Page 3 of 4 FirstFirst 1234 LastLast
Results 21 to 30 of 38

Thread: I have a rootkit problem PLEASE HELP

  1. #21
    Junior Member
    Join Date
    Aug 2013
    Posts
    23

    Default

    I scaned my computer two times

    1-) internet access not available

    17:36:53.0234 0x0e84 TDSS rootkit removing tool 3.0.0.30 Apr 7 2014 15:39:12
    17:37:02.0466 0x0e84 ============================================================
    17:37:02.0466 0x0e84 Current date / time: 2014/04/07 17:37:02.0466
    17:37:02.0466 0x0e84 SystemInfo:
    17:37:02.0466 0x0e84
    17:37:02.0466 0x0e84 OS Version: 6.1.7601 ServicePack: 1.0
    17:37:02.0466 0x0e84 Product type: Workstation
    17:37:02.0466 0x0e84 ComputerName: ESMEN-PC
    17:37:02.0466 0x0e84 UserName: ESMEN
    17:37:02.0466 0x0e84 Windows directory: C:\Windows
    17:37:02.0466 0x0e84 System windows directory: C:\Windows
    17:37:02.0466 0x0e84 Running under WOW64
    17:37:02.0466 0x0e84 Processor architecture: Intel x64
    17:37:02.0466 0x0e84 Number of processors: 4
    17:37:02.0466 0x0e84 Page size: 0x1000
    17:37:02.0466 0x0e84 Boot type: Normal boot
    17:37:02.0466 0x0e84 ============================================================
    17:37:03.0696 0x0e84 KLMD registered as C:\Windows\system32\drivers\66413394.sys
    17:37:03.0738 0x0e84 System UUID: {1BE76FDF-5BB3-FE7F-1023-085BB72C6983}
    17:37:04.0127 0x0e84 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0x22DD3, SectorsPerTrack: 0x28, TracksPerCylinder: 0xAB, Type 'K0', Flags 0x00000040
    17:37:04.0150 0x0e84 ============================================================
    17:37:04.0150 0x0e84 \Device\Harddisk0\DR0:
    17:37:04.0151 0x0e84 MBR partitions:
    17:37:04.0151 0x0e84 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x200800, BlocksNum 0x1EAD1800
    17:37:04.0151 0x0e84 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1ECD2000, BlocksNum 0x1B6B3800
    17:37:04.0151 0x0e84 ============================================================
    17:37:04.0174 0x0e84 C: <-> \Device\Harddisk0\DR0\Partition1
    17:37:04.0199 0x0e84 D: <-> \Device\Harddisk0\DR0\Partition2
    17:37:04.0200 0x0e84 ============================================================
    17:37:04.0200 0x0e84 Initialize success
    17:37:04.0200 0x0e84 ============================================================
    17:37:42.0386 0x13cc ============================================================
    17:37:42.0386 0x13cc Scan started
    17:37:42.0387 0x13cc Mode: Manual; SigCheck; TDLFS;
    17:37:42.0387 0x13cc ============================================================
    17:37:42.0387 0x13cc KSN ping started
    17:37:45.0112 0x13cc KSN ping finished: true
    17:37:45.0700 0x13cc ================ Scan system memory ========================
    17:37:45.0700 0x13cc System memory - ok
    17:37:45.0700 0x13cc ================ Scan services =============================
    17:37:45.0825 0x13cc [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
    17:37:45.0934 0x13cc 1394ohci - ok
    17:37:45.0967 0x13cc [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
    17:37:45.0989 0x13cc ACPI - ok
    17:37:46.0022 0x13cc [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
    17:37:46.0060 0x13cc AcpiPmi - ok
    17:37:46.0121 0x13cc [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    17:37:46.0137 0x13cc AdobeARMservice - ok
    17:37:46.0179 0x13cc [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
    17:37:46.0208 0x13cc adp94xx - ok
    17:37:46.0231 0x13cc [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
    17:37:46.0253 0x13cc adpahci - ok
    17:37:46.0276 0x13cc [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
    17:37:46.0294 0x13cc adpu320 - ok
    17:37:46.0314 0x13cc [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
    17:37:46.0374 0x13cc AeLookupSvc - ok
    17:37:46.0424 0x13cc [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD C:\Windows\system32\drivers\afd.sys
    17:37:46.0481 0x13cc AFD - ok
    17:37:46.0517 0x13cc [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
    17:37:46.0531 0x13cc agp440 - ok
    17:37:46.0550 0x13cc [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
    17:37:46.0590 0x13cc ALG - ok
    17:37:46.0620 0x13cc [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
    17:37:46.0634 0x13cc aliide - ok
    17:37:46.0664 0x13cc [ A359974EAAC83A435497C52F62A2E590, 7A7AFFE1CCE8732C478AE3EA630AA46C94DE0DBFE19EE63E3FB99B0D3338F038 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
    17:37:46.0731 0x13cc AMD External Events Utility - ok
    17:37:46.0743 0x13cc [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
    17:37:46.0756 0x13cc amdide - ok
    17:37:46.0778 0x13cc [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
    17:37:46.0829 0x13cc AmdK8 - ok
    17:37:47.0108 0x13cc [ 60216B0E704584DE6D5A9F59E9C34C47, CC3E9F09FB28E50FDFCC5E6A996E28CB4E721DDDD50E23710DC74C5B0F7CE3E3 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
    17:37:47.0464 0x13cc amdkmdag - ok
    17:37:47.0512 0x13cc [ 6B4E9261B613B047A9A145F328889968, E5C6611E88381A9D40AD1CE80BFDDBDA733F4A8D3602AAE25A155D2C39B3B7FD ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
    17:37:47.0550 0x13cc amdkmdap - ok
    17:37:47.0570 0x13cc [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
    17:37:47.0587 0x13cc AmdPPM - ok
    17:37:47.0618 0x13cc [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
    17:37:47.0635 0x13cc amdsata - ok
    17:37:47.0662 0x13cc [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
    17:37:47.0680 0x13cc amdsbs - ok
    17:37:47.0695 0x13cc [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
    17:37:47.0709 0x13cc amdxata - ok
    17:37:47.0741 0x13cc [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
    17:37:47.0796 0x13cc AppID - ok
    17:37:47.0824 0x13cc [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
    17:37:47.0879 0x13cc AppIDSvc - ok
    17:37:47.0906 0x13cc [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
    17:37:47.0950 0x13cc Appinfo - ok
    17:37:47.0998 0x13cc [ 221564CC7BE37611FE15EACF443E1BF6, 381BDF17418C779D72332431BA174C2AD76CD9C7C1711FF5142EA9B05D5555E4 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    17:37:48.0011 0x13cc Apple Mobile Device - ok
    17:37:48.0034 0x13cc [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
    17:37:48.0086 0x13cc AppMgmt - ok
    17:37:48.0112 0x13cc [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
    17:37:48.0127 0x13cc arc - ok
    17:37:48.0138 0x13cc [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
    17:37:48.0154 0x13cc arcsas - ok
    17:37:48.0230 0x13cc [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
    17:37:48.0267 0x13cc aspnet_state - ok
    17:37:48.0293 0x13cc [ 60DD9BDD4F96FC4A1E4F528BC70EB630, 5F81F2D3873A132F2B52B6026891D95064D59F0E6FA6D3294687AA66602154F7 ] aswKbd C:\Windows\system32\drivers\aswKbd.sys
    17:37:48.0314 0x13cc aswKbd - ok
    17:37:48.0337 0x13cc [ 8BE618EB795A87DBFD1E09DA63F009C7, 87443A8DB2B4CA4CCA280E0BBB3EAFBD218F7B0B6485C304CAA6B0BFDCBEB3EC ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
    17:37:48.0351 0x13cc aswMonFlt - ok
    17:37:48.0397 0x13cc [ 693CB948002DD650C2CFA6BD58808FEE, C55EDDA28858523751E98A34E819E4DDEE6351A17D0BD1597959A3B70B00AB8C ] aswNdisFlt C:\Windows\system32\DRIVERS\aswNdisFlt.sys
    17:37:48.0421 0x13cc aswNdisFlt - ok
    17:37:48.0439 0x13cc [ D4259F75734EBCC8D815753B09EB2F0A, 93E06432F3E74B4CE606F4BECB80D11580FB72832630164427F36BD62C467103 ] aswRdr C:\Windows\system32\drivers\aswRdr2.sys
    17:37:48.0453 0x13cc aswRdr - ok
    17:37:48.0459 0x13cc [ 8D4B8BF93C65BDBC133B20706A3B5208, BBCC103F722434DE38FD4D3DF8D543478405E139C5923B0EDFBA80A6C2762AB2 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
    17:37:48.0473 0x13cc aswRvrt - ok
    17:37:48.0515 0x13cc [ AA0D1B47BE967E1E17301DDFB66C432C, 0283A503D9875C7D51288FAD28BC3F44E4637EDBBBFD968E51D4D505E3AE97B1 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
    17:37:48.0556 0x13cc aswSnx - ok
    17:37:48.0596 0x13cc [ 15C6B7D20EE0E44A4DF82183A89CCFC2, 8CCE561CF25A6ED686DDD15C6041B29A82EF52247AFAD937EA5ADBA61C6A18AF ] aswSP C:\Windows\system32\drivers\aswSP.sys
    17:37:48.0620 0x13cc aswSP - ok
    17:37:48.0637 0x13cc [ 81FA56F29440406A7264CBD7B1C7CB29, 704FAC64596D949C2F83AEE9E3B235CB3E9240EEF310361691CB213A30341141 ] aswStm C:\Windows\system32\drivers\aswStm.sys
    17:37:48.0651 0x13cc aswStm - ok
    17:37:48.0666 0x13cc [ 0606875650850B0697D662934529F6FC, BC0D7B83888F88966F2DFC0BC26D038290FFBA83079DC7C3B67272557DA3E25D ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
    17:37:48.0684 0x13cc aswVmm - ok
    17:37:48.0707 0x13cc [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
    17:37:48.0770 0x13cc AsyncMac - ok
    17:37:48.0791 0x13cc [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
    17:37:48.0804 0x13cc atapi - ok
    17:37:48.0825 0x13cc [ B63168E23AF172DD728C60F270F30D48, 1868CBF823DE3B2A8A5E431D9FF29C2E809932F004EBEEA523DA491466FA71DB ] Atc002 C:\Windows\system32\DRIVERS\l260x64.sys
    17:37:48.0856 0x13cc Atc002 - ok
    17:37:48.0899 0x13cc [ 37CB595C0AB20ECBFA5170D3185690DB, 23CA3DC63C35649021AAFF0721BA8A7DF546B5CD1530A35AAAC3E742A787A7D2 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
    17:37:48.0945 0x13cc AtiHDAudioService - ok
    17:37:49.0223 0x13cc [ 60216B0E704584DE6D5A9F59E9C34C47, CC3E9F09FB28E50FDFCC5E6A996E28CB4E721DDDD50E23710DC74C5B0F7CE3E3 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
    17:37:49.0492 0x13cc atikmdag - ok
    17:37:49.0551 0x13cc [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
    17:37:49.0632 0x13cc AudioEndpointBuilder - ok
    17:37:49.0653 0x13cc [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
    17:37:49.0706 0x13cc AudioSrv - ok
    17:37:49.0771 0x13cc [ BEA8D0FA8805CC2E6BB49728166699C7, 9A574A1E79DC2D472877443A92ACDA57A1206A2DAB3AF9110C844944EDC9D797 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    17:37:49.0785 0x13cc avast! Antivirus - ok
    17:37:49.0820 0x13cc [ D58C10AFF2B5C09D615623A4DAC0E330, 9C4BDD2A959288F6CFE9DA4E0E96409AC4462A0C224E0C27CB7906C53C7E1453 ] avast! Firewall C:\Program Files\AVAST Software\Avast\afwServ.exe
    17:37:49.0838 0x13cc avast! Firewall - ok
    17:37:49.0869 0x13cc [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
    17:37:49.0906 0x13cc AxInstSV - ok
    17:37:49.0946 0x13cc [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
    17:37:50.0001 0x13cc b06bdrv - ok
    17:37:50.0040 0x13cc [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
    17:37:50.0078 0x13cc b57nd60a - ok
    17:37:50.0117 0x13cc [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
    17:37:50.0149 0x13cc BDESVC - ok
    17:37:50.0170 0x13cc [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
    17:37:50.0229 0x13cc Beep - ok
    17:37:50.0275 0x13cc [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
    17:37:50.0326 0x13cc BFE - ok
    17:37:50.0365 0x13cc [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\system32\qmgr.dll
    17:37:50.0457 0x13cc BITS - ok
    17:37:50.0518 0x13cc [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
    17:37:50.0603 0x13cc blbdrive - ok
    17:37:50.0670 0x13cc [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
    17:37:50.0694 0x13cc Bonjour Service - ok
    17:37:50.0719 0x13cc [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
    17:37:50.0760 0x13cc bowser - ok
    17:37:50.0777 0x13cc [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
    17:37:50.0816 0x13cc BrFiltLo - ok
    17:37:50.0833 0x13cc [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
    17:37:50.0851 0x13cc BrFiltUp - ok
    17:37:50.0889 0x13cc [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
    17:37:50.0942 0x13cc BridgeMP - ok
    17:37:50.0967 0x13cc [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
    17:37:51.0005 0x13cc Browser - ok
    17:37:51.0030 0x13cc [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
    17:37:51.0061 0x13cc Brserid - ok
    17:37:51.0071 0x13cc [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
    17:37:51.0102 0x13cc BrSerWdm - ok
    17:37:51.0114 0x13cc [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
    17:37:51.0150 0x13cc BrUsbMdm - ok
    17:37:51.0155 0x13cc [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
    17:37:51.0171 0x13cc BrUsbSer - ok
    17:37:51.0190 0x13cc [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
    17:37:51.0220 0x13cc BTHMODEM - ok
    17:37:51.0330 0x13cc [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
    17:37:51.0414 0x13cc bthserv - ok
    17:37:51.0535 0x13cc [ BE531939BB6D153DB63DBBFBD398A713, CB63FD4051198A89EDB3CF45199F99F5816A672FA9374E166ED7A5D17ED47468 ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
    17:37:51.0607 0x13cc c2cautoupdatesvc - ok
    17:37:51.0668 0x13cc [ 33E9F08F675EF94633C8EF8A7C4EADF3, E1556CF27F7FB3B03EE63F3464F5EE92E7B09E67C5D8AA4A9346FEEBD716A152 ] c2cpnrsvc C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
    17:37:51.0739 0x13cc c2cpnrsvc - ok
    17:37:51.0762 0x13cc [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
    17:37:51.0828 0x13cc cdfs - ok
    17:37:51.0870 0x13cc [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\drivers\cdrom.sys
    17:37:51.0890 0x13cc cdrom - ok
    17:37:51.0926 0x13cc [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
    17:37:51.0978 0x13cc CertPropSvc - ok
    17:37:51.0995 0x13cc [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
    17:37:52.0027 0x13cc circlass - ok
    17:37:52.0065 0x13cc [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
    17:37:52.0089 0x13cc CLFS - ok
    17:37:52.0160 0x13cc [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    17:37:52.0180 0x13cc clr_optimization_v2.0.50727_32 - ok
    17:37:52.0223 0x13cc [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
    17:37:52.0240 0x13cc clr_optimization_v2.0.50727_64 - ok
    17:37:52.0295 0x13cc [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    17:37:52.0351 0x13cc clr_optimization_v4.0.30319_32 - ok
    17:37:52.0379 0x13cc [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
    17:37:52.0511 0x13cc clr_optimization_v4.0.30319_64 - ok
    17:37:52.0540 0x13cc [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
    17:37:52.0566 0x13cc CmBatt - ok
    17:37:52.0588 0x13cc [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
    17:37:52.0601 0x13cc cmdide - ok
    17:37:52.0638 0x13cc [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
    17:37:52.0682 0x13cc CNG - ok
    17:37:52.0697 0x13cc [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
    17:37:52.0712 0x13cc Compbatt - ok
    17:37:52.0748 0x13cc [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
    17:37:52.0788 0x13cc CompositeBus - ok
    17:37:52.0804 0x13cc COMSysApp - ok
    17:37:52.0816 0x13cc [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
    17:37:52.0830 0x13cc crcdisk - ok
    17:37:52.0863 0x13cc [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
    17:37:52.0907 0x13cc CryptSvc - ok
    17:37:52.0937 0x13cc [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
    17:37:52.0994 0x13cc CSC - ok
    17:37:53.0023 0x13cc [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
    17:37:53.0069 0x13cc CscService - ok
    17:37:53.0104 0x13cc [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
    17:37:53.0169 0x13cc DcomLaunch - ok
    17:37:53.0205 0x13cc [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
    17:37:53.0265 0x13cc defragsvc - ok
    17:37:53.0283 0x13cc [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
    17:37:53.0337 0x13cc DfsC - ok
    17:37:53.0388 0x13cc [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
    17:37:53.0451 0x13cc Dhcp - ok
    17:37:53.0474 0x13cc [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
    17:37:53.0528 0x13cc discache - ok
    17:37:53.0563 0x13cc [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
    17:37:53.0578 0x13cc Disk - ok
    17:37:53.0609 0x13cc [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
    17:37:53.0663 0x13cc Dnscache - ok
    17:37:53.0705 0x13cc [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
    17:37:53.0760 0x13cc dot3svc - ok
    17:37:53.0783 0x13cc [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
    17:37:53.0836 0x13cc DPS - ok
    17:37:53.0882 0x13cc [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
    17:37:53.0919 0x13cc drmkaud - ok
    17:37:53.0976 0x13cc [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
    17:37:54.0016 0x13cc DXGKrnl - ok
    17:37:54.0042 0x13cc [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
    17:37:54.0095 0x13cc EapHost - ok
    17:37:54.0210 0x13cc [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
    17:37:54.0360 0x13cc ebdrv - ok
    17:37:54.0388 0x13cc [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS C:\Windows\System32\lsass.exe
    17:37:54.0421 0x13cc EFS - ok
    17:37:54.0511 0x13cc [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
    17:37:54.0566 0x13cc ehRecvr - ok
    17:37:54.0617 0x13cc [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
    17:37:54.0671 0x13cc ehSched - ok
    17:37:54.0753 0x13cc [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
    17:37:54.0794 0x13cc elxstor - ok
    17:37:54.0813 0x13cc [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
    17:37:54.0849 0x13cc ErrDev - ok
    17:37:54.0893 0x13cc [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
    17:37:54.0970 0x13cc EventSystem - ok
    17:37:54.0988 0x13cc [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
    17:37:55.0050 0x13cc exfat - ok
    17:37:55.0076 0x13cc [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
    17:37:55.0149 0x13cc fastfat - ok
    17:37:55.0236 0x13cc [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
    17:37:55.0316 0x13cc Fax - ok
    17:37:55.0327 0x13cc [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
    17:37:55.0353 0x13cc fdc - ok
    17:37:55.0377 0x13cc [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
    17:37:55.0438 0x13cc fdPHost - ok
    17:37:55.0449 0x13cc [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
    17:37:55.0535 0x13cc FDResPub - ok
    17:37:55.0556 0x13cc [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
    17:37:55.0571 0x13cc FileInfo - ok
    17:37:55.0649 0x13cc [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
    17:37:55.0726 0x13cc Filetrace - ok
    17:37:55.0805 0x13cc [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
    17:37:55.0852 0x13cc flpydisk - ok
    17:37:55.0898 0x13cc [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
    17:37:55.0919 0x13cc FltMgr - ok
    17:37:55.0974 0x13cc [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
    17:37:56.0033 0x13cc FontCache - ok
    17:37:56.0069 0x13cc [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    17:37:56.0084 0x13cc FontCache3.0.0.0 - ok
    17:37:56.0113 0x13cc [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
    17:37:56.0128 0x13cc FsDepends - ok
    17:37:56.0146 0x13cc [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
    17:37:56.0161 0x13cc Fs_Rec - ok
    17:37:56.0185 0x13cc [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
    17:37:56.0207 0x13cc fvevol - ok
    17:37:56.0220 0x13cc [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
    17:37:56.0237 0x13cc gagp30kx - ok
    17:37:56.0260 0x13cc [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
    17:37:56.0272 0x13cc GEARAspiWDM - ok
    17:37:56.0310 0x13cc [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
    17:37:56.0380 0x13cc gpsvc - ok
    17:37:56.0431 0x13cc [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    17:37:56.0444 0x13cc gupdate - ok
    17:37:56.0450 0x13cc [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    17:37:56.0462 0x13cc gupdatem - ok
    17:37:56.0475 0x13cc [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
    17:37:56.0516 0x13cc hcw85cir - ok
    17:37:56.0549 0x13cc [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
    17:37:56.0579 0x13cc HdAudAddService - ok
    17:37:56.0608 0x13cc [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
    17:37:56.0638 0x13cc HDAudBus - ok
    17:37:56.0651 0x13cc [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
    17:37:56.0678 0x13cc HidBatt - ok
    17:37:56.0698 0x13cc [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
    17:37:56.0719 0x13cc HidBth - ok
    17:37:56.0735 0x13cc [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
    17:37:56.0756 0x13cc HidIr - ok
    17:37:56.0782 0x13cc [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\System32\hidserv.dll
    17:37:56.0868 0x13cc hidserv - ok
    17:37:56.0888 0x13cc [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\drivers\hidusb.sys
    17:37:56.0917 0x13cc HidUsb - ok
    17:37:56.0945 0x13cc [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
    17:37:56.0995 0x13cc hkmsvc - ok
    17:37:57.0026 0x13cc [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
    17:37:57.0074 0x13cc HomeGroupListener - ok
    17:37:57.0091 0x13cc [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
    17:37:57.0128 0x13cc HomeGroupProvider - ok
    17:37:57.0171 0x13cc [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
    17:37:57.0193 0x13cc HpSAMD - ok
    17:37:57.0274 0x13cc HPSLPSVC - ok
    17:37:57.0319 0x13cc [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
    17:37:57.0396 0x13cc HTTP - ok
    17:37:57.0422 0x13cc [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
    17:37:57.0435 0x13cc hwpolicy - ok
    17:37:57.0471 0x13cc [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
    17:37:57.0490 0x13cc i8042prt - ok
    17:37:57.0538 0x13cc [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
    17:37:57.0564 0x13cc iaStorV - ok
    17:37:57.0595 0x13cc [ 929DF302F15BFE24AC66EF45D858C413, 7FC0142EABEB74344D85D3912BC311F37D4136F24C93572E5199E25B40646615 ] IDMWFP C:\Windows\system32\DRIVERS\idmwfp.sys
    17:37:57.0612 0x13cc IDMWFP - ok
    17:37:57.0661 0x13cc [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
    17:37:57.0696 0x13cc idsvc - ok
    17:37:57.0703 0x13cc IEEtwCollectorService - ok
    17:37:57.0755 0x13cc [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
    17:37:57.0770 0x13cc iirsp - ok
    17:37:57.0814 0x13cc [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
    17:37:57.0870 0x13cc IKEEXT - ok
    17:37:57.0899 0x13cc [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
    17:37:57.0913 0x13cc intelide - ok
    17:37:57.0954 0x13cc [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
    17:37:57.0991 0x13cc intelppm - ok
    17:37:58.0025 0x13cc [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
    17:37:58.0085 0x13cc IPBusEnum - ok
    17:37:58.0113 0x13cc [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
    17:37:58.0161 0x13cc IpFilterDriver - ok
    17:37:58.0202 0x13cc [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
    17:37:58.0235 0x13cc iphlpsvc - ok
    17:37:58.0259 0x13cc [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
    17:37:58.0290 0x13cc IPMIDRV - ok
    17:37:58.0320 0x13cc [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
    17:37:58.0371 0x13cc IPNAT - ok
    17:37:58.0423 0x13cc [ 842D1EDD0F2A6E0E6631BB96BAAA01DE, 9CDD0B99F2C5DAD573A9EA8D5AB2DBFD7A941454CBBA5BFE34E49F2D4EE96A90 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
    17:37:58.0452 0x13cc iPod Service - ok
    17:37:58.0474 0x13cc [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
    17:37:58.0504 0x13cc IRENUM - ok
    17:37:58.0530 0x13cc [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
    17:37:58.0543 0x13cc isapnp - ok
    17:37:58.0562 0x13cc [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
    17:37:58.0583 0x13cc iScsiPrt - ok
    17:37:58.0602 0x13cc [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
    17:37:58.0617 0x13cc kbdclass - ok
    17:37:58.0631 0x13cc [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
    17:37:58.0660 0x13cc kbdhid - ok
    17:37:58.0683 0x13cc [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso C:\Windows\system32\lsass.exe
    17:37:58.0707 0x13cc KeyIso - ok
    17:37:58.0733 0x13cc [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
    17:37:58.0970 0x13cc KSecDD - ok
    17:37:59.0007 0x13cc [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
    17:37:59.0027 0x13cc KSecPkg - ok
    17:37:59.0069 0x13cc [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
    17:37:59.0121 0x13cc ksthunk - ok
    17:37:59.0154 0x13cc [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
    17:37:59.0214 0x13cc KtmRm - ok
    17:37:59.0257 0x13cc [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\System32\srvsvc.dll
    17:37:59.0317 0x13cc LanmanServer - ok
    17:37:59.0345 0x13cc [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
    17:37:59.0404 0x13cc LanmanWorkstation - ok
    17:37:59.0437 0x13cc [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
    17:37:59.0487 0x13cc lltdio - ok
    17:37:59.0517 0x13cc [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
    17:37:59.0574 0x13cc lltdsvc - ok
    17:37:59.0588 0x13cc [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
    17:37:59.0628 0x13cc lmhosts - ok
    17:37:59.0660 0x13cc [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
    17:37:59.0676 0x13cc LSI_FC - ok
    17:37:59.0684 0x13cc [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
    17:37:59.0700 0x13cc LSI_SAS - ok
    17:37:59.0716 0x13cc [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
    17:37:59.0731 0x13cc LSI_SAS2 - ok
    17:37:59.0747 0x13cc [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
    17:37:59.0763 0x13cc LSI_SCSI - ok
    17:37:59.0780 0x13cc [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
    17:37:59.0832 0x13cc luafv - ok
    17:37:59.0854 0x13cc [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
    17:37:59.0874 0x13cc Mcx2Svc - ok
    17:37:59.0891 0x13cc [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
    17:37:59.0906 0x13cc megasas - ok
    17:37:59.0923 0x13cc [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
    17:37:59.0946 0x13cc MegaSR - ok
    17:37:59.0998 0x13cc Microsoft SharePoint Workspace Audit Service - ok
    17:38:00.0013 0x13cc [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
    17:38:00.0072 0x13cc MMCSS - ok
    17:38:00.0085 0x13cc [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
    17:38:00.0133 0x13cc Modem - ok
    17:38:00.0151 0x13cc [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
    17:38:00.0184 0x13cc monitor - ok
    17:38:00.0211 0x13cc [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\drivers\mouclass.sys
    17:38:00.0227 0x13cc mouclass - ok
    17:38:00.0241 0x13cc [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
    17:38:00.0268 0x13cc mouhid - ok
    17:38:00.0291 0x13cc [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
    17:38:00.0307 0x13cc mountmgr - ok
    17:38:00.0327 0x13cc [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
    17:38:00.0346 0x13cc mpio - ok
    17:38:00.0367 0x13cc [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
    17:38:00.0408 0x13cc mpsdrv - ok
    17:38:00.0452 0x13cc [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
    17:38:00.0526 0x13cc MpsSvc - ok
    17:38:00.0560 0x13cc [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
    17:38:00.0598 0x13cc MRxDAV - ok
    17:38:00.0621 0x13cc [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
    17:38:00.0655 0x13cc mrxsmb - ok
    17:38:00.0680 0x13cc [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
    17:38:00.0718 0x13cc mrxsmb10 - ok
    17:38:00.0744 0x13cc [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
    17:38:00.0763 0x13cc mrxsmb20 - ok
    17:38:00.0788 0x13cc [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
    17:38:00.0802 0x13cc msahci - ok

  2. #22
    Junior Member
    Join Date
    Aug 2013
    Posts
    23

    Default

    17:38:00.0831 0x13cc [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
    17:38:00.0849 0x13cc msdsm - ok
    17:38:00.0876 0x13cc [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
    17:38:00.0937 0x13cc MSDTC - ok
    17:38:00.0980 0x13cc [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
    17:38:01.0039 0x13cc Msfs - ok
    17:38:01.0051 0x13cc [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
    17:38:01.0089 0x13cc mshidkmdf - ok
    17:38:01.0116 0x13cc [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
    17:38:01.0129 0x13cc msisadrv - ok
    17:38:01.0157 0x13cc [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
    17:38:01.0212 0x13cc MSiSCSI - ok
    17:38:01.0217 0x13cc msiserver - ok
    17:38:01.0246 0x13cc [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
    17:38:01.0299 0x13cc MSKSSRV - ok
    17:38:01.0320 0x13cc [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
    17:38:01.0373 0x13cc MSPCLOCK - ok
    17:38:01.0379 0x13cc [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
    17:38:01.0425 0x13cc MSPQM - ok
    17:38:01.0460 0x13cc [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
    17:38:01.0483 0x13cc MsRPC - ok
    17:38:01.0501 0x13cc [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
    17:38:01.0514 0x13cc mssmbios - ok
    17:38:01.0528 0x13cc [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
    17:38:01.0580 0x13cc MSTEE - ok
    17:38:01.0585 0x13cc [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
    17:38:01.0600 0x13cc MTConfig - ok
    17:38:01.0630 0x13cc [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
    17:38:01.0644 0x13cc Mup - ok
    17:38:01.0670 0x13cc [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
    17:38:01.0733 0x13cc napagent - ok
    17:38:01.0762 0x13cc [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
    17:38:01.0805 0x13cc NativeWifiP - ok
    17:38:01.0863 0x13cc [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
    17:38:01.0903 0x13cc NDIS - ok
    17:38:01.0920 0x13cc [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
    17:38:01.0959 0x13cc NdisCap - ok
    17:38:01.0985 0x13cc [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
    17:38:02.0041 0x13cc NdisTapi - ok
    17:38:02.0075 0x13cc [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
    17:38:02.0122 0x13cc Ndisuio - ok
    17:38:02.0152 0x13cc [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
    17:38:02.0206 0x13cc NdisWan - ok
    17:38:02.0221 0x13cc [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
    17:38:02.0259 0x13cc NDProxy - ok
    17:38:02.0271 0x13cc [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
    17:38:02.0323 0x13cc NetBIOS - ok
    17:38:02.0357 0x13cc [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
    17:38:02.0417 0x13cc NetBT - ok
    17:38:02.0437 0x13cc [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon C:\Windows\system32\lsass.exe
    17:38:02.0455 0x13cc Netlogon - ok
    17:38:02.0489 0x13cc [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
    17:38:02.0553 0x13cc Netman - ok
    17:38:02.0587 0x13cc [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    17:38:02.0615 0x13cc NetMsmqActivator - ok
    17:38:02.0622 0x13cc [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    17:38:02.0639 0x13cc NetPipeActivator - ok
    17:38:02.0656 0x13cc [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
    17:38:02.0725 0x13cc netprofm - ok
    17:38:02.0733 0x13cc [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    17:38:02.0751 0x13cc NetTcpActivator - ok
    17:38:02.0758 0x13cc [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    17:38:02.0777 0x13cc NetTcpPortSharing - ok
    17:38:02.0805 0x13cc [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
    17:38:02.0820 0x13cc nfrd960 - ok
    17:38:02.0845 0x13cc [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
    17:38:02.0882 0x13cc NlaSvc - ok
    17:38:02.0904 0x13cc [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
    17:38:02.0943 0x13cc Npfs - ok
    17:38:02.0968 0x13cc [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
    17:38:03.0017 0x13cc nsi - ok
    17:38:03.0037 0x13cc [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
    17:38:03.0075 0x13cc nsiproxy - ok
    17:38:03.0142 0x13cc [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
    17:38:03.0214 0x13cc Ntfs - ok
    17:38:03.0231 0x13cc [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
    17:38:03.0278 0x13cc Null - ok
    17:38:03.0313 0x13cc [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
    17:38:03.0330 0x13cc nvraid - ok
    17:38:03.0357 0x13cc [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
    17:38:03.0375 0x13cc nvstor - ok
    17:38:03.0400 0x13cc [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
    17:38:03.0416 0x13cc nv_agp - ok
    17:38:03.0446 0x13cc [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
    17:38:03.0463 0x13cc ohci1394 - ok
    17:38:03.0504 0x13cc [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
    17:38:03.0519 0x13cc ose - ok
    17:38:03.0684 0x13cc [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    17:38:03.0865 0x13cc osppsvc - ok
    17:38:03.0909 0x13cc [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
    17:38:03.0949 0x13cc p2pimsvc - ok
    17:38:03.0986 0x13cc [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
    17:38:04.0018 0x13cc p2psvc - ok
    17:38:04.0047 0x13cc [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
    17:38:04.0065 0x13cc Parport - ok
    17:38:04.0094 0x13cc [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
    17:38:04.0109 0x13cc partmgr - ok
    17:38:04.0122 0x13cc [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
    17:38:04.0158 0x13cc PcaSvc - ok
    17:38:04.0193 0x13cc [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
    17:38:04.0212 0x13cc pci - ok
    17:38:04.0233 0x13cc [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
    17:38:04.0247 0x13cc pciide - ok
    17:38:04.0272 0x13cc [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
    17:38:04.0292 0x13cc pcmcia - ok
    17:38:04.0308 0x13cc [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
    17:38:04.0323 0x13cc pcw - ok
    17:38:04.0347 0x13cc [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
    17:38:04.0414 0x13cc PEAUTH - ok
    17:38:04.0473 0x13cc [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
    17:38:04.0556 0x13cc PeerDistSvc - ok
    17:38:04.0611 0x13cc [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
    17:38:04.0634 0x13cc PerfHost - ok
    17:38:04.0712 0x13cc [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
    17:38:04.0849 0x13cc pla - ok
    17:38:04.0893 0x13cc [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
    17:38:04.0942 0x13cc PlugPlay - ok
    17:38:04.0964 0x13cc [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
    17:38:04.0997 0x13cc PNRPAutoReg - ok
    17:38:05.0024 0x13cc [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
    17:38:05.0051 0x13cc PNRPsvc - ok
    17:38:05.0081 0x13cc [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
    17:38:05.0146 0x13cc PolicyAgent - ok
    17:38:05.0178 0x13cc [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
    17:38:05.0238 0x13cc Power - ok
    17:38:05.0262 0x13cc [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
    17:38:05.0301 0x13cc PptpMiniport - ok
    17:38:05.0316 0x13cc [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
    17:38:05.0334 0x13cc Processor - ok
    17:38:05.0359 0x13cc [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
    17:38:05.0409 0x13cc ProfSvc - ok
    17:38:05.0426 0x13cc [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
    17:38:05.0443 0x13cc ProtectedStorage - ok
    17:38:05.0466 0x13cc [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
    17:38:05.0515 0x13cc Psched - ok
    17:38:05.0589 0x13cc [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
    17:38:05.0655 0x13cc ql2300 - ok
    17:38:05.0672 0x13cc [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
    17:38:05.0688 0x13cc ql40xx - ok
    17:38:05.0706 0x13cc [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
    17:38:05.0735 0x13cc QWAVE - ok
    17:38:05.0746 0x13cc [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
    17:38:05.0775 0x13cc QWAVEdrv - ok
    17:38:05.0801 0x13cc [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
    17:38:05.0839 0x13cc RasAcd - ok
    17:38:05.0865 0x13cc [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
    17:38:05.0915 0x13cc RasAgileVpn - ok
    17:38:05.0937 0x13cc [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
    17:38:05.0990 0x13cc RasAuto - ok
    17:38:06.0021 0x13cc [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
    17:38:06.0086 0x13cc Rasl2tp - ok
    17:38:06.0115 0x13cc [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
    17:38:06.0163 0x13cc RasMan - ok
    17:38:06.0178 0x13cc [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
    17:38:06.0232 0x13cc RasPppoe - ok
    17:38:06.0267 0x13cc [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
    17:38:06.0318 0x13cc RasSstp - ok
    17:38:06.0352 0x13cc [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
    17:38:06.0408 0x13cc rdbss - ok
    17:38:06.0423 0x13cc [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
    17:38:06.0451 0x13cc rdpbus - ok
    17:38:06.0464 0x13cc [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
    17:38:06.0502 0x13cc RDPCDD - ok
    17:38:06.0530 0x13cc [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
    17:38:06.0558 0x13cc RDPDR - ok
    17:38:06.0586 0x13cc [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
    17:38:06.0624 0x13cc RDPENCDD - ok
    17:38:06.0638 0x13cc [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
    17:38:06.0686 0x13cc RDPREFMP - ok
    17:38:06.0734 0x13cc [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
    17:38:06.0771 0x13cc RdpVideoMiniport - ok
    17:38:06.0795 0x13cc [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
    17:38:06.0832 0x13cc RDPWD - ok
    17:38:06.0866 0x13cc [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
    17:38:06.0887 0x13cc rdyboost - ok
    17:38:06.0907 0x13cc [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
    17:38:06.0949 0x13cc RemoteAccess - ok
    17:38:06.0974 0x13cc [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
    17:38:07.0031 0x13cc RemoteRegistry - ok
    17:38:07.0056 0x13cc [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
    17:38:07.0113 0x13cc RpcEptMapper - ok
    17:38:07.0132 0x13cc [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
    17:38:07.0158 0x13cc RpcLocator - ok
    17:38:07.0190 0x13cc [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
    17:38:07.0241 0x13cc RpcSs - ok
    17:38:07.0264 0x13cc [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
    17:38:07.0317 0x13cc rspndr - ok
    17:38:07.0341 0x13cc [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
    17:38:07.0357 0x13cc s3cap - ok
    17:38:07.0366 0x13cc [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs C:\Windows\system32\lsass.exe
    17:38:07.0383 0x13cc SamSs - ok
    17:38:07.0404 0x13cc [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
    17:38:07.0419 0x13cc sbp2port - ok
    17:38:07.0443 0x13cc [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
    17:38:07.0499 0x13cc SCardSvr - ok
    17:38:07.0525 0x13cc [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
    17:38:07.0577 0x13cc scfilter - ok
    17:38:07.0634 0x13cc [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
    17:38:07.0722 0x13cc Schedule - ok
    17:38:07.0759 0x13cc [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
    17:38:07.0797 0x13cc SCPolicySvc - ok
    17:38:07.0822 0x13cc [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
    17:38:07.0845 0x13cc SDRSVC - ok
    17:38:07.0993 0x13cc [ 98EF79CC2B07398AC525F9EA1AE0366F, D0D5D69696ED339F363024AF3271867F4C55572C67FD0F2AA27D24B37982E39A ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
    17:38:08.0140 0x13cc SDScannerService - ok
    17:38:08.0195 0x13cc [ 14BF6B3AB327D519ED007CDDC56F6900, 4E5DC4AF45347C885E0E87F205EE1F95BB4713A0B581CD7317FBEEE2A9628982 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
    17:38:08.0239 0x13cc SDUpdateService - ok
    17:38:08.0269 0x13cc [ 820EBE67AB99F033FDE25B2692157991, A9E86FE6EFD3CFD4EA1A26121C706335A6791CC6F81EE98AE2BE7EA566ECFEBB ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
    17:38:08.0287 0x13cc SDWSCService - ok
    17:38:08.0316 0x13cc [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
    17:38:08.0354 0x13cc secdrv - ok
    17:38:08.0372 0x13cc [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
    17:38:08.0421 0x13cc seclogon - ok
    17:38:08.0446 0x13cc [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\system32\sens.dll
    17:38:08.0499 0x13cc SENS - ok
    17:38:08.0518 0x13cc [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
    17:38:08.0546 0x13cc SensrSvc - ok
    17:38:08.0571 0x13cc [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
    17:38:08.0601 0x13cc Serenum - ok
    17:38:08.0624 0x13cc [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
    17:38:08.0643 0x13cc Serial - ok
    17:38:08.0677 0x13cc [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
    17:38:08.0704 0x13cc sermouse - ok
    17:38:08.0741 0x13cc [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
    17:38:08.0793 0x13cc SessionEnv - ok
    17:38:08.0817 0x13cc [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
    17:38:08.0846 0x13cc sffdisk - ok
    17:38:08.0862 0x13cc [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
    17:38:08.0897 0x13cc sffp_mmc - ok
    17:38:08.0915 0x13cc [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
    17:38:08.0944 0x13cc sffp_sd - ok
    17:38:08.0968 0x13cc [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
    17:38:08.0984 0x13cc sfloppy - ok
    17:38:09.0009 0x13cc [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
    17:38:09.0070 0x13cc SharedAccess - ok
    17:38:09.0100 0x13cc [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
    17:38:09.0164 0x13cc ShellHWDetection - ok
    17:38:09.0184 0x13cc [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
    17:38:09.0198 0x13cc SiSRaid2 - ok
    17:38:09.0209 0x13cc [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
    17:38:09.0225 0x13cc SiSRaid4 - ok
    17:38:09.0263 0x13cc [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
    17:38:09.0282 0x13cc SkypeUpdate - ok
    17:38:09.0298 0x13cc [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
    17:38:09.0347 0x13cc Smb - ok
    17:38:09.0376 0x13cc [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
    17:38:09.0409 0x13cc SNMPTRAP - ok
    17:38:09.0427 0x13cc [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
    17:38:09.0441 0x13cc spldr - ok
    17:38:09.0469 0x13cc [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
    17:38:09.0513 0x13cc Spooler - ok
    17:38:09.0687 0x13cc [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
    17:38:09.0908 0x13cc sppsvc - ok
    17:38:09.0924 0x13cc [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
    17:38:09.0977 0x13cc sppuinotify - ok
    17:38:10.0011 0x13cc [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
    17:38:10.0056 0x13cc srv - ok
    17:38:10.0094 0x13cc [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
    17:38:10.0122 0x13cc srv2 - ok
    17:38:10.0138 0x13cc [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
    17:38:10.0172 0x13cc srvnet - ok
    17:38:10.0197 0x13cc [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
    17:38:10.0259 0x13cc SSDPSRV - ok
    17:38:10.0273 0x13cc [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
    17:38:10.0315 0x13cc SstpSvc - ok
    17:38:10.0330 0x13cc [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
    17:38:10.0345 0x13cc stexstor - ok
    17:38:10.0388 0x13cc [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
    17:38:10.0443 0x13cc stisvc - ok
    17:38:10.0484 0x13cc [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
    17:38:10.0499 0x13cc storflt - ok
    17:38:10.0511 0x13cc [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
    17:38:10.0525 0x13cc storvsc - ok
    17:38:10.0553 0x13cc [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
    17:38:10.0567 0x13cc swenum - ok
    17:38:10.0586 0x13cc [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
    17:38:10.0655 0x13cc swprv - ok
    17:38:10.0673 0x13cc Synth3dVsc - ok
    17:38:10.0737 0x13cc [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
    17:38:10.0840 0x13cc SysMain - ok
    17:38:10.0866 0x13cc [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
    17:38:10.0902 0x13cc TabletInputService - ok
    17:38:10.0930 0x13cc [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
    17:38:10.0988 0x13cc TapiSrv - ok
    17:38:11.0011 0x13cc [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
    17:38:11.0052 0x13cc TBS - ok
    17:38:11.0171 0x13cc [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip C:\Windows\system32\drivers\tcpip.sys
    17:38:11.0290 0x13cc Tcpip - ok
    17:38:11.0358 0x13cc [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
    17:38:11.0415 0x13cc TCPIP6 - ok
    17:38:11.0443 0x13cc [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
    17:38:11.0471 0x13cc tcpipreg - ok
    17:38:11.0496 0x13cc [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
    17:38:11.0527 0x13cc TDPIPE - ok
    17:38:11.0554 0x13cc [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
    17:38:11.0580 0x13cc TDTCP - ok
    17:38:11.0611 0x13cc [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
    17:38:11.0655 0x13cc tdx - ok
    17:38:11.0676 0x13cc [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
    17:38:11.0690 0x13cc TermDD - ok
    17:38:11.0720 0x13cc [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
    17:38:11.0779 0x13cc TermService - ok
    17:38:11.0800 0x13cc [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
    17:38:11.0838 0x13cc Themes - ok
    17:38:11.0859 0x13cc [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
    17:38:11.0899 0x13cc THREADORDER - ok
    17:38:11.0916 0x13cc [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
    17:38:11.0972 0x13cc TrkWks - ok
    17:38:12.0013 0x13cc [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
    17:38:12.0069 0x13cc TrustedInstaller - ok
    17:38:12.0096 0x13cc [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
    17:38:12.0132 0x13cc tssecsrv - ok
    17:38:12.0154 0x13cc [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
    17:38:12.0198 0x13cc TsUsbFlt - ok
    17:38:12.0206 0x13cc tsusbhub - ok
    17:38:12.0234 0x13cc [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
    17:38:12.0274 0x13cc tunnel - ok
    17:38:12.0293 0x13cc [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
    17:38:12.0308 0x13cc uagp35 - ok
    17:38:12.0334 0x13cc [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
    17:38:12.0390 0x13cc udfs - ok
    17:38:12.0417 0x13cc [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
    17:38:12.0438 0x13cc UI0Detect - ok
    17:38:12.0456 0x13cc [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
    17:38:12.0471 0x13cc uliagpkx - ok
    17:38:12.0496 0x13cc [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
    17:38:12.0524 0x13cc umbus - ok
    17:38:12.0542 0x13cc [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
    17:38:12.0569 0x13cc UmPass - ok
    17:38:12.0600 0x13cc [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
    17:38:12.0624 0x13cc UmRdpService - ok
    17:38:12.0645 0x13cc [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
    17:38:12.0709 0x13cc upnphost - ok
    17:38:12.0734 0x13cc [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
    17:38:12.0776 0x13cc USBAAPL64 - ok
    17:38:12.0797 0x13cc [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
    17:38:12.0831 0x13cc usbccgp - ok
    17:38:12.0868 0x13cc [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
    17:38:12.0907 0x13cc usbcir - ok
    17:38:12.0926 0x13cc [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
    17:38:12.0953 0x13cc usbehci - ok
    17:38:12.0981 0x13cc [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
    17:38:13.0017 0x13cc usbhub - ok
    17:38:13.0032 0x13cc [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
    17:38:13.0058 0x13cc usbohci - ok
    17:38:13.0086 0x13cc [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
    17:38:13.0118 0x13cc usbprint - ok
    17:38:13.0141 0x13cc [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
    17:38:13.0172 0x13cc USBSTOR - ok
    17:38:13.0191 0x13cc [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
    17:38:13.0207 0x13cc usbuhci - ok
    17:38:13.0228 0x13cc [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
    17:38:13.0276 0x13cc usbvideo - ok
    17:38:13.0294 0x13cc [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
    17:38:13.0350 0x13cc UxSms - ok
    17:38:13.0368 0x13cc [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc C:\Windows\system32\lsass.exe
    17:38:13.0384 0x13cc VaultSvc - ok
    17:38:13.0413 0x13cc [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
    17:38:13.0427 0x13cc vdrvroot - ok
    17:38:13.0460 0x13cc [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
    17:38:13.0515 0x13cc vds - ok
    17:38:13.0537 0x13cc [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
    17:38:13.0557 0x13cc vga - ok
    17:38:13.0580 0x13cc [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
    17:38:13.0633 0x13cc VgaSave - ok
    17:38:13.0653 0x13cc VGPU - ok
    17:38:13.0677 0x13cc [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
    17:38:13.0695 0x13cc vhdmp - ok
    17:38:13.0794 0x13cc [ A427E990AAF60801489E527447EA5947, CD69587056E1B41799C575A0AFD6BDE4DA411DF20FE395C1180DB735B2C4E77D ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
    17:38:13.0883 0x13cc VIAHdAudAddService - ok
    17:38:13.0907 0x13cc [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
    17:38:13.0920 0x13cc viaide - ok
    17:38:13.0933 0x13cc [ 6B34F3220E4AE5D77BD42CEA94EB3892, 6BBED3FBD52935B0ECEA3A9B5B0A4B44214636840AE1EBB65AE1089B3F0C0500 ] VIAKaraokeService C:\Windows\system32\viakaraokesrv.exe
    17:38:13.0950 0x13cc VIAKaraokeService - ok
    17:38:13.0965 0x13cc [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
    17:38:13.0983 0x13cc vmbus - ok
    17:38:14.0001 0x13cc [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
    17:38:14.0028 0x13cc VMBusHID - ok
    17:38:14.0042 0x13cc [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
    17:38:14.0057 0x13cc volmgr - ok
    17:38:14.0084 0x13cc [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
    17:38:14.0106 0x13cc volmgrx - ok
    17:38:14.0123 0x13cc [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
    17:38:14.0144 0x13cc volsnap - ok
    17:38:14.0174 0x13cc [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
    17:38:14.0192 0x13cc vsmraid - ok
    17:38:14.0256 0x13cc [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
    17:38:14.0368 0x13cc VSS - ok
    17:38:14.0387 0x13cc [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
    17:38:14.0422 0x13cc vwifibus - ok
    17:38:14.0453 0x13cc [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
    17:38:14.0517 0x13cc W32Time - ok
    17:38:14.0540 0x13cc [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
    17:38:14.0568 0x13cc WacomPen - ok
    17:38:14.0600 0x13cc [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
    17:38:14.0649 0x13cc WANARP - ok
    17:38:14.0655 0x13cc [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
    17:38:14.0693 0x13cc Wanarpv6 - ok
    17:38:14.0764 0x13cc [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
    17:38:14.0822 0x13cc WatAdminSvc - ok
    17:38:14.0890 0x13cc [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
    17:38:14.0966 0x13cc wbengine - ok
    17:38:14.0989 0x13cc [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
    17:38:15.0018 0x13cc WbioSrvc - ok
    17:38:15.0047 0x13cc [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
    17:38:15.0094 0x13cc wcncsvc - ok
    17:38:15.0111 0x13cc [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
    17:38:15.0141 0x13cc WcsPlugInService - ok
    17:38:15.0162 0x13cc [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
    17:38:15.0176 0x13cc Wd - ok
    17:38:15.0214 0x13cc [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
    17:38:15.0250 0x13cc Wdf01000 - ok
    17:38:15.0272 0x13cc [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
    17:38:15.0360 0x13cc WdiServiceHost - ok
    17:38:15.0365 0x13cc [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
    17:38:15.0393 0x13cc WdiSystemHost - ok
    17:38:15.0418 0x13cc [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
    17:38:15.0444 0x13cc WebClient - ok
    17:38:15.0457 0x13cc [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
    17:38:15.0516 0x13cc Wecsvc - ok
    17:38:15.0536 0x13cc [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
    17:38:15.0578 0x13cc wercplsupport - ok
    17:38:15.0592 0x13cc [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
    17:38:15.0645 0x13cc WerSvc - ok
    17:38:15.0678 0x13cc [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
    17:38:15.0715 0x13cc WfpLwf - ok
    17:38:15.0730 0x13cc [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
    17:38:15.0744 0x13cc WIMMount - ok
    17:38:15.0757 0x13cc WinDefend - ok
    17:38:15.0764 0x13cc WinHttpAutoProxySvc - ok
    17:38:15.0810 0x13cc [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
    17:38:15.0858 0x13cc Winmgmt - ok
    17:38:15.0930 0x13cc [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
    17:38:16.0049 0x13cc WinRM - ok
    17:38:16.0092 0x13cc [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
    17:38:16.0126 0x13cc WinUsb - ok
    17:38:16.0176 0x13cc [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
    17:38:16.0236 0x13cc Wlansvc - ok
    17:38:16.0273 0x13cc [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
    17:38:16.0305 0x13cc WmiAcpi - ok
    17:38:16.0353 0x13cc [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
    17:38:16.0434 0x13cc wmiApSrv - ok
    17:38:16.0457 0x13cc WMPNetworkSvc - ok
    17:38:16.0471 0x13cc [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
    17:38:16.0499 0x13cc WPCSvc - ok
    17:38:16.0523 0x13cc [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
    17:38:16.0545 0x13cc WPDBusEnum - ok
    17:38:16.0560 0x13cc [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
    17:38:16.0610 0x13cc ws2ifsl - ok
    17:38:16.0628 0x13cc [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\system32\wscsvc.dll
    17:38:16.0666 0x13cc wscsvc - ok
    17:38:16.0670 0x13cc WSearch - ok
    17:38:16.0767 0x13cc [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
    17:38:16.0867 0x13cc wuauserv - ok
    17:38:16.0896 0x13cc [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
    17:38:16.0942 0x13cc WudfPf - ok
    17:38:16.0970 0x13cc [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
    17:38:17.0003 0x13cc WUDFRd - ok
    17:38:17.0020 0x13cc [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
    17:38:17.0052 0x13cc wudfsvc - ok
    17:38:17.0081 0x13cc [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
    17:38:17.0135 0x13cc WwanSvc - ok
    17:38:17.0149 0x13cc ================ Scan global ===============================
    17:38:17.0170 0x13cc [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
    17:38:17.0199 0x13cc [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
    17:38:17.0217 0x13cc [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
    17:38:17.0247 0x13cc [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
    17:38:17.0264 0x13cc [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
    17:38:17.0275 0x13cc [ Global ] - ok
    17:38:17.0276 0x13cc ================ Scan MBR ==================================
    17:38:17.0284 0x13cc [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
    17:38:17.0501 0x13cc \Device\Harddisk0\DR0 - ok
    17:38:17.0501 0x13cc ================ Scan VBR ==================================
    17:38:17.0504 0x13cc [ 826EB766CF8485757E348521E62B0AAF ] \Device\Harddisk0\DR0\Partition1
    17:38:17.0506 0x13cc \Device\Harddisk0\DR0\Partition1 - ok
    17:38:17.0509 0x13cc [ 92A2AB3B62FA8C4968B7BF66BAC67207 ] \Device\Harddisk0\DR0\Partition2
    17:38:17.0529 0x13cc \Device\Harddisk0\DR0\Partition2 - ok
    17:38:17.0645 0x13cc AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2016.330 ), 0x40000 ( disabled : updated )
    17:38:17.0647 0x13cc FW detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2016.330 ), 0x40010 ( disabled )
    17:38:17.0663 0x13cc Win FW state via NFP2: enabled
    17:38:17.0664 0x13cc ============================================================
    17:38:17.0664 0x13cc Scan finished
    17:38:17.0664 0x13cc ============================================================
    17:38:17.0673 0x02f8 Detected object count: 0
    17:38:17.0673 0x02f8 Actual detected object count: 0

  3. #23
    Junior Member
    Join Date
    Aug 2013
    Posts
    23

    Default

    2-) internet access available
    17:36:53.0234 0x0e84 TDSS rootkit removing tool 3.0.0.30 Apr 7 2014 15:39:12
    17:37:02.0466 0x0e84 ============================================================
    17:37:02.0466 0x0e84 Current date / time: 2014/04/07 17:37:02.0466
    17:37:02.0466 0x0e84 SystemInfo:
    17:37:02.0466 0x0e84
    17:37:02.0466 0x0e84 OS Version: 6.1.7601 ServicePack: 1.0
    17:37:02.0466 0x0e84 Product type: Workstation
    17:37:02.0466 0x0e84 ComputerName: ESMEN-PC
    17:37:02.0466 0x0e84 UserName: ESMEN
    17:37:02.0466 0x0e84 Windows directory: C:\Windows
    17:37:02.0466 0x0e84 System windows directory: C:\Windows
    17:37:02.0466 0x0e84 Running under WOW64
    17:37:02.0466 0x0e84 Processor architecture: Intel x64
    17:37:02.0466 0x0e84 Number of processors: 4
    17:37:02.0466 0x0e84 Page size: 0x1000
    17:37:02.0466 0x0e84 Boot type: Normal boot
    17:37:02.0466 0x0e84 ============================================================
    17:37:03.0696 0x0e84 KLMD registered as C:\Windows\system32\drivers\66413394.sys
    17:37:03.0738 0x0e84 System UUID: {1BE76FDF-5BB3-FE7F-1023-085BB72C6983}
    17:37:04.0127 0x0e84 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0x22DD3, SectorsPerTrack: 0x28, TracksPerCylinder: 0xAB, Type 'K0', Flags 0x00000040
    17:37:04.0150 0x0e84 ============================================================
    17:37:04.0150 0x0e84 \Device\Harddisk0\DR0:
    17:37:04.0151 0x0e84 MBR partitions:
    17:37:04.0151 0x0e84 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x200800, BlocksNum 0x1EAD1800
    17:37:04.0151 0x0e84 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1ECD2000, BlocksNum 0x1B6B3800
    17:37:04.0151 0x0e84 ============================================================
    17:37:04.0174 0x0e84 C: <-> \Device\Harddisk0\DR0\Partition1
    17:37:04.0199 0x0e84 D: <-> \Device\Harddisk0\DR0\Partition2
    17:37:04.0200 0x0e84 ============================================================
    17:37:04.0200 0x0e84 Initialize success
    17:37:04.0200 0x0e84 ============================================================
    17:37:42.0386 0x13cc ============================================================
    17:37:42.0386 0x13cc Scan started
    17:37:42.0387 0x13cc Mode: Manual; SigCheck; TDLFS;
    17:37:42.0387 0x13cc ============================================================
    17:37:42.0387 0x13cc KSN ping started
    17:37:45.0112 0x13cc KSN ping finished: true
    17:37:45.0700 0x13cc ================ Scan system memory ========================
    17:37:45.0700 0x13cc System memory - ok
    17:37:45.0700 0x13cc ================ Scan services =============================
    17:37:45.0825 0x13cc [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
    17:37:45.0934 0x13cc 1394ohci - ok
    17:37:45.0967 0x13cc [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
    17:37:45.0989 0x13cc ACPI - ok
    17:37:46.0022 0x13cc [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
    17:37:46.0060 0x13cc AcpiPmi - ok
    17:37:46.0121 0x13cc [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    17:37:46.0137 0x13cc AdobeARMservice - ok
    17:37:46.0179 0x13cc [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
    17:37:46.0208 0x13cc adp94xx - ok
    17:37:46.0231 0x13cc [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
    17:37:46.0253 0x13cc adpahci - ok
    17:37:46.0276 0x13cc [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
    17:37:46.0294 0x13cc adpu320 - ok
    17:37:46.0314 0x13cc [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
    17:37:46.0374 0x13cc AeLookupSvc - ok
    17:37:46.0424 0x13cc [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD C:\Windows\system32\drivers\afd.sys
    17:37:46.0481 0x13cc AFD - ok
    17:37:46.0517 0x13cc [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
    17:37:46.0531 0x13cc agp440 - ok
    17:37:46.0550 0x13cc [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
    17:37:46.0590 0x13cc ALG - ok
    17:37:46.0620 0x13cc [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
    17:37:46.0634 0x13cc aliide - ok
    17:37:46.0664 0x13cc [ A359974EAAC83A435497C52F62A2E590, 7A7AFFE1CCE8732C478AE3EA630AA46C94DE0DBFE19EE63E3FB99B0D3338F038 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
    17:37:46.0731 0x13cc AMD External Events Utility - ok
    17:37:46.0743 0x13cc [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
    17:37:46.0756 0x13cc amdide - ok
    17:37:46.0778 0x13cc [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
    17:37:46.0829 0x13cc AmdK8 - ok
    17:37:47.0108 0x13cc [ 60216B0E704584DE6D5A9F59E9C34C47, CC3E9F09FB28E50FDFCC5E6A996E28CB4E721DDDD50E23710DC74C5B0F7CE3E3 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
    17:37:47.0464 0x13cc amdkmdag - ok
    17:37:47.0512 0x13cc [ 6B4E9261B613B047A9A145F328889968, E5C6611E88381A9D40AD1CE80BFDDBDA733F4A8D3602AAE25A155D2C39B3B7FD ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
    17:37:47.0550 0x13cc amdkmdap - ok
    17:37:47.0570 0x13cc [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
    17:37:47.0587 0x13cc AmdPPM - ok
    17:37:47.0618 0x13cc [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
    17:37:47.0635 0x13cc amdsata - ok
    17:37:47.0662 0x13cc [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
    17:37:47.0680 0x13cc amdsbs - ok
    17:37:47.0695 0x13cc [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
    17:37:47.0709 0x13cc amdxata - ok
    17:37:47.0741 0x13cc [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
    17:37:47.0796 0x13cc AppID - ok
    17:37:47.0824 0x13cc [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
    17:37:47.0879 0x13cc AppIDSvc - ok
    17:37:47.0906 0x13cc [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
    17:37:47.0950 0x13cc Appinfo - ok
    17:37:47.0998 0x13cc [ 221564CC7BE37611FE15EACF443E1BF6, 381BDF17418C779D72332431BA174C2AD76CD9C7C1711FF5142EA9B05D5555E4 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    17:37:48.0011 0x13cc Apple Mobile Device - ok
    17:37:48.0034 0x13cc [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
    17:37:48.0086 0x13cc AppMgmt - ok
    17:37:48.0112 0x13cc [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
    17:37:48.0127 0x13cc arc - ok
    17:37:48.0138 0x13cc [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
    17:37:48.0154 0x13cc arcsas - ok
    17:37:48.0230 0x13cc [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
    17:37:48.0267 0x13cc aspnet_state - ok
    17:37:48.0293 0x13cc [ 60DD9BDD4F96FC4A1E4F528BC70EB630, 5F81F2D3873A132F2B52B6026891D95064D59F0E6FA6D3294687AA66602154F7 ] aswKbd C:\Windows\system32\drivers\aswKbd.sys
    17:37:48.0314 0x13cc aswKbd - ok
    17:37:48.0337 0x13cc [ 8BE618EB795A87DBFD1E09DA63F009C7, 87443A8DB2B4CA4CCA280E0BBB3EAFBD218F7B0B6485C304CAA6B0BFDCBEB3EC ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
    17:37:48.0351 0x13cc aswMonFlt - ok
    17:37:48.0397 0x13cc [ 693CB948002DD650C2CFA6BD58808FEE, C55EDDA28858523751E98A34E819E4DDEE6351A17D0BD1597959A3B70B00AB8C ] aswNdisFlt C:\Windows\system32\DRIVERS\aswNdisFlt.sys
    17:37:48.0421 0x13cc aswNdisFlt - ok
    17:37:48.0439 0x13cc [ D4259F75734EBCC8D815753B09EB2F0A, 93E06432F3E74B4CE606F4BECB80D11580FB72832630164427F36BD62C467103 ] aswRdr C:\Windows\system32\drivers\aswRdr2.sys
    17:37:48.0453 0x13cc aswRdr - ok
    17:37:48.0459 0x13cc [ 8D4B8BF93C65BDBC133B20706A3B5208, BBCC103F722434DE38FD4D3DF8D543478405E139C5923B0EDFBA80A6C2762AB2 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
    17:37:48.0473 0x13cc aswRvrt - ok
    17:37:48.0515 0x13cc [ AA0D1B47BE967E1E17301DDFB66C432C, 0283A503D9875C7D51288FAD28BC3F44E4637EDBBBFD968E51D4D505E3AE97B1 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
    17:37:48.0556 0x13cc aswSnx - ok
    17:37:48.0596 0x13cc [ 15C6B7D20EE0E44A4DF82183A89CCFC2, 8CCE561CF25A6ED686DDD15C6041B29A82EF52247AFAD937EA5ADBA61C6A18AF ] aswSP C:\Windows\system32\drivers\aswSP.sys
    17:37:48.0620 0x13cc aswSP - ok
    17:37:48.0637 0x13cc [ 81FA56F29440406A7264CBD7B1C7CB29, 704FAC64596D949C2F83AEE9E3B235CB3E9240EEF310361691CB213A30341141 ] aswStm C:\Windows\system32\drivers\aswStm.sys
    17:37:48.0651 0x13cc aswStm - ok
    17:37:48.0666 0x13cc [ 0606875650850B0697D662934529F6FC, BC0D7B83888F88966F2DFC0BC26D038290FFBA83079DC7C3B67272557DA3E25D ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
    17:37:48.0684 0x13cc aswVmm - ok
    17:37:48.0707 0x13cc [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
    17:37:48.0770 0x13cc AsyncMac - ok
    17:37:48.0791 0x13cc [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
    17:37:48.0804 0x13cc atapi - ok
    17:37:48.0825 0x13cc [ B63168E23AF172DD728C60F270F30D48, 1868CBF823DE3B2A8A5E431D9FF29C2E809932F004EBEEA523DA491466FA71DB ] Atc002 C:\Windows\system32\DRIVERS\l260x64.sys
    17:37:48.0856 0x13cc Atc002 - ok
    17:37:48.0899 0x13cc [ 37CB595C0AB20ECBFA5170D3185690DB, 23CA3DC63C35649021AAFF0721BA8A7DF546B5CD1530A35AAAC3E742A787A7D2 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
    17:37:48.0945 0x13cc AtiHDAudioService - ok
    17:37:49.0223 0x13cc [ 60216B0E704584DE6D5A9F59E9C34C47, CC3E9F09FB28E50FDFCC5E6A996E28CB4E721DDDD50E23710DC74C5B0F7CE3E3 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
    17:37:49.0492 0x13cc atikmdag - ok
    17:37:49.0551 0x13cc [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
    17:37:49.0632 0x13cc AudioEndpointBuilder - ok
    17:37:49.0653 0x13cc [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
    17:37:49.0706 0x13cc AudioSrv - ok
    17:37:49.0771 0x13cc [ BEA8D0FA8805CC2E6BB49728166699C7, 9A574A1E79DC2D472877443A92ACDA57A1206A2DAB3AF9110C844944EDC9D797 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    17:37:49.0785 0x13cc avast! Antivirus - ok
    17:37:49.0820 0x13cc [ D58C10AFF2B5C09D615623A4DAC0E330, 9C4BDD2A959288F6CFE9DA4E0E96409AC4462A0C224E0C27CB7906C53C7E1453 ] avast! Firewall C:\Program Files\AVAST Software\Avast\afwServ.exe
    17:37:49.0838 0x13cc avast! Firewall - ok
    17:37:49.0869 0x13cc [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
    17:37:49.0906 0x13cc AxInstSV - ok
    17:37:49.0946 0x13cc [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
    17:37:50.0001 0x13cc b06bdrv - ok
    17:37:50.0040 0x13cc [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
    17:37:50.0078 0x13cc b57nd60a - ok
    17:37:50.0117 0x13cc [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
    17:37:50.0149 0x13cc BDESVC - ok
    17:37:50.0170 0x13cc [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
    17:37:50.0229 0x13cc Beep - ok
    17:37:50.0275 0x13cc [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
    17:37:50.0326 0x13cc BFE - ok
    17:37:50.0365 0x13cc [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\system32\qmgr.dll
    17:37:50.0457 0x13cc BITS - ok
    17:37:50.0518 0x13cc [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
    17:37:50.0603 0x13cc blbdrive - ok
    17:37:50.0670 0x13cc [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
    17:37:50.0694 0x13cc Bonjour Service - ok
    17:37:50.0719 0x13cc [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
    17:37:50.0760 0x13cc bowser - ok
    17:37:50.0777 0x13cc [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
    17:37:50.0816 0x13cc BrFiltLo - ok
    17:37:50.0833 0x13cc [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
    17:37:50.0851 0x13cc BrFiltUp - ok
    17:37:50.0889 0x13cc [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
    17:37:50.0942 0x13cc BridgeMP - ok
    17:37:50.0967 0x13cc [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
    17:37:51.0005 0x13cc Browser - ok
    17:37:51.0030 0x13cc [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
    17:37:51.0061 0x13cc Brserid - ok
    17:37:51.0071 0x13cc [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
    17:37:51.0102 0x13cc BrSerWdm - ok
    17:37:51.0114 0x13cc [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
    17:37:51.0150 0x13cc BrUsbMdm - ok
    17:37:51.0155 0x13cc [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
    17:37:51.0171 0x13cc BrUsbSer - ok
    17:37:51.0190 0x13cc [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
    17:37:51.0220 0x13cc BTHMODEM - ok
    17:37:51.0330 0x13cc [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
    17:37:51.0414 0x13cc bthserv - ok
    17:37:51.0535 0x13cc [ BE531939BB6D153DB63DBBFBD398A713, CB63FD4051198A89EDB3CF45199F99F5816A672FA9374E166ED7A5D17ED47468 ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
    17:37:51.0607 0x13cc c2cautoupdatesvc - ok
    17:37:51.0668 0x13cc [ 33E9F08F675EF94633C8EF8A7C4EADF3, E1556CF27F7FB3B03EE63F3464F5EE92E7B09E67C5D8AA4A9346FEEBD716A152 ] c2cpnrsvc C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
    17:37:51.0739 0x13cc c2cpnrsvc - ok
    17:37:51.0762 0x13cc [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
    17:37:51.0828 0x13cc cdfs - ok
    17:37:51.0870 0x13cc [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\drivers\cdrom.sys
    17:37:51.0890 0x13cc cdrom - ok
    17:37:51.0926 0x13cc [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
    17:37:51.0978 0x13cc CertPropSvc - ok
    17:37:51.0995 0x13cc [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
    17:37:52.0027 0x13cc circlass - ok
    17:37:52.0065 0x13cc [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
    17:37:52.0089 0x13cc CLFS - ok
    17:37:52.0160 0x13cc [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    17:37:52.0180 0x13cc clr_optimization_v2.0.50727_32 - ok
    17:37:52.0223 0x13cc [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
    17:37:52.0240 0x13cc clr_optimization_v2.0.50727_64 - ok
    17:37:52.0295 0x13cc [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    17:37:52.0351 0x13cc clr_optimization_v4.0.30319_32 - ok
    17:37:52.0379 0x13cc [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
    17:37:52.0511 0x13cc clr_optimization_v4.0.30319_64 - ok
    17:37:52.0540 0x13cc [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
    17:37:52.0566 0x13cc CmBatt - ok
    17:37:52.0588 0x13cc [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
    17:37:52.0601 0x13cc cmdide - ok
    17:37:52.0638 0x13cc [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
    17:37:52.0682 0x13cc CNG - ok
    17:37:52.0697 0x13cc [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
    17:37:52.0712 0x13cc Compbatt - ok
    17:37:52.0748 0x13cc [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
    17:37:52.0788 0x13cc CompositeBus - ok
    17:37:52.0804 0x13cc COMSysApp - ok
    17:37:52.0816 0x13cc [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
    17:37:52.0830 0x13cc crcdisk - ok
    17:37:52.0863 0x13cc [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
    17:37:52.0907 0x13cc CryptSvc - ok
    17:37:52.0937 0x13cc [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
    17:37:52.0994 0x13cc CSC - ok
    17:37:53.0023 0x13cc [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
    17:37:53.0069 0x13cc CscService - ok
    17:37:53.0104 0x13cc [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
    17:37:53.0169 0x13cc DcomLaunch - ok
    17:37:53.0205 0x13cc [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
    17:37:53.0265 0x13cc defragsvc - ok
    17:37:53.0283 0x13cc [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
    17:37:53.0337 0x13cc DfsC - ok
    17:37:53.0388 0x13cc [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
    17:37:53.0451 0x13cc Dhcp - ok
    17:37:53.0474 0x13cc [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
    17:37:53.0528 0x13cc discache - ok
    17:37:53.0563 0x13cc [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
    17:37:53.0578 0x13cc Disk - ok
    17:37:53.0609 0x13cc [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
    17:37:53.0663 0x13cc Dnscache - ok
    17:37:53.0705 0x13cc [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
    17:37:53.0760 0x13cc dot3svc - ok
    17:37:53.0783 0x13cc [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
    17:37:53.0836 0x13cc DPS - ok
    17:37:53.0882 0x13cc [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
    17:37:53.0919 0x13cc drmkaud - ok
    17:37:53.0976 0x13cc [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
    17:37:54.0016 0x13cc DXGKrnl - ok
    17:37:54.0042 0x13cc [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
    17:37:54.0095 0x13cc EapHost - ok
    17:37:54.0210 0x13cc [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
    17:37:54.0360 0x13cc ebdrv - ok
    17:37:54.0388 0x13cc [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS C:\Windows\System32\lsass.exe
    17:37:54.0421 0x13cc EFS - ok
    17:37:54.0511 0x13cc [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
    17:37:54.0566 0x13cc ehRecvr - ok
    17:37:54.0617 0x13cc [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
    17:37:54.0671 0x13cc ehSched - ok
    17:37:54.0753 0x13cc [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
    17:37:54.0794 0x13cc elxstor - ok
    17:37:54.0813 0x13cc [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
    17:37:54.0849 0x13cc ErrDev - ok
    17:37:54.0893 0x13cc [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
    17:37:54.0970 0x13cc EventSystem - ok
    17:37:54.0988 0x13cc [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
    17:37:55.0050 0x13cc exfat - ok
    17:37:55.0076 0x13cc [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
    17:37:55.0149 0x13cc fastfat - ok
    17:37:55.0236 0x13cc [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
    17:37:55.0316 0x13cc Fax - ok
    17:37:55.0327 0x13cc [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
    17:37:55.0353 0x13cc fdc - ok
    17:37:55.0377 0x13cc [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
    17:37:55.0438 0x13cc fdPHost - ok
    17:37:55.0449 0x13cc [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
    17:37:55.0535 0x13cc FDResPub - ok
    17:37:55.0556 0x13cc [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
    17:37:55.0571 0x13cc FileInfo - ok
    17:37:55.0649 0x13cc [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
    17:37:55.0726 0x13cc Filetrace - ok
    17:37:55.0805 0x13cc [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
    17:37:55.0852 0x13cc flpydisk - ok
    17:37:55.0898 0x13cc [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
    17:37:55.0919 0x13cc FltMgr - ok
    17:37:55.0974 0x13cc [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
    17:37:56.0033 0x13cc FontCache - ok
    17:37:56.0069 0x13cc [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    17:37:56.0084 0x13cc FontCache3.0.0.0 - ok
    17:37:56.0113 0x13cc [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
    17:37:56.0128 0x13cc FsDepends - ok
    17:37:56.0146 0x13cc [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
    17:37:56.0161 0x13cc Fs_Rec - ok
    17:37:56.0185 0x13cc [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
    17:37:56.0207 0x13cc fvevol - ok
    17:37:56.0220 0x13cc [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
    17:37:56.0237 0x13cc gagp30kx - ok
    17:37:56.0260 0x13cc [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
    17:37:56.0272 0x13cc GEARAspiWDM - ok
    17:37:56.0310 0x13cc [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
    17:37:56.0380 0x13cc gpsvc - ok
    17:37:56.0431 0x13cc [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    17:37:56.0444 0x13cc gupdate - ok
    17:37:56.0450 0x13cc [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    17:37:56.0462 0x13cc gupdatem - ok
    17:37:56.0475 0x13cc [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
    17:37:56.0516 0x13cc hcw85cir - ok
    17:37:56.0549 0x13cc [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
    17:37:56.0579 0x13cc HdAudAddService - ok
    17:37:56.0608 0x13cc [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
    17:37:56.0638 0x13cc HDAudBus - ok
    17:37:56.0651 0x13cc [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
    17:37:56.0678 0x13cc HidBatt - ok
    17:37:56.0698 0x13cc [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
    17:37:56.0719 0x13cc HidBth - ok
    17:37:56.0735 0x13cc [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
    17:37:56.0756 0x13cc HidIr - ok
    17:37:56.0782 0x13cc [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\System32\hidserv.dll
    17:37:56.0868 0x13cc hidserv - ok
    17:37:56.0888 0x13cc [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\drivers\hidusb.sys
    17:37:56.0917 0x13cc HidUsb - ok
    17:37:56.0945 0x13cc [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
    17:37:56.0995 0x13cc hkmsvc - ok
    17:37:57.0026 0x13cc [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
    17:37:57.0074 0x13cc HomeGroupListener - ok
    17:37:57.0091 0x13cc [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
    17:37:57.0128 0x13cc HomeGroupProvider - ok
    17:37:57.0171 0x13cc [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
    17:37:57.0193 0x13cc HpSAMD - ok
    17:37:57.0274 0x13cc HPSLPSVC - ok
    17:37:57.0319 0x13cc [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
    17:37:57.0396 0x13cc HTTP - ok
    17:37:57.0422 0x13cc [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
    17:37:57.0435 0x13cc hwpolicy - ok
    17:37:57.0471 0x13cc [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
    17:37:57.0490 0x13cc i8042prt - ok
    17:37:57.0538 0x13cc [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
    17:37:57.0564 0x13cc iaStorV - ok
    17:37:57.0595 0x13cc [ 929DF302F15BFE24AC66EF45D858C413, 7FC0142EABEB74344D85D3912BC311F37D4136F24C93572E5199E25B40646615 ] IDMWFP C:\Windows\system32\DRIVERS\idmwfp.sys
    17:37:57.0612 0x13cc IDMWFP - ok
    17:37:57.0661 0x13cc [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
    17:37:57.0696 0x13cc idsvc - ok
    17:37:57.0703 0x13cc IEEtwCollectorService - ok
    17:37:57.0755 0x13cc [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
    17:37:57.0770 0x13cc iirsp - ok
    17:37:57.0814 0x13cc [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
    17:37:57.0870 0x13cc IKEEXT - ok
    17:37:57.0899 0x13cc [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
    17:37:57.0913 0x13cc intelide - ok
    17:37:57.0954 0x13cc [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
    17:37:57.0991 0x13cc intelppm - ok
    17:37:58.0025 0x13cc [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
    17:37:58.0085 0x13cc IPBusEnum - ok
    17:37:58.0113 0x13cc [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
    17:37:58.0161 0x13cc IpFilterDriver - ok
    17:37:58.0202 0x13cc [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
    17:37:58.0235 0x13cc iphlpsvc - ok
    17:37:58.0259 0x13cc [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
    17:37:58.0290 0x13cc IPMIDRV - ok
    17:37:58.0320 0x13cc [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
    17:37:58.0371 0x13cc IPNAT - ok
    17:37:58.0423 0x13cc [ 842D1EDD0F2A6E0E6631BB96BAAA01DE, 9CDD0B99F2C5DAD573A9EA8D5AB2DBFD7A941454CBBA5BFE34E49F2D4EE96A90 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
    17:37:58.0452 0x13cc iPod Service - ok
    17:37:58.0474 0x13cc [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
    17:37:58.0504 0x13cc IRENUM - ok
    17:37:58.0530 0x13cc [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
    17:37:58.0543 0x13cc isapnp - ok
    17:37:58.0562 0x13cc [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
    17:37:58.0583 0x13cc iScsiPrt - ok
    17:37:58.0602 0x13cc [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
    17:37:58.0617 0x13cc kbdclass - ok
    17:37:58.0631 0x13cc [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
    17:37:58.0660 0x13cc kbdhid - ok
    17:37:58.0683 0x13cc [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso C:\Windows\system32\lsass.exe
    17:37:58.0707 0x13cc KeyIso - ok
    17:37:58.0733 0x13cc [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
    17:37:58.0970 0x13cc KSecDD - ok
    17:37:59.0007 0x13cc [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
    17:37:59.0027 0x13cc KSecPkg - ok
    17:37:59.0069 0x13cc [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
    17:37:59.0121 0x13cc ksthunk - ok
    17:37:59.0154 0x13cc [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
    17:37:59.0214 0x13cc KtmRm - ok
    17:37:59.0257 0x13cc [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\System32\srvsvc.dll
    17:37:59.0317 0x13cc LanmanServer - ok
    17:37:59.0345 0x13cc [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
    17:37:59.0404 0x13cc LanmanWorkstation - ok
    17:37:59.0437 0x13cc [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
    17:37:59.0487 0x13cc lltdio - ok
    17:37:59.0517 0x13cc [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
    17:37:59.0574 0x13cc lltdsvc - ok
    17:37:59.0588 0x13cc [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
    17:37:59.0628 0x13cc lmhosts - ok
    17:37:59.0660 0x13cc [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
    17:37:59.0676 0x13cc LSI_FC - ok
    17:37:59.0684 0x13cc [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
    17:37:59.0700 0x13cc LSI_SAS - ok
    17:37:59.0716 0x13cc [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
    17:37:59.0731 0x13cc LSI_SAS2 - ok
    17:37:59.0747 0x13cc [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
    17:37:59.0763 0x13cc LSI_SCSI - ok
    17:37:59.0780 0x13cc [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
    17:37:59.0832 0x13cc luafv - ok
    17:37:59.0854 0x13cc [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
    17:37:59.0874 0x13cc Mcx2Svc - ok
    17:37:59.0891 0x13cc [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
    17:37:59.0906 0x13cc megasas - ok
    17:37:59.0923 0x13cc [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
    17:37:59.0946 0x13cc MegaSR - ok
    17:37:59.0998 0x13cc Microsoft SharePoint Workspace Audit Service - ok
    17:38:00.0013 0x13cc [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
    17:38:00.0072 0x13cc MMCSS - ok
    17:38:00.0085 0x13cc [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
    17:38:00.0133 0x13cc Modem - ok
    17:38:00.0151 0x13cc [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
    17:38:00.0184 0x13cc monitor - ok
    17:38:00.0211 0x13cc [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\drivers\mouclass.sys
    17:38:00.0227 0x13cc mouclass - ok
    17:38:00.0241 0x13cc [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
    17:38:00.0268 0x13cc mouhid - ok
    17:38:00.0291 0x13cc [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
    17:38:00.0307 0x13cc mountmgr - ok
    17:38:00.0327 0x13cc [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
    17:38:00.0346 0x13cc mpio - ok
    17:38:00.0367 0x13cc [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
    17:38:00.0408 0x13cc mpsdrv - ok
    17:38:00.0452 0x13cc [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
    17:38:00.0526 0x13cc MpsSvc - ok
    17:38:00.0560 0x13cc [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
    17:38:00.0598 0x13cc MRxDAV - ok
    17:38:00.0621 0x13cc [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
    17:38:00.0655 0x13cc mrxsmb - ok
    17:38:00.0680 0x13cc [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
    17:38:00.0718 0x13cc mrxsmb10 - ok
    17:38:00.0744 0x13cc [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
    17:38:00.0763 0x13cc mrxsmb20 - ok
    17:38:00.0788 0x13cc [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
    17:38:00.0802 0x13cc msahci - ok
    17:38:00.0831 0x13cc [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
    17:38:00.0849 0x13cc msdsm - ok
    17:38:00.0876 0x13cc [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
    17:38:00.0937 0x13cc MSDTC - ok
    17:38:00.0980 0x13cc [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
    17:38:01.0039 0x13cc Msfs - ok
    17:38:01.0051 0x13cc [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
    17:38:01.0089 0x13cc mshidkmdf - ok
    17:38:01.0116 0x13cc [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
    17:38:01.0129 0x13cc msisadrv - ok
    17:38:01.0157 0x13cc [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
    17:38:01.0212 0x13cc MSiSCSI - ok
    17:38:01.0217 0x13cc msiserver - ok
    17:38:01.0246 0x13cc [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
    17:38:01.0299 0x13cc MSKSSRV - ok

  4. #24
    Junior Member
    Join Date
    Aug 2013
    Posts
    23

    Default

    17:38:01.0320 0x13cc [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
    17:38:01.0373 0x13cc MSPCLOCK - ok
    17:38:01.0379 0x13cc [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
    17:38:01.0425 0x13cc MSPQM - ok
    17:38:01.0460 0x13cc [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
    17:38:01.0483 0x13cc MsRPC - ok
    17:38:01.0501 0x13cc [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
    17:38:01.0514 0x13cc mssmbios - ok
    17:38:01.0528 0x13cc [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
    17:38:01.0580 0x13cc MSTEE - ok
    17:38:01.0585 0x13cc [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
    17:38:01.0600 0x13cc MTConfig - ok
    17:38:01.0630 0x13cc [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
    17:38:01.0644 0x13cc Mup - ok
    17:38:01.0670 0x13cc [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
    17:38:01.0733 0x13cc napagent - ok
    17:38:01.0762 0x13cc [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
    17:38:01.0805 0x13cc NativeWifiP - ok
    17:38:01.0863 0x13cc [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
    17:38:01.0903 0x13cc NDIS - ok
    17:38:01.0920 0x13cc [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
    17:38:01.0959 0x13cc NdisCap - ok
    17:38:01.0985 0x13cc [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
    17:38:02.0041 0x13cc NdisTapi - ok
    17:38:02.0075 0x13cc [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
    17:38:02.0122 0x13cc Ndisuio - ok
    17:38:02.0152 0x13cc [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
    17:38:02.0206 0x13cc NdisWan - ok
    17:38:02.0221 0x13cc [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
    17:38:02.0259 0x13cc NDProxy - ok
    17:38:02.0271 0x13cc [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
    17:38:02.0323 0x13cc NetBIOS - ok
    17:38:02.0357 0x13cc [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
    17:38:02.0417 0x13cc NetBT - ok
    17:38:02.0437 0x13cc [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon C:\Windows\system32\lsass.exe
    17:38:02.0455 0x13cc Netlogon - ok
    17:38:02.0489 0x13cc [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
    17:38:02.0553 0x13cc Netman - ok
    17:38:02.0587 0x13cc [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    17:38:02.0615 0x13cc NetMsmqActivator - ok
    17:38:02.0622 0x13cc [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    17:38:02.0639 0x13cc NetPipeActivator - ok
    17:38:02.0656 0x13cc [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
    17:38:02.0725 0x13cc netprofm - ok
    17:38:02.0733 0x13cc [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    17:38:02.0751 0x13cc NetTcpActivator - ok
    17:38:02.0758 0x13cc [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    17:38:02.0777 0x13cc NetTcpPortSharing - ok
    17:38:02.0805 0x13cc [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
    17:38:02.0820 0x13cc nfrd960 - ok
    17:38:02.0845 0x13cc [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
    17:38:02.0882 0x13cc NlaSvc - ok
    17:38:02.0904 0x13cc [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
    17:38:02.0943 0x13cc Npfs - ok
    17:38:02.0968 0x13cc [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
    17:38:03.0017 0x13cc nsi - ok
    17:38:03.0037 0x13cc [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
    17:38:03.0075 0x13cc nsiproxy - ok
    17:38:03.0142 0x13cc [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
    17:38:03.0214 0x13cc Ntfs - ok
    17:38:03.0231 0x13cc [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
    17:38:03.0278 0x13cc Null - ok
    17:38:03.0313 0x13cc [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
    17:38:03.0330 0x13cc nvraid - ok
    17:38:03.0357 0x13cc [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
    17:38:03.0375 0x13cc nvstor - ok
    17:38:03.0400 0x13cc [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
    17:38:03.0416 0x13cc nv_agp - ok
    17:38:03.0446 0x13cc [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
    17:38:03.0463 0x13cc ohci1394 - ok
    17:38:03.0504 0x13cc [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
    17:38:03.0519 0x13cc ose - ok
    17:38:03.0684 0x13cc [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    17:38:03.0865 0x13cc osppsvc - ok
    17:38:03.0909 0x13cc [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
    17:38:03.0949 0x13cc p2pimsvc - ok
    17:38:03.0986 0x13cc [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
    17:38:04.0018 0x13cc p2psvc - ok
    17:38:04.0047 0x13cc [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
    17:38:04.0065 0x13cc Parport - ok
    17:38:04.0094 0x13cc [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
    17:38:04.0109 0x13cc partmgr - ok
    17:38:04.0122 0x13cc [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
    17:38:04.0158 0x13cc PcaSvc - ok
    17:38:04.0193 0x13cc [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
    17:38:04.0212 0x13cc pci - ok
    17:38:04.0233 0x13cc [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
    17:38:04.0247 0x13cc pciide - ok
    17:38:04.0272 0x13cc [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
    17:38:04.0292 0x13cc pcmcia - ok
    17:38:04.0308 0x13cc [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
    17:38:04.0323 0x13cc pcw - ok
    17:38:04.0347 0x13cc [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
    17:38:04.0414 0x13cc PEAUTH - ok
    17:38:04.0473 0x13cc [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
    17:38:04.0556 0x13cc PeerDistSvc - ok
    17:38:04.0611 0x13cc [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
    17:38:04.0634 0x13cc PerfHost - ok
    17:38:04.0712 0x13cc [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
    17:38:04.0849 0x13cc pla - ok
    17:38:04.0893 0x13cc [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
    17:38:04.0942 0x13cc PlugPlay - ok
    17:38:04.0964 0x13cc [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
    17:38:04.0997 0x13cc PNRPAutoReg - ok
    17:38:05.0024 0x13cc [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
    17:38:05.0051 0x13cc PNRPsvc - ok
    17:38:05.0081 0x13cc [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
    17:38:05.0146 0x13cc PolicyAgent - ok
    17:38:05.0178 0x13cc [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
    17:38:05.0238 0x13cc Power - ok
    17:38:05.0262 0x13cc [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
    17:38:05.0301 0x13cc PptpMiniport - ok
    17:38:05.0316 0x13cc [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
    17:38:05.0334 0x13cc Processor - ok
    17:38:05.0359 0x13cc [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
    17:38:05.0409 0x13cc ProfSvc - ok
    17:38:05.0426 0x13cc [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
    17:38:05.0443 0x13cc ProtectedStorage - ok
    17:38:05.0466 0x13cc [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
    17:38:05.0515 0x13cc Psched - ok
    17:38:05.0589 0x13cc [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
    17:38:05.0655 0x13cc ql2300 - ok
    17:38:05.0672 0x13cc [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
    17:38:05.0688 0x13cc ql40xx - ok
    17:38:05.0706 0x13cc [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
    17:38:05.0735 0x13cc QWAVE - ok
    17:38:05.0746 0x13cc [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
    17:38:05.0775 0x13cc QWAVEdrv - ok
    17:38:05.0801 0x13cc [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
    17:38:05.0839 0x13cc RasAcd - ok
    17:38:05.0865 0x13cc [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
    17:38:05.0915 0x13cc RasAgileVpn - ok
    17:38:05.0937 0x13cc [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
    17:38:05.0990 0x13cc RasAuto - ok
    17:38:06.0021 0x13cc [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
    17:38:06.0086 0x13cc Rasl2tp - ok
    17:38:06.0115 0x13cc [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
    17:38:06.0163 0x13cc RasMan - ok
    17:38:06.0178 0x13cc [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
    17:38:06.0232 0x13cc RasPppoe - ok
    17:38:06.0267 0x13cc [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
    17:38:06.0318 0x13cc RasSstp - ok
    17:38:06.0352 0x13cc [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
    17:38:06.0408 0x13cc rdbss - ok
    17:38:06.0423 0x13cc [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
    17:38:06.0451 0x13cc rdpbus - ok
    17:38:06.0464 0x13cc [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
    17:38:06.0502 0x13cc RDPCDD - ok
    17:38:06.0530 0x13cc [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
    17:38:06.0558 0x13cc RDPDR - ok
    17:38:06.0586 0x13cc [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
    17:38:06.0624 0x13cc RDPENCDD - ok
    17:38:06.0638 0x13cc [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
    17:38:06.0686 0x13cc RDPREFMP - ok
    17:38:06.0734 0x13cc [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
    17:38:06.0771 0x13cc RdpVideoMiniport - ok
    17:38:06.0795 0x13cc [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
    17:38:06.0832 0x13cc RDPWD - ok
    17:38:06.0866 0x13cc [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
    17:38:06.0887 0x13cc rdyboost - ok
    17:38:06.0907 0x13cc [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
    17:38:06.0949 0x13cc RemoteAccess - ok
    17:38:06.0974 0x13cc [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
    17:38:07.0031 0x13cc RemoteRegistry - ok
    17:38:07.0056 0x13cc [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
    17:38:07.0113 0x13cc RpcEptMapper - ok
    17:38:07.0132 0x13cc [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
    17:38:07.0158 0x13cc RpcLocator - ok
    17:38:07.0190 0x13cc [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
    17:38:07.0241 0x13cc RpcSs - ok
    17:38:07.0264 0x13cc [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
    17:38:07.0317 0x13cc rspndr - ok
    17:38:07.0341 0x13cc [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
    17:38:07.0357 0x13cc s3cap - ok
    17:38:07.0366 0x13cc [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs C:\Windows\system32\lsass.exe
    17:38:07.0383 0x13cc SamSs - ok
    17:38:07.0404 0x13cc [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
    17:38:07.0419 0x13cc sbp2port - ok
    17:38:07.0443 0x13cc [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
    17:38:07.0499 0x13cc SCardSvr - ok
    17:38:07.0525 0x13cc [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
    17:38:07.0577 0x13cc scfilter - ok
    17:38:07.0634 0x13cc [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
    17:38:07.0722 0x13cc Schedule - ok
    17:38:07.0759 0x13cc [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
    17:38:07.0797 0x13cc SCPolicySvc - ok
    17:38:07.0822 0x13cc [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
    17:38:07.0845 0x13cc SDRSVC - ok
    17:38:07.0993 0x13cc [ 98EF79CC2B07398AC525F9EA1AE0366F, D0D5D69696ED339F363024AF3271867F4C55572C67FD0F2AA27D24B37982E39A ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
    17:38:08.0140 0x13cc SDScannerService - ok
    17:38:08.0195 0x13cc [ 14BF6B3AB327D519ED007CDDC56F6900, 4E5DC4AF45347C885E0E87F205EE1F95BB4713A0B581CD7317FBEEE2A9628982 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
    17:38:08.0239 0x13cc SDUpdateService - ok
    17:38:08.0269 0x13cc [ 820EBE67AB99F033FDE25B2692157991, A9E86FE6EFD3CFD4EA1A26121C706335A6791CC6F81EE98AE2BE7EA566ECFEBB ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
    17:38:08.0287 0x13cc SDWSCService - ok
    17:38:08.0316 0x13cc [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
    17:38:08.0354 0x13cc secdrv - ok
    17:38:08.0372 0x13cc [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
    17:38:08.0421 0x13cc seclogon - ok
    17:38:08.0446 0x13cc [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\system32\sens.dll
    17:38:08.0499 0x13cc SENS - ok
    17:38:08.0518 0x13cc [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
    17:38:08.0546 0x13cc SensrSvc - ok
    17:38:08.0571 0x13cc [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
    17:38:08.0601 0x13cc Serenum - ok
    17:38:08.0624 0x13cc [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
    17:38:08.0643 0x13cc Serial - ok
    17:38:08.0677 0x13cc [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
    17:38:08.0704 0x13cc sermouse - ok
    17:38:08.0741 0x13cc [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
    17:38:08.0793 0x13cc SessionEnv - ok
    17:38:08.0817 0x13cc [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
    17:38:08.0846 0x13cc sffdisk - ok
    17:38:08.0862 0x13cc [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
    17:38:08.0897 0x13cc sffp_mmc - ok
    17:38:08.0915 0x13cc [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
    17:38:08.0944 0x13cc sffp_sd - ok
    17:38:08.0968 0x13cc [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
    17:38:08.0984 0x13cc sfloppy - ok
    17:38:09.0009 0x13cc [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
    17:38:09.0070 0x13cc SharedAccess - ok
    17:38:09.0100 0x13cc [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
    17:38:09.0164 0x13cc ShellHWDetection - ok
    17:38:09.0184 0x13cc [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
    17:38:09.0198 0x13cc SiSRaid2 - ok
    17:38:09.0209 0x13cc [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
    17:38:09.0225 0x13cc SiSRaid4 - ok
    17:38:09.0263 0x13cc [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
    17:38:09.0282 0x13cc SkypeUpdate - ok
    17:38:09.0298 0x13cc [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
    17:38:09.0347 0x13cc Smb - ok
    17:38:09.0376 0x13cc [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
    17:38:09.0409 0x13cc SNMPTRAP - ok
    17:38:09.0427 0x13cc [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
    17:38:09.0441 0x13cc spldr - ok
    17:38:09.0469 0x13cc [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
    17:38:09.0513 0x13cc Spooler - ok
    17:38:09.0687 0x13cc [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
    17:38:09.0908 0x13cc sppsvc - ok
    17:38:09.0924 0x13cc [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
    17:38:09.0977 0x13cc sppuinotify - ok
    17:38:10.0011 0x13cc [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
    17:38:10.0056 0x13cc srv - ok
    17:38:10.0094 0x13cc [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
    17:38:10.0122 0x13cc srv2 - ok
    17:38:10.0138 0x13cc [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
    17:38:10.0172 0x13cc srvnet - ok
    17:38:10.0197 0x13cc [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
    17:38:10.0259 0x13cc SSDPSRV - ok
    17:38:10.0273 0x13cc [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
    17:38:10.0315 0x13cc SstpSvc - ok
    17:38:10.0330 0x13cc [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
    17:38:10.0345 0x13cc stexstor - ok
    17:38:10.0388 0x13cc [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
    17:38:10.0443 0x13cc stisvc - ok
    17:38:10.0484 0x13cc [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
    17:38:10.0499 0x13cc storflt - ok
    17:38:10.0511 0x13cc [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
    17:38:10.0525 0x13cc storvsc - ok
    17:38:10.0553 0x13cc [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
    17:38:10.0567 0x13cc swenum - ok
    17:38:10.0586 0x13cc [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
    17:38:10.0655 0x13cc swprv - ok
    17:38:10.0673 0x13cc Synth3dVsc - ok
    17:38:10.0737 0x13cc [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
    17:38:10.0840 0x13cc SysMain - ok
    17:38:10.0866 0x13cc [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
    17:38:10.0902 0x13cc TabletInputService - ok
    17:38:10.0930 0x13cc [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
    17:38:10.0988 0x13cc TapiSrv - ok
    17:38:11.0011 0x13cc [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
    17:38:11.0052 0x13cc TBS - ok
    17:38:11.0171 0x13cc [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip C:\Windows\system32\drivers\tcpip.sys
    17:38:11.0290 0x13cc Tcpip - ok
    17:38:11.0358 0x13cc [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
    17:38:11.0415 0x13cc TCPIP6 - ok
    17:38:11.0443 0x13cc [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
    17:38:11.0471 0x13cc tcpipreg - ok
    17:38:11.0496 0x13cc [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
    17:38:11.0527 0x13cc TDPIPE - ok
    17:38:11.0554 0x13cc [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
    17:38:11.0580 0x13cc TDTCP - ok
    17:38:11.0611 0x13cc [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
    17:38:11.0655 0x13cc tdx - ok
    17:38:11.0676 0x13cc [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
    17:38:11.0690 0x13cc TermDD - ok
    17:38:11.0720 0x13cc [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
    17:38:11.0779 0x13cc TermService - ok
    17:38:11.0800 0x13cc [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
    17:38:11.0838 0x13cc Themes - ok
    17:38:11.0859 0x13cc [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
    17:38:11.0899 0x13cc THREADORDER - ok
    17:38:11.0916 0x13cc [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
    17:38:11.0972 0x13cc TrkWks - ok
    17:38:12.0013 0x13cc [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
    17:38:12.0069 0x13cc TrustedInstaller - ok
    17:38:12.0096 0x13cc [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
    17:38:12.0132 0x13cc tssecsrv - ok
    17:38:12.0154 0x13cc [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
    17:38:12.0198 0x13cc TsUsbFlt - ok
    17:38:12.0206 0x13cc tsusbhub - ok
    17:38:12.0234 0x13cc [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
    17:38:12.0274 0x13cc tunnel - ok
    17:38:12.0293 0x13cc [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
    17:38:12.0308 0x13cc uagp35 - ok
    17:38:12.0334 0x13cc [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
    17:38:12.0390 0x13cc udfs - ok
    17:38:12.0417 0x13cc [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
    17:38:12.0438 0x13cc UI0Detect - ok
    17:38:12.0456 0x13cc [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
    17:38:12.0471 0x13cc uliagpkx - ok
    17:38:12.0496 0x13cc [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
    17:38:12.0524 0x13cc umbus - ok
    17:38:12.0542 0x13cc [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
    17:38:12.0569 0x13cc UmPass - ok
    17:38:12.0600 0x13cc [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
    17:38:12.0624 0x13cc UmRdpService - ok
    17:38:12.0645 0x13cc [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
    17:38:12.0709 0x13cc upnphost - ok
    17:38:12.0734 0x13cc [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
    17:38:12.0776 0x13cc USBAAPL64 - ok
    17:38:12.0797 0x13cc [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
    17:38:12.0831 0x13cc usbccgp - ok
    17:38:12.0868 0x13cc [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
    17:38:12.0907 0x13cc usbcir - ok
    17:38:12.0926 0x13cc [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
    17:38:12.0953 0x13cc usbehci - ok
    17:38:12.0981 0x13cc [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
    17:38:13.0017 0x13cc usbhub - ok
    17:38:13.0032 0x13cc [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
    17:38:13.0058 0x13cc usbohci - ok
    17:38:13.0086 0x13cc [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
    17:38:13.0118 0x13cc usbprint - ok
    17:38:13.0141 0x13cc [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
    17:38:13.0172 0x13cc USBSTOR - ok
    17:38:13.0191 0x13cc [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
    17:38:13.0207 0x13cc usbuhci - ok
    17:38:13.0228 0x13cc [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
    17:38:13.0276 0x13cc usbvideo - ok
    17:38:13.0294 0x13cc [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
    17:38:13.0350 0x13cc UxSms - ok
    17:38:13.0368 0x13cc [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc C:\Windows\system32\lsass.exe
    17:38:13.0384 0x13cc VaultSvc - ok
    17:38:13.0413 0x13cc [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
    17:38:13.0427 0x13cc vdrvroot - ok
    17:38:13.0460 0x13cc [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
    17:38:13.0515 0x13cc vds - ok
    17:38:13.0537 0x13cc [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
    17:38:13.0557 0x13cc vga - ok
    17:38:13.0580 0x13cc [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
    17:38:13.0633 0x13cc VgaSave - ok
    17:38:13.0653 0x13cc VGPU - ok
    17:38:13.0677 0x13cc [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
    17:38:13.0695 0x13cc vhdmp - ok
    17:38:13.0794 0x13cc [ A427E990AAF60801489E527447EA5947, CD69587056E1B41799C575A0AFD6BDE4DA411DF20FE395C1180DB735B2C4E77D ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
    17:38:13.0883 0x13cc VIAHdAudAddService - ok
    17:38:13.0907 0x13cc [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
    17:38:13.0920 0x13cc viaide - ok
    17:38:13.0933 0x13cc [ 6B34F3220E4AE5D77BD42CEA94EB3892, 6BBED3FBD52935B0ECEA3A9B5B0A4B44214636840AE1EBB65AE1089B3F0C0500 ] VIAKaraokeService C:\Windows\system32\viakaraokesrv.exe
    17:38:13.0950 0x13cc VIAKaraokeService - ok
    17:38:13.0965 0x13cc [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
    17:38:13.0983 0x13cc vmbus - ok
    17:38:14.0001 0x13cc [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
    17:38:14.0028 0x13cc VMBusHID - ok
    17:38:14.0042 0x13cc [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
    17:38:14.0057 0x13cc volmgr - ok
    17:38:14.0084 0x13cc [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
    17:38:14.0106 0x13cc volmgrx - ok
    17:38:14.0123 0x13cc [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
    17:38:14.0144 0x13cc volsnap - ok
    17:38:14.0174 0x13cc [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
    17:38:14.0192 0x13cc vsmraid - ok
    17:38:14.0256 0x13cc [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
    17:38:14.0368 0x13cc VSS - ok
    17:38:14.0387 0x13cc [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
    17:38:14.0422 0x13cc vwifibus - ok
    17:38:14.0453 0x13cc [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
    17:38:14.0517 0x13cc W32Time - ok
    17:38:14.0540 0x13cc [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
    17:38:14.0568 0x13cc WacomPen - ok
    17:38:14.0600 0x13cc [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
    17:38:14.0649 0x13cc WANARP - ok
    17:38:14.0655 0x13cc [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
    17:38:14.0693 0x13cc Wanarpv6 - ok
    17:38:14.0764 0x13cc [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
    17:38:14.0822 0x13cc WatAdminSvc - ok
    17:38:14.0890 0x13cc [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
    17:38:14.0966 0x13cc wbengine - ok
    17:38:14.0989 0x13cc [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
    17:38:15.0018 0x13cc WbioSrvc - ok
    17:38:15.0047 0x13cc [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
    17:38:15.0094 0x13cc wcncsvc - ok
    17:38:15.0111 0x13cc [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
    17:38:15.0141 0x13cc WcsPlugInService - ok
    17:38:15.0162 0x13cc [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
    17:38:15.0176 0x13cc Wd - ok
    17:38:15.0214 0x13cc [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
    17:38:15.0250 0x13cc Wdf01000 - ok
    17:38:15.0272 0x13cc [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
    17:38:15.0360 0x13cc WdiServiceHost - ok
    17:38:15.0365 0x13cc [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
    17:38:15.0393 0x13cc WdiSystemHost - ok
    17:38:15.0418 0x13cc [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
    17:38:15.0444 0x13cc WebClient - ok
    17:38:15.0457 0x13cc [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
    17:38:15.0516 0x13cc Wecsvc - ok
    17:38:15.0536 0x13cc [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
    17:38:15.0578 0x13cc wercplsupport - ok
    17:38:15.0592 0x13cc [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
    17:38:15.0645 0x13cc WerSvc - ok
    17:38:15.0678 0x13cc [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
    17:38:15.0715 0x13cc WfpLwf - ok
    17:38:15.0730 0x13cc [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
    17:38:15.0744 0x13cc WIMMount - ok
    17:38:15.0757 0x13cc WinDefend - ok
    17:38:15.0764 0x13cc WinHttpAutoProxySvc - ok
    17:38:15.0810 0x13cc [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
    17:38:15.0858 0x13cc Winmgmt - ok
    17:38:15.0930 0x13cc [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
    17:38:16.0049 0x13cc WinRM - ok
    17:38:16.0092 0x13cc [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
    17:38:16.0126 0x13cc WinUsb - ok
    17:38:16.0176 0x13cc [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
    17:38:16.0236 0x13cc Wlansvc - ok
    17:38:16.0273 0x13cc [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
    17:38:16.0305 0x13cc WmiAcpi - ok
    17:38:16.0353 0x13cc [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
    17:38:16.0434 0x13cc wmiApSrv - ok
    17:38:16.0457 0x13cc WMPNetworkSvc - ok
    17:38:16.0471 0x13cc [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
    17:38:16.0499 0x13cc WPCSvc - ok
    17:38:16.0523 0x13cc [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
    17:38:16.0545 0x13cc WPDBusEnum - ok
    17:38:16.0560 0x13cc [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
    17:38:16.0610 0x13cc ws2ifsl - ok
    17:38:16.0628 0x13cc [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\system32\wscsvc.dll
    17:38:16.0666 0x13cc wscsvc - ok
    17:38:16.0670 0x13cc WSearch - ok
    17:38:16.0767 0x13cc [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
    17:38:16.0867 0x13cc wuauserv - ok
    17:38:16.0896 0x13cc [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
    17:38:16.0942 0x13cc WudfPf - ok
    17:38:16.0970 0x13cc [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
    17:38:17.0003 0x13cc WUDFRd - ok
    17:38:17.0020 0x13cc [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
    17:38:17.0052 0x13cc wudfsvc - ok
    17:38:17.0081 0x13cc [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
    17:38:17.0135 0x13cc WwanSvc - ok
    17:38:17.0149 0x13cc ================ Scan global ===============================
    17:38:17.0170 0x13cc [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
    17:38:17.0199 0x13cc [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll

  5. #25
    Junior Member
    Join Date
    Aug 2013
    Posts
    23

    Default

    ----combofix----
    ComboFix 14-04-06.01 - ESMEN 07.04.2014 17:50:37.3.4 - x64
    Microsoft Windows 7 Ultimate 6.1.7601.1.1254.90.1033.18.4095.1933 [GMT 3:00]
    Running from: c:\users\ESMEN\Desktop\ComboFix.exe
    Command switches used :: c:\users\ESMEN\Desktop\CFScript.txt
    AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
    FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
    SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
    SP: Spybot - Search and Destroy *Disabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    ((((((((((((((((((((((((( Files Created from 2014-03-07 to 2014-04-07 )))))))))))))))))))))))))))))))
    .
    .
    2014-04-07 14:56 . 2014-04-07 14:56 -------- d-----w- c:\users\Default\AppData\Local\temp
    2014-04-06 17:31 . 2014-04-07 14:56 -------- d-----w- c:\users\ESMEN\AppData\Local\temp
    2014-04-06 16:28 . 2014-04-06 17:01 -------- d-----w- C:\FRST
    2014-04-06 14:21 . 2014-04-06 14:21 -------- d-----w- c:\program files (x86)\ERUNT
    2014-04-06 11:03 . 2014-04-06 11:03 43152 ----a-w- c:\windows\avastSS.scr
    2014-04-06 11:03 . 2014-04-06 11:03 445304 ----a-w- c:\windows\system32\drivers\aswNdisFlt.sys
    2014-04-06 10:49 . 2014-04-06 10:49 -------- d-----w- c:\windows\jumpshot.com
    2014-04-05 16:40 . 2013-09-20 07:49 21040 ----a-w- c:\windows\system32\sdnclean64.exe
    2014-04-05 16:39 . 2014-04-05 16:41 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2
    2014-04-05 16:39 . 2014-04-05 16:39 -------- d-----w- c:\users\ESMEN\AppData\Local\Programs
    2014-04-04 18:47 . 2014-04-04 18:47 -------- d-----w- c:\program files (x86)\Internet Download Manager
    2014-04-04 09:31 . 2014-03-07 04:43 10521840 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F07518CE-61E8-4777-862B-43057141AABF}\mpengine.dll
    2014-03-27 16:21 . 2014-03-27 16:21 -------- d-----w- c:\users\ESMEN\AppData\Roaming\The Creative Assembly
    2014-03-27 16:04 . 2014-03-27 16:20 -------- d-----w- c:\program files (x86)\Napoleon Total War
    2014-03-12 19:35 . 2014-01-28 02:32 228864 ----a-w- c:\windows\system32\wwansvc.dll
    2014-03-12 19:35 . 2014-01-29 02:32 484864 ----a-w- c:\windows\system32\wer.dll
    2014-03-12 19:35 . 2014-01-29 02:06 381440 ----a-w- c:\windows\SysWow64\wer.dll
    2014-03-12 19:32 . 2014-02-04 02:32 624128 ----a-w- c:\windows\system32\qedit.dll
    2014-03-12 19:32 . 2014-02-04 02:04 509440 ----a-w- c:\windows\SysWow64\qedit.dll
    2014-03-12 19:32 . 2014-02-04 02:32 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
    2014-03-12 19:32 . 2014-02-04 02:04 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
    2014-03-09 11:08 . 2014-04-07 14:20 -------- d-----r- c:\users\ESMEN\Dropbox
    2014-03-09 11:06 . 2014-04-07 14:20 -------- d-----w- c:\users\ESMEN\AppData\Roaming\Dropbox
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2014-04-06 11:03 . 2014-01-27 22:10 84816 ----a-w- c:\windows\system32\drivers\aswStm.sys
    2014-04-06 11:03 . 2014-01-27 22:10 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
    2014-04-06 11:03 . 2014-01-27 22:10 208928 ----a-w- c:\windows\system32\drivers\aswVmm.sys
    2014-04-06 11:03 . 2014-01-27 22:10 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
    2014-04-06 11:03 . 2014-01-27 22:10 423240 ----a-w- c:\windows\system32\drivers\aswSP.sys
    2014-04-06 11:03 . 2014-01-27 22:10 1039096 ----a-w- c:\windows\system32\drivers\aswSnx.sys
    2014-04-06 11:03 . 2014-01-27 22:10 334648 ----a-w- c:\windows\system32\aswBoot.exe
    2014-04-06 11:03 . 2014-01-27 22:10 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
    2014-04-06 11:03 . 2014-01-28 14:58 28184 ----a-w- c:\windows\system32\drivers\aswKbd.sys
    2014-03-18 16:14 . 2013-12-06 22:46 90015360 ----a-w- c:\windows\system32\MRT.exe
    2014-03-14 07:30 . 2013-12-06 22:16 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2014-03-14 07:30 . 2013-12-06 22:16 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
    2014-02-19 17:09 . 2013-12-07 15:26 419840 ----a-w- c:\windows\system32\systemcpl.dll
    2014-02-19 17:09 . 2013-12-07 15:26 14848 ----a-w- c:\windows\system32\slwga.dll
    2014-02-19 17:09 . 2013-12-07 15:26 13824 ----a-w- c:\windows\SysWow64\slwga.dll
    2014-01-30 22:09 . 2014-01-30 22:09 119808 ----a-r- c:\users\ESMEN\AppData\Roaming\Microsoft\Installer\{CCF298AF-9CE1-4B26-B251-486E98A34789}\icons.exe
    2014-01-09 02:22 . 2014-02-26 12:00 5694464 ----a-w- c:\windows\SysWow64\mstscax.dll
    .
    .
    ------- Sigcheck -------
    Note: Unsigned files aren't necessarily malware.
    .
    [7] 2010-11-20 . FE70103391A64039A921DBFFF9C7AB1B . 1008128 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
    [7] 2009-07-14 . 72D7B3EA16946E8F0CF7458150031CC6 . 1008640 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
    [-] 2013-12-08 . 2C353B6CE0C8D03225CAA2AF33B68D79 . 1008640 . . [6.1.7601.17514] .. c:\windows\system32\user32.dll
    .
    [-] 2013-12-08 . 861C4346F9281DC0380DE72C8D55D6BE . 833024 . . [6.1.7601.17514] .. c:\windows\SysWOW64\user32.dll
    [7] 2010-11-20 . 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 . 833024 . . [6.1.7601.17514] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
    [7] 2009-07-14 . E8B0FFC209E504CB7E79FC24E6C085F0 . 833024 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
    2013-09-10 23:54 131248 ----a-w- c:\users\ESMEN\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
    2013-09-10 23:54 131248 ----a-w- c:\users\ESMEN\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
    2013-09-10 23:54 131248 ----a-w- c:\users\ESMEN\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-02-12 43848]
    "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
    "AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-04-06 3854640]
    "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-02-21 152392]
    "SDTray"="c:\program files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [2013-07-25 5624784]
    .
    c:\users\ESMEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    Dropbox.lnk - c:\users\ESMEN\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-1-3 33508336]
    ERUNT AutoBackup.lnk - c:\program files (x86)\ERUNT\AUTOBACK.EXE %SystemRoot%\ERDNT\AutoBackup\#Date# /noconfirmdelete /noprogresswindow [2005-10-20 38912]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
    BootExecute REG_MULTI_SZ autocheck autochk *\0sdnclean64.exe
    .
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
    R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
    R3 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
    R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
    R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
    R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
    R3 tsusbhub;tsusbhub;tsusbhub [x]
    S0 aswNdisFlt;Avast! Firewall Driver;c:\windows\system32\DRIVERS\aswNdisFlt.sys;c:\windows\SYSNATIVE\DRIVERS\aswNdisFlt.sys [x]
    S0 aswRvrt;avast! Revert; [x]
    S0 aswVmm;avast! VM Monitor; [x]
    S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\aswKbd.sys [x]
    S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
    S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
    S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
    S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
    S2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe;c:\program files\AVAST Software\Avast\afwServ.exe [x]
    S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
    S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
    S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys;c:\windows\SYSNATIVE\DRIVERS\idmwfp.sys [x]
    S2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [x]
    S2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [x]
    S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [x]
    S3 Atc002;NDIS Miniport Driver for Atheros L2 Fast Ethernet Controller;c:\windows\system32\DRIVERS\l260x64.sys;c:\windows\SYSNATIVE\DRIVERS\l260x64.sys [x]
    S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
    .
    .
    --- Other Services/Drivers In Memory ---
    .
    *NewlyCreated* - 57125628
    *Deregistered* - 57125628
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
    2014-03-15 20:13 1150280 ----a-w- c:\program files (x86)\Google\Chrome\Application\33.0.1750.154\Installer\chrmstp.exe
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2013-12-06 c:\windows\Tasks\DriverEasy Scheduled Scan.job
    - c:\program files\Easeware\DriverEasy\DriverEasy.exe [2013-12-06 16:15]
    .
    2014-04-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cef386a2d28c17.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-12-06 22:27]
    .
    2014-04-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-12-06 22:27]
    .
    .
    --------- X64 Entries -----------
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
    @="{472083B0-C522-11CF-8763-00608CC02F24}"
    [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
    2014-04-06 11:03 290888 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
    2013-09-10 23:54 164016 ----a-w- c:\users\ESMEN\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
    2013-09-10 23:54 164016 ----a-w- c:\users\ESMEN\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
    2013-09-10 23:54 164016 ----a-w- c:\users\ESMEN\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
    @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
    2013-09-10 23:54 164016 ----a-w- c:\users\ESMEN\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
    @="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
    [HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
    2012-11-15 23:07 23496 ----a-w- c:\program files (x86)\Internet Download Manager\IDMShellExt64.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2013-02-05 5670448]
    .
    ------- Supplementary Scan -------
    .
    uLocal Page = c:\windows\system32\blank.htm
    uStart Page = www.bing.com
    mLocal Page = c:\windows\SysWOW64\blank.htm
    uInternet Settings,ProxyOverride = *.local
    IE: Bütün Bağlantıları IDM ile İndir - c:\program files (x86)\Internet Download Manager\IEGetAll.htm
    IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
    IE: IDM ile İndir - c:\program files (x86)\Internet Download Manager\IEExt.htm
    IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
    TCP: DhcpNameServer = 192.168.1.1 0.0.0.0
    TCP: Interfaces\{B9241E59-CE1F-4AE9-A4C9-D798E8DE8C47}: NameServer = 213.74.0.1,213.74.1.1
    .
    - - - - ORPHANS REMOVED - - - -
    .
    Notify-SDWinLogon - SDWinLogon.dll
    .
    .
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_USERS\S-1-5-21-2395962531-217751968-226635089-1000_Classes\Wow6432Node\CLSID\{3b625d9c-6e60-4dff-ae0d-c5f64fdd5a59}]
    @Denied: (Full) (Everyone)
    @Allowed: (Read) (RestrictedCode)
    "Model"=dword:0000002f
    "Therad"=dword:00000011
    "MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a,
    1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\
    .
    [HKEY_USERS\S-1-5-21-2395962531-217751968-226635089-1000_Classes\Wow6432Node\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
    @Denied: (Full) (Everyone)
    @Allowed: (Read) (RestrictedCode)
    "scansk"=hex(0):96,1e,1d,69,8b,94,af,4f,37,e7,78,f4,b8,ed,25,ea,3d,b1,c4,a6,fb,
    f6,e7,c9,49,8a,f5,df,20,48,4c,a6,b4,2b,27,23,07,6b,12,74,00,00,00,00,00,00,\
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    Completion time: 2014-04-07 17:58:44
    ComboFix-quarantined-files.txt 2014-04-07 14:58
    ComboFix2.txt 2014-04-07 11:09
    ComboFix3.txt 2014-04-06 17:30
    .
    Pre-Run: 135.237.603.328 bayt boş
    Post-Run: 135.152.963.584 bayt boş
    .
    - - End Of File - - F78402416048FB1986AB834CD0EDB438
    A36C5E4F47E84449FF07ED3517B43A31

  6. #26
    Security Expert-emeritus Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    4,084

    Default

    Open notepad. Please copy the contents of the quote box below. To do this highlight the contents of the box and right click on it and select copy.
    Paste this into the open notepad. save it to the Desktop as fixlist.txt
    NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.
    It needs to be saved Next to the "Farbar Recovery Scan Tool" (FRST) program (If asked to overwrite existing one please allow)

    start
    Replace: C:\Windows\SysWOW64\user32.dll C:\Windows\System32\user32.dll
    Reboot:
    end
    Run FRST/FRST64 and press the Fix button just once and wait.
    If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
    When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.


    ~~~~~~~~~~~~~~~~~~~~`

    Please download and run RogueKiller 32 Bit to your desktop.

    RogueKiller 64 Bit <---use this one for 64 bit systems

    Which system am I using?

    Quit all running programs.

    For Windows XP, double-click to start.
    For Vista or Windows 7-8, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.


    Click Scan to scan the system.
    When the scan completes > Close out the program > Don't Fix anything!

    Post back the report which should be located on your desktop.
    (please don't put logs in code or quotes and use the default font)
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  7. #27
    Junior Member
    Join Date
    Aug 2013
    Posts
    23

    Default

    I run your code with FRST64 as admin my computer restarts itseler and then it restarts itself again and again i restore my startup now with startup repair

  8. #28
    Junior Member
    Join Date
    Aug 2013
    Posts
    23

    Default

    Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-03-2014
    Ran by ESMEN at 2014-04-07 20:55:09 Run:3
    Running from C:\Users\ESMEN\Desktop
    Boot Mode: Normal
    ==============================================

    Content of fixlist:
    *****************
    start
    Replace: C:\Windows\SysWOW64\user32.dll C:\Windows\System32\user32.dll
    Reboot:
    end
    *****************

    C:\Windows\System32\user32.dll => Moved successfully.
    C:\Windows\SysWOW64\user32.dll copied successfully to C:\Windows\System32\user32.dll


    The system needed a reboot.

    ==== End of Fixlog ====

  9. #29
    Junior Member
    Join Date
    Aug 2013
    Posts
    23

    Default

    RogueKiller 64 Bit isn't work. where i can download it

  10. #30
    Junior Member
    Join Date
    Aug 2013
    Posts
    23

    Default

    RogueKiller V8.8.15 _x64_ [Mar 27 2014] by Adlice Software
    eposta : http://www.adlice.com/contact/
    Geribesleme : http://forum.adlice.com
    Website : http://www.adlice.com/softwares/roguekiller/
    Blog : http://www.adlice.com

    İşletim Sistemi : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
    Zamanında başladı : Normal mod
    Kullanıcı : ESMEN [Yönetici Hakları]
    Mod : Tarama yap -- Tarih : 04/07/2014 21:43:28
    | ARK || FAK || MBR |

    ¤¤¤ Kötü Niyetli İşlemler : 0 ¤¤¤

    ¤¤¤ Kayıt Defteri Girişleri : 7 ¤¤¤
    [DNS][PUM] HKLM\[...]\CCSet\[...]\{B9241E59-CE1F-4AE9-A4C9-D798E8DE8C47} : NameServer (213.74.0.1,213.74.1.1 [TURKEY (TR) - TURKEY (TR)]) -> BULUNDU
    [DNS][PUM] HKLM\[...]\CS001\[...]\{B9241E59-CE1F-4AE9-A4C9-D798E8DE8C47} : NameServer (213.74.0.1,213.74.1.1 [TURKEY (TR) - TURKEY (TR)]) -> BULUNDU
    [DNS][PUM] HKLM\[...]\CS002\[...]\{B9241E59-CE1F-4AE9-A4C9-D798E8DE8C47} : NameServer (213.74.0.1,213.74.1.1 [TURKEY (TR) - TURKEY (TR)]) -> BULUNDU
    [HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> BULUNDU
    [HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> BULUNDU
    [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> BULUNDU
    [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> BULUNDU

    ¤¤¤ Planlanmış Görevler : 0 ¤¤¤

    ¤¤¤ Başlangıç girişleri : 0 ¤¤¤

    ¤¤¤ Web Tarayıcıları : 0 ¤¤¤

    ¤¤¤ Browser Addons : 0 ¤¤¤

    ¤¤¤ Particular Files / Folders: ¤¤¤

    ¤¤¤ Sürücü : [YÜKLENMEDİ 0x0] ¤¤¤

    ¤¤¤ Dışarıdaki kovanlar: ¤¤¤

    ¤¤¤ Bulaşma var : ¤¤¤

    ¤¤¤ HOSTS Dosyası: ¤¤¤
    --> %SystemRoot%\System32\drivers\etc\hosts


    127.0.0.1 www.007guard.com
    127.0.0.1 007guard.com
    127.0.0.1 008i.com
    127.0.0.1 www.008k.com
    127.0.0.1 008k.com
    127.0.0.1 www.00hq.com
    127.0.0.1 00hq.com
    127.0.0.1 010402.com
    127.0.0.1 www.032439.com
    127.0.0.1 032439.com
    127.0.0.1 www.0scan.com
    127.0.0.1 0scan.com
    127.0.0.1 1000gratisproben.com
    127.0.0.1 www.1000gratisproben.com
    127.0.0.1 1001namen.com
    127.0.0.1 www.1001namen.com
    127.0.0.1 100888290cs.com
    127.0.0.1 www.100888290cs.com
    127.0.0.1 www.100sexlinks.com
    127.0.0.1 100sexlinks.com
    [...]


    ¤¤¤ MBR Denetimi: ¤¤¤

    +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST3500418AS ATA Device +++++
    --- User ---
    [MBR] 86360bd85a6a612dd49b0489f0803345
    [BSP] 7fe22c2e578b30a0550966b8256f3552 : Windows 7/8 MBR Code
    Partition table:
    0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1024 MB
    1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2099200 | Size: 251299 MB
    2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 516759552 | Size: 224615 MB
    User = LL1 ... OK!
    User = LL2 ... OK!

    +++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) Generic USB SD Reader USB Device +++++
    Error reading User MBR! ([0x15] Ayg?t haz?r de?il. )
    User = LL1 ... OK!
    Error reading LL2 MBR! ([0x32] ?stek desteklenmiyor. )

    +++++ PhysicalDrive2: (\\.\PHYSICALDRIVE2 @ USB) Generic USB CF Reader USB Device +++++
    Error reading User MBR! ([0x15] Ayg?t haz?r de?il. )
    User = LL1 ... OK!
    Error reading LL2 MBR! ([0x32] ?stek desteklenmiyor. )

    +++++ PhysicalDrive3: (\\.\PHYSICALDRIVE3 @ USB) Generic USB SM Reader USB Device +++++
    Error reading User MBR! ([0x15] Ayg?t haz?r de?il. )
    User = LL1 ... OK!
    Error reading LL2 MBR! ([0x32] ?stek desteklenmiyor. )

    +++++ PhysicalDrive4: (\\.\PHYSICALDRIVE4 @ USB) Generic USB MS Reader USB Device +++++
    Error reading User MBR! ([0x15] Ayg?t haz?r de?il. )
    User = LL1 ... OK!
    Error reading LL2 MBR! ([0x32] ?stek desteklenmiyor. )

    Tamamlandı : << RKreport[0]_S_04072014_214328.txt >>

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •