Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 91805 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

Pop-up running in mshta.exe


  • This topic is locked This topic is locked
7 replies to this topic

#1 ReyAlex

ReyAlex

    New Member

  • New Member
  • Pip
  • 4 posts

Posted 21 April 2014 - 10:03 PM

Hi

 

I have a similar problem of these topics

 

http://forums.whatth...howtopic=127833

http://forums.whatth...7803&hl=mshta 

 

The problem is that a pop-up appears like every 2 minutes showing a japanese pornographic site, i tried the Antivirus, AntiMalware, etc and nothing works.

It is running with the proccess mshta.exe

 

Hope someone could help me.

 

Thanks :adios:

 

PD: English is not my native languague so please sorry for any mistake in my writting skills during proccess


    Advertisements

Register to Remove


#2 ----------------

----------------

    SuperMember

  • Authentic Member
  • PipPipPipPipPip
  • 1,095 posts

Posted 22 April 2014 - 06:36 AM

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

 
 
 
 
 
HijackThis is not the preferred initial scanning tool in this forum. With today's malware, a more comprehensive set of logs is required to determine the presence of malware.
 
 
 
 
Scan with FRST in normal mode

Please download Farbar's Recovery Scan Tool to your desktop: FRST 32bit or FRST 64bit (If not sure: Start --> Computer (right click) --> properties)
 
  • Run FRST.
  • Don´t change one of the checkboxes and hit Scan.
  • Logfiles are created on your desktop.
  • Poste the FRST.txt and (after the first scan only!) the Addition.txt.

 
 
 
 
 
Scan with TDSS-Killer

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.zip and extract to your desktop
  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • If Malicious objects are found, do NOT select Copy to quarantine. Change the action to Skip, and save the log.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt



Please attach this file to your next reply.


Proud Member of UNITE & TB
 

#3 ReyAlex

ReyAlex

    New Member

  • New Member
  • Pip
  • 4 posts

Posted 22 April 2014 - 07:07 PM

Thanks for the help, my computer and i will be at your care ^_^

 

 

First the FRST Log:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-04-2014
Ran by Sergio (administrator) on REYALEX on 22-04-2014 19:52:59
Running from C:\Users\Sergio\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: Spanish Modern Sort
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE
(Hewlett-Packard) C:\Windows\system32\Hpservice.exe
(AMD) C:\Windows\system32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\system32\mshta.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Home Cooked Gadgets) C:\Users\Sergio\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DriveManager.gadget\helper\DriveManagerHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_182.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_182.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2281256 2010-09-13] (Synaptics Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-03-02] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [avast] => C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-05-09] (AVAST Software)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-06] (Apple Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\S-1-5-21-808852756-1975636472-1129221054-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1826496 2014-04-21] (Valve Corporation)
HKU\S-1-5-21-808852756-1975636472-1129221054-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673696 2013-08-01] (Disc Soft Ltd)
HKU\S-1-5-21-808852756-1975636472-1129221054-1000\...\Run: [SystemBootmQoWONtIZJDwWw8XyYrX0YCjczq9e1c4] => mshta.exe http://afh.midvbsfy.net/reg2.php?cccid=mQoWONtIZJDwWw8XyYrX0YCjczq9e1c4&log=1
HKU\S-1-5-21-808852756-1975636472-1129221054-1000\...\Run: [RegWritemQoWONtIZJDwWw8XyYrX0YCjczq9e1c4] => mshta.exe http://afh.midvbsfy.net/set_inf2.php?cccid=mQoWONtIZJDwWw8XyYrX0YCjczq9e1c4
HKU\S-1-5-21-808852756-1975636472-1129221054-1000\...\RunOnce: [RegWritemQoWONtIZJDwWw8XyYrX0YCjczq9e1c4] - mshta.exe http://afh.midvbsfy.net/set_inf2.php?cccid=mQoWONtIZJDwWw8XyYrX0YCjczq9e1c4
HKU\S-1-5-21-808852756-1975636472-1129221054-1000\...\MountPoints2: {8733d6a0-13e3-11e3-af94-002713d885a7} - H:\start.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://prodigy.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x7960705EACFFCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = es-MX
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Users\Sergio\AppData\Roaming\Mozilla\Firefox\Profiles\sqfndnuv.Usuario predeterminado
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mercadolibre-mx.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-mx.xml
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-06-11]

Chrome: 
=======
CHR HomePage: hxxp://www.google.com.mx/
CHR DefaultSearchKeyword: google.com.mx
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U15) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.150.3) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Extension: (Google Docs) - C:\Users\Sergio\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-06-12]
CHR Extension: (Google Drive) - C:\Users\Sergio\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-06-12]
CHR Extension: (QRreader beta) - C:\Users\Sergio\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfdjglobiolninfgldchakgfldifphic [2013-08-01]
CHR Extension: (YouTube) - C:\Users\Sergio\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-06-12]
CHR Extension: (Sad Panda) - C:\Users\Sergio\AppData\Local\Google\Chrome\User Data\Default\Extensions\bohapeiooecafommnlaiccilacgmkaoc [2014-04-11]
CHR Extension: (Adblock Plus) - C:\Users\Sergio\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-06-12]
CHR Extension: (Búsqueda de Google) - C:\Users\Sergio\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-12]
CHR Extension: (PanicButton) - C:\Users\Sergio\AppData\Local\Google\Chrome\User Data\Default\Extensions\faminaibgiklngmfpfbhmokfmnglamcm [2013-11-15]
CHR Extension: (avast! Online Security) - C:\Users\Sergio\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-06-13]
CHR Extension: (Google Wallet) - C:\Users\Sergio\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-30]
CHR Extension: (Gmail) - C:\Users\Sergio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-12]

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-06-27] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-06-27] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-06-27] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-09-02] (Disc Soft Ltd)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
S2 BstHdDrv; \??\C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-22 19:52 - 2014-04-22 19:53 - 00013807 _____ () C:\Users\Sergio\Desktop\FRST.txt
2014-04-22 19:52 - 2014-04-22 19:52 - 00000000 ____D () C:\FRST
2014-04-22 19:51 - 2014-04-22 19:52 - 04142142 _____ () C:\Users\Sergio\Desktop\tdsskiller.zip
2014-04-22 19:50 - 2014-04-22 19:51 - 02061312 _____ (Farbar) C:\Users\Sergio\Desktop\FRST64.exe
2014-04-22 19:46 - 2014-04-22 19:46 - 276463616 _____ () C:\Users\Sergio\Desktop\LSMADLH 2 - NUEVO COMIENZO - Episodio 1 de 200.mp4
2014-04-22 01:42 - 2014-04-22 01:42 - 00026772 _____ () C:\Users\Sergio\Desktop\One_Piece_493-496_[Shichibukai].torrent
2014-04-21 22:24 - 2014-04-21 22:24 - 00000000 ____D () C:\Users\Sergio\AppData\Local\Avg2014
2014-04-21 22:21 - 2014-04-22 19:42 - 00000056 _____ () C:\Windows\setupact.log
2014-04-21 22:21 - 2014-04-22 05:08 - 00005083 _____ () C:\Windows\WindowsUpdate.log
2014-04-21 22:21 - 2014-04-21 22:21 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-21 22:20 - 2014-04-21 22:20 - 00000000 ____D () C:\Users\Sergio\AppData\Roaming\TuneUp Software
2014-04-21 22:18 - 2014-04-21 22:22 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-04-21 22:16 - 2014-04-21 22:16 - 00109418 _____ () C:\Users\Sergio\Documents\cc_20140421_221635.reg
2014-04-21 21:47 - 2014-04-21 21:47 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-21 21:43 - 2014-04-21 21:43 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-04-21 21:43 - 2014-04-21 21:43 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-21 21:43 - 2014-04-21 21:43 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-21 21:43 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-21 21:43 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-21 21:43 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-21 21:42 - 2014-04-21 21:42 - 00002774 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-04-21 21:42 - 2014-04-21 21:42 - 00000000 ____D () C:\Program Files\CCleaner
2014-04-21 21:41 - 2014-04-21 21:41 - 32987560 _____ (TuneUp Software) C:\Users\Sergio\Desktop\TuneUpUtilities2014_es-ES.exe
2014-04-21 21:39 - 2014-04-21 21:39 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Sergio\Desktop\iExplore.exe
2014-04-21 06:00 - 2014-04-21 06:00 - 00063088 _____ (VMware, Inc.) C:\Windows\system32\vsocklib.dll
2014-04-21 06:00 - 2014-04-21 05:59 - 00050800 _____ (VMware, Inc.) C:\Windows\system32\vmhgfs.dll
2014-04-21 05:59 - 2014-04-21 05:59 - 00606208 _____ (Microsoft Corporation) C:\Windows\system32\mstime.dll
2014-04-21 05:59 - 2014-04-21 05:59 - 00053360 _____ (VMware, Inc.) C:\Windows\system32\vmGuestLib.dll
2014-04-21 05:59 - 2014-04-21 05:59 - 00034416 _____ (VMware, Inc.) C:\Windows\system32\vmGuestLibJava.dll
2014-04-21 05:58 - 2014-04-21 05:58 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\corpol.dll
2014-04-21 04:53 - 2014-04-21 04:54 - 00219248 _____ (VMware, Inc.) C:\Windows\SysWOW64\vm3dum.dll
2014-04-21 04:53 - 2014-04-21 04:53 - 03223152 _____ (VMware, Inc.) C:\Windows\SysWOW64\vm3dgl.dll
2014-04-21 04:53 - 2014-04-21 04:53 - 01060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll
2014-04-21 04:53 - 2014-04-21 04:53 - 01047552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71u.dll
2014-04-21 04:50 - 2014-04-21 05:44 - 00063088 _____ (VMware, Inc.) C:\Windows\SysWOW64\vsocklib.dll
2014-04-21 04:50 - 2014-04-21 05:44 - 00053360 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmGuestLib.dll
2014-04-21 04:50 - 2014-04-21 05:44 - 00050800 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmhgfs.dll
2014-04-21 04:50 - 2014-04-21 05:44 - 00034416 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmGuestLibJava.dll
2014-04-21 04:49 - 2014-04-21 05:43 - 00606208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstime.dll
2014-04-21 04:49 - 2014-04-21 05:43 - 00018432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\corpol.dll
2014-04-21 04:21 - 2014-04-21 04:21 - 00000000 ____D () C:\Users\Sergio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dll Suite 2013
2014-04-21 04:21 - 2014-04-21 04:21 - 00000000 ____D () C:\ProgramData\Weskysoft
2014-04-21 04:21 - 2014-04-21 04:21 - 00000000 ____D () C:\Program Files (x86)\DLLSuite
2014-04-21 04:20 - 2013-06-10 17:20 - 00000000 ____D () C:\Users\Sergio\Desktop\DLL.Suite.v2013.0.0.2054.incl.keygen-Vovan666
2014-04-21 03:46 - 2014-04-22 19:53 - 00003656 _____ () C:\Windows\System32\Tasks\RegWrite
2014-04-20 23:48 - 2014-04-20 23:48 - 00037177 _____ () C:\Users\Sergio\Desktop\[UnionFansub]Hidan no Aria (007 no Fansub).torrent
2014-04-18 23:25 - 2014-04-18 23:25 - 00017787 _____ () C:\Users\Sergio\Downloads\D5523435E9495FCFF8B186E5E1D5D2A1D60A1BA3.torrent
2014-04-18 23:24 - 2014-04-18 23:24 - 00027989 _____ () C:\Users\Sergio\Downloads\1719D80C7EC1931E91AEF2E37D6493B45208790E.torrent
2014-04-18 23:13 - 2014-04-18 23:13 - 00054605 _____ () C:\Users\Sergio\Downloads\[JPz Records] School Days.torrent
2014-04-18 23:09 - 2014-04-18 23:33 - 427375701 _____ () C:\Users\Sergio\Downloads\HA-309.rar
2014-04-18 23:06 - 2014-04-18 23:32 - 473361974 _____ () C:\Users\Sergio\Downloads\HA-308_2.rar
2014-04-10 01:56 - 2014-04-10 01:57 - 52451168 _____ () C:\Users\Sergio\Downloads\[Doutei] Mujaki no Rakuen Drama CD, Vol. 1 - Hiding in Paradise [D3ECBE3C].mkv
2014-04-10 01:54 - 2014-04-10 01:55 - 52378379 _____ () C:\Users\Sergio\Downloads\[Doutei] Mujaki no Rakuen Drama CD, Vol. 1 - Operation Escape From Paradise [FBBB5213].mkv
2014-04-06 02:45 - 2014-04-06 02:48 - 210761728 _____ () C:\Users\Sergio\Desktop\Mar.Age.SHIELD.116.avi
2014-03-28 22:26 - 2014-03-28 22:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-27 21:06 - 2014-03-27 21:07 - 00000000 ____D () C:\Users\Sergio\Downloads\[Mankitsu]_Mujaki_no_Rakuen_Vol04_ch23
2014-03-25 00:58 - 2014-03-25 00:58 - 00018606 _____ () C:\Users\Sergio\Downloads\[天観K] ロリ 動画 4 (よろず) RJ119743.rar.torrent

==================== One Month Modified Files and Folders =======

2014-04-22 19:53 - 2014-04-22 19:52 - 00013807 _____ () C:\Users\Sergio\Desktop\FRST.txt
2014-04-22 19:53 - 2014-04-21 03:46 - 00003656 _____ () C:\Windows\System32\Tasks\RegWrite
2014-04-22 19:52 - 2014-04-22 19:52 - 00000000 ____D () C:\FRST
2014-04-22 19:52 - 2014-04-22 19:51 - 04142142 _____ () C:\Users\Sergio\Desktop\tdsskiller.zip
2014-04-22 19:51 - 2014-04-22 19:50 - 02061312 _____ (Farbar) C:\Users\Sergio\Desktop\FRST64.exe
2014-04-22 19:48 - 2010-11-21 02:09 - 00694386 _____ () C:\Windows\system32\perfh00A.dat
2014-04-22 19:48 - 2010-11-21 02:09 - 00134448 _____ () C:\Windows\system32\perfc00A.dat
2014-04-22 19:48 - 2009-07-14 00:13 - 01530242 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-22 19:46 - 2014-04-22 19:46 - 276463616 _____ () C:\Users\Sergio\Desktop\LSMADLH 2 - NUEVO COMIENZO - Episodio 1 de 200.mp4
2014-04-22 19:45 - 2013-08-12 07:53 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-04-22 19:44 - 2013-06-11 15:08 - 00003510 _____ () C:\Windows\System32\Tasks\AutoKMS
2014-04-22 19:43 - 2013-06-11 17:27 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-04-22 19:42 - 2014-04-21 22:21 - 00000056 _____ () C:\Windows\setupact.log
2014-04-22 19:42 - 2013-06-12 13:33 - 00001032 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-22 19:42 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-22 05:12 - 2009-07-13 23:45 - 00038912 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-22 05:12 - 2009-07-13 23:45 - 00038912 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-22 05:08 - 2014-04-21 22:21 - 00005083 _____ () C:\Windows\WindowsUpdate.log
2014-04-22 04:13 - 2013-06-12 13:33 - 00001036 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-22 02:00 - 2013-06-11 17:59 - 00000000 ____D () C:\Users\Sergio\AppData\Local\Adobe
2014-04-22 01:42 - 2014-04-22 01:42 - 00026772 _____ () C:\Users\Sergio\Desktop\One_Piece_493-496_[Shichibukai].torrent
2014-04-21 22:24 - 2014-04-21 22:24 - 00000000 ____D () C:\Users\Sergio\AppData\Local\Avg2014
2014-04-21 22:22 - 2014-04-21 22:18 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-04-21 22:21 - 2014-04-21 22:21 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-21 22:20 - 2014-04-21 22:20 - 00000000 ____D () C:\Users\Sergio\AppData\Roaming\TuneUp Software
2014-04-21 22:16 - 2014-04-21 22:16 - 00109418 _____ () C:\Users\Sergio\Documents\cc_20140421_221635.reg
2014-04-21 22:14 - 2013-09-02 22:30 - 00000000 ____D () C:\Users\Sergio\AppData\Roaming\DAEMON Tools Lite
2014-04-21 22:14 - 2013-07-04 16:17 - 00000000 ____D () C:\Users\Sergio\AppData\Roaming\FileZilla
2014-04-21 22:14 - 2013-06-13 15:00 - 00000000 ____D () C:\Users\Sergio\AppData\Roaming\Sony
2014-04-21 22:14 - 2013-06-11 18:05 - 00000000 ____D () C:\Users\Sergio\AppData\Roaming\Azureus
2014-04-21 22:13 - 2013-06-11 07:46 - 00000000 ____D () C:\Windows\Panther
2014-04-21 21:47 - 2014-04-21 21:47 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-21 21:43 - 2014-04-21 21:43 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-04-21 21:43 - 2014-04-21 21:43 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-21 21:43 - 2014-04-21 21:43 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-21 21:42 - 2014-04-21 21:42 - 00002774 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-04-21 21:42 - 2014-04-21 21:42 - 00000000 ____D () C:\Program Files\CCleaner
2014-04-21 21:41 - 2014-04-21 21:41 - 32987560 _____ (TuneUp Software) C:\Users\Sergio\Desktop\TuneUpUtilities2014_es-ES.exe
2014-04-21 21:39 - 2014-04-21 21:39 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Sergio\Desktop\iExplore.exe
2014-04-21 06:00 - 2014-04-21 06:00 - 00063088 _____ (VMware, Inc.) C:\Windows\system32\vsocklib.dll
2014-04-21 05:59 - 2014-04-21 06:00 - 00050800 _____ (VMware, Inc.) C:\Windows\system32\vmhgfs.dll
2014-04-21 05:59 - 2014-04-21 05:59 - 00606208 _____ (Microsoft Corporation) C:\Windows\system32\mstime.dll
2014-04-21 05:59 - 2014-04-21 05:59 - 00053360 _____ (VMware, Inc.) C:\Windows\system32\vmGuestLib.dll
2014-04-21 05:59 - 2014-04-21 05:59 - 00034416 _____ (VMware, Inc.) C:\Windows\system32\vmGuestLibJava.dll
2014-04-21 05:58 - 2014-04-21 05:58 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\corpol.dll
2014-04-21 05:44 - 2014-04-21 04:50 - 00063088 _____ (VMware, Inc.) C:\Windows\SysWOW64\vsocklib.dll
2014-04-21 05:44 - 2014-04-21 04:50 - 00053360 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmGuestLib.dll
2014-04-21 05:44 - 2014-04-21 04:50 - 00050800 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmhgfs.dll
2014-04-21 05:44 - 2014-04-21 04:50 - 00034416 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmGuestLibJava.dll
2014-04-21 05:43 - 2014-04-21 04:49 - 00606208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstime.dll
2014-04-21 05:43 - 2014-04-21 04:49 - 00018432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\corpol.dll
2014-04-21 05:09 - 2014-03-04 03:10 - 00000000 ____D () C:\Users\Sergio\Desktop\Richar
2014-04-21 04:54 - 2014-04-21 04:53 - 00219248 _____ (VMware, Inc.) C:\Windows\SysWOW64\vm3dum.dll
2014-04-21 04:53 - 2014-04-21 04:53 - 03223152 _____ (VMware, Inc.) C:\Windows\SysWOW64\vm3dgl.dll
2014-04-21 04:53 - 2014-04-21 04:53 - 01060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll
2014-04-21 04:53 - 2014-04-21 04:53 - 01047552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71u.dll
2014-04-21 04:21 - 2014-04-21 04:21 - 00000000 ____D () C:\Users\Sergio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dll Suite 2013
2014-04-21 04:21 - 2014-04-21 04:21 - 00000000 ____D () C:\ProgramData\Weskysoft
2014-04-21 04:21 - 2014-04-21 04:21 - 00000000 ____D () C:\Program Files (x86)\DLLSuite
2014-04-20 23:48 - 2014-04-20 23:48 - 00037177 _____ () C:\Users\Sergio\Desktop\[UnionFansub]Hidan no Aria (007 no Fansub).torrent
2014-04-18 23:33 - 2014-04-18 23:09 - 427375701 _____ () C:\Users\Sergio\Downloads\HA-309.rar
2014-04-18 23:32 - 2014-04-18 23:06 - 473361974 _____ () C:\Users\Sergio\Downloads\HA-308_2.rar
2014-04-18 23:25 - 2014-04-18 23:25 - 00017787 _____ () C:\Users\Sergio\Downloads\D5523435E9495FCFF8B186E5E1D5D2A1D60A1BA3.torrent
2014-04-18 23:24 - 2014-04-18 23:24 - 00027989 _____ () C:\Users\Sergio\Downloads\1719D80C7EC1931E91AEF2E37D6493B45208790E.torrent
2014-04-18 23:13 - 2014-04-18 23:13 - 00054605 _____ () C:\Users\Sergio\Downloads\[JPz Records] School Days.torrent
2014-04-15 20:58 - 2013-06-12 23:04 - 00000000 ____D () C:\Users\Sergio\AppData\Roaming\Skype
2014-04-13 17:03 - 2013-12-14 20:30 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-13 17:03 - 2013-12-14 20:30 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-10 20:57 - 2014-02-11 18:49 - 00032232 _____ () C:\Users\Sergio\maxout.gnuplot
2014-04-10 20:57 - 2013-06-11 14:00 - 00000000 ____D () C:\Users\Sergio
2014-04-10 16:26 - 2014-02-13 01:12 - 00000000 ____D () C:\Users\Sergio\AppData\Roaming\CodeBlocks
2014-04-10 01:57 - 2014-04-10 01:56 - 52451168 _____ () C:\Users\Sergio\Downloads\[Doutei] Mujaki no Rakuen Drama CD, Vol. 1 - Hiding in Paradise [D3ECBE3C].mkv
2014-04-10 01:55 - 2014-04-10 01:54 - 52378379 _____ () C:\Users\Sergio\Downloads\[Doutei] Mujaki no Rakuen Drama CD, Vol. 1 - Operation Escape From Paradise [FBBB5213].mkv
2014-04-06 02:48 - 2014-04-06 02:45 - 210761728 _____ () C:\Users\Sergio\Desktop\Mar.Age.SHIELD.116.avi
2014-04-03 09:51 - 2014-04-21 21:43 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-21 21:43 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-21 21:43 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-31 04:08 - 2013-06-12 13:33 - 00004032 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-31 04:08 - 2013-06-12 13:33 - 00003780 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-30 17:15 - 2013-06-11 17:08 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-28 22:26 - 2014-03-28 22:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-27 21:07 - 2014-03-27 21:06 - 00000000 ____D () C:\Users\Sergio\Downloads\[Mankitsu]_Mujaki_no_Rakuen_Vol04_ch23
2014-03-25 00:58 - 2014-03-25 00:58 - 00018606 _____ () C:\Users\Sergio\Downloads\[天観K] ロリ 動画 4 (よろず) RJ119743.rar.torrent

Some content of TEMP:
====================
C:\Users\Sergio\AppData\Local\Temp\temp~.DLL
C:\Users\Sergio\AppData\Local\Temp\temp~.EXE


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-20 17:55

==================== End Of Log ============================

Secondly the FSRT Additional Log:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-04-2014
Ran by Sergio at 2014-04-22 19:53:45
Running from C:\Users\Sergio\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AS: avast! Antivirus (Enabled - Up to date) {904CF271-6431-DA47-5FCE-A87D98DFB681}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

4shared Desktop (HKLM-x32\...\4shared Desktop) (Version:  - )
Action! (HKLM-x32\...\Mirillis Action!) (Version: 1.12.1 - Mirillis)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Adobe Flash Professional CS6 (HKLM-x32\...\{BD5669B5-49FF-4490-B956-E9D7CB9B0ADC}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Aegisub 3.0.2 (HKLM-x32\...\{24BC8B57-716C-444F-B46B-A3349B9164C5}_is1) (Version: 3.0.2 - Aegisub Team)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version:  - Hidden Path Entertainment, Ensemble Studios)
AMD USB Filter Driver (x32 Version: 1.0.15.94 - Advanced Micro Devices, Inc.) Hidden
Apple Mobile Device Support (HKLM\...\{FE86CB0C-FCB3-4358-B4B0-B0A41E33B3DD}) (Version: 7.1.0.32 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{39745D89-A0A7-6BD4-9852-3FC08D03AF67}) (Version: 3.0.765.0 - ATI Technologies, Inc.)
aTube Catcher (HKLM-x32\...\aTube Catcher) (Version: 3.8.5187 - DsNET Corp)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 8.0.1489.0 - AVAST Software)
AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version:  - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Captcha Brotherhood (HKLM-x32\...\{CCD438F0-5D72-4945-9E72-6560C7E5E0D0}) (Version: 1.1.9 - Brotherhood Software)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2010.0302.2233.40412 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0302.2233.40412 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2010.0302.2233.40412 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2010.0302.2233.40412 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0302.2233.40412 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0302.2233.40412 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0302.2233.40412 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0302.2233.40412 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0302.2232.40412 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0302.2232.40412 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0302.2232.40412 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0302.2232.40412 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0302.2232.40412 - ATI) Hidden
CCC Help English (x32 Version: 2010.0302.2232.40412 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0302.2232.40412 - ATI) Hidden
CCC Help French (x32 Version: 2010.0302.2232.40412 - ATI) Hidden
CCC Help German (x32 Version: 2010.0302.2232.40412 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0302.2232.40412 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0302.2232.40412 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0302.2232.40412 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0302.2232.40412 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0302.2232.40412 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0302.2232.40412 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0302.2232.40412 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0302.2232.40412 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0302.2232.40412 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0302.2232.40412 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0302.2232.40412 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0302.2232.40412 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0302.2232.40412 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0302.2233.40412 - Nombre de su organización) Hidden
ccc-utility64 (Version: 2010.0302.2233.40412 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform)
CDisplay 1.8 (HKLM-x32\...\CDisplay_is1) (Version:  - dvd8n)
CodeBlocks (HKCU\...\CodeBlocks) (Version: 13.12 - The Code::Blocks Team)
Compatibilidad con Aplicaciones de Apple (HKLM-x32\...\{21FC2093-6E43-460B-B9B0-5F5AA35BBB0F}) (Version: 3.0 - Apple Inc.)
Compresor WinRAR (HKLM-x32\...\WinRAR archiver) (Version:  - )
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0337 - Disc Soft Ltd)
Dia (sólo eliminar) (HKLM-x32\...\Dia) (Version:  - )
DLL Suite 2013 (HKLM-x32\...\{885843E7-6CAC-4791-B7BF-1CD516017954}_is1) (Version:  - )
FileZilla Client 3.7.1.1 (HKLM-x32\...\FileZilla Client) (Version: 3.7.1.1 - Tim Kosse)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free Video Converter V 3.1 (HKLM-x32\...\Free Video Converter_is1) (Version: 3.1.0.0 - Koyote Soft)
Freenet (HKCU\...\Freenet) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
iTunes (HKLM\...\{96B53CA8-5ABB-49D8-96F1-F6C0D73A76C6}) (Version: 11.1.4.62 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Malwarebytes Anti-Malware versión 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
MathType 6 (HKLM-x32\...\DSMT6) (Version: 6.9 - Design Science, Inc.)
Maxima 5.31.2 (HKLM-x32\...\Maxima-5.31.2_is1) (Version: 5.31.2 - The Maxima Development Team)
MediaInfo 0.7.37 (32-bit) (HKLM-x32\...\MediaInfo) (Version: 0.7.37 - MediaArea.net)
Microsoft Office Access MUI (Spanish) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Spanish) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (Spanish) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Spanish) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Spanish) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Spanish) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Spanish) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Basque) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Catalan) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Galician) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Portuguese (Brazil)) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Spanish) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Spanish) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Spanish) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Spanish) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Spanish) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
MKVToolNix 6.3.0 (HKLM-x32\...\MKVToolNix) (Version: 6.3.0 - Moritz Bunkus)
Mozilla Firefox 28.0 (x86 es-MX) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 es-MX)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PDFTools Version 1.3 (08/26/2007) (HKLM-x32\...\PDFTools_is1) (Version: 1.3 - www.SheelApps.com - Sheel Khanna)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
RadiAnt DICOM Viewer (64-bit) (HKLM-x32\...\RadiAnt64) (Version: 1.9.4.7257 - Medixant)
Ralink RT3090 802.11b/g/n WiFi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: 3.01.16.1 - Ralink)
Rome Total War Gold Repack (HKLM-x32\...\Rome Total War Gold Repack) (Version:  - )
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.6.64 - Synaptics Incorporated)
System Requirements Lab Detection (HKLM-x32\...\{A407FC22-36BF-4C82-A516-59D94BC505A9}) (Version: 1.0.5.0 - Husdawg, LLC)
The KMPlayer (HKLM-x32\...\The KMPlayer) (Version: 3.6.0.87 - KMP Media co., Ltd)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
Vegas Pro 12.0 (64-bit) (HKLM\...\{A8582A9E-FE98-11E1-B899-F04DA23A5C58}) (Version: 12.0.367 - Sony)
VLC media player 1.1.10 (HKLM-x32\...\VLC media player) (Version: 1.1.10 - VideoLAN)
Vuze (HKLM-x32\...\8461-7759-5462-8226) (Version: 5.3.0.0 - Azureus Software, Inc.)

==================== Restore Points  =========================

22-04-2014 10:10:48 Quitado TuneUp Utilities 2014 (es-ES)

==================== Hosts content: ==========================

2009-07-13 21:34 - 2013-07-11 19:15 - 00000921 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 genuine.microsoft.com
127.0.0.1 mpa.one.microsoft.com
127.0.0.1 sls.microsoft.com


==================== Scheduled Tasks (whitelisted) =============

Task: {0968F50D-15D6-4C8C-A29A-E1F2FD19547D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-12] (Google Inc.)
Task: {0EB0105B-EB05-4806-B800-7E65F9F8F88C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-12] (Google Inc.)
Task: {19DFCB2E-DA76-48AE-9149-5C847C8B7C8A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-03-18] (Piriform Ltd)
Task: {41C7EC9B-144B-43B3-9D08-AA3DC863270D} - System32\Tasks\AdobeAAMUpdater-1.0-REYALEX-Sergio => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {6E0572F6-E00D-48E5-9589-441DDA41E475} - System32\Tasks\RegWrite => C:\Windows\system32\mshta.exe [2013-06-11] (Microsoft Corporation)
Task: {AEA89FA1-0991-460B-9F45-AA7DFF253010} - System32\Tasks\SystemBoot => C:\Windows\system32\mshta.exe [2013-06-11] (Microsoft Corporation)
Task: {C8DD8541-CAB1-4729-8721-209BD1035DE2} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-05-09] (AVAST Software)
Task: {DA2BBB1D-10A1-497E-A81B-AC7D46B5592A} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2013-06-11] ()
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2010-01-30 02:40 - 2010-01-30 02:40 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2013-06-11 14:30 - 2009-12-12 15:12 - 00052224 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2010-02-11 11:47 - 2010-02-11 11:47 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2013-06-11 15:34 - 2013-06-11 15:34 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-04-22 19:44 - 2014-04-22 13:32 - 02292224 _____ () C:\Program Files\AVAST Software\Avast\defs\14042201\algo.dll
2014-02-06 01:52 - 2014-02-06 01:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-06 01:52 - 2014-02-06 01:52 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-03-28 22:26 - 2014-03-28 22:26 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2010-01-30 02:41 - 2010-01-30 02:41 - 04254560 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-01-07 21:41 - 2014-04-21 17:55 - 00340480 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll
2014-04-22 19:44 - 2014-04-21 17:55 - 00471552 _____ () C:\Program Files (x86)\Steam\libavutil-53.dll
2013-07-01 08:20 - 2014-03-31 17:09 - 00754688 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2013-07-26 14:46 - 2014-04-21 18:42 - 01135808 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2013-07-15 14:32 - 2014-03-03 14:15 - 20626624 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2013-06-14 15:49 - 2013-06-14 18:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
2013-06-14 15:49 - 2013-06-14 18:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
2013-06-14 15:49 - 2013-06-14 18:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll
2014-04-13 17:03 - 2014-04-13 17:03 - 16351920 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:888AFB86

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: BDRegion => C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe
MSCONFIG\startupreg: PDVD9LanguageShortcut => "C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"
MSCONFIG\startupreg: RemoteControl9 => "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/22/2014 07:50:07 PM) (Source: SideBySide) (User: )
Description: Error al generar el contexto de activación para "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="&#x2a;",publicKeyToken="436865772d574741",type="win32",version="6.0.0.0"1".
No se encontró el ensamblado dependiente Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="&#x2a;",publicKeyToken="436865772d574741",type="win32",version="6.0.0.0".
Use sxstrace.exe para obtener un diagnóstico detallado.

Error: (04/22/2014 07:44:15 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/22/2014 07:42:43 PM) (Source: Winlogon) (User: )
Description: Error de activación de la licencia de Windows. Error 0x80070005.

Error: (04/22/2014 05:10:49 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Error en Servicios de cifrado mientras se procesaba el objeto "System Writer" de la llamada OnIdentity().


Details:
AddWin32ServiceFiles: Unable to back up image of service BlueStacks Log Rotator Service since QueryServiceConfig API failed

System Error:
El sistema no puede encontrar el archivo especificado.
.

Error: (04/22/2014 05:10:49 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Error en Servicios de cifrado mientras se procesaba el objeto "System Writer" de la llamada OnIdentity().


Details:
AddWin32ServiceFiles: Unable to back up image of service BlueStacks Android Service since QueryServiceConfig API failed

System Error:
El sistema no puede encontrar el archivo especificado.
.

Error: (04/22/2014 05:10:02 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Error en Servicios de cifrado mientras se procesaba el objeto "System Writer" de la llamada OnIdentity().


Details:
AddWin32ServiceFiles: Unable to back up image of service BlueStacks Log Rotator Service since QueryServiceConfig API failed

System Error:
El sistema no puede encontrar el archivo especificado.
.

Error: (04/22/2014 05:10:02 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Error en Servicios de cifrado mientras se procesaba el objeto "System Writer" de la llamada OnIdentity().


Details:
AddWin32ServiceFiles: Unable to back up image of service BlueStacks Android Service since QueryServiceConfig API failed

System Error:
El sistema no puede encontrar el archivo especificado.
.

Error: (04/21/2014 10:24:28 PM) (Source: Application Error) (User: )
Description: Nombre de la aplicación con errores: OneClick.exe, versión: 14.0.1000.91, marca de tiempo: 0x522053a6
Nombre del módulo con errores: TUDiskCleanerClass.bpl, versión: 14.0.1000.91, marca de tiempo: 0x52205394
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0002efbe
Id. del proceso con errores: 0x1164
Hora de inicio de la aplicación con errores: 0xOneClick.exe0
Ruta de acceso de la aplicación con errores: OneClick.exe1
Ruta de acceso del módulo con errores: OneClick.exe2
Id. del informe: OneClick.exe3

Error: (04/21/2014 10:19:13 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Error en Servicios de cifrado mientras se procesaba el objeto "System Writer" de la llamada OnIdentity().


Details:
AddWin32ServiceFiles: Unable to back up image of service BlueStacks Log Rotator Service since QueryServiceConfig API failed

System Error:
El sistema no puede encontrar el archivo especificado.
.

Error: (04/21/2014 10:19:13 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Error en Servicios de cifrado mientras se procesaba el objeto "System Writer" de la llamada OnIdentity().


Details:
AddWin32ServiceFiles: Unable to back up image of service BlueStacks Android Service since QueryServiceConfig API failed

System Error:
El sistema no puede encontrar el archivo especificado.
.


System errors:
=============
Error: (04/22/2014 07:45:32 PM) (Source: Service Control Manager) (User: )
Description: El servicio Steam Client Service no pudo iniciarse debido al siguiente error: 
%%1053

Error: (04/22/2014 07:45:32 PM) (Source: Service Control Manager) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Steam Client Service.

Error: (04/22/2014 07:42:44 PM) (Source: Service Control Manager) (User: )
Description: El servicio BlueStacks Hypervisor no pudo iniciarse debido al siguiente error: 
%%2

Error: (04/22/2014 04:37:59 AM) (Source: Service Control Manager) (User: )
Description: El servicio Servicio de notificación de SSP se cerró con el siguiente error: 
%%5

Error: (04/22/2014 03:38:00 AM) (Source: Service Control Manager) (User: )
Description: El servicio Servicio de notificación de SSP se cerró con el siguiente error: 
%%5

Error: (04/22/2014 02:37:59 AM) (Source: Service Control Manager) (User: )
Description: El servicio Servicio de notificación de SSP se cerró con el siguiente error: 
%%5

Error: (04/22/2014 01:38:00 AM) (Source: Service Control Manager) (User: )
Description: El servicio Servicio de notificación de SSP se cerró con el siguiente error: 
%%5

Error: (04/22/2014 00:37:59 AM) (Source: Service Control Manager) (User: )
Description: El servicio Servicio de notificación de SSP se cerró con el siguiente error: 
%%5

Error: (04/21/2014 11:38:00 PM) (Source: Service Control Manager) (User: )
Description: El servicio Servicio de notificación de SSP se cerró con el siguiente error: 
%%5

Error: (04/21/2014 10:37:59 PM) (Source: Service Control Manager) (User: )
Description: El servicio Servicio de notificación de SSP se cerró con el siguiente error: 
%%5


Microsoft Office Sessions:
=========================
Error: (04/22/2014 07:50:07 PM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="&#x2a;",publicKeyToken="436865772d574741",type="win32",version="6.0.0.0"C:\Windows\System32\systemcpl.dll

Error: (04/22/2014 07:44:15 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/22/2014 07:42:43 PM) (Source: Winlogon)(User: )
Description: 0x800700050x00000000

Error: (04/22/2014 05:10:49 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: 
Details:
AddWin32ServiceFiles: Unable to back up image of service BlueStacks Log Rotator Service since QueryServiceConfig API failed

System Error:
El sistema no puede encontrar el archivo especificado.

Error: (04/22/2014 05:10:49 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: 
Details:
AddWin32ServiceFiles: Unable to back up image of service BlueStacks Android Service since QueryServiceConfig API failed

System Error:
El sistema no puede encontrar el archivo especificado.

Error: (04/22/2014 05:10:02 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: 
Details:
AddWin32ServiceFiles: Unable to back up image of service BlueStacks Log Rotator Service since QueryServiceConfig API failed

System Error:
El sistema no puede encontrar el archivo especificado.

Error: (04/22/2014 05:10:02 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: 
Details:
AddWin32ServiceFiles: Unable to back up image of service BlueStacks Android Service since QueryServiceConfig API failed

System Error:
El sistema no puede encontrar el archivo especificado.

Error: (04/21/2014 10:24:28 PM) (Source: Application Error)(User: )
Description: OneClick.exe14.0.1000.91522053a6TUDiskCleanerClass.bpl14.0.1000.9152205394c00000050002efbe116401cf5dd9f9c9d91dC:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exeC:\Program Files (x86)\TuneUp Utilities 2014\TUDiskCleanerClass.bpl9c38ed27-c9cd-11e3-8378-002713d885a7

Error: (04/21/2014 10:19:13 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: 
Details:
AddWin32ServiceFiles: Unable to back up image of service BlueStacks Log Rotator Service since QueryServiceConfig API failed

System Error:
El sistema no puede encontrar el archivo especificado.

Error: (04/21/2014 10:19:13 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: 
Details:
AddWin32ServiceFiles: Unable to back up image of service BlueStacks Android Service since QueryServiceConfig API failed

System Error:
El sistema no puede encontrar el archivo especificado.


CodeIntegrity Errors:
===================================
  Date: 2014-04-22 19:42:41.910
  Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

  Date: 2014-04-21 22:05:57.843
  Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

  Date: 2014-04-21 21:30:31.622
  Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

  Date: 2014-04-21 17:41:53.184
  Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

  Date: 2014-04-21 15:15:27.157
  Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

  Date: 2014-04-21 10:16:43.138
  Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

  Date: 2014-04-21 09:10:30.054
  Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

  Date: 2014-04-20 23:04:39.661
  Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

  Date: 2014-04-20 15:09:03.432
  Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

  Date: 2014-04-20 14:51:31.653
  Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.


==================== Memory info =========================== 

Percentage of memory in use: 44%
Total physical RAM: 3834.9 MB
Available physical RAM: 2137.41 MB
Total Pagefile: 7668 MB
Available Pagefile: 5733.91 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:449.34 GB) (Free:142.06 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:16.12 GB) (Free:2.33 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32
Drive g: (Multimedia) (Fixed) (Total:1863.01 GB) (Free:307.95 GB) NTFS
Drive h: (Visual C++) (CDROM) (Total:0.73 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 514AC6D3)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=449 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=16 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)

========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: 705C9C47)
Partition 1: (Not Active) - (Size=-198627557376) - (Type=07 NTFS)

==================== End Of Log ============================

And finally, the TDSSKiller Log:

19:55:31.0931 0x10c0  TDSS rootkit removing tool 3.0.0.32 Apr 21 2014 18:31:25
19:55:39.0903 0x10c0  ============================================================
19:55:39.0903 0x10c0  Current date / time: 2014/04/22 19:55:39.0903
19:55:39.0903 0x10c0  SystemInfo:
19:55:39.0903 0x10c0  
19:55:39.0903 0x10c0  OS Version: 6.1.7601 ServicePack: 1.0
19:55:39.0903 0x10c0  Product type: Workstation
19:55:39.0903 0x10c0  ComputerName: REYALEX
19:55:39.0903 0x10c0  UserName: Sergio
19:55:39.0903 0x10c0  Windows directory: C:\Windows
19:55:39.0903 0x10c0  System windows directory: C:\Windows
19:55:39.0903 0x10c0  Running under WOW64
19:55:39.0903 0x10c0  Processor architecture: Intel x64
19:55:39.0903 0x10c0  Number of processors: 2
19:55:39.0903 0x10c0  Page size: 0x1000
19:55:39.0903 0x10c0  Boot type: Normal boot
19:55:39.0903 0x10c0  ============================================================
19:55:42.0415 0x10c0  KLMD registered as C:\Windows\system32\drivers\14542472.sys
19:55:42.0647 0x10c0  System UUID: {C28A7719-DC8D-BCBD-EE76-26C272E1F14F}
19:55:43.0445 0x10c0  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:55:43.0455 0x10c0  Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1115E00 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:55:43.0455 0x10c0  ============================================================
19:55:43.0455 0x10c0  \Device\Harddisk0\DR0:
19:55:43.0465 0x10c0  MBR partitions:
19:55:43.0465 0x10c0  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
19:55:43.0465 0x10c0  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x382B0800
19:55:43.0465 0x10c0  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x38314800, BlocksNum 0x203D800
19:55:43.0465 0x10c0  \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x3A352000, BlocksNum 0x33830
19:55:43.0465 0x10c0  \Device\Harddisk1\DR1:
19:55:43.0465 0x10c0  MBR partitions:
19:55:43.0465 0x10c0  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07000
19:55:43.0465 0x10c0  ============================================================
19:55:43.0485 0x10c0  C: <-> \Device\Harddisk0\DR0\Partition2
19:55:43.0525 0x10c0  D: <-> \Device\Harddisk0\DR0\Partition3
19:55:43.0535 0x10c0  E: <-> \Device\Harddisk0\DR0\Partition4
19:55:43.0845 0x10c0  G: <-> \Device\Harddisk1\DR1\Partition1
19:55:43.0845 0x10c0  ============================================================
19:55:43.0845 0x10c0  Initialize success
19:55:43.0845 0x10c0  ============================================================
19:55:53.0446 0x11b0  ============================================================
19:55:53.0446 0x11b0  Scan started
19:55:53.0446 0x11b0  Mode: Manual; 
19:55:53.0446 0x11b0  ============================================================
19:55:53.0446 0x11b0  KSN ping started
19:55:56.0387 0x11b0  KSN ping finished: true
19:56:00.0068 0x11b0  ================ Scan system memory ========================
19:56:00.0068 0x11b0  System memory - ok
19:56:00.0068 0x11b0  ================ Scan services =============================
19:56:00.0208 0x11b0  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
19:56:00.0218 0x11b0  1394ohci - ok
19:56:00.0268 0x11b0  [ 1CFFE9C06E66A57DAE1452E449A58240, F337852EEF9DCF33FB1B85EEF61FA8D28A780B13488B144DFAD2234FC24CB430 ] Accelerometer   C:\Windows\system32\DRIVERS\Accelerometer.sys
19:56:00.0278 0x11b0  Accelerometer - ok
19:56:00.0298 0x11b0  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
19:56:00.0308 0x11b0  ACPI - ok
19:56:00.0338 0x11b0  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
19:56:00.0338 0x11b0  AcpiPmi - ok
19:56:00.0408 0x11b0  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:56:00.0408 0x11b0  AdobeARMservice - ok
19:56:00.0478 0x11b0  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
19:56:00.0538 0x11b0  adp94xx - ok
19:56:00.0568 0x11b0  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
19:56:00.0578 0x11b0  adpahci - ok
19:56:00.0608 0x11b0  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
19:56:00.0618 0x11b0  adpu320 - ok
19:56:00.0648 0x11b0  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
19:56:00.0648 0x11b0  AeLookupSvc - ok
19:56:00.0688 0x11b0  [ D31DC7A16DEA4A9BAF179F3D6FBDB38C, 532678D86E3E667F2E789C4873565E0B92C549A93F10802BB6D5B505CA3238CE ] AFD             C:\Windows\system32\drivers\afd.sys
19:56:00.0718 0x11b0  AFD - ok
19:56:00.0738 0x11b0  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
19:56:00.0738 0x11b0  agp440 - ok
19:56:00.0758 0x11b0  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
19:56:00.0758 0x11b0  ALG - ok
19:56:00.0778 0x11b0  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
19:56:00.0778 0x11b0  aliide - ok
19:56:00.0818 0x11b0  [ B4143CB1DD16AE73C6177C72F33450A6, D675AEF56FF030314AB3B4F13A81D72272E67AE10E415058928182A3B8370FE1 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
19:56:00.0828 0x11b0  AMD External Events Utility - ok
19:56:00.0848 0x11b0  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
19:56:00.0848 0x11b0  amdide - ok
19:56:00.0868 0x11b0  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
19:56:00.0868 0x11b0  AmdK8 - ok
19:56:01.0132 0x11b0  [ D1D06810BF7E21F5763EB06CB7E7262B, 77DEEA2C76D1C3E65E3D4F1FB2C671195019E9B78336EA4E040565DB88228611 ] amdkmdag        C:\Windows\system32\DRIVERS\atipmdag.sys
19:56:01.0367 0x11b0  amdkmdag - ok
19:56:01.0404 0x11b0  [ 6BA71D6616B56816E57394D77DD1BB6F, 5250378D4CA31578D8E92DD4402E2AA34C2299EA2D9471AC5A9A7CEA46A54CB3 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
19:56:01.0414 0x11b0  amdkmdap - ok
19:56:01.0434 0x11b0  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
19:56:01.0434 0x11b0  AmdPPM - ok
19:56:01.0454 0x11b0  [ 6EC6D772EAE38DC17C14AED9B178D24B, B4FB936B31B1265B8CC6B426C64965C34D0CCF1638E645ACD65E88F4AFFC57A6 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
19:56:01.0454 0x11b0  amdsata - ok
19:56:01.0484 0x11b0  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
19:56:01.0484 0x11b0  amdsbs - ok
19:56:01.0504 0x11b0  [ 1142A21DB581A84EA5597B03A26EBAA0, F94EB140D0CD068760D7EB081FF75154C75DAC75E5E24B6DE4E4F9CE65A70343 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
19:56:01.0504 0x11b0  amdxata - ok
19:56:01.0534 0x11b0  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
19:56:01.0544 0x11b0  AppID - ok
19:56:01.0554 0x11b0  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
19:56:01.0564 0x11b0  AppIDSvc - ok
19:56:01.0594 0x11b0  [ 3977D4A871CA0D4F2ED1E7DB46829731, 2AF1C3225994769C3FD25CD7E9603964B035576F25B0B6D91545566E0722FFAA ] Appinfo         C:\Windows\System32\appinfo.dll
19:56:01.0594 0x11b0  Appinfo - ok
19:56:01.0704 0x11b0  [ F518545E5B7623AD49ABE7F8776EFA46, CD39B6EC0D80C6DB857F34D4AC5C31085271B51B8851A56FEFC052B20B7CC40C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:56:01.0704 0x11b0  Apple Mobile Device - ok
19:56:01.0764 0x11b0  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
19:56:01.0774 0x11b0  AppMgmt - ok
19:56:01.0784 0x11b0  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
19:56:01.0794 0x11b0  arc - ok
19:56:01.0814 0x11b0  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
19:56:01.0814 0x11b0  arcsas - ok
19:56:01.0854 0x11b0  [ 0BAEFD3F648C6E7AB52990DD9565E4E2, 5B33A0F08F9A5F78280B854694FC764A2EDA28E2F26D26B57417895E4008583D ] aswFsBlk        C:\Windows\system32\drivers\aswFsBlk.sys
19:56:01.0864 0x11b0  aswFsBlk - ok
19:56:01.0894 0x11b0  [ FA562F34ED6633C66170B09182B4C049, 3FD89D5CF9F95D41085E7BCAE834F8CA83FCE405F2246161DC62549D36BF5795 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
19:56:01.0894 0x11b0  aswMonFlt - ok
19:56:01.0914 0x11b0  [ 64E2BAB4096C13D2342BC4661C967E07, 967172302AB0EF6C4CE42F6C079916FD22F355829C9E3A17CF22B265FF2810BE ] aswRdr          C:\Windows\System32\Drivers\aswrdr2.sys
19:56:01.0914 0x11b0  aswRdr - ok
19:56:01.0924 0x11b0  [ 5573AA70993A2BB81525B1C704B88763, 895909C0BEEDF93BE532F1C989628C68A798703C614D0C458E2D0BB70B7C5E18 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
19:56:01.0934 0x11b0  aswRvrt - ok
19:56:01.0994 0x11b0  [ 8C0800CDB501CFC1164B286A0478DC10, 5B68140A7B5B6F4D02A15353996188A443B6FAE2A038E89E299F0E90979796F2 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
19:56:02.0054 0x11b0  aswSnx - ok
19:56:02.0094 0x11b0  [ 3815DB16CDA62190F5C0A65118F3D714, 40FA13AC64A8B27B5D83D38F950075F34BA950C05BD0D864C72A99C615AB477D ] aswSP           C:\Windows\system32\drivers\aswSP.sys
19:56:02.0114 0x11b0  aswSP - ok
19:56:02.0134 0x11b0  [ 29DD8E458A84171202AA4979364C30C0, AA7AFEB487F109D65A047FE77A4A1F75006A9DBE662DACCEB6BF76987D112766 ] aswTdi          C:\Windows\system32\drivers\aswTdi.sys
19:56:02.0144 0x11b0  aswTdi - ok
19:56:02.0164 0x11b0  [ 22F521108881DC59837F6FC614E0568F, 99EC002CC9D6C09AAF0D8200E6B157CC703FEBBF38C1B2D11F2464BAC46F53CF ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
19:56:02.0174 0x11b0  aswVmm - ok
19:56:02.0184 0x11b0  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
19:56:02.0184 0x11b0  AsyncMac - ok
19:56:02.0194 0x11b0  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
19:56:02.0194 0x11b0  atapi - ok
19:56:02.0254 0x11b0  [ 77C149E6D702737B2E372DEE166FAEF8, D18FEAE9D915D5F25B787B755F9C6321A9C9506D4F563DD637E3586401E36053 ] AtiHdmiService  C:\Windows\system32\drivers\AtiHdmi.sys
19:56:02.0264 0x11b0  AtiHdmiService - ok
19:56:02.0304 0x11b0  [ C07A040D6B5A42DD41EE386CF90974C8, 8D47815F99C79B795504C3172B5FBBDBA6AFACC004B17AA3954A06BE713FACAE ] AtiPcie         C:\Windows\system32\DRIVERS\AtiPcie.sys
19:56:02.0304 0x11b0  AtiPcie - ok
19:56:02.0364 0x11b0  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:56:02.0394 0x11b0  AudioEndpointBuilder - ok
19:56:02.0474 0x11b0  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
19:56:02.0494 0x11b0  AudioSrv - ok
19:56:02.0554 0x11b0  [ 28D6701C710AD7BA3CB95E75F8F1A9AA, 66EE8BC56E5043B5A84E1BA37D591EAD132BD949F03CA8092FDCC3E196AB39D0 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
19:56:02.0554 0x11b0  avast! Antivirus - ok
19:56:02.0584 0x11b0  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
19:56:02.0594 0x11b0  AxInstSV - ok
19:56:02.0654 0x11b0  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
19:56:02.0684 0x11b0  b06bdrv - ok
19:56:02.0724 0x11b0  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
19:56:02.0734 0x11b0  b57nd60a - ok
19:56:02.0774 0x11b0  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
19:56:02.0784 0x11b0  BDESVC - ok
19:56:02.0794 0x11b0  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
19:56:02.0804 0x11b0  Beep - ok
19:56:02.0854 0x11b0  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
19:56:02.0894 0x11b0  BFE - ok
19:56:02.0954 0x11b0  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
19:56:03.0024 0x11b0  BITS - ok
19:56:03.0054 0x11b0  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
19:56:03.0054 0x11b0  blbdrive - ok
19:56:03.0114 0x11b0  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:56:03.0144 0x11b0  Bonjour Service - ok
19:56:03.0164 0x11b0  [ 91CE0D3DC57DD377E690A2D324022B08, 61874463956C0BCA5139522F34E974E5F638A092E0FD5C59DD30DE61D9AB8B0E ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
19:56:03.0164 0x11b0  bowser - ok
19:56:03.0174 0x11b0  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
19:56:03.0174 0x11b0  BrFiltLo - ok
19:56:03.0194 0x11b0  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
19:56:03.0194 0x11b0  BrFiltUp - ok
19:56:03.0214 0x11b0  [ 8EF0D5C41EC907751B8429162B1239ED, 9CC25F1F93FACA6F6CE23F78EB58590C39A2E3C8A3ACDF400E8A9DE0757EADAE ] Browser         C:\Windows\System32\browser.dll
19:56:03.0224 0x11b0  Browser - ok
19:56:03.0254 0x11b0  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
19:56:03.0274 0x11b0  Brserid - ok
19:56:03.0294 0x11b0  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
19:56:03.0294 0x11b0  BrSerWdm - ok
19:56:03.0314 0x11b0  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
19:56:03.0314 0x11b0  BrUsbMdm - ok
19:56:03.0324 0x11b0  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
19:56:03.0324 0x11b0  BrUsbSer - ok
19:56:03.0374 0x11b0  BstHdDrv - ok
19:56:03.0394 0x11b0  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
19:56:03.0394 0x11b0  BthEnum - ok
19:56:03.0404 0x11b0  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
19:56:03.0404 0x11b0  BTHMODEM - ok
19:56:03.0434 0x11b0  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
19:56:03.0444 0x11b0  BthPan - ok
19:56:03.0494 0x11b0  [ 0D25B6D300BA26A5F2C3B2A8E96B158B, 45C4D18367BDBD85D442221286FE4E9EBC053F1927A32403B2DEBF95AD4E6676 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
19:56:03.0524 0x11b0  BTHPORT - ok
19:56:03.0544 0x11b0  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
19:56:03.0544 0x11b0  bthserv - ok
19:56:03.0574 0x11b0  [ 1F9912F8EC5BFA53432E71E150636A8A, D8DE353FA5A6B95EA1CBC79731657044C09BED38B831B8365DCCA8A6DEA67111 ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
19:56:03.0574 0x11b0  BTHUSB - ok
19:56:03.0594 0x11b0  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
19:56:03.0604 0x11b0  cdfs - ok
19:56:03.0625 0x11b0  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
19:56:03.0635 0x11b0  cdrom - ok
19:56:03.0665 0x11b0  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
19:56:03.0665 0x11b0  CertPropSvc - ok
19:56:03.0695 0x11b0  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
19:56:03.0705 0x11b0  circlass - ok
19:56:03.0735 0x11b0  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
19:56:03.0755 0x11b0  CLFS - ok
19:56:03.0825 0x11b0  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:56:03.0835 0x11b0  clr_optimization_v2.0.50727_32 - ok
19:56:03.0885 0x11b0  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:56:03.0895 0x11b0  clr_optimization_v2.0.50727_64 - ok
19:56:03.0915 0x11b0  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
19:56:03.0915 0x11b0  CmBatt - ok
19:56:03.0935 0x11b0  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
19:56:03.0935 0x11b0  cmdide - ok
19:56:03.0965 0x11b0  [ D5FEA92400F12412B3922087C09DA6A5, C8CD9215D26D3295FE487C96A4FC3F4C8AFED764AE9445D9858D7489823A8A2B ] CNG             C:\Windows\system32\Drivers\cng.sys
19:56:03.0995 0x11b0  CNG - ok
19:56:04.0025 0x11b0  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
19:56:04.0025 0x11b0  Compbatt - ok
19:56:04.0045 0x11b0  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
19:56:04.0045 0x11b0  CompositeBus - ok
19:56:04.0055 0x11b0  COMSysApp - ok
19:56:04.0075 0x11b0  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
19:56:04.0075 0x11b0  crcdisk - ok
19:56:04.0115 0x11b0  [ 15597883FBE9B056F276ADA3AD87D9AF, B347E0B11228E38313C59C8ED984253A8A1FF482ED137CF5F488C4AFD6B08857 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
19:56:04.0125 0x11b0  CryptSvc - ok
19:56:04.0185 0x11b0  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
19:56:04.0215 0x11b0  CSC - ok
19:56:04.0265 0x11b0  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
19:56:04.0305 0x11b0  CscService - ok
19:56:04.0350 0x11b0  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
19:56:04.0367 0x11b0  DcomLaunch - ok
19:56:04.0397 0x11b0  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
19:56:04.0407 0x11b0  defragsvc - ok
19:56:04.0437 0x11b0  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
19:56:04.0447 0x11b0  DfsC - ok
19:56:04.0477 0x11b0  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
19:56:04.0487 0x11b0  Dhcp - ok
19:56:04.0507 0x11b0  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
19:56:04.0507 0x11b0  discache - ok
19:56:04.0527 0x11b0  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
19:56:04.0537 0x11b0  Disk - ok
19:56:04.0567 0x11b0  [ CD55F5355D8F55D44C9F4ED875705BD6, 321C26E3CD9F376D30F05FBDF00E96399512ED705D867E8B14793D9CE69A1C1F ] Dnscache        C:\Windows\System32\dnsrslvr.dll
19:56:04.0577 0x11b0  Dnscache - ok
19:56:04.0607 0x11b0  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
19:56:04.0617 0x11b0  dot3svc - ok
19:56:04.0637 0x11b0  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
19:56:04.0647 0x11b0  DPS - ok
19:56:04.0687 0x11b0  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
19:56:04.0687 0x11b0  drmkaud - ok
19:56:04.0747 0x11b0  [ 6A0E850DDCB136AA3D2FB7234382DF12, C01863E95F45E1B74AC65C9CD12C8DC769299218255B3C94E3EBF58C4D79FEF3 ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
19:56:04.0757 0x11b0  dtsoftbus01 - ok
19:56:04.0817 0x11b0  [ F5BEE30450E18E6B83A5012C100616FD, 44D0577D159FC2BDF4EAD1DC2C7FD14925D075225EF97608CAC52DEE405B08FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
19:56:04.0877 0x11b0  DXGKrnl - ok
19:56:04.0927 0x11b0  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
19:56:04.0927 0x11b0  EapHost - ok
19:56:05.0059 0x11b0  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
19:56:05.0199 0x11b0  ebdrv - ok
19:56:05.0269 0x11b0  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] EFS             C:\Windows\System32\lsass.exe
19:56:05.0269 0x11b0  EFS - ok
19:56:05.0339 0x11b0  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
19:56:05.0369 0x11b0  ehRecvr - ok
19:56:05.0399 0x11b0  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
19:56:05.0399 0x11b0  ehSched - ok
19:56:05.0439 0x11b0  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
19:56:05.0459 0x11b0  elxstor - ok
19:56:05.0479 0x11b0  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
19:56:05.0479 0x11b0  ErrDev - ok
19:56:05.0519 0x11b0  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
19:56:05.0539 0x11b0  EventSystem - ok
19:56:05.0569 0x11b0  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
19:56:05.0569 0x11b0  exfat - ok
19:56:05.0609 0x11b0  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
19:56:05.0619 0x11b0  fastfat - ok
19:56:05.0659 0x11b0  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
19:56:05.0699 0x11b0  Fax - ok
19:56:05.0709 0x11b0  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
19:56:05.0709 0x11b0  fdc - ok
19:56:05.0729 0x11b0  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
19:56:05.0739 0x11b0  fdPHost - ok
19:56:05.0749 0x11b0  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
19:56:05.0749 0x11b0  FDResPub - ok
19:56:05.0769 0x11b0  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
19:56:05.0769 0x11b0  FileInfo - ok
19:56:05.0789 0x11b0  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
19:56:05.0789 0x11b0  Filetrace - ok
19:56:05.0809 0x11b0  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
19:56:05.0809 0x11b0  flpydisk - ok
19:56:05.0829 0x11b0  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
19:56:05.0839 0x11b0  FltMgr - ok
19:56:05.0889 0x11b0  [ B4447F606BB19FD8AD0BAFB59B90F5D9, 043E686029DE2710305852E3A416176E400F9FD5FB98E4F2A6F14C060FAABED5 ] FontCache       C:\Windows\system32\FntCache.dll
19:56:05.0939 0x11b0  FontCache - ok
19:56:05.0999 0x11b0  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:56:06.0009 0x11b0  FontCache3.0.0.0 - ok
19:56:06.0019 0x11b0  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
19:56:06.0029 0x11b0  FsDepends - ok
19:56:06.0039 0x11b0  [ E95EF8547DE20CF0603557C0CF7A9462, 55540B06B7B380CA2DA6EEE2D76C6CD6131ADB02B2D0B172A36536863A0C57B6 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
19:56:06.0039 0x11b0  Fs_Rec - ok
19:56:06.0079 0x11b0  [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
19:56:06.0089 0x11b0  fvevol - ok
19:56:06.0109 0x11b0  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
19:56:06.0109 0x11b0  gagp30kx - ok
19:56:06.0149 0x11b0  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:56:06.0149 0x11b0  GEARAspiWDM - ok
19:56:06.0199 0x11b0  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
19:56:06.0239 0x11b0  gpsvc - ok
19:56:06.0279 0x11b0  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:56:06.0289 0x11b0  gupdate - ok
19:56:06.0309 0x11b0  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:56:06.0309 0x11b0  gupdatem - ok
19:56:06.0329 0x11b0  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
19:56:06.0329 0x11b0  hcw85cir - ok
19:56:06.0379 0x11b0  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:56:06.0399 0x11b0  HdAudAddService - ok
19:56:06.0419 0x11b0  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
19:56:06.0419 0x11b0  HDAudBus - ok
19:56:06.0439 0x11b0  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
19:56:06.0439 0x11b0  HidBatt - ok
19:56:06.0459 0x11b0  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
19:56:06.0459 0x11b0  HidBth - ok
19:56:06.0479 0x11b0  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
19:56:06.0479 0x11b0  HidIr - ok
19:56:06.0499 0x11b0  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
19:56:06.0509 0x11b0  hidserv - ok
19:56:06.0539 0x11b0  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
19:56:06.0539 0x11b0  HidUsb - ok
19:56:06.0569 0x11b0  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
19:56:06.0569 0x11b0  hkmsvc - ok
19:56:06.0599 0x11b0  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:56:06.0619 0x11b0  HomeGroupListener - ok
19:56:06.0639 0x11b0  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:56:06.0659 0x11b0  HomeGroupProvider - ok
19:56:06.0679 0x11b0  [ 05712FDDBD45A5864EB326FAABC6A4E3, 8BACA990971A331E6EC7F896EF2404F09E381DAA3519FC6E3027C0DBD991BA7F ] hpdskflt        C:\Windows\system32\DRIVERS\hpdskflt.sys
19:56:06.0679 0x11b0  hpdskflt - ok
19:56:06.0699 0x11b0  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
19:56:06.0699 0x11b0  HpSAMD - ok
19:56:06.0719 0x11b0  [ AA036CC5F5221D9B915F4D4DCE74BA9A, B90B9F7753B45387AD56A7CE1365BEBC9EB67011B6D2F8C785717942133775AA ] hpsrv           C:\Windows\system32\Hpservice.exe
19:56:06.0729 0x11b0  hpsrv - ok
19:56:06.0759 0x11b0  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
19:56:06.0799 0x11b0  HTTP - ok
19:56:06.0819 0x11b0  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
19:56:06.0829 0x11b0  hwpolicy - ok
19:56:06.0839 0x11b0  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
19:56:06.0849 0x11b0  i8042prt - ok
19:56:06.0879 0x11b0  [ 3DF4395A7CF8B7A72A5F4606366B8C2D, 483588B8FC6E05488ED631C4E1CFC398553FEBFA2CD2BB527B4DF12D19774F80 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
19:56:06.0899 0x11b0  iaStorV - ok
19:56:06.0979 0x11b0  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:56:07.0039 0x11b0  idsvc - ok
19:56:07.0069 0x11b0  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
19:56:07.0069 0x11b0  iirsp - ok
19:56:07.0129 0x11b0  [ FCD84C381E0140AF901E58D48882D26B, 76955FFC230C801E8ED890E32076075F04CD6E5EC79E594FDE6D23797A36B406 ] IKEEXT          C:\Windows\System32\ikeext.dll
19:56:07.0169 0x11b0  IKEEXT - ok
19:56:07.0189 0x11b0  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
19:56:07.0189 0x11b0  intelide - ok
19:56:07.0219 0x11b0  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
19:56:07.0219 0x11b0  intelppm - ok
19:56:07.0239 0x11b0  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
19:56:07.0239 0x11b0  IPBusEnum - ok
19:56:07.0259 0x11b0  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:56:07.0269 0x11b0  IpFilterDriver - ok
19:56:07.0309 0x11b0  [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A23C4978F2974767 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
19:56:07.0339 0x11b0  iphlpsvc - ok
19:56:07.0359 0x11b0  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
19:56:07.0359 0x11b0  IPMIDRV - ok
19:56:07.0369 0x11b0  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
19:56:07.0369 0x11b0  IPNAT - ok
19:56:07.0429 0x11b0  [ 7E4F8065367AE5BA387262D57B868DF5, 3D09A778748D30AFD37B23603CCC151B028D505FF3CB7763CE393F6CFAED3A9E ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
19:56:07.0459 0x11b0  iPod Service - ok
19:56:07.0489 0x11b0  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
19:56:07.0489 0x11b0  IRENUM - ok
19:56:07.0509 0x11b0  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
19:56:07.0509 0x11b0  isapnp - ok
19:56:07.0529 0x11b0  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
19:56:07.0549 0x11b0  iScsiPrt - ok
19:56:07.0569 0x11b0  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
19:56:07.0569 0x11b0  kbdclass - ok
19:56:07.0589 0x11b0  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
19:56:07.0589 0x11b0  kbdhid - ok
19:56:07.0619 0x11b0  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] KeyIso          C:\Windows\system32\lsass.exe
19:56:07.0619 0x11b0  KeyIso - ok
19:56:07.0629 0x11b0  [ CCD53B5BD33CE0C889E830D839C8B66E, 51B7556DA7DAA0BC75E00E53099776016A55FAA115D5A4E6830E12A0A0869C10 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
19:56:07.0639 0x11b0  KSecDD - ok
19:56:07.0649 0x11b0  [ 9FF918A261752C12639E8AD4208D2C2F, B60F7A730C92F2BF7E85A6CA14DD7671AEECEE154CEC83B1E23EF268C25C9E5E ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
19:56:07.0659 0x11b0  KSecPkg - ok
19:56:07.0669 0x11b0  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
19:56:07.0669 0x11b0  ksthunk - ok
19:56:07.0719 0x11b0  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
19:56:07.0739 0x11b0  KtmRm - ok
19:56:07.0789 0x11b0  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
19:56:07.0809 0x11b0  LanmanServer - ok
19:56:07.0829 0x11b0  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:56:07.0839 0x11b0  LanmanWorkstation - ok
19:56:07.0869 0x11b0  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
19:56:07.0879 0x11b0  lltdio - ok
19:56:07.0909 0x11b0  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
19:56:07.0929 0x11b0  lltdsvc - ok
19:56:07.0949 0x11b0  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
19:56:07.0949 0x11b0  lmhosts - ok
19:56:07.0979 0x11b0  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
19:56:07.0979 0x11b0  LSI_FC - ok
19:56:07.0999 0x11b0  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
19:56:07.0999 0x11b0  LSI_SAS - ok
19:56:08.0019 0x11b0  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
19:56:08.0019 0x11b0  LSI_SAS2 - ok
19:56:08.0039 0x11b0  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
19:56:08.0039 0x11b0  LSI_SCSI - ok
19:56:08.0059 0x11b0  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
19:56:08.0069 0x11b0  luafv - ok
19:56:08.0099 0x11b0  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
19:56:08.0109 0x11b0  Mcx2Svc - ok
19:56:08.0129 0x11b0  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
19:56:08.0129 0x11b0  megasas - ok
19:56:08.0169 0x11b0  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
19:56:08.0189 0x11b0  MegaSR - ok
19:56:08.0239 0x11b0  Microsoft SharePoint Workspace Audit Service - ok
19:56:08.0249 0x11b0  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
19:56:08.0259 0x11b0  MMCSS - ok
19:56:08.0279 0x11b0  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
19:56:08.0279 0x11b0  Modem - ok
19:56:08.0299 0x11b0  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
19:56:08.0299 0x11b0  monitor - ok
19:56:08.0309 0x11b0  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
19:56:08.0319 0x11b0  mouclass - ok
19:56:08.0339 0x11b0  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
19:56:08.0339 0x11b0  mouhid - ok
19:56:08.0359 0x11b0  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
19:56:08.0369 0x11b0  mountmgr - ok
19:56:08.0399 0x11b0  [ AEE4E9CC59CDEB55B1ECB0E596E796BE, 674F6F38D86D238AFD6223E03A862F8B43DD8499FBC2D4B7A04E510EC5EACF3B ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:56:08.0409 0x11b0  MozillaMaintenance - ok
19:56:08.0439 0x11b0  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
19:56:08.0459 0x11b0  mpio - ok
19:56:08.0529 0x11b0  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
19:56:08.0539 0x11b0  mpsdrv - ok
19:56:08.0659 0x11b0  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
19:56:08.0709 0x11b0  MpsSvc - ok
19:56:08.0749 0x11b0  [ DC722758B8261E1ABAFD31A3C0A66380, 88BBE073E2CCD1DAB4656DDC53D5161E8A91D035ADAC1465D0CEBA86F1BB6D9A ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
19:56:08.0759 0x11b0  MRxDAV - ok
19:56:08.0779 0x11b0  [ FAF015B07E3A2874A790A39B7D2C579F, C614B0E80B38EBF7C670EEB833F5E476B33042097DA07206D6C5EE3E52B9A427 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
19:56:08.0779 0x11b0  mrxsmb - ok
19:56:08.0809 0x11b0  [ 08E2345DF129082BCDFFDC1440F9C00D, 2ADF69F49DF8C43D4440B6C8A62085C51518CA895A88D37264C60A0B4B1EC55F ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:56:08.0829 0x11b0  mrxsmb10 - ok
19:56:08.0849 0x11b0  [ 108D87409C5812EF47D81E22843E8C9D, CAE9B91B6BD1DF1552463BD63A06288F5D3E0B81B040BC1C7EC0C2A0119CCECA ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:56:08.0849 0x11b0  mrxsmb20 - ok
19:56:08.0869 0x11b0  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
19:56:08.0869 0x11b0  msahci - ok
19:56:08.0899 0x11b0  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
19:56:08.0899 0x11b0  msdsm - ok
19:56:08.0929 0x11b0  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
19:56:08.0929 0x11b0  MSDTC - ok
19:56:08.0959 0x11b0  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
19:56:08.0959 0x11b0  Msfs - ok
19:56:08.0969 0x11b0  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
19:56:08.0979 0x11b0  mshidkmdf - ok
19:56:08.0989 0x11b0  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
19:56:08.0999 0x11b0  msisadrv - ok
19:56:09.0029 0x11b0  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
19:56:09.0029 0x11b0  MSiSCSI - ok
19:56:09.0039 0x11b0  msiserver - ok
19:56:09.0059 0x11b0  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
19:56:09.0069 0x11b0  MSKSSRV - ok
19:56:09.0089 0x11b0  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
19:56:09.0089 0x11b0  MSPCLOCK - ok
19:56:09.0099 0x11b0  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
19:56:09.0109 0x11b0  MSPQM - ok
19:56:09.0129 0x11b0  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
19:56:09.0149 0x11b0  MsRPC - ok
19:56:09.0169 0x11b0  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
19:56:09.0169 0x11b0  mssmbios - ok
19:56:09.0179 0x11b0  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
19:56:09.0189 0x11b0  MSTEE - ok
19:56:09.0209 0x11b0  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
19:56:09.0209 0x11b0  MTConfig - ok
19:56:09.0229 0x11b0  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
19:56:09.0229 0x11b0  Mup - ok
19:56:09.0269 0x11b0  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
19:56:09.0299 0x11b0  napagent - ok
19:56:09.0349 0x11b0  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
19:56:09.0359 0x11b0  NativeWifiP - ok
19:56:09.0409 0x11b0  [ 79B47FD40D9A817E932F9D26FAC0A81C, 53E260B8BFC50BA45FA73BFCF4E58C233890D0EAA9DEFDCCBB55FD3EB992FF2D ] NDIS            C:\Windows\system32\drivers\ndis.sys
19:56:09.0479 0x11b0  NDIS - ok
19:56:09.0509 0x11b0  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
19:56:09.0519 0x11b0  NdisCap - ok
19:56:09.0549 0x11b0  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
19:56:09.0549 0x11b0  NdisTapi - ok
19:56:09.0569 0x11b0  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
19:56:09.0569 0x11b0  Ndisuio - ok
19:56:09.0589 0x11b0  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
19:56:09.0599 0x11b0  NdisWan - ok
19:56:09.0609 0x11b0  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
19:56:09.0609 0x11b0  NDProxy - ok
19:56:09.0630 0x11b0  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
19:56:09.0630 0x11b0  NetBIOS - ok
19:56:09.0650 0x11b0  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
19:56:09.0670 0x11b0  NetBT - ok
19:56:09.0690 0x11b0  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] Netlogon        C:\Windows\system32\lsass.exe
19:56:09.0690 0x11b0  Netlogon - ok
19:56:09.0730 0x11b0  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
19:56:09.0760 0x11b0  Netman - ok
19:56:09.0780 0x11b0  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
19:56:09.0810 0x11b0  netprofm - ok
19:56:09.0890 0x11b0  [ 813B7C722BA97E703D375ABA170E16CC, 9E1437C11CA2218C6A8B05C51F168F0896BB00FE7D7534BA80596AB67ED483DF ] netr28x         C:\Windows\system32\DRIVERS\netr28x.sys
19:56:09.0970 0x11b0  netr28x - ok
19:56:10.0012 0x11b0  [ 3E5A36127E201DDF663176B66828FAFE, 5A08BA9EFB1A72DF1DD839BA5FA2B8994012BA62A515588FF62333B33B60045B ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:56:10.0018 0x11b0  NetTcpPortSharing - ok
19:56:10.0052 0x11b0  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
19:56:10.0052 0x11b0  nfrd960 - ok
19:56:10.0082 0x11b0  [ 1EE99A89CC788ADA662441D1E9830529, 6B4FDD74BB81E12BD4B25A3E8AECB0FA77FA0075D454DD1D6DC1790ADF1F2AA8 ] NlaSvc          C:\Windows\System32\nlasvc.dll
19:56:10.0112 0x11b0  NlaSvc - ok
19:56:10.0132 0x11b0  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
19:56:10.0132 0x11b0  Npfs - ok
19:56:10.0152 0x11b0  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
19:56:10.0152 0x11b0  nsi - ok
19:56:10.0172 0x11b0  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
19:56:10.0172 0x11b0  nsiproxy - ok
19:56:10.0252 0x11b0  [ 05D78AA5CB5F3F5C31160BDB955D0B7C, E3CD3FAF52ED11A8FB96D667510F1EDCA49053705AA3A13F560F8F6EC995CA45 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
19:56:10.0342 0x11b0  Ntfs - ok
19:56:10.0422 0x11b0  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
19:56:10.0462 0x11b0  Null - ok
19:56:10.0562 0x11b0  [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48, 7738785DE8B50D69993F4408498B812D0283FEE5C04FF5B89C20F149B44E9737 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
19:56:10.0562 0x11b0  nvraid - ok
19:56:10.0602 0x11b0  [ F7CD50FE7139F07E77DA8AC8033D1832, DA96F4B15C8165E6AE1D00E03A062C66CA3A3089E4FF0E9E11CE00B154DD12EC ] nvstor          C:\Windows\system32\drivers\nvstor.sys
19:56:10.0612 0x11b0  nvstor - ok
19:56:10.0642 0x11b0  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
19:56:10.0652 0x11b0  nv_agp - ok
19:56:10.0692 0x11b0  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
19:56:10.0702 0x11b0  ohci1394 - ok
19:56:10.0732 0x11b0  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:56:10.0742 0x11b0  ose - ok
19:56:10.0982 0x11b0  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:56:11.0162 0x11b0  osppsvc - ok
19:56:11.0222 0x11b0  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
19:56:11.0242 0x11b0  p2pimsvc - ok
19:56:11.0282 0x11b0  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
19:56:11.0302 0x11b0  p2psvc - ok
19:56:11.0322 0x11b0  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
19:56:11.0322 0x11b0  Parport - ok
19:56:11.0352 0x11b0  [ 871EADAC56B0A4C6512BBE32753CCF79, F9FD9DBA55274BB72B897550988DCDFD0F2D9367BE641DFDE07D240052DDC180 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
19:56:11.0362 0x11b0  partmgr - ok
19:56:11.0382 0x11b0  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
19:56:11.0392 0x11b0  PcaSvc - ok
19:56:11.0412 0x11b0  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
19:56:11.0422 0x11b0  pci - ok
19:56:11.0432 0x11b0  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
19:56:11.0432 0x11b0  pciide - ok
19:56:11.0452 0x11b0  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
19:56:11.0462 0x11b0  pcmcia - ok
19:56:11.0482 0x11b0  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
19:56:11.0482 0x11b0  pcw - ok
19:56:11.0512 0x11b0  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
19:56:11.0552 0x11b0  PEAUTH - ok
19:56:11.0632 0x11b0  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
19:56:11.0692 0x11b0  PeerDistSvc - ok
19:56:11.0772 0x11b0  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
19:56:11.0772 0x11b0  PerfHost - ok
19:56:11.0852 0x11b0  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
19:56:11.0912 0x11b0  pla - ok
19:56:11.0964 0x11b0  [ B806E50427511BCF4AD8E8239C3E25FA, AB89B48ECCF90F701B314D18BE531CDA5ABE1636C17B994A5E4BE5AAC136B4E3 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
19:56:11.0984 0x11b0  PlugPlay - ok
19:56:12.0004 0x11b0  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
19:56:12.0004 0x11b0  PNRPAutoReg - ok
19:56:12.0034 0x11b0  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
19:56:12.0044 0x11b0  PNRPsvc - ok
19:56:12.0096 0x11b0  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
19:56:12.0126 0x11b0  PolicyAgent - ok
19:56:12.0146 0x11b0  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
19:56:12.0166 0x11b0  Power - ok
19:56:12.0207 0x11b0  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
19:56:12.0213 0x11b0  PptpMiniport - ok
19:56:12.0228 0x11b0  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
19:56:12.0228 0x11b0  Processor - ok
19:56:12.0258 0x11b0  [ 5C78838B4D166D1A27DB3A8A820C799A, BBF7E1D0B6754CF06BF3936671FDF5BF6E845CA5678D0940EA54E9212B539B7F ] ProfSvc         C:\Windows\system32\profsvc.dll
19:56:12.0278 0x11b0  ProfSvc - ok
19:56:12.0288 0x11b0  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] ProtectedStorage C:\Windows\system32\lsass.exe
19:56:12.0288 0x11b0  ProtectedStorage - ok
19:56:12.0318 0x11b0  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
19:56:12.0328 0x11b0  Psched - ok
19:56:12.0398 0x11b0  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
19:56:12.0478 0x11b0  ql2300 - ok
19:56:12.0530 0x11b0  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
19:56:12.0530 0x11b0  ql40xx - ok
19:56:12.0550 0x11b0  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
19:56:12.0570 0x11b0  QWAVE - ok
19:56:12.0600 0x11b0  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
19:56:12.0600 0x11b0  QWAVEdrv - ok
19:56:12.0622 0x11b0  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
19:56:12.0624 0x11b0  RasAcd - ok
19:56:12.0654 0x11b0  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
19:56:12.0664 0x11b0  RasAgileVpn - ok
19:56:12.0684 0x11b0  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
19:56:12.0684 0x11b0  RasAuto - ok
19:56:12.0704 0x11b0  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
19:56:12.0714 0x11b0  Rasl2tp - ok
19:56:12.0734 0x11b0  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
19:56:12.0764 0x11b0  RasMan - ok
19:56:12.0774 0x11b0  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
19:56:12.0784 0x11b0  RasPppoe - ok
19:56:12.0794 0x11b0  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
19:56:12.0804 0x11b0  RasSstp - ok
19:56:12.0824 0x11b0  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
19:56:12.0834 0x11b0  rdbss - ok
19:56:12.0854 0x11b0  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
19:56:12.0854 0x11b0  rdpbus - ok
19:56:12.0874 0x11b0  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
19:56:12.0874 0x11b0  RDPCDD - ok
19:56:12.0914 0x11b0  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
19:56:12.0914 0x11b0  RDPDR - ok
19:56:12.0934 0x11b0  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
19:56:12.0934 0x11b0  RDPENCDD - ok
19:56:12.0944 0x11b0  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
19:56:12.0944 0x11b0  RDPREFMP - ok
19:56:13.0004 0x11b0  [ 70CBA1A0C98600A2AA1863479B35CB90, 91A133297921B4955817176251AFC5283DA3C7D2099700C4C92ECC94DBE9A99E ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
19:56:13.0004 0x11b0  RdpVideoMiniport - ok
19:56:13.0044 0x11b0  [ 6D76E6433574B058ADCB0C50DF834492, A063D9F3771CBA3C2CA85B3D267C267C310698DEB2818E9C524B55CD74F921DB ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
19:56:13.0044 0x11b0  RDPWD - ok
19:56:13.0074 0x11b0  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
19:56:13.0100 0x11b0  rdyboost - ok
19:56:13.0126 0x11b0  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
19:56:13.0136 0x11b0  RemoteAccess - ok
19:56:13.0156 0x11b0  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
19:56:13.0166 0x11b0  RemoteRegistry - ok
19:56:13.0206 0x11b0  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
19:56:13.0206 0x11b0  RFCOMM - ok
19:56:13.0236 0x11b0  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
19:56:13.0236 0x11b0  RpcEptMapper - ok
19:56:13.0246 0x11b0  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
19:56:13.0256 0x11b0  RpcLocator - ok
19:56:13.0286 0x11b0  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
19:56:13.0306 0x11b0  RpcSs - ok
19:56:13.0486 0x11b0  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
19:56:13.0486 0x11b0  rspndr - ok
19:56:13.0536 0x11b0  [ BAEFEE35D27A5440D35092CE10267BEC, FB550D38C01E07B1170C52C1441874B56DD3BECB10CBE8E132EE3276A05C796E ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
19:56:13.0546 0x11b0  RTL8167 - ok
19:56:13.0556 0x11b0  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] SamSs           C:\Windows\system32\lsass.exe
19:56:13.0556 0x11b0  SamSs - ok
19:56:13.0576 0x11b0  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
19:56:13.0576 0x11b0  sbp2port - ok
19:56:13.0596 0x11b0  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
19:56:13.0616 0x11b0  SCardSvr - ok
19:56:13.0636 0x11b0  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
19:56:13.0636 0x11b0  scfilter - ok
19:56:13.0696 0x11b0  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
19:56:13.0766 0x11b0  Schedule - ok
19:56:13.0796 0x11b0  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
19:56:13.0796 0x11b0  SCPolicySvc - ok
19:56:13.0826 0x11b0  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
19:56:13.0836 0x11b0  SDRSVC - ok
19:56:13.0856 0x11b0  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
19:56:13.0856 0x11b0  secdrv - ok
19:56:13.0876 0x11b0  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
19:56:13.0876 0x11b0  seclogon - ok
19:56:13.0906 0x11b0  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
19:56:13.0916 0x11b0  SENS - ok
19:56:13.0936 0x11b0  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
19:56:13.0946 0x11b0  SensrSvc - ok
19:56:13.0956 0x11b0  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
19:56:13.0956 0x11b0  Serenum - ok
19:56:13.0986 0x11b0  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
19:56:13.0986 0x11b0  Serial - ok
19:56:13.0996 0x11b0  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
19:56:14.0006 0x11b0  sermouse - ok
19:56:14.0066 0x11b0  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
19:56:14.0076 0x11b0  SessionEnv - ok
19:56:14.0076 0x11b0  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
19:56:14.0086 0x11b0  sffdisk - ok
19:56:14.0086 0x11b0  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
19:56:14.0086 0x11b0  sffp_mmc - ok
19:56:14.0096 0x11b0  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
19:56:14.0096 0x11b0  sffp_sd - ok
19:56:14.0106 0x11b0  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
19:56:14.0106 0x11b0  sfloppy - ok
19:56:14.0136 0x11b0  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
19:56:14.0166 0x11b0  SharedAccess - ok
19:56:14.0196 0x11b0  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:56:14.0216 0x11b0  ShellHWDetection - ok
19:56:14.0236 0x11b0  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
19:56:14.0236 0x11b0  SiSRaid2 - ok
19:56:14.0256 0x11b0  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
19:56:14.0256 0x11b0  SiSRaid4 - ok
19:56:14.0306 0x11b0  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
19:56:14.0316 0x11b0  SkypeUpdate - ok
19:56:14.0346 0x11b0  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
19:56:14.0346 0x11b0  Smb - ok
19:56:14.0366 0x11b0  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
19:56:14.0376 0x11b0  SNMPTRAP - ok
19:56:14.0386 0x11b0  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
19:56:14.0386 0x11b0  spldr - ok
19:56:14.0426 0x11b0  [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler         C:\Windows\System32\spoolsv.exe
19:56:14.0476 0x11b0  Spooler - ok
19:56:14.0636 0x11b0  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
19:56:14.0776 0x11b0  sppsvc - ok
19:56:14.0806 0x11b0  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
19:56:14.0806 0x11b0  sppuinotify - ok
19:56:14.0846 0x11b0  [ 2098B8556D1CEC2ACA9A29CD479E3692, D5826407C64F18C16EB36E6F00787CFAFCD9B24B5BD8AD126AD01E6E4134966F ] srv             C:\Windows\system32\DRIVERS\srv.sys
19:56:14.0876 0x11b0  srv - ok
19:56:14.0906 0x11b0  [ D0F73A42040F21F92FD314B42AC5C9E7, A021C4318C9CFA594305458B2643BB0C22DDE1F3D51C93C9F3E7F7AB75B31278 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
19:56:14.0926 0x11b0  srv2 - ok
19:56:14.0956 0x11b0  [ 2BA8F3250828CCDB4204ECF2C6F40B6A, 22C4FBF9A87C46E69C48B681FF733D68D9CB7B7D73FB14C8C2A06E9009F9860E ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
19:56:14.0956 0x11b0  srvnet - ok
19:56:14.0986 0x11b0  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
19:56:14.0996 0x11b0  SSDPSRV - ok
19:56:15.0006 0x11b0  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
19:56:15.0016 0x11b0  SstpSvc - ok
19:56:15.0096 0x11b0  [ 8934225956FC9E7ABE6832D023EDE113, C39CF68810FBF5658BEB62353896F792366CF940D8602C59B65ED5071C88FF7D ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
19:56:15.0116 0x11b0  Steam Client Service - ok
19:56:15.0126 0x11b0  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
19:56:15.0136 0x11b0  stexstor - ok
19:56:15.0176 0x11b0  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
19:56:15.0216 0x11b0  stisvc - ok
19:56:15.0226 0x11b0  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
19:56:15.0226 0x11b0  swenum - ok
19:56:15.0308 0x11b0  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
19:56:15.0328 0x11b0  SwitchBoard - ok
19:56:15.0358 0x11b0  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
19:56:15.0388 0x11b0  swprv - ok
19:56:15.0398 0x11b0  Synth3dVsc - ok
19:56:15.0478 0x11b0  [ 961CFAC2A5318E212F459D651F28E0A4, 4FA1C9E3BD527E3B5AE9268955C48FDE8E75F33C333DC0AE768DAFE1F49D0B1B ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
19:56:15.0538 0x11b0  SynTP - ok
19:56:15.0688 0x11b0  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
19:56:15.0778 0x11b0  SysMain - ok
19:56:15.0798 0x11b0  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:56:15.0808 0x11b0  TabletInputService - ok
19:56:15.0848 0x11b0  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
19:56:15.0868 0x11b0  TapiSrv - ok
19:56:15.0898 0x11b0  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
19:56:15.0898 0x11b0  TBS - ok
19:56:15.0988 0x11b0  [ 509383E505C973ED7534A06B3D19688D, 520AE434CCE1D365A45B2035283A4AD915E98D28D06BD73822F6FF865C2AE7DF ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
19:56:16.0068 0x11b0  Tcpip - ok
19:56:16.0158 0x11b0  [ 509383E505C973ED7534A06B3D19688D, 520AE434CCE1D365A45B2035283A4AD915E98D28D06BD73822F6FF865C2AE7DF ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
19:56:16.0228 0x11b0  TCPIP6 - ok
19:56:16.0268 0x11b0  [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080005F2D82467784 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
19:56:16.0268 0x11b0  tcpipreg - ok
19:56:16.0288 0x11b0  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
19:56:16.0288 0x11b0  TDPIPE - ok
19:56:16.0318 0x11b0  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
19:56:16.0318 0x11b0  TDTCP - ok
19:56:16.0328 0x11b0  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
19:56:16.0338 0x11b0  tdx - ok
19:56:16.0348 0x11b0  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
19:56:16.0358 0x11b0  TermDD - ok
19:56:16.0398 0x11b0  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
19:56:16.0428 0x11b0  TermService - ok
19:56:16.0448 0x11b0  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
19:56:16.0458 0x11b0  Themes - ok
19:56:16.0478 0x11b0  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
19:56:16.0488 0x11b0  THREADORDER - ok
19:56:16.0508 0x11b0  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
19:56:16.0508 0x11b0  TrkWks - ok
19:56:16.0578 0x11b0  [ 370A6907DDF79532A39319492B1FA38A, 46AECC5160F04FC3FFE4D37B404CCBBD1C5DC1501C2CEEE8284FF544DBDF10F8 ] truecrypt       C:\Windows\system32\drivers\truecrypt.sys
19:56:16.0588 0x11b0  truecrypt - ok
19:56:16.0638 0x11b0  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:56:16.0638 0x11b0  TrustedInstaller - ok
19:56:16.0658 0x11b0  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30, CA302C2ED6A6BF4670BAAA4F5C14C0238CF0C80316856AA0DB053F4D593033AC ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
19:56:16.0668 0x11b0  tssecsrv - ok
19:56:16.0688 0x11b0  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
19:56:16.0698 0x11b0  TsUsbFlt - ok
19:56:16.0718 0x11b0  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
19:56:16.0728 0x11b0  TsUsbGD - ok
19:56:16.0728 0x11b0  tsusbhub - ok
19:56:16.0758 0x11b0  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
19:56:16.0768 0x11b0  tunnel - ok
19:56:16.0788 0x11b0  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
19:56:16.0788 0x11b0  uagp35 - ok
19:56:16.0818 0x11b0  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
19:56:16.0838 0x11b0  udfs - ok
19:56:16.0878 0x11b0  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
19:56:16.0888 0x11b0  UI0Detect - ok
19:56:16.0918 0x11b0  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
19:56:16.0918 0x11b0  uliagpkx - ok
19:56:16.0938 0x11b0  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
19:56:16.0948 0x11b0  umbus - ok
19:56:16.0968 0x11b0  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
19:56:16.0968 0x11b0  UmPass - ok
19:56:17.0018 0x11b0  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
19:56:17.0038 0x11b0  UmRdpService - ok
19:56:17.0078 0x11b0  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
19:56:17.0098 0x11b0  upnphost - ok
19:56:17.0118 0x11b0  [ 481DFF26B4DCA8F4CBAC1F7DCE1D6829, 5D6E404FE0AB875202CA1A3E8E9D2F4368DF6ACCFA1C872ECFAF8399CBA3A485 ] usbccgp         C:\Windows\system32\drivers\usbccgp.sys
19:56:17.0128 0x11b0  usbccgp - ok
19:56:17.0138 0x11b0  [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
19:56:17.0138 0x11b0  usbcir - ok
19:56:17.0158 0x11b0  [ 74EE782B1D9C241EFE425565854C661C, E8258EA65B0FCAD4E077B176E9D9324646B652D6E651241E397346A39770D065 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
19:56:17.0158 0x11b0  usbehci - ok
19:56:17.0198 0x11b0  [ 2C780746DC44A28FE67004DC58173F05, 9E0596CE35C7430A31A7E77B4D12A1F521B9ED8EB0614E6FB38403AC614C3EE3 ] usbfilter       C:\Windows\system32\DRIVERS\usbfilter.sys
19:56:17.0208 0x11b0  usbfilter - ok
19:56:17.0228 0x11b0  [ DC96BD9CCB8403251BCF25047573558E, 66EBF8A6B3BC0634F32DDCC8BA31F1EB5987E8C6853E1DC26005E3EED0945565 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
19:56:17.0248 0x11b0  usbhub - ok
19:56:17.0258 0x11b0  [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
19:56:17.0268 0x11b0  usbohci - ok
19:56:17.0278 0x11b0  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
19:56:17.0278 0x11b0  usbprint - ok
19:56:17.0308 0x11b0  [ D76510CFA0FC09023077F22C2F979D86, 5662281C6D515423255D3C262EA368DBAFC250235E535FBFA3E59D3487695439 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:56:17.0308 0x11b0  USBSTOR - ok
19:56:17.0328 0x11b0  [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
19:56:17.0328 0x11b0  usbuhci - ok
19:56:17.0348 0x11b0  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
19:56:17.0348 0x11b0  UxSms - ok
19:56:17.0368 0x11b0  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] VaultSvc        C:\Windows\system32\lsass.exe
19:56:17.0368 0x11b0  VaultSvc - ok
19:56:17.0388 0x11b0  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
19:56:17.0388 0x11b0  vdrvroot - ok
19:56:17.0418 0x11b0  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
19:56:17.0458 0x11b0  vds - ok
19:56:17.0468 0x11b0  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
19:56:17.0468 0x11b0  vga - ok
19:56:17.0508 0x11b0  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
19:56:17.0508 0x11b0  VgaSave - ok
19:56:17.0518 0x11b0  VGPU - ok
19:56:17.0548 0x11b0  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
19:56:17.0558 0x11b0  vhdmp - ok
19:56:17.0568 0x11b0  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
19:56:17.0568 0x11b0  viaide - ok
19:56:17.0588 0x11b0  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
19:56:17.0588 0x11b0  volmgr - ok
19:56:17.0618 0x11b0  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
19:56:17.0648 0x11b0  volmgrx - ok
19:56:17.0668 0x11b0  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
19:56:17.0678 0x11b0  volsnap - ok
19:56:17.0708 0x11b0  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
19:56:17.0718 0x11b0  vsmraid - ok
19:56:17.0788 0x11b0  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
19:56:17.0878 0x11b0  VSS - ok
19:56:17.0888 0x11b0  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
19:56:17.0898 0x11b0  vwifibus - ok
19:56:17.0908 0x11b0  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
19:56:17.0918 0x11b0  vwififlt - ok
19:56:17.0928 0x11b0  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
19:56:17.0938 0x11b0  vwifimp - ok
19:56:17.0958 0x11b0  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
19:56:17.0988 0x11b0  W32Time - ok
19:56:18.0008 0x11b0  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
19:56:18.0008 0x11b0  WacomPen - ok
19:56:18.0038 0x11b0  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
19:56:18.0038 0x11b0  WANARP - ok
19:56:18.0048 0x11b0  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
19:56:18.0048 0x11b0  Wanarpv6 - ok
19:56:18.0148 0x11b0  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
19:56:18.0218 0x11b0  wbengine - ok
19:56:18.0238 0x11b0  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
19:56:18.0258 0x11b0  WbioSrvc - ok
19:56:18.0288 0x11b0  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
19:56:18.0308 0x11b0  wcncsvc - ok
19:56:18.0328 0x11b0  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:56:18.0328 0x11b0  WcsPlugInService - ok
19:56:18.0348 0x11b0  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
19:56:18.0348 0x11b0  Wd - ok
19:56:18.0388 0x11b0  [ 441BD2D7B4F98134C3A4F9FA570FD250, FF20815273014C5A27C2B75E2C70FE674809293627056199F502DFDF4CECFCA1 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
19:56:18.0418 0x11b0  Wdf01000 - ok
19:56:18.0498 0x11b0  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
19:56:18.0508 0x11b0  WdiServiceHost - ok
19:56:18.0508 0x11b0  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
19:56:18.0518 0x11b0  WdiSystemHost - ok
19:56:18.0608 0x11b0  [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient       C:\Windows\System32\webclnt.dll
19:56:18.0638 0x11b0  WebClient - ok
19:56:18.0658 0x11b0  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
19:56:18.0679 0x11b0  Wecsvc - ok
19:56:18.0699 0x11b0  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
19:56:18.0709 0x11b0  wercplsupport - ok
19:56:18.0739 0x11b0  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
19:56:18.0749 0x11b0  WerSvc - ok
19:56:18.0769 0x11b0  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
19:56:18.0779 0x11b0  WfpLwf - ok
19:56:18.0799 0x11b0  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
19:56:18.0799 0x11b0  WIMMount - ok
19:56:18.0809 0x11b0  WinDefend - ok
19:56:18.0819 0x11b0  WinHttpAutoProxySvc - ok
19:56:18.0879 0x11b0  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
19:56:18.0889 0x11b0  Winmgmt - ok
19:56:18.0989 0x11b0  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
19:56:19.0069 0x11b0  WinRM - ok
19:56:19.0129 0x11b0  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
19:56:19.0129 0x11b0  WinUsb - ok
19:56:19.0179 0x11b0  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
19:56:19.0219 0x11b0  Wlansvc - ok
19:56:19.0249 0x11b0  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
19:56:19.0249 0x11b0  WmiAcpi - ok
19:56:19.0279 0x11b0  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
19:56:19.0289 0x11b0  wmiApSrv - ok
19:56:19.0299 0x11b0  WMPNetworkSvc - ok
19:56:19.0319 0x11b0  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
19:56:19.0329 0x11b0  WPCSvc - ok
19:56:19.0349 0x11b0  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
19:56:19.0359 0x11b0  WPDBusEnum - ok
19:56:19.0379 0x11b0  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
19:56:19.0379 0x11b0  ws2ifsl - ok
19:56:19.0399 0x11b0  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
19:56:19.0409 0x11b0  wscsvc - ok
19:56:19.0419 0x11b0  WSearch - ok
19:56:19.0539 0x11b0  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
19:56:19.0629 0x11b0  wuauserv - ok
19:56:19.0659 0x11b0  [ D3381DC54C34D79B22CEE0D65BA91B7C, 70DC4ADCA4C0C28BB133287511E329D1B6B9B97F96CDE5B1D2F1F59FE1A965D9 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
19:56:19.0669 0x11b0  WudfPf - ok
19:56:19.0689 0x11b0  [ CF8D590BE3373029D57AF80914190682, FB9641777E90A58C063FBE95F081DC6D2F4770827DE19108A9DC3E3D6B17B4BF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
19:56:19.0699 0x11b0  WUDFRd - ok
19:56:19.0719 0x11b0  [ 7A95C95B6C4CF292D689106BCAE49543, 9029F489E1E817CE12839B8C6656E46190497D445DC3F43C20CF96E5E6BD0691 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
19:56:19.0719 0x11b0  wudfsvc - ok
19:56:19.0749 0x11b0  [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc         C:\Windows\System32\wwansvc.dll
19:56:19.0769 0x11b0  WwanSvc - ok
19:56:19.0789 0x11b0  ================ Scan global ===============================
19:56:19.0819 0x11b0  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
19:56:19.0839 0x11b0  [ E0406AEF04B088D1C49FC78D0546F689, 7ADD4D1C174FAA5405BD94BAF104A5DD56BE00DBDC1ED9F069A95430A7B264AA ] C:\Windows\system32\winsrv.dll
19:56:19.0869 0x11b0  [ E0406AEF04B088D1C49FC78D0546F689, 7ADD4D1C174FAA5405BD94BAF104A5DD56BE00DBDC1ED9F069A95430A7B264AA ] C:\Windows\system32\winsrv.dll
19:56:19.0889 0x11b0  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
19:56:19.0929 0x11b0  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
19:56:19.0939 0x11b0  [ Global ] - ok
19:56:19.0939 0x11b0  ================ Scan MBR ==================================
19:56:19.0949 0x11b0  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:56:20.0289 0x11b0  \Device\Harddisk0\DR0 - ok
19:56:20.0299 0x11b0  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
19:56:20.0309 0x11b0  \Device\Harddisk1\DR1 - ok
19:56:20.0309 0x11b0  ================ Scan VBR ==================================
19:56:20.0319 0x11b0  [ FDB0502867B2CFB9CA0C5E7A8E415D4B ] \Device\Harddisk0\DR0\Partition1
19:56:20.0319 0x11b0  \Device\Harddisk0\DR0\Partition1 - ok
19:56:20.0319 0x11b0  [ 044D5667CCC1E23C0D5F61C9F1259688 ] \Device\Harddisk0\DR0\Partition2
19:56:20.0329 0x11b0  \Device\Harddisk0\DR0\Partition2 - ok
19:56:20.0329 0x11b0  [ BD7475A482E4559249A43031FFD964CD ] \Device\Harddisk0\DR0\Partition3
19:56:20.0339 0x11b0  \Device\Harddisk0\DR0\Partition3 - ok
19:56:20.0349 0x11b0  [ 86058FF742F9135AEB96AAFCEE24281F ] \Device\Harddisk0\DR0\Partition4
19:56:20.0349 0x11b0  \Device\Harddisk0\DR0\Partition4 - ok
19:56:20.0359 0x11b0  [ D4862DF808A167BAAC6E682A2147750A ] \Device\Harddisk1\DR1\Partition1
19:56:20.0429 0x11b0  \Device\Harddisk1\DR1\Partition1 - ok
19:56:20.0429 0x11b0  Waiting for KSN requests completion. In queue: 329
19:56:21.0429 0x11b0  Waiting for KSN requests completion. In queue: 329
19:56:22.0431 0x11b0  Waiting for KSN requests completion. In queue: 19
19:56:23.0471 0x11b0  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 8.0.1489.300 ), 0x41000 ( enabled : updated )
19:56:23.0501 0x11b0  Win FW state via NFP2: enabled
19:56:26.0391 0x11b0  ============================================================
19:56:26.0391 0x11b0  Scan finished
19:56:26.0391 0x11b0  ============================================================
19:56:26.0401 0x11a8  Detected object count: 0
19:56:26.0401 0x11a8  Actual detected object count: 0

For the record, when i did the scans, i had an external 2TB Hardrive connected.

 

 



#4 ----------------

----------------

    SuperMember

  • Authentic Member
  • PipPipPipPipPip
  • 1,095 posts

Posted 23 April 2014 - 04:23 AM

Your logs show obvious signs of having cracked software on your system. This is the main reason your computer is infected. Visiting cracksites/warezsites - and other questionable/illegal sites is always a risk.

Even a single click on the site can drop multiple forms of very serious malware, many of which disable your onboard protection, and System Restore.

If you install the cracked software, you are running executable files from these dubious, unknown sources. You are in effect giving these sources access to information on your hard disk, and potential control over the operation of your computer.

Additionally, cracked programs are illegal. Referring to the Forum Rules which you should have read at the time of Registering at this forum, this forum does not support illegal activity. As such, be advised that any request for assistance in removing malware may go unanswered, or may be discontinued, if the cracked (illegal) software is still present on the machine

Having said that we can help you clean your machine this time BUT this would be a ONCE ONLY offer on the understanding that all cracks are removed. This would apply not only here but at many other Malware Support forums if you were to appear again with cracks onboard, as many of us analysts work at multiple support sites. Please remove all cracked software and illegally obtained copyrighted material you have on the system so we may continue with the clean up.


Proud Member of UNITE & TB
 

#5 ReyAlex

ReyAlex

    New Member

  • New Member
  • Pip
  • 4 posts

Posted 23 April 2014 - 08:41 PM

Ok, i understand and i actually read the rules before registering, but i dont really know what programs are you talking about, yes i have a few cracked programs since i bought the computer like 3-4 years ago and i try to use freecode programs to avoid illegal issues with that kind of programs, so my question is, ¿what programs appears to be cracked? so i can delete them, thanks for help me and an apology for the cracked programs



#6 ----------------

----------------

    SuperMember

  • Authentic Member
  • PipPipPipPipPip
  • 1,095 posts

Posted 24 April 2014 - 04:09 AM

Please download this tool and save it to your desktop: http://go.microsoft....k/?linkid=52012

Run the file by double click and press the "Continue" button.

When the tool is finished, click the "Copy" button in the lower right corner.

Reply to your topic here, right click into the reply box and select paste.

Post up.

 

 

 

 

Scan with CKScanner

Download CKScanner by askey127 from Here & save it to your Desktop.

  • Right-click and Run as Administrator CKScanner.exe then click Search For Files
  • When the cursor hourglass disappears, click Save List To File
  • A message box will verify the file saved
  • Double-click the CKFiles.txt icon on your desktop then copy/paste the contents in your next reply


Proud Member of UNITE & TB
 

#7 ReyAlex

ReyAlex

    New Member

  • New Member
  • Pip
  • 4 posts

Posted 24 April 2014 - 02:24 PM

Ok, here it is from the first tool

Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->

Validation Code: 0
Cached Online Validation Code: N/A, hr = 0xc004f012
Windows Product Key: *****-*****-GJY49-VJBQ7-HYRR2
Windows Product Key Hash: W5/6nm6F2UPXrCkY5xUhXb/+21g=
Windows Product ID: 00426-OEM-8992662-00006
Windows Product ID Type: 2
Windows License Type: OEM SLP
Windows OS version: 6.1.7601.2.00010100.1.0.001
ID: {1F136C08-E099-4C7D-9E86-48C9BD2C0C2F}(1)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: N/A, hr = 0x80070002
Signed By: N/A, hr = 0x80070002
Product Name: Windows 7 Ultimate
Architecture: 0x00000009
Build lab: 7601.win7sp1_rtm.101119-1850
TTS Error: 
Validation Diagnostic: 
Resolution Status: N/A

Vista WgaER Data-->
ThreatID(s): N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002

Windows XP Notifications Data-->
Cached Result: N/A, hr = 0x80070002
File Exists: No
Version: N/A, hr = 0x80070002
WgaTray.exe Signed By: N/A, hr = 0x80070002
WgaLogon.dll Signed By: N/A, hr = 0x80070002

OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002

OGA Data-->
Office Status: 109 N/A
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3

Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
Default Browser: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed

File Scan Data-->
File Mismatch: C:\Windows\system32\wat\watadminsvc.exe[Hr = 0x80070003]
File Mismatch: C:\Windows\system32\wat\npwatweb.dll[Hr = 0x80070003]
File Mismatch: C:\Windows\system32\wat\watux.exe[Hr = 0x80070003]
File Mismatch: C:\Windows\system32\wat\watweb.dll[Hr = 0x80070003]
File Mismatch: C:\Windows\system32\sppcomapi.dll[6.1.7600.16384], Hr = 0x800b0100
File Mismatch: C:\Windows\system32\systemcpl.dll[6.1.7600.16384], Hr = 0x800b0100
File Mismatch: C:\Windows\system32\user32.dll[6.1.7600.16384], Hr = 0x800b0100

Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{1F136C08-E099-4C7D-9E86-48C9BD2C0C2F}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010100.1.0.001</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-HYRR2</PKey><PID>00426-OEM-8992662-00006</PID><PIDType>2</PIDType><SID>S-1-5-21-808852756-1975636472-1129221054</SID><SYSTEM><Manufacturer>Hewlett-Packard</Manufacturer><Model>HP Pavilion dv5 Notebook PC</Model></SYSTEM><BIOS><Manufacturer>Hewlett-Packard</Manufacturer><Version>F.03</Version><SMBIOSVersion major="2" minor="6"/><Date>20100430000000.000000+000</Date></BIOS><HWID>EDFE3207018400F4</HWID><UserLCID>080A</UserLCID><SystemLCID>0C0A</SystemLCID><TimeZone>Hora estándar central (México)(GMT-06:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>HPQOEM</OEMID><OEMTableID>SLIC-MPC</OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults>  

Spsys.log Content: 0x80070002

Licensing Data-->
Versión del Servicio de licencias de software: 6.1.7601.17514

Nombre: Windows(R) 7, Ultimate edition
Descripción: Windows Operating System - Windows(R) 7, OEM_SLP channel
Id. de activación: 7cfd4696-69a9-4af7-af36-ff3d12b6b6c8
Id. de aplicación: 55c92734-d682-4d71-983e-d6ec3f16059f
PID extendido: 00426-00178-926-600006-02-2058-7601.0000-1622013
Id. de instalación: 020026228755452852811132939372247131208350872255695760
Clave de producto parcial: HYRR2
Estado de la licencia: con licencia

Windows Activation Technologies-->
HrOffline: 0x00000000
HrOnline: N/A
HealthStatus: 0x0000000000000000
Event Time Stamp: N/A
ActiveX: Not Registered - 0x80040154
Admin Service: Not Registered - 0x80040154
HealthStatus Bitmask Output:


HWID Data-->
HWID Hash Current: OgAAAAIABAABAAEAAAACAAAABAABAAEA6GFCkncWpqhU+RRreHQQM6Jglm/qRQ5UElVgrIyDoKUYeQ==

OEM Activation 1.0 Data-->
N/A

OEM Activation 2.0 Data-->
BIOS valid for OA 2.0: yes
Windows marker version: 0x20001
OEMID and OEMTableID Consistent: yes
BIOS Information: 
  ACPI Table Name	OEMID Value	OEMTableID Value
  APIC			HPQOEM		SLIC-MPC
  FACP			HP    		SLIC-MPC
  HPET			HPQOEM		SLIC-MPC
  BOOT			HPQOEM		SLIC-MPC
  MCFG			HPQOEM		SLIC-MPC
  SLIC			HPQOEM		SLIC-MPC
  SSDT			AMD   		POWERNOW



And from the second tool

CKScanner 2.4 - Additional Security Risks - These are not necessarily bad
c:\users\sergio\desktop\cursos\programacion\hacking\cracking wi-fi al completo.pdf
c:\users\sergio\desktop\cursos\programacion\hacking\guía para crackear websites y homepages.pdf
c:\users\sergio\desktop\dll.suite.v2013.0.0.2054.incl.keygen-vovan666\dllsuite_setup_2013.exe
c:\users\sergio\desktop\dll.suite.v2013.0.0.2054.incl.keygen-vovan666\instrucciones.txt
c:\users\sergio\desktop\dll.suite.v2013.0.0.2054.incl.keygen-vovan666\keygen.exe
c:\users\sergio\desktop\dll.suite.v2013.0.0.2054.incl.keygen-vovan666\leeme importante.txt
c:\users\sergio\desktop\dll.suite.v2013.0.0.2054.incl.keygen-vovan666\www.compucalitv.com.url
c:\users\sergio\desktop\google sketchup pro 2013 v13.0.4124 en espaÑol\crack\crack.exe
c:\users\sergio\desktop\otros\linea 2\karafonts\borghs-cracked normal.ttf
c:\users\sergio\desktop\otros\linea 2\karafonts\lots of dead crack babies.ttf
c:\users\sergio\desktop\otros\linea 2\karafonts\marshmallow-cracked normal.ttf
c:\users\sergio\desktop\otros\linea 2\karafonts\newcrack.ttf
c:\users\sergio\documents\- resagados\your.uninstaller.pro.v7.4.2012.05_crkexe-fff\crack-fff\armaccess.dll
c:\users\sergio\documents\- resagados\your.uninstaller.pro.v7.4.2012.05_crkexe-fff\crack-fff\fff.nfo
c:\users\sergio\documents\- resagados\your.uninstaller.pro.v7.4.2012.05_crkexe-fff\crack-fff\file_id.diz
c:\users\sergio\documents\- resagados\your.uninstaller.pro.v7.4.2012.05_crkexe-fff\crack-fff\urmain.exe
c:\users\sergio\documents\nero\nero 7 ultra edition enhanced 7.5.9.0a eng + keygen + plugins\nero 7 ultra edition enhanced v7.5.9.0a eng keygen.exe
c:\users\sergio\documents\nero\nero 7 ultra edition enhanced 7.5.9.0a eng + keygen + plugins\nero photoshow express 4.exe
c:\users\sergio\documents\nero\nero 7 ultra edition enhanced 7.5.9.0a eng + keygen + plugins\nero v7.5.9.0a english no toolbar.exe
c:\users\sergio\documents\nero\nero 7 ultra edition enhanced 7.5.9.0a eng + keygen + plugins\nv4 content.exe
c:\users\sergio\documents\nero\nero 7 ultra edition enhanced 7.5.9.0a eng + keygen + plugins\readme1st.txt
c:\users\sergio\documents\programas y juegos portables\fifman13_victorval\skidrow crack.url
c:\users\sergio\documents\programas y juegos portables\jdownloader 0.4.936\jd\plugins\hoster\crackedcom.class
c:\users\sergio\documents\vegas pro 8.0\vegas pro 8.0 keygen.exe
c:\windows\autokms\autokms.exe
c:\windows\system32\slmgr.vbs.removewat
c:\windows\syswow64\slmgr.vbs.removewat
scanner sequence 3.ZZ.11.TLNAQZ
 ----- EOF ----- 


#8 ----------------

----------------

    SuperMember

  • Authentic Member
  • PipPipPipPipPip
  • 1,095 posts

Posted 29 April 2014 - 10:01 AM

Due to the evidence of cracked software on this system, this topic is closed now.


Proud Member of UNITE & TB
 

Related Topics



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users