0E4CEB08E655FF9A1739FF7E0099CCCC42122A24736DE3DE7E3 ] C:\Program Files\Epson Software\Event Manager\EEventManager.exe
19:48:43.0281 0x17d4  EEventManager - ok
19:48:43.0406 0x17d4  [ B37B8C10EC80BA91930C445074032B1C, 29E2CABFE67D306F7E21BEF435BD78A33D184475837DC6AC145BFB9C16E499E5 ] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_TATIKLE.EXE
19:48:43.0406 0x17d4  EPLTarget\P0000000000000002 - ok
19:48:43.0437 0x17d4  [ 5F1D5F88303D4A4DBC8E5F97BA967CC3, 5FB24FC7916A6E6B3BE7D84CB1684215B266CD1495575C2E5672B8447932E5B1 ] C:\WINDOWS\system32\ctfmon.exe
19:48:43.0437 0x17d4  ctfmon.exe - ok
19:48:43.0437 0x17d4  Waiting for KSN requests completion. In queue: 198
19:48:44.0437 0x17d4  Waiting for KSN requests completion. In queue: 198
19:48:45.0437 0x17d4  Waiting for KSN requests completion. In queue: 198
19:48:46.0531 0x17d4  Win FW state via NFM: enabled
19:48:48.0968 0x17d4  ============================================================
19:48:48.0968 0x17d4  Scan finished
19:48:48.0968 0x17d4  ============================================================
19:48:48.0968 0x0788  Detected object count: 0
19:48:48.0968 0x0788  Actual detected object count: 0
19:49:51.0187 0x166c  ============================================================
19:49:51.0187 0x166c  Scan started
19:49:51.0187 0x166c  Mode: Manual; SigCheck; TDLFS;
19:49:51.0187 0x166c  ============================================================
19:49:51.0187 0x166c  KSN ping started
19:50:05.0703 0x166c  KSN ping finished: true
19:50:05.0953 0x166c  ================ Scan system memory ========================
19:50:05.0953 0x166c  System memory - ok
19:50:05.0953 0x166c  ================ Scan services =============================
19:50:06.0000 0x166c  Abiosdsk - ok
19:50:06.0000 0x166c  abp480n5 - ok
19:50:06.0062 0x166c  [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
19:50:06.0546 0x166c  ACPI - ok
19:50:06.0562 0x166c  [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
19:50:06.0671 0x166c  ACPIEC - ok
19:50:06.0734 0x166c  [ 307F5E03B02A3022D664C36D1EA25F2C, 89E5315DC7C54D215353C9DF9A519D1AF3518E3E0D872E10F7B2CAA2DB1AD5F8 ] ADIHdAudAddService C:\WINDOWS\system32\drivers\ADIHdAud.sys
19:50:06.0843 0x166c  ADIHdAudAddService - ok
19:50:06.0859 0x166c  adpu160m - ok
19:50:06.0890 0x166c  [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec             C:\WINDOWS\system32\drivers\aec.sys
19:50:07.0031 0x166c  aec - ok
19:50:07.0078 0x166c  [ A7B8A3A79D35215D798A300DF49ED23F, D441633C0F8E22F8976B95D6A3DCD552AA07C616AC5FE4379472954F7BE6075E ] Afc             C:\WINDOWS\system32\drivers\Afc.sys
19:50:07.0093 0x166c  Afc - detected UnsignedFile.Multi.Generic ( 1 )
19:50:07.0093 0x166c  Detect skipped due to KSN trusted
19:50:07.0093 0x166c  Afc - ok
19:50:07.0156 0x166c  [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
19:50:07.0250 0x166c  AFD - ok
19:50:07.0265 0x166c  Aha154x - ok
19:50:07.0265 0x166c  aic78u2 - ok
19:50:07.0265 0x166c  aic78xx - ok
19:50:07.0296 0x166c  [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
19:50:07.0390 0x166c  Alerter - ok
19:50:07.0406 0x166c  [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG             C:\WINDOWS\System32\alg.exe
19:50:07.0484 0x166c  ALG - ok
19:50:07.0500 0x166c  AliIde - ok
19:50:07.0500 0x166c  amsint - ok
19:50:07.0640 0x166c  [ C2C250888ADB92A2F62BFC773A0550FC, D648D40239DF22C32438DE6C5C003BF775615321F6CDDE9AC08C3E87BE6E67E5 ] AntiVirMailService C:\Program Files\Avira\Antivirus\avmailc.exe
19:50:07.0703 0x166c  AntiVirMailService - ok
19:50:07.0765 0x166c  [ 58FB167B287CAA05F7DD5AA1018FD52C, D9EB68E1C2B99E5F59A0DA4C9FA46E15C6E470F7445E232C03C82790F546A6AA ] AntiVirSchedulerService C:\Program Files\Avira\Antivirus\sched.exe
19:50:07.0796 0x166c  AntiVirSchedulerService - ok
19:50:07.0828 0x166c  [ 58FB167B287CAA05F7DD5AA1018FD52C, D9EB68E1C2B99E5F59A0DA4C9FA46E15C6E470F7445E232C03C82790F546A6AA ] AntiVirService  C:\Program Files\Avira\Antivirus\avguard.exe
19:50:07.0859 0x166c  AntiVirService - ok
19:50:07.0937 0x166c  [ 26EFFECBF1E7AC821B60DDD26141467D, C30D46493C4FBEEBE6DF7F15EC4457F749AD847728ADF272DCD79368F4237057 ] AntiVirWebService C:\Program Files\Avira\Antivirus\AVWEBGRD.EXE
19:50:07.0984 0x166c  AntiVirWebService - ok
19:50:08.0062 0x166c  [ DC45AB27932447B598848B10650313C5, 350BC3BBC714A392F369619C384EFC80A361B97F6D68EA33D414DCBB40BF0547 ] APC UPS Service C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
19:50:08.0078 0x166c  APC UPS Service - detected UnsignedFile.Multi.Generic ( 1 )
19:50:08.0078 0x166c  Detect skipped due to KSN trusted
19:50:08.0078 0x166c  APC UPS Service - ok
19:50:08.0125 0x166c  [ D8849F77C0B66226335A59D26CB4EDC6, 4990031453204C57E36E850252A39B05D6ECDAB9E71A8136FB4900F17E59C9CA ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
19:50:08.0218 0x166c  AppMgmt - ok
19:50:08.0218 0x166c  asc - ok
19:50:08.0234 0x166c  asc3350p - ok
19:50:08.0234 0x166c  asc3550 - ok
19:50:08.0390 0x166c  [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
19:50:08.0406 0x166c  aspnet_state - ok
19:50:08.0453 0x166c  [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
19:50:08.0546 0x166c  AsyncMac - ok
19:50:08.0562 0x166c  [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
19:50:08.0656 0x166c  atapi - ok
19:50:08.0781 0x166c  [ 5B38D6E5FEDBCC7925597412554798BB, 628FFA1F0C2F38E7AD631CEF509FA5A703CA4B6255FDC68DFA8271F6982ED7AB ] atchksrv        C:\Program Files\Intel\AMT\atchksrv.exe
19:50:08.0796 0x166c  atchksrv - detected UnsignedFile.Multi.Generic ( 1 )
19:50:08.0796 0x166c  Detect skipped due to KSN trusted
19:50:08.0796 0x166c  atchksrv - ok
19:50:08.0796 0x166c  Atdisk - ok
19:50:08.0828 0x166c  [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
19:50:08.0921 0x166c  Atmarpc - ok
19:50:08.0984 0x166c  [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
19:50:09.0062 0x166c  AudioSrv - ok
19:50:09.0125 0x166c  [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
19:50:09.0203 0x166c  audstub - ok
19:50:09.0234 0x166c  [ 0FFC36573D7541155F84AC8F8F9D87A6, 50CE44B544CF365C4E99133C69582154C58DEB263892E3EF02C9886C8D652F60 ] avgntflt        C:\WINDOWS\system32\DRIVERS\avgntflt.sys
19:50:09.0250 0x166c  avgntflt - ok
19:50:09.0328 0x166c  [ B9D3418110A6B4EAADCB2BD1A8CEC617, 2252E518FB0A69699ECF7A940A20E9D77822F7FF7CE14FE5E30E4DDB34546D56 ] avipbb          C:\WINDOWS\system32\DRIVERS\avipbb.sys
19:50:09.0328 0x166c  avipbb - ok
19:50:09.0437 0x166c  [ 17348FE28C0A0AB4A6CB86D177770335, 633FEDA61F62504534B47090EA142F73C5D80C0D52A22A6C81DF64CD3EAFDAA8 ] Avira.ServiceHost C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
19:50:09.0453 0x166c  Avira.ServiceHost - ok
19:50:09.0500 0x166c  [ F80F5DCA8A5D9D93CC5BE933D20CAF05, 2AFBB2D62127FACBCABBB3E78F3568A6BA016ED4A97A1490BAA29A1EFB7A4408 ] avkmgr          C:\WINDOWS\system32\DRIVERS\avkmgr.sys
19:50:09.0515 0x166c  avkmgr - ok
19:50:09.0562 0x166c  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
19:50:09.0640 0x166c  Beep - ok
19:50:09.0703 0x166c  [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS            C:\WINDOWS\system32\qmgr.dll
19:50:09.0812 0x166c  BITS - ok
19:50:09.0875 0x166c  [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] Browser         C:\WINDOWS\System32\browser.dll
19:50:09.0968 0x166c  Browser - ok
19:50:10.0109 0x166c  catchme - ok
19:50:10.0140 0x166c  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
19:50:10.0234 0x166c  cbidf2k - ok
19:50:10.0234 0x166c  cd20xrnt - ok
19:50:10.0281 0x166c  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
19:50:10.0359 0x166c  Cdaudio - ok
19:50:10.0406 0x166c  [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
19:50:10.0468 0x166c  Cdfs - ok
19:50:10.0500 0x166c  [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
19:50:10.0578 0x166c  Cdrom - ok
19:50:10.0625 0x166c  [ 84853B3FD012251690570E9E7E43343F, 65CACFA643E52A0C0E6B2D901228A8A0AD4993CAFA3C287E65395F4B7C521089 ] cercsr6         C:\WINDOWS\system32\drivers\cercsr6.sys
19:50:10.0656 0x166c  cercsr6 - detected UnsignedFile.Multi.Generic ( 1 )
19:50:10.0656 0x166c  Detect skipped due to KSN trusted
19:50:10.0656 0x166c  cercsr6 - ok
19:50:10.0656 0x166c  Changer - ok
19:50:10.0703 0x166c  [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc           C:\WINDOWS\system32\cisvc.exe
19:50:10.0781 0x166c  CiSvc - ok
19:50:10.0828 0x166c  [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
19:50:10.0921 0x166c  ClipSrv - ok
19:50:10.0953 0x166c  [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:50:10.0968 0x166c  clr_optimization_v2.0.50727_32 - ok
19:50:11.0062 0x166c  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:50:11.0078 0x166c  clr_optimization_v4.0.30319_32 - ok
19:50:11.0078 0x166c  CmdIde - ok
19:50:11.0109 0x166c  [ 6E4C9F21F0FAE8940661144F41B13203, 731202A0DD021FCF9287FEA631212603AAAC23F9E7F76B2882F913B18A971F1C ] Compbatt        C:\WINDOWS\system32\DRIVERS\compbatt.sys
19:50:11.0203 0x166c  Compbatt - ok
19:50:11.0203 0x166c  COMSysApp - ok
19:50:11.0203 0x166c  Cpqarray - ok
19:50:11.0250 0x166c  [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
19:50:11.0343 0x166c  CryptSvc - ok
19:50:11.0343 0x166c  dac2w2k - ok
19:50:11.0343 0x166c  dac960nt - ok
19:50:11.0390 0x166c  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
19:50:11.0500 0x166c  DcomLaunch - ok
19:50:11.0562 0x166c  [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
19:50:11.0640 0x166c  Dhcp - ok
19:50:11.0640 0x166c  [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
19:50:11.0750 0x166c  Disk - ok
19:50:11.0750 0x166c  dmadmin - ok
19:50:11.0796 0x166c  [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
19:50:11.0890 0x166c  dmboot - ok
19:50:11.0921 0x166c  [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
19:50:12.0015 0x166c  dmio - ok
19:50:12.0046 0x166c  [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
19:50:12.0140 0x166c  dmload - ok
19:50:12.0203 0x166c  [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver        C:\WINDOWS\System32\dmserver.dll
19:50:12.0281 0x166c  dmserver - ok
19:50:12.0296 0x166c  [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
19:50:12.0390 0x166c  DMusic - ok
19:50:12.0421 0x166c  [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
19:50:12.0546 0x166c  Dnscache - ok
19:50:12.0578 0x166c  [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
19:50:12.0671 0x166c  Dot3svc - ok
19:50:12.0687 0x166c  dpti2o - ok
19:50:12.0687 0x166c  [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
19:50:12.0765 0x166c  drmkaud - ok
19:50:12.0828 0x166c  [ 34AAA3B298A852B3663E6E0D94D12945, 908BDC3E67780E7B97A08985A938AB5F461967F74D81135ACEF31FF3F73BBBA2 ] e1express       C:\WINDOWS\system32\DRIVERS\e1e5132.sys
19:50:12.0843 0x166c  e1express - ok
19:50:12.0875 0x166c  [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost         C:\WINDOWS\System32\eapsvc.dll
19:50:12.0984 0x166c  EapHost - ok
19:50:13.0109 0x166c  [ 68B88C464743467301ADE150E2CDE967, 38B887D830B3D64ACC08818CDEE54931620C9D57E68D6CDDA01CD91CC9706A58 ] EpsonCustomerParticipation C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
19:50:13.0125 0x166c  EpsonCustomerParticipation - ok
19:50:13.0156 0x166c  [ B538590B338F5379D4B33E266902008B, D73C4152DE0E9D225E29533FC5451D1C4DD344FE66024E6A8122B59ADD1611C8 ] EpsonScanSvc    C:\WINDOWS\system32\EscSvc.exe
19:50:13.0171 0x166c  EpsonScanSvc - ok
19:50:13.0187 0x166c  [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc           C:\WINDOWS\System32\ersvc.dll
19:50:13.0281 0x166c  ERSvc - ok
19:50:13.0328 0x166c  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog        C:\WINDOWS\system32\services.exe
19:50:13.0343 0x166c  Eventlog - ok
19:50:13.0421 0x166c  [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] EventSystem     C:\WINDOWS\system32\es.dll
19:50:13.0484 0x166c  EventSystem - ok
19:50:13.0515 0x166c  [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
19:50:13.0640 0x166c  Fastfat - ok
19:50:13.0703 0x166c  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
19:50:13.0765 0x166c  FastUserSwitchingCompatibility - ok
19:50:13.0796 0x166c  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc             C:\WINDOWS\system32\drivers\Fdc.sys
19:50:13.0859 0x166c  Fdc - ok
19:50:13.0875 0x166c  [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
19:50:13.0953 0x166c  Fips - ok
19:50:13.0953 0x166c  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys
19:50:14.0031 0x166c  Flpydisk - ok
19:50:14.0078 0x166c  [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
19:50:14.0140 0x166c  FltMgr - ok
19:50:14.0250 0x166c  [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
19:50:14.0250 0x166c  FontCache3.0.0.0 - ok
19:50:14.0265 0x166c  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:50:14.0359 0x166c  Fs_Rec - ok
19:50:14.0375 0x166c  [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:50:14.0453 0x166c  Ftdisk - ok
19:50:14.0531 0x166c  [ C6B9F48D46C13389EA2AF2065AE66612, BFB2CFF1B9BFE55E027F01C3714DF9BF8E0C5CFD0EF0BF6B8DA029D98C1288D7 ] GoToAssist      C:\Program Files\Citrix\GoToAssist\896\g2aservice.exe
19:50:14.0531 0x166c  GoToAssist - ok
19:50:14.0562 0x166c  [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:50:14.0640 0x166c  Gpc - ok
19:50:14.0765 0x166c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
19:50:14.0781 0x166c  gupdate - ok
19:50:14.0781 0x166c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
19:50:14.0796 0x166c  gupdatem - ok
19:50:14.0812 0x166c  [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
19:50:14.0906 0x166c  HDAudBus - ok
19:50:14.0953 0x166c  [ 0BF1D760B05CAAAF231123D53C4789E2, 53EB2FAEFC6267BA29831D2AFF6EDBF6916B25509D8C206D34FD52E76965856B ] HECI            C:\WINDOWS\system32\DRIVERS\HECI.sys
19:50:15.0000 0x166c  HECI - ok
19:50:15.0093 0x166c  [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
19:50:15.0171 0x166c  helpsvc - ok
19:50:15.0234 0x166c  [ 748031FF4FE45CCC47546294905FEAB8, 451E5988529997C60CC4A43B71D35BDA8596D799E86A44218B32CBEC8F8BBF27 ] HidBatt         C:\WINDOWS\system32\DRIVERS\HidBatt.sys
19:50:15.0312 0x166c  HidBatt - ok
19:50:15.0312 0x166c  [ DEB04DA35CC871B6D309B77E1443C796, F66A15C9528D661940F1F4CA453B3E95036D68C74C3B8AB53644211DBD3D2F32 ] HidServ         C:\WINDOWS\System32\hidserv.dll
19:50:15.0390 0x166c  HidServ - ok
19:50:15.0421 0x166c  [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] hidusb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
19:50:15.0500 0x166c  hidusb - ok
19:50:15.0531 0x166c  [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
19:50:15.0625 0x166c  hkmsvc - ok
19:50:15.0640 0x166c  hpn - ok
19:50:15.0703 0x166c  [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
19:50:15.0750 0x166c  HTTP - ok
19:50:15.0765 0x166c  [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
19:50:15.0859 0x166c  HTTPFilter - ok
19:50:15.0875 0x166c  i2omgmt - ok
19:50:15.0875 0x166c  i2omp - ok
19:50:15.0890 0x166c  [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt        C:\WINDOWS\system32\drivers\i8042prt.sys
19:50:15.0968 0x166c  i8042prt - ok
19:50:16.0218 0x166c  [ B2768350BB50469AEB1AFE694372B613, 7FBF31F52D66EE16306F454E637E6CDB68C8E2F7530810BB54086CEBD234CC52 ] ialm            C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
19:50:16.0484 0x166c  ialm - ok
19:50:16.0546 0x166c  [ 2358C53F30CB9DCD1D3843C4E2F299B2, C3E5F2D60133B10DEA52AF11E192DFDC4160611F5F0A86ED66138DB91532CA4A ] iastor          C:\WINDOWS\system32\DRIVERS\iaStor.sys
19:50:16.0562 0x166c  iastor - ok
19:50:16.0640 0x166c  [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:50:16.0671 0x166c  idsvc - ok
19:50:16.0734 0x166c  [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
19:50:16.0828 0x166c  Imapi - ok
19:50:16.0906 0x166c  [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService    C:\WINDOWS\system32\imapi.exe
19:50:16.0984 0x166c  ImapiService - ok
19:50:16.0984 0x166c  ini910u - ok
19:50:17.0046 0x166c  [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
19:50:17.0109 0x166c  intelppm - ok
19:50:17.0218 0x166c  [ 0895CDD7F1542FFCC5BBB560EC78BC16, 383D9FFE7FB313EA201DE877F3D48B5116FFA261EDEF5D0D0FE79F14E9682D25 ] IntuitUpdateServiceV4 C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
19:50:17.0234 0x166c  IntuitUpdateServiceV4 - ok
19:50:17.0265 0x166c  [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
19:50:17.0359 0x166c  Ip6Fw - ok
19:50:17.0390 0x166c  [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:50:17.0468 0x166c  IpFilterDriver - ok
19:50:17.0500 0x166c  [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:50:17.0609 0x166c  IpInIp - ok
19:50:17.0640 0x166c  [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:50:17.0718 0x166c  IpNat - ok
19:50:17.0734 0x166c  [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:50:17.0796 0x166c  IPSec - ok
19:50:17.0828 0x166c  [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
19:50:17.0921 0x166c  IRENUM - ok
19:50:17.0937 0x166c  [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:50:18.0015 0x166c  isapnp - ok
19:50:18.0046 0x166c  [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:50:18.0125 0x166c  Kbdclass - ok
19:50:18.0125 0x166c  [ 9EF487A186DEA361AA06913A75B3FA99, B94EBA4EC6D85E11C81AF9927E9EF0AF2E6FE134CFF1FDB0535B7C5A794B4261 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
19:50:18.0218 0x166c  kbdhid - ok
19:50:18.0234 0x166c  [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
19:50:18.0312 0x166c  kmixer - ok
19:50:18.0328 0x166c  [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
19:50:18.0453 0x166c  KSecDD - ok
19:50:18.0500 0x166c  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
19:50:18.0578 0x166c  lanmanserver - ok
19:50:18.0609 0x166c  [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
19:50:18.0656 0x166c  lanmanworkstation - ok
19:50:18.0656 0x166c  lbrtfdc - ok
19:50:18.0687 0x166c  [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
19:50:18.0781 0x166c  LmHosts - ok
19:50:18.0781 0x166c  [ CEDA82048C4958171674D0E9373B1A68, 3FB093DD108D2457A169CA9EE230A3299AC7483BBBC7565360C4E6AB2242368C ] LMS             C:\Program Files\Intel\AMT\LMS.exe
19:50:18.0781 0x166c  LMS - detected UnsignedFile.Multi.Generic ( 1 )
19:50:18.0781 0x166c  Detect skipped due to KSN trusted
19:50:18.0781 0x166c  LMS - ok
19:50:18.0828 0x166c  [ DDF15A42E27E8EFE27B18FD403151A86, D6FAA6B1C70065DFCF53DF0509119233ADAE4B1C8B5ACAAEBC62A3D546EB7423 ] MatSvc          C:\Program Files\Microsoft Fix it Center\Matsvc.exe
19:50:18.0843 0x166c  MatSvc - ok
19:50:18.0875 0x166c  [ B4CD87E78A01562E3DA67FE1C2779204, 536AC01C53A18E7B43F02F345FC3088C189A2D01F5E060714C0534FE7ECA2356 ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
19:50:18.0890 0x166c  MBAMProtector - ok
19:50:19.0015 0x166c  [ 301E3FDFCF33640BB8763BA444BC5093, 362B069BB9A313A06B376CE27E6F7F8D569F6CA39A8ABC96D9DF231EE462C604 ] MBAMScheduler   C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
19:50:19.0078 0x166c  MBAMScheduler - ok
19:50:19.0187 0x166c  [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F606A16768A11DB0C ] MBAMService     C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
19:50:19.0234 0x166c  MBAMService - ok
19:50:19.0296 0x166c  [ 739164A8B8FB2F1B50A498F20AF7B21E, 8E7A387C3726A863BF251E638D072FA472B698EF6868E9A7A00EF1272F809C64 ] MBAMSwissArmy   C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
19:50:19.0296 0x166c  MBAMSwissArmy - ok
19:50:19.0328 0x166c  [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
19:50:19.0421 0x166c  Messenger - ok
19:50:19.0468 0x166c  [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
19:50:19.0546 0x166c  mnmdd - ok
19:50:19.0593 0x166c  [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
19:50:19.0687 0x166c  mnmsrvc - ok
19:50:19.0718 0x166c  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
19:50:19.0812 0x166c  Modem - ok
19:50:19.0828 0x166c  [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:50:19.0890 0x166c  Mouclass - ok
19:50:19.0906 0x166c  [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
19:50:19.0984 0x166c  mouhid - ok
19:50:20.0000 0x166c  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
19:50:20.0078 0x166c  MountMgr - ok
19:50:20.0140 0x166c  [ 22A7042C70F90F8261840740DDBB5176, AD0075C97D2D7C568D5CFB1C3A02DCE3BC01941844A759B29CD4DE4AF2F5FC45 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
19:50:20.0156 0x166c  MozillaMaintenance - ok
19:50:20.0203 0x166c  [ EE728AF83850DDAD9A3FCAC0AAB3AD97, F392EA3B26974593512F7441E8BC4DA91DD771216DB908F005D844C513A2DDB7 ] MpFilter        C:\WINDOWS\system32\DRIVERS\MpFilter.sys
19:50:20.0218 0x166c  MpFilter - ok
19:50:20.0218 0x166c  mraid35x - ok
19:50:20.0234 0x166c  [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:50:20.0312 0x166c  MRxDAV - ok
19:50:20.0375 0x166c  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:50:20.0453 0x166c  MRxSmb - ok
19:50:20.0515 0x166c  [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
19:50:20.0609 0x166c  MSDTC - ok
19:50:20.0609 0x166c  [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
19:50:20.0671 0x166c  Msfs - ok
19:50:20.0687 0x166c  MSIServer - ok
19:50:20.0703 0x166c  [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:50:20.0765 0x166c  MSKSSRV - ok
19:50:20.0796 0x166c  [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:50:20.0890 0x166c  MSPCLOCK - ok
19:50:20.0906 0x166c  [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
19:50:21.0000 0x166c  MSPQM - ok
19:50:21.0015 0x166c  [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:50:21.0078 0x166c  mssmbios - ok
19:50:21.0109 0x166c  [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
19:50:21.0171 0x166c  Mup - ok
19:50:21.0203 0x166c  [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent        C:\WINDOWS\System32\qagentrt.dll
19:50:21.0312 0x166c  napagent - ok
19:50:21.0328 0x166c  [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
19:50:21.0406 0x166c  NDIS - ok
19:50:21.0468 0x166c  [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:50:21.0500 0x166c  NdisTapi - ok
19:50:21.0562 0x166c  [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:50:21.0640 0x166c  Ndisuio - ok
19:50:21.0687 0x166c  [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:50:21.0765 0x166c  NdisWan - ok
19:50:21.0796 0x166c  [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
19:50:21.0875 0x166c  NDProxy - ok
19:50:21.0906 0x166c  [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
19:50:21.0968 0x166c  NetBIOS - ok
19:50:22.0000 0x166c  [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
19:50:22.0078 0x166c  NetBT - ok
19:50:22.0125 0x166c  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE          C:\WINDOWS\system32\netdde.exe
19:50:22.0218 0x166c  NetDDE - ok
19:50:22.0234 0x166c  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
19:50:22.0296 0x166c  NetDDEdsdm - ok
19:50:22.0359 0x166c  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon        C:\WINDOWS\system32\lsass.exe
19:50:22.0437 0x166c  Netlogon - ok
19:50:22.0500 0x166c  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman          C:\WINDOWS\System32\netman.dll
19:50:22.0593 0x166c  Netman - ok
19:50:22.0640 0x166c  [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:50:22.0640 0x166c  NetTcpPortSharing - ok
19:50:22.0703 0x166c  [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] Nla             C:\WINDOWS\System32\mswsock.dll
19:50:22.0718 0x166c  Nla - ok
19:50:22.0718 0x166c  [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
19:50:22.0796 0x166c  Npfs - ok
19:50:22.0828 0x166c  [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
19:50:22.0906 0x166c  Ntfs - ok
19:50:22.0906 0x166c  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
19:50:22.0984 0x166c  NtLmSsp - ok
19:50:23.0015 0x166c  [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
19:50:23.0140 0x166c  NtmsSvc - ok
19:50:23.0187 0x166c  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null            C:\WINDOWS\system32\drivers\Null.sys
19:50:23.0265 0x166c  Null - ok
19:50:23.0593 0x166c  [ 23B95A09677E62EC8D1641ECF39B9BFB, C690B047950FE0B22A3176031C229EB3DA8C756C613545FA23B25C906D3074EA ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
19:50:23.0875 0x166c  nv - ok
19:50:23.0937 0x166c  [ C501206816F35D20422B4C3F88D62860, BF815B59B3C6F26108AB349FA354236FE3782C18C43F9DDCD3574664F4E2F20F ] NVSvc           C:\WINDOWS\system32\nvsvc32.exe
19:50:23.0953 0x166c  NVSvc - ok
19:50:24.0000 0x166c  [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:50:24.0093 0x166c  NwlnkFlt - ok
19:50:24.0125 0x166c  [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:50:24.0218 0x166c  NwlnkFwd - ok
19:50:24.0343 0x166c  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:50:24.0359 0x166c  odserv - ok
19:50:24.0406 0x166c  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:50:24.0406 0x166c  ose - ok
19:50:24.0453 0x166c  [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
19:50:24.0531 0x166c  Parport - ok
19:50:24.0562 0x166c  [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
19:50:24.0640 0x166c  PartMgr - ok
19:50:24.0687 0x166c  [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
19:50:24.0781 0x166c  ParVdm - ok
19:50:24.0781 0x166c  [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
19:50:24.0875 0x166c  PCI - ok
19:50:24.0875 0x166c  PCIDump - ok
19:50:24.0890 0x166c  [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
19:50:25.0015 0x166c  PCIIde - ok
19:50:25.0062 0x166c  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
19:50:25.0156 0x166c  Pcmcia - ok
19:50:25.0156 0x166c  PDCOMP - ok
19:50:25.0171 0x166c  PDFRAME - ok
19:50:25.0171 0x166c  PDRELI - ok
19:50:25.0171 0x166c  PDRFRAME - ok
19:50:25.0171 0x166c  perc2 - ok
19:50:25.0171 0x166c  perc2hib - ok
19:50:25.0218 0x166c  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] PlugPlay        C:\WINDOWS\system32\services.exe
19:50:25.0234 0x166c  PlugPlay - ok
19:50:25.0234 0x166c  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
19:50:25.0312 0x166c  PolicyAgent - ok
19:50:25.0328 0x166c  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
19:50:25.0406 0x166c  PptpMiniport - ok
19:50:25.0406 0x166c  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
19:50:25.0484 0x166c  ProtectedStorage - ok
19:50:25.0484 0x166c  [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
19:50:25.0593 0x166c  PSched - ok
19:50:25.0593 0x166c  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
19:50:25.0687 0x166c  Ptilink - ok
19:50:25.0703 0x166c  ql1080 - ok
19:50:25.0703 0x166c  Ql10wnt - ok
19:50:25.0703 0x166c  ql12160 - ok
19:50:25.0703 0x166c  ql1240 - ok
19:50:25.0703 0x166c  ql1280 - ok
19:50:25.0750 0x166c  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:50:25.0828 0x166c  RasAcd - ok
19:50:25.0859 0x166c  [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto         C:\WINDOWS\System32\rasauto.dll
19:50:25.0937 0x166c  RasAuto - ok
19:50:25.0968 0x166c  [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
19:50:26.0046 0x166c  Rasl2tp - ok
19:50:26.0109 0x166c  [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan          C:\WINDOWS\System32\rasmans.dll
19:50:26.0187 0x166c  RasMan - ok
19:50:26.0187 0x166c  [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:50:26.0265 0x166c  RasPppoe - ok
19:50:26.0265 0x166c  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
19:50:26.0343 0x166c  Raspti - ok
19:50:26.0359 0x166c  [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:50:26.0437 0x166c  Rdbss - ok
19:50:26.0437 0x166c  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
19:50:26.0515 0x166c  RDPCDD - ok
19:50:26.0562 0x166c  [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
19:50:26.0640 0x166c  rdpdr - ok
19:50:26.0703 0x166c  [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
19:50:26.0750 0x166c  RDPWD - ok
19:50:26.0781 0x166c  [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
19:50:26.0859 0x166c  RDSessMgr - ok
19:50:26.0890 0x166c  [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
19:50:26.0968 0x166c  redbook - ok
19:50:27.0015 0x166c  [ 7E699FF5F59B5D9DE5390E3C34C67CF5, 3FCF0442D80AB181FED4303E570378736AA1F8718C0B8B70F689A1E45200FFE4 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
19:50:27.0109 0x166c  RemoteAccess - ok
19:50:27.0156 0x166c  [ 5B19B557B0C188210A56A6B699D90B8F, 0FA880B81AE615206FD1738B83428AAA491D54B24168339DE6E87FDE8C6C14B0 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
19:50:27.0234 0x166c  RemoteRegistry - ok
19:50:27.0250 0x166c  [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator      C:\WINDOWS\system32\locator.exe
19:50:27.0312 0x166c  RpcLocator - ok
19:50:27.0359 0x166c  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] RpcSs           C:\WINDOWS\System32\rpcss.dll
19:50:27.0375 0x166c  RpcSs - ok
19:50:27.0421 0x166c  [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP            C:\WINDOWS\system32\rsvp.exe
19:50:27.0500 0x166c  RSVP - ok
19:50:27.0515 0x166c  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs           C:\WINDOWS\system32\lsass.exe
19:50:27.0593 0x166c  SamSs - ok
19:50:27.0640 0x166c  [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
19:50:27.0718 0x166c  SCardSvr - ok
19:50:27.0750 0x166c  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
19:50:27.0828 0x166c  Schedule - ok
19:50:27.0875 0x166c  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
19:50:27.0984 0x166c  Secdrv - ok
19:50:27.0984 0x166c  [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon        C:\WINDOWS\System32\seclogon.dll
19:50:28.0078 0x166c  seclogon - ok
19:50:28.0078 0x166c  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS            C:\WINDOWS\system32\sens.dll
19:50:28.0156 0x166c  SENS - ok
19:50:28.0171 0x166c  [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
19:50:28.0250 0x166c  serenum - ok
19:50:28.0250 0x166c  [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
19:50:28.0343 0x166c  Serial - ok
19:50:28.0359 0x166c  [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
19:50:28.0437 0x166c  Sfloppy - ok
19:50:28.0500 0x166c  [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
19:50:28.0625 0x166c  SharedAccess - ok
19:50:28.0687 0x166c  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
19:50:28.0703 0x166c  ShellHWDetection - ok
19:50:28.0703 0x166c  Simbad - ok
19:50:28.0718 0x166c  Sparrow - ok
19:50:28.0718 0x166c  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
19:50:28.0812 0x166c  splitter - ok
19:50:28.0890 0x166c  [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
19:50:28.0968 0x166c  Spooler - ok
19:50:29.0000 0x166c  [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
19:50:29.0078 0x166c  sr - ok
19:50:29.0156 0x166c  [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice       C:\WINDOWS\system32\srsvc.dll
19:50:29.0218 0x166c  srservice - ok
19:50:29.0296 0x166c  [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
19:50:29.0375 0x166c  Srv - ok
19:50:29.0390 0x166c  [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
19:50:29.0500 0x166c  SSDPSRV - ok
19:50:29.0515 0x166c  [ 424566865D82AA4BD8D6546C1F2065FA, 37B4C04C7C0EE0F3347A9E9F35B095478299F7324CA87AAE487BF989B0E6AE03 ] ssmdrv          C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
19:50:29.0531 0x166c  ssmdrv - ok
19:50:29.0562 0x166c  [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
19:50:29.0703 0x166c  stisvc - ok
19:50:29.0750 0x166c  [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
19:50:29.0828 0x166c  swenum - ok
19:50:29.0875 0x166c  [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
19:50:29.0937 0x166c  swmidi - ok
19:50:29.0953 0x166c  SwPrv - ok
19:50:29.0953 0x166c  symc810 - ok
19:50:29.0953 0x166c  symc8xx - ok
19:50:29.0953 0x166c  sym_hi - ok
19:50:29.0968 0x166c  sym_u3 - ok
19:50:30.0000 0x166c  [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
19:50:30.0062 0x166c  sysaudio - ok
19:50:30.0093 0x166c  [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
19:50:30.0171 0x166c  SysmonLog - ok
19:50:30.0203 0x166c  [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
19:50:30.0312 0x166c  TapiSrv - ok
19:50:30.0359 0x166c  [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:50:30.0390 0x166c  Tcpip - ok
19:50:30.0421 0x166c  [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
19:50:30.0515 0x166c  TDPIPE - ok
19:50:30.0531 0x166c  [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
19:50:30.0625 0x166c  TDTCP - ok
19:50:30.0625 0x166c  [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
19:50:30.0703 0x166c  TermDD - ok
19:50:30.0718 0x166c  [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService     C:\WINDOWS\System32\termsrv.dll
19:50:30.0828 0x166c  TermService - ok
19:50:30.0875 0x166c  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] Themes          C:\WINDOWS\System32\shsvcs.dll
19:50:30.0875 0x166c  Themes - ok
19:50:30.0921 0x166c  [ DB7205804759FF62C34E3EFD8A4CC76A, 13A4248F528CE98ACA66898E56822E4FC49B11F491FF1F61A687BA601BF0A802 ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe
19:50:31.0015 0x166c  TlntSvr - ok
19:50:31.0015 0x166c  TosIde - ok
19:50:31.0031 0x166c  [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks          C:\WINDOWS\system32\trkwks.dll
19:50:31.0109 0x166c  TrkWks - ok
19:50:31.0140 0x166c  [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
19:50:31.0234 0x166c  Udfs - ok
19:50:31.0234 0x166c  ultra - ok
19:50:31.0390 0x166c  [ 641572746179865BA2AFD8FE2987541A, 9C3F1AF6874B637B239A02A6ADD40097DB0DDB576ABA45D6B07B642D74E2256A ] UNS             C:\Program Files\Intel\AMT\UNS.exe
19:50:31.0546 0x166c  UNS - detected UnsignedFile.Multi.Generic ( 1 )
19:50:31.0546 0x166c  Detect skipped due to KSN trusted
19:50:31.0546 0x166c  UNS - ok
19:50:31.0625 0x166c  [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
19:50:31.0765 0x166c  Update - ok
19:50:31.0812 0x166c  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost        C:\WINDOWS\System32\upnphost.dll
19:50:31.0906 0x166c  upnphost - ok
19:50:31.0921 0x166c  [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS             C:\WINDOWS\System32\ups.exe
19:50:32.0015 0x166c  UPS - ok
19:50:32.0078 0x166c  [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
19:50:32.0140 0x166c  usbccgp - ok
19:50:32.0187 0x166c  [ 6B5E4D5E6E5ECD6ACD14AED59768CE5C, 2DA40F2035D86EA1AF0DC498D36658E330953E4F4BA846103CB4C3D0FBD3FBE5 ] USBCCID         C:\WINDOWS\system32\DRIVERS\usbccid.sys
19:50:32.0234 0x166c  USBCCID - ok
19:50:32.0265 0x166c  [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
19:50:32.0281 0x166c  usbehci - ok
19:50:32.0328 0x166c  [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
19:50:32.0421 0x166c  usbhub - ok
19:50:32.0468 0x166c  [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
19:50:32.0562 0x166c  usbprint - ok
19:50:32.0578 0x166c  [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
19:50:32.0625 0x166c  usbscan - ok
19:50:32.0656 0x166c  [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
19:50:32.0750 0x166c  USBSTOR - ok
19:50:32.0796 0x166c  [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
19:50:32.0875 0x166c  usbuhci - ok
19:50:32.0890 0x166c  [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
19:50:32.0968 0x166c  VgaSave - ok
19:50:32.0968 0x166c  ViaIde - ok
19:50:33.0015 0x166c  [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
19:50:33.0093 0x166c  VolSnap - ok
19:50:33.0156 0x166c  [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS             C:\WINDOWS\System32\vssvc.exe
19:50:33.0250 0x166c  VSS - ok
19:50:33.0312 0x166c  [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] W32Time         C:\WINDOWS\system32\w32time.dll
19:50:33.0390 0x166c  W32Time - ok
19:50:33.0437 0x166c  [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:50:33.0531 0x166c  Wanarp - ok
19:50:33.0531 0x166c  WDICA - ok
19:50:33.0546 0x166c  [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
19:50:33.0625 0x166c  wdmaud - ok
19:50:33.0671 0x166c  [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient       C:\WINDOWS\System32\webclnt.dll
19:50:33.0765 0x166c  WebClient - ok
19:50:33.0875 0x166c  [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
19:50:33.0953 0x166c  winmgmt - ok
19:50:34.0156 0x166c  [ D9250B31B353EE3322C1CAD411997E38, D3EE89549A76E335B1DA774280FDC31184DCA714B99489AE96B90006CF6A0BA1 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:50:34.0218 0x166c  wlidsvc - ok
19:50:34.0265 0x166c  [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
19:50:34.0328 0x166c  WmdmPmSN - ok
19:50:34.0390 0x166c  [ E76F8807070ED04E7408A86D6D3A6137, BFCF5361B7335760A7AE4B6958DE516A27AC60AA09135A46F0B49F588FAFE3A0 ] Wmi             C:\WINDOWS\System32\advapi32.dll
19:50:34.0484 0x166c  Wmi - ok
19:50:34.0515 0x166c  [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
19:50:34.0593 0x166c  WmiApSrv - ok
19:50:34.0703 0x166c  [ F74E3D9A7FA9556C3BBB14D4E5E63D3B, C71FAAC752F6D58BF8556661252DBF8C5DDD090CAE002A2C7E09C9A014526066 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\WMPNetwk.exe
19:50:34.0781 0x166c  WMPNetworkSvc - ok
19:50:34.0953 0x166c  [ 15673BD0B86150CB8E27766059C72A9B, 56C23289A8BFF4945EE532CF6D62D3EC81B827CA15A359F30A327789F9FE9CAF ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
19:50:34.0984 0x166c  WPFFontCache_v0400 - ok
19:50:35.0015 0x166c  [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL         C:\WINDOWS\System32\drivers\ws2ifsl.sys
19:50:35.0109 0x166c  WS2IFSL - ok
19:50:35.0156 0x166c  [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
19:50:35.0234 0x166c  wscsvc - ok
19:50:35.0250 0x166c  WSearch - ok
19:50:35.0265 0x166c  [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
19:50:35.0343 0x166c  wuauserv - ok
19:50:35.0390 0x166c  [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
19:50:35.0453 0x166c  WudfPf - ok
19:50:35.0468 0x166c  [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
19:50:35.0515 0x166c  WudfRd - ok
19:50:35.0578 0x166c  [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
19:50:35.0609 0x166c  WudfSvc - ok
19:50:35.0671 0x166c  [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
19:50:35.0796 0x166c  WZCSVC - ok
19:50:35.0812 0x166c  [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
19:50:35.0890 0x166c  xmlprov - ok
19:50:35.0890 0x166c  ================ Scan global ===============================
19:50:35.0937 0x166c  [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll
19:50:36.0000 0x166c  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
19:50:36.0015 0x166c  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
19:50:36.0046 0x166c  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe
19:50:36.0046 0x166c  [ Global ] - ok
19:50:36.0046 0x166c  ================ Scan MBR ==================================
19:50:36.0062 0x166c  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
19:50:36.0343 0x166c  \Device\Harddisk0\DR0 - ok
19:50:36.0343 0x166c  ================ Scan VBR ==================================
19:50:36.0343 0x166c  [ 3F97960C8A124EBAA5A7DF08817E6B5E ] \Device\Harddisk0\DR0\Partition1
19:50:36.0375 0x166c  \Device\Harddisk0\DR0\Partition1 - ok
19:50:36.0375 0x166c  ================ Scan generic autorun ======================
19:50:36.0421 0x166c  [ 037B1E7798960E0420003D05BB577EE6, DEE53D6D332DADD40C0CE34A425A6C0781F611765DCD4299D869F2B1EE80AE66 ] C:\WINDOWS\system32\RUNDLL32.EXE
19:50:36.0500 0x166c  NvCplDaemon - ok
19:50:36.0546 0x166c  [ 28DEF0EFB36D172EAA5A08EB09CF75DF, 62D07A28167AEBFB9511830BFBBEAAB17CC24D57FF8D07F1414D921135BC9024 ] C:\Program Files\Avira\Antivirus\avgnt.exe
19:50:36.0578 0x166c  avgnt - ok
19:50:36.0640 0x166c  [ 5120CD65A74A5E054FB2B0577688024C, 2C771743C797ED2F94E4C0CD7472D20532DB6C3E95DEB0DA4D14D6B5469EE273 ] C:\Program Files\Avira\Launcher\Avira.Systray.exe
19:50:36.0656 0x166c  Avira Systray - ok
19:50:36.0859 0x166c  [ 0DBE9F1DD2D6198A3DE94EB1DEBF6CEE, DAAC98F6CA6EC3E61D727BAE0E02B2C52E0CCF4B0110A9F13CE2DA086F7E0B18 ] C:\Program Files\Epson Software\FAX Utility\FUFAXRCV.exe
19:50:36.0875 0x166c  FUFAXRCV - ok
19:50:36.0984 0x166c  [ 8F12F29774281DE44A9F0FDA546FD98A, 8B7456619B77CBC6C5281099523B6B2440AD43B6401D3538031B93164F58E2EA ] C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe
19:50:37.0015 0x166c  FUFAXSTM - ok
19:50:37.0125 0x166c  [ 4ABA86D5B0D440F33BDBDBDAEA065C42, 434E035E4748D0E4CEB08E655FF9A1739FF7E0099CCCC42122A24736DE3DE7E3 ] C:\Program Files\Epson Software\Event Manager\EEventManager.exe
19:50:37.0156 0x166c  EEventManager - ok
19:50:37.0250 0x166c  [ B37B8C10EC80BA91930C445074032B1C, 29E2CABFE67D306F7E21BEF435BD78A33D184475837DC6AC145BFB9C16E499E5 ] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_TATIKLE.EXE
19:50:37.0265 0x166c  EPLTarget\P0000000000000002 - ok
19:50:37.0296 0x166c  [ 5F1D5F88303D4A4DBC8E5F97BA967CC3, 5FB24FC7916A6E6B3BE7D84CB1684215B266CD1495575C2E5672B8447932E5B1 ] C:\WINDOWS\system32\ctfmon.exe
19:50:37.0375 0x166c  ctfmon.exe - ok
19:50:37.0390 0x166c  Win FW state via NFM: enabled
19:50:39.0828 0x166c  ============================================================
19:50:39.0828 0x166c  Scan finished
19:50:39.0828 0x166c  ============================================================
19:50:39.0828 0x1160  Detected object count: 0
19:50:39.0828 0x1160  Actual detected object count: 0
 


  • 0

#20
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,025 posts
  • MVP

All logs are clean.  Does MBAM show an infection?  Can you post the log before you remove the infection?

 

You can try the free ESET scan and also the BitDefender scan and see if they find anything.

 

Use IE and go to http://eset.com/onlinescan and click on ESET online Scanner.  Accept the terms then press Start (If you get a warning from your browser tell it you want to run it).  

# Check Scan Archives
# Push the Start button.
# ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
# When the scan completes, push LIST OF THREATS FOUND
# Push EXPORT TO TEXT FILE , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
# Push the BACK button.
# Push Finish
# Once the scan is completed, you may close the window.
# Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
# Copy and paste that log as a reply.


Let's also try the bitdefender quickscan.

http://quickscan.bitdefender.com/

When it finishes there is a View Report option at the bottom.  Click on it and copy and paste the report (even if it says nothing found).
 


  • 0

#21
Johnonml

Johnonml

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts

I just ran MBAM and it found nothing.

 

If these scans are not catching anything significant at this point, is it possible we have removed the bad guys in the past 24 hours?

 

Last night at this time task manager was reporting CPU usage in the 60% to 70% range (now 1% to 2%), I couldn't open certain files, and my pc was acting abnormal. Then MBAM caught Siredef.c and several others (I believe there was a recycler) and Avira caught TR/Trash.gen several times. All I did before your help was run MBAB and Avira several more times, remove all temp files, and pick a fresh restore point while deleting all old restore points. If you are saying things look relatively clean after all of your help today...for which I am extremely grateful....should we bag any more effort and call it a day?


  • 0

#22
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,025 posts
  • MVP

Fine with me.  I never really saw anything really bad in your logs so MBAM may have fixed it.

 

You can uninstall or delete any tools we had you download and their logs.

If we ran Combofix:
To uninstall combofix, copy the next line:
 
"%userprofile%\Desktop\combofix.exe" /Uninstall

Start, Run, cmd, OK then right click, Paste, then hit Enter.




To hide hidden files again (If needed):

XP

# Close all programs so that you are at your desktop.
# Double-click on the My Computer icon.
# Select the Tools menu and click Folder Options.
# After the new window appears select the View tab.
# Uncheck the checkbox labeled Display the contents of system folders.
# Under the Hidden files and folders section select the 'Hide protected operating system files (recommended)' option.
# Check the checkbox labeled Hide protected operating system files.
# Press the Apply button and then the OK button and exit My Computer.

Special note on Java.  Old Java versions should be removed after first clearing the Java Cache by following the instructions in:
http://www.java.com/...lugin_cache.xml
Then remove the old versions by going to Control Panel, Programs and Features and Uninstall all Java programs which are not Java Version 8 update 51 or better.  These may call themselves: Java Runtime, Runtime Environment, Runtime, JRE, Java Virtual Machine, Virtual Machine, Java VM, JVM, VM, J2RE, J2SE.  Get the latest version from Java.com.  They will usually attempt to foist some garbage like the Ask toolbar, Yahoo toolbar or McAfee Security Scan on you as part of the download.  Just uncheck the garbage before the download (or install) starts.  If you use a 64-bit browser and want the 64-bit version of Java you need to use it to visit java.com.
Due to multiple security problems with Java we are now recommending that it not be installed unless you absolutely know you need it.  If that is the case then you should go in to Control panels, Java, Security and set the slider to the highest level.

Also make sure you have the latest versions of any adobe.com products you use like Shockwave, Flash or Acrobat.

Whether you use adobe reader, acrobat or fox-it to read pdf files you need to disable Javascript in the program.  There is an exploit out there now that can use it to get on your PC.  For Adobe Reader:  Start, All Programs, Adobe Reader, Edit, Preferences, Click on Javascript in the left column and uncheck Enable Acrobat Javascript.  OK Close program.  It's the same for Foxit reader except you uncheck Enable Javascript Actions.

To help keep your programs up-to-date you should download and run the UpdateChecker:
http://www.filehippo.../updatechecker/
(You don't need to download Betas and if there is a program you don't use you can just uninstall it rather than update it.    You can right click on the updatechecker icon (looks like a downward green arrowhead) and select Settings and tell it no betas.  If you don't use MSN Messenger I would not upgdate it.  MS installs a bunch of stuff when you do.  You can tell the program to not show you that update.)  Avast includes an update checker so you don't need filehippo if you have Avast.
If you use Firefox or Chrome then get the AdBlock Plus Add-on.  Adblock Plus is now available for IE too:
adblockplus.org

If Firefox or Chrome is slow loading make sure it only has the current Java add-on.  Then download and run Speedy Fox.
http://www.crystalidea.com/speedyfox.  Click on Optimize.  When it finishes click on Exit.

Be warned:  If you use Limewire, utorrent or any of the other P2P programs you will almost certain be coming back to the Malware Removal forum.  If you must use P2P then submit any files you get to http://virustotal.combefore you open them.

Due to a recent rise in the number of Crytolocker infections I am now recommending you install:

CryptoPrevent

http://www.foolishIT.../cryptoprevent/

The free version does not update on its own so you should check for updated versions once in a while.  I have had a few reports of this causing problems with other legitimate programs.  If this happens you can uninstall it like any other program.



If you have a router, log on to it today and change the default password!  If using a Wireless router you really should be using encryption on the link.  Use the strongest (newest) encryption method that your router and PC wireless adapter support especially if you own a business.  See http://www.king5.com...-120637284.htmland http://www.seattlepi...ted-1344185.php for why encryption is important.  If you don't know how, visit the router maker's website.  They all have detailed step by step instructions or a wizard you can download.


XP does not automatically run defrag so it needs to be done manually every couple of months or it will slow down.  http://support.microsoft.com/kb/314848


XP has been out a long time so most XP computers are starting to get clogged with dust.  This makes them overheat which will also slow them down.  To clean a desktop, shut it down but leave it plugged in.  Remove the lid or open it up and use a vacuum cleaner hose and a small brush to clean the air vents in the front and back and the fins of the heatsink and of the fans - including the fan of the power supply.  You may need to unscrew the four screws that hold the fan to the heatsink and lift the fan off to really clean the heatsink.  Start it up while the lid is off and watch the fan (after screwing it back down again if you removed it).  It should start up right away and be at full speed in no time (it may stop running shortly after starting - this is normal).  A fan that is slow starting or which makes noise is worn out and needs to be replaced.  Cleaning a laptop is unfortunately major surgery for most brands.  Make sure the vents are clear and that it is run on a hard surface.  Never on a bed or your lap as that blocks the air vents.  Propping up the back of a laptop with a book without blocking the air vents will make it run a bit cooler.  If you think it might be running hot you can get speedfan
http://www.filehippo...nload_speedfan/

Download, save and Install it then run it.

It will tell you your temps (if the PC is new enough).  If they seem hot (over 50) then check Automatic Fan Speed.
Leave it running and see if the temps drop.  If temps are over 80, the CPU will slow down to protect itself.  Disassembling a laptop to clean it isn't that hard.  There are usually YouTube videos for most brands that show you how to do it if you search for them.  Most times you just need some small screwdrivers and maybe a long nose pliers.  The hardest part is reassembling it and getting all of the screws in the right places so takes notes or lots of pictures.  If you take it apart then you should also pull the heatsink and clean it and replace the old thermal pads with Arctic Silver Thermal compound.  Amazon has a kit of cleaner and compound http://www.amazon.co...n/dp/B001FVI91Uwhich I have used.

 


  • 0

#23
Johnonml

Johnonml

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts

Wow! Great advice, RKinner. I plan to use all of that advice on this old XP and my future PCs. I'm also going to share with family and friends. Thanks for all of your help. You have been a blessing.

 

John


  • 0

#24
Johnonml

Johnonml

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts

augh!

 

Moments ago I got a blue screen that started with the warning that a problem has been detected and windows has been shut down to prevent damage to my pc. Do you think this could have anything to to with what has happened over the past few days? The issues listed in the error message brought up possible issues of adequate disk space, disabling or updating drivers, changing video adapters, BIOS updates, disabling BIOS memory options like caching or shadowing. It then did a dump of physical memory.

If it helps, I wrote down the error message/report.

I did restart my pc and it seems to be operating normally.

Any thoughts?

John


  • 0

#25
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,025 posts
  • MVP

Download BlueScreenView
http://www.nirsoft.n...creen_view.html

Double click on BlueScreenView.exe file to run the program.
When scanning is done, go Edit, Select All.

Go File, Save Selected Items, and save the report as BSOD.txt.
Open BSOD.txt in Notepad, copy all content, and paste it into your next reply.


  • 0

Advertisements


#26
Johnonml

Johnonml

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts

I hope I did this correctly. See below.

 

==================================================
Dump File         : Mini072815-01.dmp
Crash Time        : 7/28/2015 3:53:04 PM
Bug Check String  : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code    : 0x1000008e
Parameter 1       : 0xe0000001
Parameter 2       : 0xaae80925
Parameter 3       : 0xa8a6d8bc
Parameter 4       : 0x00000000
Caused By Driver  : watchdog.sys
Caused By Address : watchdog.sys+925
File Description  : Watchdog Driver
Product Name      : Microsoft® Windows® Operating System
Company           : Microsoft Corporation
File Version      : 5.1.2600.5512 (xpsp.080413-2108)
Processor         : 32-bit
Crash Address     : watchdog.sys+925
Stack Address 1   : nv4_disp.dll+249cd8
Stack Address 2   :
Stack Address 3   :
Computer Name     :
Full Path         : C:\WINDOWS\Minidump\Mini072815-01.dmp
Processors Count  : 4
Major Version     : 15
Minor Version     : 2600
Dump File Size    : 65,536
Dump File Time    : 7/28/2015 4:02:46 PM


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP