[Infected by TrojanAgent]

Hello,

 

I removed the necessary programs, and i would like to thank you for helping me out! Your explanation was amazingly clear for a IT-noob like me, and i am very happy my computer is clean again. 

I hope not to contact you in the futur, but that is nothing personal ;-). 

 

Regards,

Dimi

[Infected by TrojanAgent]

Hello,

 

My bad, i missed the Security step. Here you go:

 

 Results of screen317's Security Check version 0.99.81  

 Windows Vista Service Pack 1 x64 (UAC is enabled)  

 Out of date service pack!! 

 Internet Explorer 7 Out of date! 

``````````````Antivirus/Firewall Check:`````````````` 

ESET NOD32 Antivirus 3.0   

 Antivirus up to date!   

`````````Anti-malware/Other Utilities Check:````````` 

 Java 6 Update 14  

 Java 6 Update 6  

 Java version out of Date! 

 Adobe Flash Player 12.0.0.77  

 Adobe Reader 9 Adobe Reader out of Date! 

 Mozilla Firefox 27.0.1 Firefox out of Date!  

 Google Chrome 33.0.1750.146  

 Google Chrome 33.0.1750.154  

````````Process Check: objlist.exe by Laurent````````  

 ESET NOD32 Antivirus egui.exe  

 ESET NOD32 Antivirus ekrn.exe  

`````````````````System Health check````````````````` 

 Total Fragmentation on Drive C:  % 

````````````````````End of Log`````````````````````` 

[Infected by TrojanAgent]

Hello,

 

I will be without internet/pc access for the next week, starting this afternoon. If i do not reply to the next steps, please do not shut down this thread, i will read/execute it asap (next weekend).

A huge thanks for the help!

 

gr.

Dimi

[Infected by TrojanAgent]

Hey Marius,

 

Thank you very much for spending your time on me. I will leave it to you to determine if my pc is clean again, but i am very happy to notice that the symptons (crazy downloading) are no longer present. I checked it with Netlimiter, and it was very strange to see that my antivirus (ESET) was downloading 24/24, 7/7 at high speeds, but this is completely over!

 

Regards,

 

Dimi

[Infected by TrojanAgent]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.1.3 (03.23.2014:1)

OS: Windows Vista Business x64

Ran by CZC8507XQB on vr 28/03/2014 at 19:01:11,65

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

~~~ Services

 

 

 

~~~ Registry Values

 

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL

 

 

 

~~~ Registry Keys

 

 

 

~~~ Files

 

 

 

~~~ Folders

 

 

 

~~~ FireFox

 

Successfully deleted: [File] C:\user.js

Emptied folder: C:\Users\CZC8507XQB\AppData\Roaming\mozilla\firefox\profiles\v05rurev.default\minidumps [34 files]

 

 

 

~~~ Event Viewer Logs were cleared

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on vr 28/03/2014 at 19:07:18,70

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[Infected by TrojanAgent]

Part 1: 

 

# AdwCleaner v3.022 - Report created 28/03/2014 at 18:13:03

# Updated 13/03/2014 by Xplode

# Operating System : Windows Vista Business Service Pack 1 (64 bits)

# Username : CZC8507XQB - P-CZC8507XQB

# Running from : C:\Users\CZC8507XQB\Downloads\adwcleaner.exe

# Option : Clean

 

***** [ Services ] *****

 

 

***** [ Files / Folders ] *****

 

[!] Folder Deleted : C:\Program Files (x86)\DAEMON Tools Toolbar

[!] Folder Deleted : C:\Windows\SysWOW64\AI_RecycleBin

File Deleted : C:\Users\CZC8507XQB\AppData\Roaming\Mozilla\Firefox\Profiles\v05rurev.default\user.js

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE

Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : HKCU\Software\Softonic

Key Deleted : HKCU\Software\YahooPartnerToolbar

Key Deleted : HKLM\Software\dt soft\daemon tools toolbar

Key Deleted : HKLM\Software\Funmoods

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Funmoods

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v7.0.6001.18639

 

Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]

Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [searchAssistant]

 

-\\ Mozilla Firefox v27.0.1 (nl)

 

[ File : C:\Users\CZC8507XQB\AppData\Roaming\Mozilla\Firefox\Profiles\v05rurev.default\prefs.js ]

 

Line Deleted : user_pref("extensions.funmoods_i.aflt", "ddrnw");

Line Deleted : user_pref("extensions.funmoods_i.dfltLng", "");

Line Deleted : user_pref("extensions.funmoods_i.dfltSrch", true);

Line Deleted : user_pref("extensions.funmoods_i.dnsErr", true);

Line Deleted : user_pref("extensions.funmoods_i.excTlbr", false);

Line Deleted : user_pref("extensions.funmoods_i.hmpg", true);

Line Deleted : user_pref("extensions.funmoods_i.id", "86dda43100000000000000216b2c7322");

Line Deleted : user_pref("extensions.funmoods_i.instlDay", "15374");

Line Deleted : user_pref("extensions.funmoods_i.instlRef", "");

Line Deleted : user_pref("extensions.funmoods_i.newTab", true);

Line Deleted : user_pref("extensions.funmoods_i.prdct", "funmoods");

Line Deleted : user_pref("extensions.funmoods_i.prtnrId", "funmoods");

Line Deleted : user_pref("extensions.funmoods_i.smplGrp", "none");

Line Deleted : user_pref("extensions.funmoods_i.srchPrvdr", "Search");

Line Deleted : user_pref("extensions.funmoods_i.tlbrId", "base");

Line Deleted : user_pref("extensions.funmoods_i.vrsn", "1.5.11.16");

Line Deleted : user_pref("extensions.funmoods_i.vrsnTs", "1.5.11.1615:57:40");

Line Deleted : user_pref("extensions.funmoods_i.vrsni", "1.5.11.16");

 

-\\ Google Chrome v33.0.1750.154

 

[ File : C:\Users\CZC8507XQB\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

 

*************************

 

AdwCleaner[R0].txt - [7320 octets] - [28/03/2014 18:11:08]

AdwCleaner[s0].txt - [5913 octets] - [28/03/2014 18:13:03]

 

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [5973 octets] ##########

[Infected by TrojanAgent]

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-03-2014

Ran by CZC8507XQB at 2014-03-27 17:59:16 Run:1

Running from C:\Users\CZC8507XQB\Downloads\FRST

Boot Mode: Normal

==============================================

 

Content of fixlist:

*****************

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run|42033

C:\PROGRA~3\LOCALS~1\Temp\mseqwbi.sc

C:\Users\CZC8507XQB\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000000

C:\Program Files (x86)\The Walking Dead Episode 5\steam_api.dll

C:\Users\CZC8507XQB\Downloads\Shockwave_Installer_Slim.exe

C:\Windows\System32\Adobe\Shockwave 12\gt.exe

C:\Windows\SysWOW64\Adobe\Shockwave 12\gt.exe

*****************

 

"C:\PROGRA~3\LOCALS~1\Temp\mseqwbi.sc" => File/Directory not found.

"C:\Users\CZC8507XQB\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000000" => File/Directory not found.

C:\Program Files (x86)\The Walking Dead Episode 5\steam_api.dll => Moved successfully.

C:\Users\CZC8507XQB\Downloads\Shockwave_Installer_Slim.exe => Moved successfully.

"C:\Windows\System32\Adobe\Shockwave 12\gt.exe" => File/Directory not found.

C:\Windows\SysWOW64\Adobe\Shockwave 12\gt.exe => Moved successfully.

 

==== End of Fixlog ====

[Infected by TrojanAgent]

Never mind, i found it in one of your others posts. On it!

[Infected by TrojanAgent]

Hello,

 

What is FRST? I just google FRST.exe? 

[Infected by TrojanAgent]

C:\Program Files (x86)\The Walking Dead Episode 5\steam_api.dll a variant of Win32/HackTool.Crack.BQ potentially unsafe application

C:\Users\CZC8507XQB\Downloads\Shockwave_Installer_Slim.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application

C:\Windows\System32\Adobe\Shockwave 12\gt.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application

C:\Windows\SysWOW64\Adobe\Shockwave 12\gt.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application

[Infected by TrojanAgent]

I just finnished the scan with Malwarebytes. I will start the ESET scan now. Here is the Malwarebytes Log. 

Small note: I had the same result before, but a second scan shows the same (2) found items. 

 

 

Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org

 

Databaseversie: v2014.03.23.06

 

Windows Vista Service Pack 1 x64 NTFS

Internet Explorer 7.0.6001.18000

CZC8507XQB :: P-CZC8507XQB [administrator]

 

25/03/2014 17:23:48

mbam-log-2014-03-25 (17-23-48).txt

 

Scan type: Volledige scan (C:\|Z:\|)

Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM

Uitgeschakelde scan opties: P2P

Objecten gescand: 614635

Verstreken tijd: 1 uur/uren, 43 minuut/minuten, 17 seconde(n)

 

Geheugenprocessen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

 

Geheugenmodulen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

 

Registersleutels gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

 

Registerwaarden gedetecteerd: 1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run|42033 (Trojan.Agent) -> Data: C:\PROGRA~3\LOCALS~1\Temp\mseqwbi.scr -> Zal worden verwijderd tijdens het herstarten.

 

Registerdata gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

 

Mappen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

 

Bestanden gedetecteerd: 1

C:\Users\CZC8507XQB\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000000 (PUP.Optional.OneClickDownloader.A) -> Succesvol in quarantaine geplaatst en verwijderd.

 

(einde)

[Infected by TrojanAgent]

I do not know if it is relevant, but i started the scan before i went to bed, and by the time i woke up, my pc was shut down as i did not notice my adapter was not completely connected... I read the scan takes about 10 ~ 20 minutes, so i doubt it influenced anything, but what do i know about it . 

 

gr.

Dimi

 

ComboFix 14-03-23.01 - CZC8507XQB 23/03/2014  22:24:44.1.2 - x64

Microsoft® Windows Vista™ Business   6.0.6001.1.1252.32.1043.18.4090.2039 [GMT 1:00]

Gestart vanuit: c:\users\CZC8507XQB\Desktop\ComboFix.exe

AV: ESET NOD32 Antivirus 3.0 *Disabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}

SP: ESET NOD32 Antivirus 3.0 *Disabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((   Andere Verwijderingen   )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

C:\install.exe

c:\programdata\Local Settings\Temp

c:\users\CZC8507XQB\AppData\Roaming\4555.ini

c:\windows\SysWow64\drivers\npf.sys

.

.

(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

-------\Service_npf

.

.

((((((((((((((((((((   Bestanden Gemaakt van 2014-02-24 to 2014-03-24  ))))))))))))))))))))))))))))))

.

.

2014-03-23 21:36 . 2014-03-23 21:38 -------- d-----w- c:\users\postgres\AppData\Local\temp

2014-03-23 21:36 . 2014-03-23 21:36 -------- d-----w- c:\users\Default\AppData\Local\temp

2014-03-23 21:36 . 2014-03-23 21:36 -------- d-----w- c:\users\Administrator\AppData\Local\temp

2014-03-21 17:12 . 2014-03-07 04:43 10521840 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{AC838CBA-5F16-483C-8352-0A9BA8C3FA1B}\mpengine.dll

2014-03-16 09:15 . 2014-03-16 09:15 -------- d-----w- c:\users\CZC8507XQB\AppData\Local\Skype

2014-03-16 09:15 . 2014-03-16 09:15 -------- d-----w- c:\program files (x86)\Common Files\Skype

.

.

.

(((((((((((((((((((((((((((((((((((((((   Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2014-03-19 18:47 . 2006-11-02 12:35 90015360 ----a-w- c:\windows\system32\mrt.exe

2014-03-12 19:47 . 2013-03-19 18:23 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2014-03-12 19:47 . 2011-08-12 20:08 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2014-01-06 19:23 . 2014-01-06 19:23 4558848 ----a-w- c:\windows\SysWow64\GPhotos.scr

.

.

(((((((((((((((((((((((((((((((((((((   Reg Opstartpunten   )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond 

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-03-17 2289664]

"Steam"="c:\program files (x86)\Steam\steam.exe" [2014-02-25 1821888]

"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-02-10 20922016]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]

"QlbCtrl.exe"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-06-03 177456]

"HP Health Check Scheduler"="c:\program files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-06-16 75008]

"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]

"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2008-05-12 318488]

"hpWirelessAssistant"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 488752]

"WatchDog"="c:\program files (x86)\InterVideo\DVD Check\DVDCheck.exe" [2008-05-23 197904]

"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]

"SoundMAXPnP"="c:\program files (x86)\Analog Devices\Core\smax4pnp.exe" [2008-10-16 1310720]

"Config"="c:\program files (x86)\Microsoft Games\Age Of Empires ii\Config.exe" [2006-07-06 151552]

"SunJavaUpdateSched"="c:\program files (x86)\Java\jre6\bin\jusched.exe" [2009-05-21 148888]

"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2013-05-08 41056]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-6-19 994856]

DVD Check.lnk - c:\program files (x86)\InterVideo\DVD Check\DVDCheck.exe [2009-1-6 197904]

McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.141\SSScheduler.exe [2014-1-16 329944]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP]

2008-04-21 10:48 69632 ----a-w- c:\windows\System32\DeviceNP.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

--- Andere Services/Drivers In Geheugen ---

.

*NewlyCreated* - WS2IFSL

.

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs

Themes

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]

2008-03-17 16:56 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2014-03-15 17:37 1150280 ----a-w- c:\program files (x86)\Google\Chrome\Application\33.0.1750.154\Installer\chrmstp.exe

.

Inhoud van de 'Gedeelde Taken' map

.

2014-03-23 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-19 19:47]

.

2014-03-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-01-23 20:13]

.

2014-03-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-01-23 20:13]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-03-27 1234216]

"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-06-20 178712]

"snuvcdsm"="c:\windows\snuvcdsm.exe" [2008-10-09 27176]

"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-10-07 1923640]

.

------- Bijkomende Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

mLocal Page = %SystemRoot%\system32\blank.htm

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000

IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

IE: {{878AC5FC-BE78-4bae-896C-7F75B790A71E} - c:\program files (x86)\PokerStars.BE\PokerStarsUpdate.exe

TCP: DhcpNameServer = 195.130.131.2 195.130.130.130

FF - ProfilePath - c:\users\CZC8507XQB\AppData\Roaming\Mozilla\Firefox\Profiles\v05rurev.default\

FF - user.js: extensions.funmoods_i.hmpg - true

FF - user.js: extensions.funmoods_i.dfltSrch - true

FF - user.js: extensions.funmoods_i.srchPrvdr - Search

FF - user.js: extensions.funmoods_i.dnsErr - true

FF - user.js: extensions.funmoods_i.newTab - true

FF - user.js: extensions.funmoods_i.id - 86dda43100000000000000216b2c7322

FF - user.js: extensions.funmoods_i.instlDay - 15374

FF - user.js: extensions.funmoods_i.vrsn - 1.5.11.16

FF - user.js: extensions.funmoods_i.vrsni - 1.5.11.16

FF - user.js: extensions.funmoods_i.vrsnTs - 1.5.11.1615:57

FF - user.js: extensions.funmoods_i.prtnrId - funmoods

FF - user.js: extensions.funmoods_i.prdct - funmoods

FF - user.js: extensions.funmoods_i.aflt - ddrnw

FF - user.js: extensions.funmoods_i.smplGrp - none

FF - user.js: extensions.funmoods_i.tlbrId - base

FF - user.js: extensions.funmoods_i.instlRef - 

FF - user.js: extensions.funmoods_i.dfltLng - 

FF - user.js: extensions.funmoods_i.excTlbr - false

.

- - - - ORPHANS VERWIJDERD - - - -

.

ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)

Wow6432Node-HKCU-Run-Utopia Angel - c:\utopia\Angel\Angel.exe

Wow6432Node-HKCU-Run-IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - c:\program files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe

Wow6432Node-HKCU-Run-WMPNSCFG - c:\program files (x86)\Windows Media Player\WMPNSCFG.exe

Wow6432Node-HKLM-Run-NBKeyScan - c:\program files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe

Wow6432Node-HKLM-Explorer_Run-42033 - c:\progra~3\LOCALS~1\Temp\mseqwbi.scr

ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)

ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)

ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)

ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)

AddRemove-unibetpoker (Poker) - c:\microgaming\Poker\unibetpokerMPP\install.exe

.

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\pdfcDispatcher]

"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.12"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]

@Denied: (A 2) (Everyone)

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]

@="Shockwave Flash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]

@Denied: (A 2) (Everyone)

@=""

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]

@="FlashBroker"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes]

"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,

   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

"MSCurrentCountry"=dword:000000b5

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\program files\BrAutomation\AsTools\BrAuthorization\BrAuthorizationSvc.exe

c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe

c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe

c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe

c:\program files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe

c:\program files (x86)\PDF Complete\pdfsvc.exe

c:\program files (x86)\PostgreSQL\8.3\bin\pg_ctl.exe

c:\program files (x86)\PostgreSQL\8.3\bin\postgres.exe

c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe

c:\program files (x86)\PostgreSQL\8.3\bin\postgres.exe

c:\program files (x86)\PostgreSQL\8.3\bin\postgres.exe

c:\program files (x86)\PostgreSQL\8.3\bin\postgres.exe

c:\program files (x86)\PostgreSQL\8.3\bin\postgres.exe

c:\program files (x86)\PostgreSQL\8.3\bin\postgres.exe

c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe

c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe

c:\windows\SysWOW64\WerFault.exe

c:\program files (x86)\Common Files\Steam\SteamService.exe

.

**************************************************************************

.

Voltooingstijd: 2014-03-24  17:57:21 - machine werd herstart

ComboFix-quarantined-files.txt  2014-03-24 16:57

.

Pre-Run: 16.279.990.272 bytes free

Post-Run: 17.609.412.608 bytes free

.

- - End Of File - - 11FAA8CA054DE22E50B9424F66200B80

5C616939100B85E558DA92B899A0FC36

[Infected by TrojanAgent]

21:17:50.0754 0x1080  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys

21:17:50.0756 0x1080  secdrv - ok

21:17:50.0769 0x1080  [ 5ACDCBC67FCF894A1815B9F96D704490, FE0247A8BEDB860EBD46A9D49C641D0B9AA24EE34132CDDADC9F5A605238FDA7 ] seclogon        C:\Windows\system32\seclogon.dll

21:17:50.0772 0x1080  seclogon - ok

21:17:50.0788 0x1080  [ 90973A64B96CD647FF81C79443618EED, 1D3CB7F724B7EADA6443DF07B258EE7FB7FEC92C2A7A9D3C57F6A220EF0DDDC4 ] SENS            C:\Windows\System32\sens.dll

21:17:50.0790 0x1080  SENS - ok

21:17:50.0805 0x1080  [ F71BFE7AC6C52273B7C82CBF1BB2A222, 8C7F0E426B266DBBFE4BBE3333A33C338209BD8BE0E434A98D0D2CFD78D3F758 ] Serenum         C:\Windows\system32\drivers\serenum.sys

21:17:50.0807 0x1080  Serenum - ok

21:17:50.0837 0x1080  [ E62FAC91EE288DB29A9696A9D279929C, 9B6A420556532F7F8D55FB6580A592A43BEA579A068B970C741A23DB079ECAD1 ] Serial          C:\Windows\system32\drivers\serial.sys

21:17:50.0841 0x1080  Serial - ok

21:17:50.0867 0x1080  [ A842F04833684BCEEA7336211BE478DF, 9D964AEA237C44898098AC9C2D043F00C66EDA7D73C381D616737C01A9D0FF45 ] sermouse        C:\Windows\system32\drivers\sermouse.sys

21:17:50.0869 0x1080  sermouse - ok

21:17:50.0901 0x1080  [ A8E4A4407A09F35DCCC3771AF590B0C4, F56ECE42CE81098FCCBCDFBBF006C3FB9EDD29C62F03C4EAE012EE690669481B ] SessionEnv      C:\Windows\system32\sessenv.dll

21:17:50.0905 0x1080  SessionEnv - ok

21:17:50.0924 0x1080  [ 14D4B4465193A87C127933978E8C4106, A5C3F2F09E9A0715529B05AC1020EF0F432121E129447795257087E0D6A812FC ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys

21:17:50.0926 0x1080  sffdisk - ok

21:17:50.0936 0x1080  [ 7073AEE3F82F3D598E3825962AA98AB2, 82A959A0970CBA8CC16D44736ED12158E59E138484F3F53EBDD3A4C02DA3700D ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys

21:17:50.0938 0x1080  sffp_mmc - ok

21:17:50.0949 0x1080  [ 35E59EBE4A01A0532ED67975161C7B82, 4F4296B8903FCD06439CC8BF93C703852E523834F09CF9121FDA729A988AF11B ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys

21:17:50.0951 0x1080  sffp_sd - ok

21:17:50.0961 0x1080  [ 6B7838C94135768BD455CBDC23E39E5F, 868E054ED546479DEAD7C2834C7AB080820522C16F5B4BEF0F3B279A33ABA9C8 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys

21:17:50.0963 0x1080  sfloppy - ok

21:17:51.0007 0x1080  [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34, 9659C7B5046DE2C0416A74FDE6F798C3E78D38327CB71BAE49D57A8347A9097D ] SharedAccess    C:\Windows\System32\ipnathlp.dll

21:17:51.0015 0x1080  SharedAccess - ok

21:17:51.0062 0x1080  [ 9235EC680D3DB17464B39C7C7DECB4DD, 12E9A31630A1063EE5956333FEBE055D31639FC2E6B33EF46C0E40889913CA9B ] ShellHWDetection C:\Windows\System32\shsvcs.dll

21:17:51.0069 0x1080  ShellHWDetection - ok

21:17:51.0088 0x1080  [ 7A5DE502AEB719D4594C6471060A78B3, E8E16DF8AFFC230FBB1A5938925D464A1BA776184B8C020B37669EE2105DB9F2 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys

21:17:51.0091 0x1080  SiSRaid2 - ok

21:17:51.0107 0x1080  [ 3A2F769FAB9582BC720E11EA1DFB184D, 83EEBCE37E8709FCE15FB44F546C727C56064ED49B73A471EA33480573558419 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys

21:17:51.0111 0x1080  SiSRaid4 - ok

21:17:51.0292 0x1080  [ 9F712B26EE3B0242DE997A42FD302E2C, 12663EB108F158282A965EE70980627C2F2332BA7944D7DE03B78E18BEB87D26 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

21:17:51.0372 0x1080  Skype C2C Service - ok

21:17:51.0427 0x1080  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe

21:17:51.0431 0x1080  SkypeUpdate - ok

21:17:51.0524 0x1080  [ A301D2CEFB4747DFE0C24425DCBE0B78, 1F6863002B67D130C60C713C804CE907619B8E0A32A5654958898303DC3D6297 ] slsvc           C:\Windows\system32\SLsvc.exe

21:17:51.0578 0x1080  slsvc - ok

21:17:51.0597 0x1080  [ F5DDF7C0AF85EB72CB295171F8C3CB35, AD52F3BEF6B20C9901024BA7AB30BDFC38408304EA3A3A9ADD72FDAF1166EC39 ] SLUINotify      C:\Windows\system32\SLUINotify.dll

21:17:51.0602 0x1080  SLUINotify - ok

21:17:51.0624 0x1080  [ 41EB2E8E005FEEDCAFCE301983EFF932, 53A40A9B6EE1E95641DFA81498504C97CA50E3F344AC0DF368E9DC1A8B208F3D ] Smb             C:\Windows\system32\DRIVERS\smb.sys

21:17:51.0627 0x1080  Smb - ok

21:17:51.0648 0x1080  [ F8F47F38909823B1AF28D60B96340CFF, EFD948EE09F22F9F373A98BA6D9BC519FD9244986E4BE7B2BACD92D3C145AD1D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe

21:17:51.0650 0x1080  SNMPTRAP - ok

21:17:51.0734 0x1080  [ 84DE101B4FA40CD28B84637924C060CE, 0C98124D57F76CA3A3380524EF73B46ED8C594B8F59B808FEE7ED45D6EE2A850 ] SNP2UVC         C:\Windows\system32\DRIVERS\snp2uvc.sys

21:17:51.0785 0x1080  SNP2UVC - ok

21:17:51.0813 0x1080  [ F9CB0672162F7F04248E2B82C1FF4617, 0C7CF505FE72FE06CAEE085500DF1F41AADFEA31F6026B1AB8D9450351E858BB ] spldr           C:\Windows\system32\drivers\spldr.sys

21:17:51.0815 0x1080  spldr - ok

21:17:51.0863 0x1080  [ 92E6738D25C2123BE9515C0EAC0776CD, 203BC46A2813F68CD1BE35101707422632F44CCDC51105E55C441E4C731A7FB5 ] Spooler         C:\Windows\System32\spoolsv.exe

21:17:51.0870 0x1080  Spooler - ok

21:17:51.0948 0x1080  [ 656736958178461D25B51BB0D9EC7D09, A1C987CD3C1B36516691B6FB6B0589897826E9237C72AD8B5D79D20ACAFCC883 ] sptd            C:\Windows\System32\Drivers\sptd.sys

21:17:52.0024 0x1080  sptd - ok

21:17:52.0060 0x1080  [ A8ABD7D0D907B45CF3831F4DD8644349, F6529258D00355254DDC9E387F350627623619C0CA01127C7239F45E06C7EE9C ] srv             C:\Windows\system32\DRIVERS\srv.sys

21:17:52.0074 0x1080  srv - ok

21:17:52.0131 0x1080  [ 6C72EEA39E1C37B436A6D1532999F9EC, 8AFBF52600C12D5EA169FB1C9E04D67108117C88E19F629B15F6C3E4A81DA6CD ] srv2            C:\Windows\system32\DRIVERS\srv2.sys

21:17:52.0138 0x1080  srv2 - ok

21:17:52.0155 0x1080  [ 7F69BCF9E6FA3D93C82EE6B87812666D, 6DC0A10A8EB7F21B9FFFBE14ACB8ABBD935204971D4A6902749EF870C9E8B4F2 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys

21:17:52.0160 0x1080  srvnet - ok

21:17:52.0183 0x1080  [ 192C74646EC5725AEF3F80D19FF75F6A, 8F24FF139A46B1F837356B9D682526107D7BADCFA510842FEACB6F06C02D93D9 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll

21:17:52.0189 0x1080  SSDPSRV - ok

21:17:52.0197 0x1080  [ 2EE3FA0308E6185BA64A9A7F2E74332B, EC6A15281685E6CDEADABDFD08C4AF980AD3B404C945EB121D7F90AFCA3D6849 ] SstpSvc         C:\Windows\system32\sstpsvc.dll

21:17:52.0201 0x1080  SstpSvc - ok

21:17:52.0295 0x1080  [ 2F3B5A3567FFB343D8867C3D34C687F1, D01971412506746B2EA1CBB0ACF9472889ABBC23318C1332BEC9C8256011183E ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe

21:17:52.0310 0x1080  Steam Client Service - ok

21:17:52.0338 0x1080  [ F14F7D7D68A66777FB999D5D0F21138D, 02D84EF557A9D407ADCCF74DBD0E9D13E33B6F2D7C564386CD7412C3814ADD5C ] stisvc          C:\Windows\System32\wiaservc.dll

21:17:52.0354 0x1080  stisvc - ok

21:17:52.0387 0x1080  [ 8A851CA908B8B974F89C50D2E18D4F0C, 27EA13E50B5B72ABF6C5B7B7D34A7154A12BB27B1C1B2EEFCAA36A96010DB4DC ] swenum          C:\Windows\system32\DRIVERS\swenum.sys

21:17:52.0389 0x1080  swenum - ok

21:17:52.0416 0x1080  [ DA34D6EB4A3154C0BEBAEB0A2483EF3E, B101B4C551F112F486F26FD222116FA08ADDB9804ABDFF6288826049AEE39D7A ] swprv           C:\Windows\System32\swprv.dll

21:17:52.0430 0x1080  swprv - ok

21:17:52.0454 0x1080  [ 2F26A2C6FC96B29BEFF5D8ED74E6625B, 0227EAF144BC35AA4FF2535E8C9974C0609B7634EE45F4166B9F88F79B17BBF1 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys

21:17:52.0457 0x1080  Symc8xx - ok

21:17:52.0478 0x1080  [ A909667976D3BCCD1DF813FED517D837, 0874DD4C1CA7AE2E519EBB45433BC9F11A574408F5D2F9E23A340CA76512F5CE ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys

21:17:52.0481 0x1080  Sym_hi - ok

21:17:52.0506 0x1080  [ 36887B56EC2D98B9C362F6AE4DE5B7B0, 7349FABACB633A9EEE3D4E241A5F443C28D23CC87F21EAAB3F1711644AA21D7C ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys

21:17:52.0509 0x1080  Sym_u3 - ok

21:17:52.0551 0x1080  [ C52B05821884F9A0EBEE38C45DBD73CD, BB9DD84C191F16EC4596D595D41A2C7E6D7D231520284D36ED4D7B5084FE6E84 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys

21:17:52.0561 0x1080  SynTP - ok

21:17:52.0621 0x1080  [ BEA0D5521ED21DF8F6FFEED86DAEDE7B, E13E998787C3B6822A45C3544AB3FD1DEC60311D93C1CA0977049324F6B3820D ] SysMain         C:\Windows\system32\sysmain.dll

21:17:52.0646 0x1080  SysMain - ok

21:17:52.0685 0x1080  [ 005CE42567F9113A3BCCB3B20073B029, B1831D71410AD6E7DEB59D26BF6D2D07D2F6112936D6A6FDA57E9296ADA4076D ] TabletInputService C:\Windows\System32\TabSvc.dll

21:17:52.0689 0x1080  TabletInputService - ok

21:17:52.0736 0x1080  [ 52091001CAF20AE84CF47023EE21B4BB, DBF5ED374CFE2B597C2179E7DD70641BF69B5B1083EE7403DCE9CEE0315C2F65 ] TapiSrv         C:\Windows\System32\tapisrv.dll

21:17:52.0746 0x1080  TapiSrv - ok

21:17:52.0783 0x1080  [ CDBE8D7C1E201B911CDC346D06617FB5, 16D5965E32A109DA38D77F4B6281081569D78371B2F522DE51100967F8776C7A ] TBS             C:\Windows\System32\tbssvc.dll

21:17:52.0786 0x1080  TBS - ok

21:17:52.0884 0x1080  [ 7D86275FB640011B372FD566C0EAFA8D, C22AB38E8E7E2BB77DB4D14B439E6BDE93BA7B57530B475294E46F4CCF0E8313 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys

21:17:52.0925 0x1080  Tcpip - ok

21:17:52.0980 0x1080  [ 7D86275FB640011B372FD566C0EAFA8D, C22AB38E8E7E2BB77DB4D14B439E6BDE93BA7B57530B475294E46F4CCF0E8313 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys

21:17:53.0005 0x1080  Tcpip6 - ok

21:17:53.0030 0x1080  [ C29D4B3B08AD0B7E8564814E4FF6A57B, ABB547D4CA8BCAAED15AC2BA1B2760DE2E94CB3A108E543B402F0034601515A0 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys

21:17:53.0032 0x1080  tcpipreg - ok

21:17:53.0051 0x1080  [ 1D8BF4AAA5FB7A2761475781DC1195BC, A28E972E9331BAD685D4C786FDE221565E0AD3E222B24B9182B7FA916BFCD9C8 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys

21:17:53.0053 0x1080  TDPIPE - ok

21:17:53.0072 0x1080  [ 7F7E00CDF609DF657F4CDA02DD1C9BB1, 42A408E82D4017D27D3B0BBBA02BF4B21DEC060C89849785ED65962D18029B65 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys

21:17:53.0074 0x1080  TDTCP - ok

21:17:53.0099 0x1080  [ 8C39C72E0E853DE04748C0337D9B9216, 40A709FEC9A32DB9A2FDC217F4A21134BC184DABA1AB8BE71768559FD6D4136B ] tdx             C:\Windows\system32\DRIVERS\tdx.sys

21:17:53.0103 0x1080  tdx - ok

21:17:53.0115 0x1080  [ 3F0EBF6EE609F2A276C0D5FAF244EC90, 4D5FEE6DCDCB8864F623D5E19BECCB6ECAFA0DBD8C37152FE81B0011EF4343A6 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys

21:17:53.0119 0x1080  TermDD - ok

21:17:53.0168 0x1080  [ F870A5589D6A94B426EFB13689023946, C02AC39DEEB89DA115C13914A018FFF471093850EDBAF904D7BD45C107F3F18E ] TermService     C:\Windows\System32\termsrv.dll

21:17:53.0183 0x1080  TermService - ok

21:17:53.0203 0x1080  [ 9235EC680D3DB17464B39C7C7DECB4DD, 12E9A31630A1063EE5956333FEBE055D31639FC2E6B33EF46C0E40889913CA9B ] Themes          C:\Windows\system32\shsvcs.dll

21:17:53.0210 0x1080  Themes - ok

21:17:53.0221 0x1080  [ 3CBE4995E80E13CCFBC42E5DCF3AC81A, 18B0E3E83E41C80809E8140F4C90AB051566C84DD891EA411746EA74E6EAF053 ] THREADORDER     C:\Windows\system32\mmcss.dll

21:17:53.0223 0x1080  THREADORDER - ok

21:17:53.0240 0x1080  [ 270308EFB59976157755C768B8544B5F, CAB8F9DEBF2A646929EC92E41734E9974AA6AF80F69C4E22974FA7688ABF4FAD ] TPM             C:\Windows\system32\drivers\tpm.sys

21:17:53.0243 0x1080  TPM - ok

21:17:53.0255 0x1080  [ F4689F05AF472A651A7B1B7B02D200E7, 3D34B8879DBC69013D1A87A3F47B8A622A60B57F2E962E9F5925C5A01F44640F ] TrkWks          C:\Windows\System32\trkwks.dll

21:17:53.0259 0x1080  TrkWks - ok

21:17:53.0291 0x1080  [ AC6FF1DF22ED90BAD6417EE5A4C6E2F0, B5114E2DF7C1E994EA53B08F761DD5C84E1EE57B574C6ADAD103BEC464887A4C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

21:17:53.0293 0x1080  TrustedInstaller - ok

21:17:53.0310 0x1080  [ 9E5409CD17C8BEF193AAD498F3BC2CB8, 7CCBDA9D2B34996F19714F108837F9BF10E9DCB93EBCE24451FD01C073D6BE12 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys

21:17:53.0312 0x1080  tssecsrv - ok

21:17:53.0339 0x1080  [ 89EC74A9E602D16A75A4170511029B3C, AACD82A6F5FE31FF1315F5CA69E5EB6BD172DD86610F0641177CCC131B542034 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys

21:17:53.0341 0x1080  tunmp - ok

21:17:53.0381 0x1080  [ 2DC2C423572946E9A3131425BDA73CB6, 141D06201FA95EAE25511C2A81F769AAF433BCA30BF234A078D5FEF347B3FF94 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys

21:17:53.0383 0x1080  tunnel - ok

21:17:53.0403 0x1080  [ FEC266EF401966311744BD0F359F7F56, 6EE0223AEFA7A81BEB155FC0CD4421C2BEBCDCBC9663C23064B0445101114BF8 ] uagp35          C:\Windows\system32\drivers\uagp35.sys

21:17:53.0407 0x1080  uagp35 - ok

21:17:53.0429 0x1080  [ ECA6629E33F122AFFF18A2AB7C3EB033, 1E2C126DECCCEA2AFFBFE57DEA5CEBB72002697BAA1885DE2515EAA072B39E94 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys

21:17:53.0437 0x1080  udfs - ok

21:17:53.0458 0x1080  [ 060507C4113391394478F6953A79EEDC, 5D0AE5F1184165289DC8E8CD493607FCB68512CF90F748E3BFD2250655D784D4 ] UI0Detect       C:\Windows\system32\UI0Detect.exe

21:17:53.0461 0x1080  UI0Detect - ok

21:17:53.0475 0x1080  [ 4EC9447AC3AB462647F60E547208CA00, F304125321B1ECA915EDDBDB6A71EAEF3123DCB5604C9497D72F12E0C1BD5315 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys

21:17:53.0478 0x1080  uliagpkx - ok

21:17:53.0501 0x1080  [ 697F0446134CDC8F99E69306184FBBB4, A741882B8FE403E3A5DECED5D4A2254B14AF40ACECD4DAA3D00D71C2205C2C5F ] uliahci         C:\Windows\system32\drivers\uliahci.sys

21:17:53.0510 0x1080  uliahci - ok

21:17:53.0539 0x1080  [ 31707F09846056651EA2C37858F5DDB0, A619AC4B32EA77AC29458894614870086C4DDB81525ADBCFF1AB8970FC5C257A ] UlSata          C:\Windows\system32\drivers\ulsata.sys

21:17:53.0544 0x1080  UlSata - ok

21:17:53.0573 0x1080  [ 85E5E43ED5B48C8376281BAB519271B7, DBDA4216553F7C5EA0C579346D0A638E62766D5B8FCB1BFF3149BB37BBF978D3 ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys

21:17:53.0580 0x1080  ulsata2 - ok

21:17:53.0601 0x1080  [ 46E9A994C4FED537DD951F60B86AD3F4, 256F93ED3BD43B50F0D4489164D959F95AB070CC25A80A46355D2B387D336224 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys

21:17:53.0603 0x1080  umbus - ok

21:17:53.0617 0x1080  [ 658C50524E470516067708BABFB08738, 64971D172939B4D110D1C1B28F2876192607E723834E950397CF53383BFF6D1A ] UmRdpService    C:\Windows\System32\umrdp.dll

21:17:53.0624 0x1080  UmRdpService - ok

21:17:53.0654 0x1080  [ 7093799FF80E9DECA0680D2E3535BE60, 1CBFCCA84CB9212176BF5A1D32334BD54E58A2668A4746252738800468AD4AD4 ] upnphost        C:\Windows\System32\upnphost.dll

21:17:53.0663 0x1080  upnphost - ok

21:17:53.0683 0x1080  [ 07E3498FC60834219D2356293DA0FECC, EBFC4AD49F110CD9135F3C0385204A2A31A8DAF654D016BA03FE1DC4F7C184DA ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys

21:17:53.0687 0x1080  usbccgp - ok

21:17:53.0700 0x1080  [ 9247F7E0B65852C1F6631480984D6ED2, E3360A0EE891B8BADEF5FF53F796C79D6AD218961087F866E451F3B6F278672A ] usbcir          C:\Windows\system32\drivers\usbcir.sys

21:17:53.0704 0x1080  usbcir - ok

21:17:53.0717 0x1080  [ DA6D8D8ED0A53C63AC6F4BD40FE83FBE, B233209143118B7A5C65FDB0FF45864173CDAC1B6B686849E05C5DE492452372 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys

21:17:53.0720 0x1080  usbehci - ok

21:17:53.0739 0x1080  [ 99045369AE3216216573D0775FD7ED56, 9CDBCF35C9127824E8EB87006E6AB0BE33AAA1BE429879384A5DD44A8950C5E0 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys

21:17:53.0749 0x1080  usbhub - ok

21:17:53.0765 0x1080  [ EBA14EF0C07CEC233F1529C698D0D154, FBA35D53A90FD6C3F91DA5ECE10EF29858CB4CB512AA20548225F83E9FE0A23D ] usbohci         C:\Windows\system32\drivers\usbohci.sys

21:17:53.0767 0x1080  usbohci - ok

21:17:53.0798 0x1080  [ 28B693B6D31E7B9332C1BDCEFEF228C1, 6B756E6D7459F755C76BC3F497643F6818F107304B789952B233C6585434F3A8 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys

21:17:53.0800 0x1080  usbprint - ok

21:17:53.0830 0x1080  [ 586D9876A4945779C8EEA926C0D16889, 7534E7D9665942CA7663E6E5F5F1607752F9E09DD67D036DA5C520E9C11E53E2 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS

21:17:53.0835 0x1080  USBSTOR - ok

21:17:53.0875 0x1080  [ B2872CBF9F47316ABD0E0C74A1ABA507, E9FB3EEA1D834A035675E22A3224E4E278C4D304F6511822D83250409D62BD3A ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys

21:17:53.0877 0x1080  usbuhci - ok

21:17:53.0899 0x1080  [ FC33099877790D51B0927B7039059855, 9EF33DABDBF0EEC60C63137F5FB21B27536B5923F10DF4F66621CC9864EB894E ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys

21:17:53.0905 0x1080  usbvideo - ok

21:17:53.0937 0x1080  [ 9190F03C82547AFA87367F1CECA88F3B, E1DD21F87A9D149E0C10146C96D0B655FE4D7418984C45FCC17FDD6233F5CEA1 ] UxSms           C:\Windows\System32\uxsms.dll

21:17:53.0940 0x1080  UxSms - ok

21:17:53.0998 0x1080  [ C15A4A550CBA7B9F1F68B72528E04CE1, B1C480ADD2E068E1662783D9C2653D45301F404E6C65942BEDAD45935B0FADAE ] vds             C:\Windows\System32\vds.exe

21:17:54.0012 0x1080  vds - ok

21:17:54.0030 0x1080  [ 916B94BCF1E09873FFF2D5FB11767BBC, 072007FED4EF30C4D7AF8628CBEB2AC99EEAD99D7AB533E90E3748E3D4F11C28 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys

21:17:54.0032 0x1080  vga - ok

21:17:54.0051 0x1080  [ B83AB16B51FEDA65DD81B8C59D114D63, 97D39AA763037752D87216B83896AFD2AD6DFEBB3BCDCED7A9ABFE5706B804C5 ] VgaSave         C:\Windows\System32\drivers\vga.sys

21:17:54.0054 0x1080  VgaSave - ok

21:17:54.0088 0x1080  [ 8294B6C3FDB6C33F24E150DE647ECDAA, FEBD9536EF61F700DFD5D9CB815808C8415D5B23590B3CE17B12D84F4670EA4D ] viaide          C:\Windows\system32\drivers\viaide.sys

21:17:54.0090 0x1080  viaide - ok

21:17:54.0109 0x1080  [ 793D9B32A1C462C91F6F70358283AC97, 0B037004FCDCCACD453969B76434FAAC1516E990359D5983F0A2BB910406322B ] volmgr          C:\Windows\system32\drivers\volmgr.sys

21:17:54.0112 0x1080  volmgr - ok

21:17:54.0157 0x1080  [ 5AA217DA5DC4FF5B9AC9AB86563B3223, 306A43A4E87CBC2B16FD398022DFB5DF05B8C062B3D1F1533E6684DF9069C3F2 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys

21:17:54.0169 0x1080  volmgrx - ok

21:17:54.0202 0x1080  [ DE4307412D98050239026E56A7DFF3C0, F7D30DE55ED26483DBC84261E1EAA8C4A4485EBAF16A57DF1E14595A4992BF4D ] volsnap         C:\Windows\system32\drivers\volsnap.sys

21:17:54.0211 0x1080  volsnap - ok

21:17:54.0240 0x1080  [ A68F455ED2673835209318DD61BFBB0E, 8B2B255E8E2F8B415F7AC0F7F4C423F639DD47737F7CEE0F7C816D9A6893C5F7 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys

21:17:54.0246 0x1080  vsmraid - ok

21:17:54.0321 0x1080  [ 186BD53F8A408AD20F5A056C05678629, 455D72554244B5EDFC0892EC509DB568FDE5C78562355049C06531B82CBB0DB4 ] VSS             C:\Windows\system32\vssvc.exe

21:17:54.0408 0x1080  VSS - ok

21:17:54.0454 0x1080  [ BA29F34A61CB55C0DEE29E787542EDF4, D24B72676663588EBFB20C6C5196963E1514643A8BA655FA412BE365952A7F39 ] W32Time         C:\Windows\system32\w32time.dll

21:17:54.0464 0x1080  W32Time - ok

21:17:54.0483 0x1080  [ FEF8FE5923FEAD2CEE4DFABFCE3393A7, D682FBF78CF987609AF35A019E7C90CBE02800D7DFC272FFDD71D82AA362FA7A ] WacomPen        C:\Windows\system32\drivers\wacompen.sys

21:17:54.0487 0x1080  WacomPen - ok

21:17:54.0513 0x1080  [ AEA75207E443C8623C36B8D03596F84F, 0447EE2EFDD681C51E44DCBB041E81A0D54CF99A3B85B91408565852754408AF ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys

21:17:54.0518 0x1080  Wanarp - ok

21:17:54.0523 0x1080  [ AEA75207E443C8623C36B8D03596F84F, 0447EE2EFDD681C51E44DCBB041E81A0D54CF99A3B85B91408565852754408AF ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys

21:17:54.0526 0x1080  Wanarpv6 - ok

21:17:54.0560 0x1080  [ 54D1827975AFD9BC391343C357B9EA06, 0C390071806A56B8B738D13228009C60D7030E83E1CADD1B21D7BFDCF73EB067 ] wbengine        C:\Windows\system32\wbengine.exe

21:17:54.0589 0x1080  wbengine - ok

21:17:54.0608 0x1080  [ 055449247C490E24B968B44FE8A969EB, 7E48C1307FA403D9C618DF4087DC5C2B077C2215AA592F3E78461D1FB49D184C ] wcncsvc         C:\Windows\System32\wcncsvc.dll

21:17:54.0622 0x1080  wcncsvc - ok

21:17:54.0629 0x1080  [ EA4B369560E986F19D93F45A881484AC, B61411D64901C9CB8C80402CD1E8808F5A0FACA38206C8D584C7C1019F5ADF5A ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

21:17:54.0632 0x1080  WcsPlugInService - ok

21:17:54.0651 0x1080  [ 0C17A0816F65B89E362E682AD5E7266E, 6233213D07B234056A1EC6FE1166A65371645269132B428FF3A29DDC0000301A ] Wd              C:\Windows\system32\drivers\wd.sys

21:17:54.0653 0x1080  Wd - ok

21:17:54.0691 0x1080  [ D02E7E4567DA1E7582FBF6A91144B0DF, 04053B988801235AB6C5616AA616B6EC43E3F36882327589524B88DE19B14EF9 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys

21:17:54.0716 0x1080  Wdf01000 - ok

21:17:54.0733 0x1080  [ C5EFDA73EBFCA8B02A094898DE0A9276, DE54E06CBE20EB27D88B29C3AE19CDFA0AE4933D6DCD640912C74A1065C9391C ] WdiServiceHost  C:\Windows\system32\wdi.dll

21:17:54.0736 0x1080  WdiServiceHost - ok

21:17:54.0750 0x1080  [ C5EFDA73EBFCA8B02A094898DE0A9276, DE54E06CBE20EB27D88B29C3AE19CDFA0AE4933D6DCD640912C74A1065C9391C ] WdiSystemHost   C:\Windows\system32\wdi.dll

21:17:54.0753 0x1080  WdiSystemHost - ok

21:17:54.0783 0x1080  [ 3D4AB55F8178FD0CD3CA45CD0EC9CF5B, C139A7C93E72EA25AEFBB75A0D31994F2E77412D40B39938033DF91187E43D76 ] WebClient       C:\Windows\System32\webclnt.dll

21:17:54.0790 0x1080  WebClient - ok

21:17:54.0824 0x1080  [ 8D40BC587993F876658BF9FB0F7D3462, 23748E11F5CCE3D4978D748780283FA5A1154F53FF70D924CB2128FF8A4705F7 ] Wecsvc          C:\Windows\system32\wecsvc.dll

21:17:54.0830 0x1080  Wecsvc - ok

21:17:54.0857 0x1080  [ 9C980351D7E96288EA0C23AE232BD065, BA627B04C4259716B451F421F5310A69D8DE9407DE496AA0489139125E9DC16A ] wercplsupport   C:\Windows\System32\wercplsupport.dll

21:17:54.0861 0x1080  wercplsupport - ok

21:17:54.0898 0x1080  [ FC25242B3BCAF7E84D9184082274AE08, DC786006135496C78752F379313D4793BBADDBA6229EDC1AB75A0E8C9A098390 ] WerSvc          C:\Windows\System32\WerSvc.dll

21:17:54.0902 0x1080  WerSvc - ok

21:17:54.0925 0x1080  WinDefend - ok

21:17:54.0929 0x1080  WinHttpAutoProxySvc - ok

21:17:55.0010 0x1080  [ AC98F38FEAB066A8F983D54FF3F4FD4C, EBB0CCAFBAC4C710654BFA1911BF1108249EE3A7166E35A22D76F8D8158374A9 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll

21:17:55.0016 0x1080  Winmgmt - ok

21:17:55.0105 0x1080  [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869, 22D53818F4A4ACE441E121151CFD7CB1EDF5E8303DF9E113C9BB304B418A96EF ] WinRM           C:\Windows\system32\WsmSvc.dll

21:17:55.0159 0x1080  WinRM - ok

21:17:55.0227 0x1080  [ 0A69955261C1B54206ADC9BEB89517DE, 3B71E64D24251FDC061364D712F7751CEB88485EDF1CD65161C1D0084E303C12 ] Wlansvc         C:\Windows\System32\wlansvc.dll

21:17:55.0245 0x1080  Wlansvc - ok

21:17:55.0273 0x1080  [ E18AEBAAA5A773FE11AA2C70F65320F5, 9E2F6FC0F46D0EEEBF4BC1E3D8800B3D268079ABF8EDDD70CD21B789883D7390 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys

21:17:55.0274 0x1080  WmiAcpi - ok

21:17:55.0293 0x1080  [ D303322DD577C3DEDA1251ED2E7A496C, EA8EBC677A1D3774BC2CF711D0F98AED056BD70980DC4469B050BFBDB8DD1E0D ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe

21:17:55.0300 0x1080  wmiApSrv - ok

21:17:55.0326 0x1080  WMPNetworkSvc - ok

21:17:55.0353 0x1080  [ A27C8F92D84E2DDC151978E4692C978E, B0CFB3DA19827E170E6A29AD023C29D70F73EF648CE1344A5E0AFD2002287024 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll

21:17:55.0357 0x1080  WPDBusEnum - ok

21:17:55.0412 0x1080  [ 6329D1990DB931073B86AB5946D8E317, F33581D21659A274BF5C0762E24A7DBEEB6380AB6ED0FACD76F1BD2858C4DA49 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys

21:17:55.0414 0x1080  WpdUsb - ok

21:17:55.0580 0x1080  [ 991E2C2CF3BC204C2BB2EE1476149E4E, 3ACEE4D02B989A397BC7A8CDDE90850173F351888C119CC60187CB8934DCC16D ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe

21:17:55.0653 0x1080  WPFFontCache_v0400 - ok

21:17:55.0683 0x1080  [ 8A900348370E359B6BFF6A550E4649E1, 3EAD0B951EAF8E940ED6A79FAAAB7D22ACCF3985795F80206A3A07161D319B39 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys

21:17:55.0685 0x1080  ws2ifsl - ok

21:17:55.0705 0x1080  [ CB8EA6D95949384925CCFCA21CC6DFD8, 45E6D221FB92B88F287D855DFFFEBD7027C5A6C0BA14D60D2E2A12CAD8A58EF5 ] wscsvc          C:\Windows\System32\wscsvc.dll

21:17:55.0708 0x1080  wscsvc - ok

21:17:55.0711 0x1080  WSearch - ok

21:17:55.0993 0x1080  [ FB3796754FE00F0BDC87A36F164A5F4D, 0CA7A6B5EF94AA55C780487C753984A68F780CE82F175DC32B70C0AB00B7A71D ] wuauserv        C:\Windows\system32\wuaueng.dll

21:17:56.0055 0x1080  wuauserv - ok

21:17:56.0072 0x1080  [ 501A65252617B495C0F1832F908D54D8, CB18A80EAB2F23579D1D38B12CD04CF579C6D0B73127A1E88305CC0488D40B2C ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys

21:17:56.0075 0x1080  WUDFRd - ok

21:17:56.0107 0x1080  [ 6CBD51FF913C851D56ED9DC7F2A27DDE, 736C66A944F3D37464052211B2728AD53D31CB631CD33B9E094C00D76BF17399 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll

21:17:56.0110 0x1080  wudfsvc - ok

21:17:56.0116 0x1080  ================ Scan global ===============================

21:17:56.0159 0x1080  [ 060DC3A7A9A2626031EB23D90151428D, 4AADA06E83603E9D4894D6CFC8DADB018307B384F438C809D4BC8E22BD937C3B ] C:\Windows\system32\basesrv.dll

21:17:56.0200 0x1080  [ 2D94E4CE322F12061D3FA7DBE65E9AC5, 93328B8A8415CCA8A7AB3EF1340F3F8C30309E9702C96071FACCAB380DBD357F ] C:\Windows\system32\winsrv.dll

21:17:56.0224 0x1080  [ 2D94E4CE322F12061D3FA7DBE65E9AC5, 93328B8A8415CCA8A7AB3EF1340F3F8C30309E9702C96071FACCAB380DBD357F ] C:\Windows\system32\winsrv.dll

21:17:56.0267 0x1080  [ DFAC660F0F139276CC9299812DE42719, 359D060560EB3A6920812E31B82F7BB4333830269E62F2B62180640893E8330D ] C:\Windows\system32\services.exe

21:17:56.0279 0x1080  [ Global ] - ok

21:17:56.0279 0x1080  ================ Scan MBR ==================================

21:17:56.0290 0x1080  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0

21:17:56.0704 0x1080  \Device\Harddisk0\DR0 - ok

21:17:56.0704 0x1080  ================ Scan VBR ==================================

21:17:56.0706 0x1080  [ 2663A6681416C93570F047AF75D07218 ] \Device\Harddisk0\DR0\Partition1

21:17:56.0739 0x1080  \Device\Harddisk0\DR0\Partition1 - ok

21:17:56.0740 0x1080  Waiting for KSN requests completion. In queue: 336

21:17:57.0740 0x1080  Waiting for KSN requests completion. In queue: 336

21:17:58.0740 0x1080  Waiting for KSN requests completion. In queue: 27

21:17:59.0819 0x1080  AV detected via SS2: ESET NOD32 Antivirus 3.0, C:\Program Files\ESET\ESET NOD32 Antivirus\ecmd.exe (  ), 0x41000 ( enabled : updated )

21:17:59.0843 0x1080  Win FW state via NFP2: disabled

21:18:02.0258 0x1080  ============================================================

21:18:02.0258 0x1080  Scan finished

21:18:02.0258 0x1080  ============================================================

21:18:02.0265 0x0234  Detected object count: 0

21:18:02.0265 0x0234  Actual detected object count: 0

[Infected by TrojanAgent]

Hello Marius,

 

I would like to thank you for your time! I have removed the µTorrent software as you suggested. Here you can find the logfile from the scan. I had to split it up as i got "Post_too_long" error. 

 

21:17:02.0984 0x12c8  TDSS rootkit removing tool 3.0.0.25 Feb 27 2014 15:23:02

21:17:24.0829 0x12c8  ============================================================

21:17:24.0829 0x12c8  Current date / time: 2014/03/23 21:17:24.0829

21:17:24.0829 0x12c8  SystemInfo:

21:17:24.0829 0x12c8  

21:17:24.0829 0x12c8  OS Version: 6.0.6001 ServicePack: 1.0

21:17:24.0829 0x12c8  Product type: Workstation

21:17:24.0829 0x12c8  ComputerName: P-CZC8507XQB

21:17:24.0829 0x12c8  UserName: CZC8507XQB

21:17:24.0829 0x12c8  Windows directory: C:\Windows

21:17:24.0829 0x12c8  System windows directory: C:\Windows

21:17:24.0830 0x12c8  Running under WOW64

21:17:24.0830 0x12c8  Processor architecture: Intel x64

21:17:24.0830 0x12c8  Number of processors: 2

21:17:24.0830 0x12c8  Page size: 0x1000

21:17:24.0830 0x12c8  Boot type: Normal boot

21:17:24.0830 0x12c8  ============================================================

21:17:26.0191 0x12c8  KLMD registered as C:\Windows\system32\drivers\50392871.sys

21:17:26.0587 0x12c8  System UUID: {70CD72D5-F565-3435-8CD5-9B287183D471}

21:17:27.0375 0x12c8  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

21:17:27.0434 0x12c8  ============================================================

21:17:27.0434 0x12c8  \Device\Harddisk0\DR0:

21:17:27.0434 0x12c8  MBR partitions:

21:17:27.0434 0x12c8  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1D1C4800

21:17:27.0434 0x12c8  ============================================================

21:17:27.0504 0x12c8  C: <-> \Device\Harddisk0\DR0\Partition1

21:17:27.0837 0x12c8  ============================================================

21:17:27.0837 0x12c8  Initialize success

21:17:27.0837 0x12c8  ============================================================

21:17:32.0258 0x1080  ============================================================

21:17:32.0258 0x1080  Scan started

21:17:32.0258 0x1080  Mode: Manual; 

21:17:32.0258 0x1080  ============================================================

21:17:32.0258 0x1080  KSN ping started

21:17:35.0748 0x1080  KSN ping finished: true

21:17:36.0823 0x1080  ================ Scan system memory ========================

21:17:36.0823 0x1080  System memory - ok

21:17:36.0823 0x1080  ================ Scan services =============================

21:17:37.0001 0x1080  [ 70BBE6A93A6BB26B42B03C7D08646D4E, 1293211DE1C78A558E2B9F9CEEDFF60C4A415521955D3F363C05C4DFC6A0CB7F ] Accelerometer   C:\Windows\system32\DRIVERS\Accelerometer.sys

21:17:37.0004 0x1080  Accelerometer - ok

21:17:37.0071 0x1080  [ 8C99ED256A889D647935A97C543B7B85, A11099D52528A398CC01C84EB2AD83120171B7B2E24C1AEDDA18596C921183E4 ] ACPI            C:\Windows\system32\drivers\acpi.sys

21:17:37.0079 0x1080  ACPI - ok

21:17:37.0145 0x1080  [ D0F1ADB7532890A7602A25D878561921, FCB5F6D4DF700407E95D090DD9816DFED6FB3771A159F7CB3CE0BF799BD84185 ] ADIHdAudAddService C:\Windows\system32\drivers\ADIHdAud.sys

21:17:37.0160 0x1080  ADIHdAudAddService - ok

21:17:37.0263 0x1080  [ 9D96B0D5855FD1B98023B3EEC9F06786, E4C79233158BE8AA4E9C6DD71585E5D2703A5156531EB3D692D7D81BC443E844 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

21:17:37.0270 0x1080  AdobeFlashPlayerUpdateSvc - ok

21:17:37.0307 0x1080  [ F14215E37CF124104575073F782111D2, 7F624F7F0FE9909C07AB2E4C74727686FDA9DF33778A9CBBE35027D6579E4F71 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys

21:17:37.0323 0x1080  adp94xx - ok

21:17:37.0350 0x1080  [ 7D05A75E3066861A6610F7EE04FF085C, 406F2CE539C306BA60C233FBCDB029153588F0499BBE91E66FC915E5C5D7D2A5 ] adpahci         C:\Windows\system32\drivers\adpahci.sys

21:17:37.0360 0x1080  adpahci - ok

21:17:37.0419 0x1080  [ 820A201FE08A0C345B3BEDBC30E1A77C, 3170B308724CAA0AD50B74D045C837C48BD6A3A11ABA222670BEA82192A861BF ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys

21:17:37.0424 0x1080  adpu160m - ok

21:17:37.0493 0x1080  [ 9B4AB6854559DC168FBB4C24FC52E794, 83CD75DE0A16AE66586837565ECA8B98BA9309519139C4C2032474B8DDF5A1AD ] adpu320         C:\Windows\system32\drivers\adpu320.sys

21:17:37.0501 0x1080  adpu320 - ok

21:17:37.0543 0x1080  [ 8CF9089F83440422020C66D090C3BB63, D5A12254F14A87B421946D5E23B3842A02D7DADA5C7814B6380A641FCD5B6FCF ] AEADIFilters    C:\Windows\system32\AEADISRV.EXE

21:17:37.0545 0x1080  AEADIFilters - ok

21:17:37.0565 0x1080  [ 0F421175574BFE0BF2F4D8E910A253BB, CEABE3A4F546EB6ACA079931AB532DC88FF757DEEF6F434991802220328A9CD6 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll

21:17:37.0566 0x1080  AeLookupSvc - ok

21:17:37.0652 0x1080  [ 9BB97042FA331A0FB4BDD98B9280A50A, DBB11BFE5F0BC94A21E7B319D16F2896509730DA8061135083892709290E4FA1 ] AFD             C:\Windows\system32\drivers\afd.sys

21:17:37.0664 0x1080  AFD - ok

21:17:37.0711 0x1080  [ 8FE65709982F2CB7D291F6C9B2C60805, 23EE0C166082D420E09595FBC7162296E820B5712A69BA2BCBCB0AC8EED2164B ] AgereModemAudio C:\Windows\system32\agr64svc.exe

21:17:37.0711 0x1080  AgereModemAudio - ok

21:17:37.0774 0x1080  [ 55FCDB10E31C22EB67454AAEF42B6725, 4A02A3203573766F254643C0EC2AB1AF2BFCA49BF6E5D7627D27E93F92203379 ] AgereSoftModem  C:\Windows\system32\DRIVERS\agrsm64.sys

21:17:37.0812 0x1080  AgereSoftModem - ok

21:17:37.0871 0x1080  [ F6F6793B7F17B550ECFDBD3B229173F7, 7EB12A9372B7966440E39F1B567A43C21231D67DDFAA9C1DECC7E68627F82346 ] agp440          C:\Windows\system32\drivers\agp440.sys

21:17:37.0874 0x1080  agp440 - ok

21:17:37.0908 0x1080  [ 222CB641B4B8A1D1126F8033F9FD6A00, 8C7FD4BF87DC00893B99E64344C0E6A3F321DAD9BE60A99763629260E7C6312C ] aic78xx         C:\Windows\system32\drivers\djsvs.sys

21:17:37.0911 0x1080  aic78xx - ok

21:17:37.0936 0x1080  [ 5922F4F59B7868F3D74BBBBEB7B825A3, 71504BC8B596F540BF059059670BC0C138D8759C1DD9F99F1EC368FD5C53F573 ] ALG             C:\Windows\System32\alg.exe

21:17:37.0939 0x1080  ALG - ok

21:17:37.0973 0x1080  [ 157D0898D4B73F075CE9FA26B482DF98, 84C3E163D7393FD306842F155C88A50B7D8AE88B59586F9014DB76B749CC33D5 ] aliide          C:\Windows\system32\drivers\aliide.sys

21:17:37.0975 0x1080  aliide - ok

21:17:37.0986 0x1080  [ 970FA5059E61E30D25307B99903E991E, CFB241803A63EA3469B2596462A42DDCA813B3ACF96E56BB34F5979BB34DDC32 ] amdide          C:\Windows\system32\drivers\amdide.sys

21:17:37.0988 0x1080  amdide - ok

21:17:38.0009 0x1080  [ CDC3632A3A5EA4DBB83E46076A3165A1, 40BE3451A3F29CD3352360FF72165C54237E44D01006390805D493B0D06F51DB ] AmdK8           C:\Windows\system32\drivers\amdk8.sys

21:17:38.0012 0x1080  AmdK8 - ok

21:17:38.0060 0x1080  [ 9C37B3FD5615477CB9A0CD116CF43F5C, BD3F85A29931072F2B0C7283761E224E4621FE0D9D34D6D668A4516B28388484 ] Appinfo         C:\Windows\System32\appinfo.dll

21:17:38.0062 0x1080  Appinfo - ok

21:17:38.0104 0x1080  [ 3DA98C07B18A676180FE7EED924D1673, 830E48C2AF04CB57E886643DF1288EDEBEEAF03CE04A4850E13E05FF206C507A ] AppMgmt         C:\Windows\System32\appmgmts.dll

21:17:38.0111 0x1080  AppMgmt - ok

21:17:38.0143 0x1080  [ BA8417D4765F3988FF921F30F630E303, 876A8F34E578020DD9EDD64F7F77A0A3B4592EC568830B500D7EA844D3159C72 ] arc             C:\Windows\system32\drivers\arc.sys

21:17:38.0146 0x1080  arc - ok

21:17:38.0190 0x1080  [ 9D41C435619733B34CC16A511E644B11, DEFFBBB5ECE33B7DF949DF979188AF3B6674E7580FC069397AB756EA84E24822 ] arcsas          C:\Windows\system32\drivers\arcsas.sys

21:17:38.0194 0x1080  arcsas - ok

21:17:38.0340 0x1080  aspnet_state - ok

21:17:38.0361 0x1080  [ 22D13FF3DAFEC2A80634752B1EAA2DE6, 503F7E5F1B14D3F7AEAB0982E812B19DABE38FD4104D93922F50F0B2D19BECFB ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys

21:17:38.0363 0x1080  AsyncMac - ok

21:17:38.0391 0x1080  [ F988BB0690CD660318037908E9B8DBF7, E536F371AB31B69FB0AA619C0C04B031A17C89064E90D3C57ED45E280A117C65 ] atapi           C:\Windows\system32\drivers\atapi.sys

21:17:38.0393 0x1080  atapi - ok

21:17:38.0472 0x1080  [ 05D1BC3CF92B023E286F76BF0C0A30EE, 4EB01F437FC9192E45D9052DBDB55FFE9C30487D414BB61284FD188B1494BB5A ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe

21:17:38.0496 0x1080  Ati External Event Utility - ok

21:17:38.0826 0x1080  [ F8A5F8E5A07EDAF200E4504A5B80D2AC, DC86DC9B8A49C7693D875CC936414620E54B2E1EE56F97E41B7349DD891B94EC ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys

21:17:38.0966 0x1080  atikmdag - ok

21:17:39.0138 0x1080  [ 2A54B6A48AB6D2166271B05E9469326E, 657DBD481CD9F9B8A3AD5CE4F93F832187FB9A5F7069523F0492925421C78733 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

21:17:39.0173 0x1080  AudioEndpointBuilder - ok

21:17:39.0189 0x1080  [ 2A54B6A48AB6D2166271B05E9469326E, 657DBD481CD9F9B8A3AD5CE4F93F832187FB9A5F7069523F0492925421C78733 ] AudioSrv        C:\Windows\System32\Audiosrv.dll

21:17:39.0198 0x1080  AudioSrv - ok

21:17:39.0242 0x1080  [ BC4737AAFFA5964E4F8827C9B8C0EB8E, 5507F41DCD8DD155A1C09BDEAF9CFDF53B40A89369BD59D60834B2753F73F8C0 ] BFE             C:\Windows\System32\bfe.dll

21:17:39.0255 0x1080  BFE - ok

21:17:39.0310 0x1080  [ D896A0D43F8AB81ECB1FC6C24DECFD58, 0E643D95A459910FD4DD0D2B924A55A2D01923C70D4F78BA6F3AC073E51B04DF ] BITS            C:\Windows\System32\qmgr.dll

21:17:39.0342 0x1080  BITS - ok

21:17:39.0382 0x1080  [ 79FEEB40056683F8F61398D81DDA65D2, 5EA3016194F71A2A2177C2B5129E82738EC621ACAD269809F4C131B72CFEB6C6 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys

21:17:39.0386 0x1080  blbdrive - ok

21:17:39.0432 0x1080  [ F0F035FCEC3554CC1B70C5611BD87951, F47F5A307AAF629612F030CB18EE55D160F68BCFDCC5C8C621A7B42281C487E7 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys

21:17:39.0435 0x1080  bowser - ok

21:17:39.0542 0x1080  [ 38FE145DE227F862CFDD750AA00CA284, 6692765E1AF698336DAF95023B26E566B5CD0EDA48E0C3D247E7004216B2068C ] BrAuthorizationSvcx C:\Program Files\BrAutomation\AsTools\BrAuthorization\BrAuthorizationSvc.exe

21:17:39.0543 0x1080  BrAuthorizationSvcx - ok

21:17:39.0590 0x1080  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys

21:17:39.0591 0x1080  BrFiltLo - ok

21:17:39.0605 0x1080  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys

21:17:39.0607 0x1080  BrFiltUp - ok

21:17:39.0630 0x1080  [ A1B39DE453433B115B4EA69EE0343816, 61441E7E9D5259A5987DBD3FC8D4E3221A57F42C7CC0F94DB48E80EEF96CA5D4 ] Browser         C:\Windows\System32\browser.dll

21:17:39.0632 0x1080  Browser - ok

21:17:39.0671 0x1080  [ F0F0BA4D815BE446AA6A4583CA3BCA9B, E0A5DB5A0C7D6AF93ED45F34D2597F77982DFF41E4FDAC827FE5D80323ADED60 ] Brserid         C:\Windows\system32\drivers\brserid.sys

21:17:39.0674 0x1080  Brserid - ok

21:17:39.0717 0x1080  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys

21:17:39.0720 0x1080  BrSerWdm - ok

21:17:39.0763 0x1080  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys

21:17:39.0764 0x1080  BrUsbMdm - ok

21:17:39.0781 0x1080  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys

21:17:39.0783 0x1080  BrUsbSer - ok

21:17:39.0807 0x1080  [ D4A3AE275D21B294F9B26F84748054D5, 7C946BD60C645BE5DDED8D87677D91ED752C3FA67B7FEBD3459A841CF94DAC09 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys

21:17:39.0809 0x1080  BthEnum - ok

21:17:39.0825 0x1080  [ E0777B34E05F8A82A21856EFC900C29F, A7ACE3C65D1773C50ACD98A13B3ADBDD2A6052D7F5D124CB6EE6E7C22151A424 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys

21:17:39.0828 0x1080  BTHMODEM - ok

21:17:39.0859 0x1080  [ BEFC5311736B475AC5B60C14FF7C775A, 8B9BF5486B09E10361E8C412481E684CD1B03B5C06023AD9B7C29553D51F0455 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys

21:17:39.0861 0x1080  BthPan - ok

21:17:39.0914 0x1080  [ 04E4907FCB00CDFACA052DEA6462B01B, 767C787A9CED119C664BEB79819876566AE856DD7C0259791A492D9C63E5DAC6 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys

21:17:39.0935 0x1080  BTHPORT - ok

21:17:39.0973 0x1080  [ 90E967B4BB5556EDC9C2EA0EB653D1B2, E0AFD786F4DB1F6376E8FBDECB76F6F8D5821E615F1EB0FABAB7B37DFE2702C4 ] BthServ         C:\Windows\System32\bthserv.dll

21:17:39.0975 0x1080  BthServ - ok

21:17:39.0985 0x1080  [ FD8F6802D7564046D933093705F9B9B4, B87A5B89D26760796480A9A14E56B42F17A8EFA59FA90EAF205BE4E584A51109 ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys

21:17:39.0988 0x1080  BTHUSB - ok

21:17:40.0027 0x1080  [ 0C5D9C8B412BE72C4535EC67A24C01DB, B88C00B81D067FD85D115C1C9AD8495539A7248920124DA40D3A02CA8E38A323 ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys

21:17:40.0030 0x1080  btwaudio - ok

21:17:40.0061 0x1080  [ DF18E4291C43BED05B1D0C2D5C0E96D6, 95B694E8AD45825029730E260CFD8E1E1AA0A5CECF1671226D7FFFBA6C6386EC ] btwavdt         C:\Windows\system32\drivers\btwavdt.sys

21:17:40.0065 0x1080  btwavdt - ok

21:17:40.0079 0x1080  [ 637A44C54520A9958E2E5E3EE9E26C4A, FB12D612629B54E39F2F8A0FE6255B0CAB84D3FABAE71C5F025192F4AEB082AF ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys

21:17:40.0082 0x1080  btwrchid - ok

21:17:40.0121 0x1080  [ B4D787DB8D30793A4D4DF9FEED18F136, 2A956F7DCFE61E556F30BDA6D45592A05533541D6ED321C251C1C05F6CEA6DDC ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys

21:17:40.0125 0x1080  cdfs - ok

21:17:40.0137 0x1080  [ 3B2FB35363423ED60C8FBF15FC8680BD, 6AA11129BF61288F4696DF8A9E87A1C200EC94A80DE0BD0865878B73735DA57D ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys

21:17:40.0140 0x1080  cdrom - ok

21:17:40.0164 0x1080  [ EDFFFC8B6AFB609BF33DBE0A900426B6, 069E51698CADB01800CD4D1D98010B809652A93647670EC612373D154FA1E9CC ] CertPropSvc     C:\Windows\System32\certprop.dll

21:17:40.0166 0x1080  CertPropSvc - ok

21:17:40.0179 0x1080  [ 02EA568D498BBDD4BA55BF3FCE34D456, 5A418B156CBB48D14E0F6B6AE6E03B8CD97AABE838F260757014479566C63F17 ] circlass        C:\Windows\system32\drivers\circlass.sys

21:17:40.0181 0x1080  circlass - ok

21:17:40.0206 0x1080  [ C12C4EE07843B595036DA0BAA6317936, 25D6249E8E497A84A95FAB0B29BFABFAACBE6A86D3E9F0254132FC52AA682209 ] CLFS            C:\Windows\system32\CLFS.sys

21:17:40.0217 0x1080  CLFS - ok

21:17:40.0251 0x1080  [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

21:17:40.0253 0x1080  clr_optimization_v2.0.50727_32 - ok

21:17:40.0315 0x1080  [ FA58B51ED71C9133E141164EAA7C54EB, 36310620185E43149A5CACFC9E26D3F322D7E5A958024885232F1AC0A5AA5C0D ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

21:17:40.0318 0x1080  clr_optimization_v2.0.50727_64 - ok

21:17:40.0397 0x1080  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

21:17:40.0400 0x1080  clr_optimization_v4.0.30319_32 - ok

21:17:40.0420 0x1080  [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

21:17:40.0424 0x1080  clr_optimization_v4.0.30319_64 - ok

21:17:40.0444 0x1080  [ B52D9A14CE4101577900A364BA86F3DF, A8AA928DDF5FE3861973D4EA03A5B700E99138236F1E8FF594293B9705BF470C ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys

21:17:40.0445 0x1080  CmBatt - ok

21:17:40.0482 0x1080  [ E5D5499A1C50A54B5161296B6AFE6192, 20A8A0478918063A9EE81565F21F4ACCAA7B6A8B2E9E084099879D85574BAB3E ] cmdide          C:\Windows\system32\drivers\cmdide.sys

21:17:40.0485 0x1080  cmdide - ok

21:17:40.0597 0x1080  [ 7795F8CEBC284A426B53F541E538695F, 1A56B32CA26505D9B1899EF4C3E1E1A815D8A36CC476691DBCE8A41109208C87 ] Com4QLBEx       C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe

21:17:40.0600 0x1080  Com4QLBEx - ok

21:17:40.0606 0x1080  [ 7FB8AD01DB0EABE60C8A861531A8F431, E19353C686B07A0DBBA92CFCC88AB9B6BEBAF389416B78F4470BA673E7CD73C3 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys

21:17:40.0612 0x1080  Compbatt - ok

21:17:40.0616 0x1080  COMSysApp - ok

21:17:40.0620 0x1080  [ A8585B6412253803CE8EFCBD6D6DC15C, C3906B080D3BB06CB976FD98C62CBA97DAE74970A5559D51EF5111D773949322 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys

21:17:40.0622 0x1080  crcdisk - ok

21:17:40.0647 0x1080  [ 4374F784121D8B3BB466B03F5E5EBD33, EA37D4B0EA11C81A5F9277EEC2FA16F9A863B655E685BFF40C9D57B26158D582 ] CryptSvc        C:\Windows\system32\cryptsvc.dll

21:17:40.0651 0x1080  CryptSvc - ok

21:17:40.0683 0x1080  [ A25E4DD707714DA07FE1FEBF1DC91D86, 0C7A28F8475611642EBC42C4A75BAA82C0983120AA16D2448A87BB13C1978FDF ] CSC             C:\Windows\system32\drivers\csc.sys

21:17:40.0699 0x1080  CSC - ok

21:17:40.0760 0x1080  [ 06AF83C429743F3B85F1224C50254BEF, 96FFC934F8568D6987F9E167E687BE48805ECDEFE62B76BC233FA9D1EA7CC436 ] CscService      C:\Windows\System32\cscsvc.dll

21:17:40.0778 0x1080  CscService - ok

21:17:40.0860 0x1080  [ FE56398071DEEE6CB42A182D82D274F7, 84585A5904C7CA5F5A9EE8BB810855C8833C02E286379BE1FB65F69D43B0E252 ] DAMDrv          C:\Windows\system32\DRIVERS\DAMDrv64.sys

21:17:40.0863 0x1080  DAMDrv - ok

21:17:41.0035 0x1080  [ 52CDADE8289FF21F1F2215FF51A5F36C, 27DD3BA84FB864FD685979C3404EFEB536ECD62FEF3069ECADAA5D5CA4469DE8 ] DcomLaunch      C:\Windows\system32\rpcss.dll

21:17:41.0057 0x1080  DcomLaunch - ok

21:17:41.0317 0x1080  [ 3725C43C9E90731ECA651D506CC599A3, 8597294C2AD571E0D47500ACE7785F3C3157A9D0E4FC9F1739B2EC6CFE18AE8E ] DfsC            C:\Windows\system32\Drivers\dfsc.sys

21:17:41.0428 0x1080  DfsC - ok

21:17:42.0332 0x1080  [ 1781F99840979EE7B126C9073C377FD0, D5E8445B0381429FD1BB4CFB12F48D79B6C8405472E856A80FC4CCC4DB1437D5 ] DFSR            C:\Windows\system32\DFSR.exe

21:17:42.0501 0x1080  DFSR - ok

21:17:42.0560 0x1080  [ FDAA0EDFCFB70CD529589AD654651B40, D3729FE3A019CEA859B0475904CDAE7EDA7E9C71FC3E4A71B94A6E3ACEA14098 ] Dhcp            C:\Windows\System32\dhcpcsvc.dll

21:17:42.0568 0x1080  Dhcp - ok

21:17:42.0593 0x1080  [ 2DC415FC05FB8A079F896CBBACB19324, B868592C68A7E84BCAB456225A8326B561416B75BC6F4FBB80F2F281FF304100 ] disk            C:\Windows\system32\drivers\disk.sys

21:17:42.0596 0x1080  disk - ok

21:17:42.0625 0x1080  [ DAF05293C1264E251D3A25E7E24B2DDF, 0042D265D0CFC6D771572D2F2BEE516FB25450E1FD58307788D064475554E5C0 ] Dnscache        C:\Windows\System32\dnsrslvr.dll

21:17:42.0629 0x1080  Dnscache - ok

21:17:42.0652 0x1080  [ CC661867677627F2911C2A4970DEE0F1, 7C3F2FEE7EFA10F92EB8FA951E15754AD6A467411127345527CEC7094AF7AC74 ] dot3svc         C:\Windows\System32\dot3svc.dll

21:17:42.0660 0x1080  dot3svc - ok

21:17:42.0691 0x1080  [ 1583B39790DB3EAEC7EDB0CB0140C708, F94F9AE7054A38602CD25D4E10FE7C7B574BD9ED8440C3FDAA7275A1D1E663E7 ] DPS             C:\Windows\system32\dps.dll

21:17:42.0694 0x1080  DPS - ok

21:17:42.0719 0x1080  [ F1A78A98CFC2EE02144C6BEC945447E6, D2E2AA13BE6319F967002476A5D3CF09B1B44350576DD8E1C1C531854F53B488 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys

21:17:42.0721 0x1080  drmkaud - ok

21:17:42.0793 0x1080  [ 412964040CE920FF83AFF6B5B551BF99, 7F3E7DE28F36A2E0A493CC224D15269EAC43CBEEE21C2872202E2AF37A5DB365 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys

21:17:42.0816 0x1080  DXGKrnl - ok

21:17:42.0839 0x1080  [ 264CEE7B031A9D6C827F3D0CB031F2FE, 50CAD28A73D29E7E04A45330146CF713BA17101215955009121E36D43CD5C536 ] E1G60           C:\Windows\system32\DRIVERS\E1G6032E.sys

21:17:42.0844 0x1080  E1G60 - ok

21:17:42.0880 0x1080  [ CA65FF7C990133DD89494080B7FC0F50, 126DC6DA8E9B1DE39A2BCEF11E4F60145F0ACC7640F1AC096C1094216C19EA05 ] e1yexpress      C:\Windows\system32\DRIVERS\e1y60x64.sys

21:17:42.0889 0x1080  e1yexpress - ok

21:17:42.0927 0x1080  [ A183851333985C6DE08DADE07B074D0D, D0257792EF8A113ECFCEBB73DB1A4A25D7E5ADDC07C759865ED825B6287BE2E3 ] eamon           C:\Windows\system32\DRIVERS\eamon.sys

21:17:42.0930 0x1080  eamon - ok

21:17:42.0965 0x1080  [ C2303883FD9BE49DC36A6400643002EA, F062D1D6D503CF5195BDE8C1DC75B541F559CB8175ADABCDB7690E9F1CA3EA4E ] EapHost         C:\Windows\System32\eapsvc.dll

21:17:42.0968 0x1080  EapHost - ok

21:17:42.0993 0x1080  [ 4DB13A6A158C160B01971E0EAB4B6FA8, 815F7039E155B9A8FA315898F48598EC1A2FF84C7030011782CE996CABF21F5A ] easdrv          C:\Windows\system32\DRIVERS\easdrv.sys

21:17:42.0996 0x1080  easdrv - ok

21:17:43.0023 0x1080  [ 7343D950A34A95DCB7441642E3E6BEEF, 6C38E7C0C1D5F619269BA03E41AA0340A93D556B38396B3AE65CCE1A4393C997 ] Ecache          C:\Windows\system32\drivers\ecache.sys

21:17:43.0029 0x1080  Ecache - ok

21:17:43.0107 0x1080  [ 40DDB5654B9FB14AA3FA00B116EFBBDD, 865DBBA527EC507CBB67B6A952282826215AC1267EE8AB800685AA32FE1BA605 ] EhttpSrv        C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe

21:17:43.0107 0x1080  EhttpSrv - ok

21:17:43.0183 0x1080  [ 49485FA5C3A8A5CE866B281E75E99F24, 41A03E1BD1012AB6DFE175B5F3421D798921C9B730BA39EE003C639B6BFA8B04 ] ekrn            C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe

21:17:43.0195 0x1080  ekrn - ok

21:17:43.0238 0x1080  [ C4636D6E10469404AB5308D9FD45ED07, 367D958D19F672395462206F27C1E138386C2F37B0FA77546F4217CF16D05C84 ] elxstor         C:\Windows\system32\drivers\elxstor.sys

21:17:43.0250 0x1080  elxstor - ok

21:17:43.0283 0x1080  [ E4EB76D0A8FC43DB7F36302E1F33791F, 11F18E0B4656B0181E9582393ED1358C0C908AE3629266019DF6F47FF60012D4 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll

21:17:43.0294 0x1080  EMDMgmt - ok

21:17:43.0351 0x1080  [ BB0E86BA3336CCC7C885E1B47D9C4675, EE1C62F020CCBFAFCFADEB04D3C7D8F74A062FA3CEAD685C10BFF7B75C67CF61 ] epfwtdir        C:\Windows\system32\DRIVERS\epfwtdir.sys

21:17:43.0353 0x1080  epfwtdir - ok

21:17:43.0388 0x1080  [ BC3A58E938BB277E46BF4B3003B01ABD, 2BB054E632A96951DAB25B3BE8541AEC1B97A7739FC8D0E34BE8B9295600C8FC ] ErrDev          C:\Windows\system32\drivers\errdev.sys

21:17:43.0389 0x1080  ErrDev - ok

21:17:43.0446 0x1080  [ 6B1A97BF9FEFBDC83F3C7C7D0F826C66, A24FC3DB56021537B18634EC6975BE573AD7328E6049276D1238FB1BCB79F578 ] EventSystem     C:\Windows\system32\es.dll

21:17:43.0456 0x1080  EventSystem - ok

21:17:43.0478 0x1080  [ 2A546B9A84658B0554B1EC35CD9ADAF5, 211C7D2CCEF5F3B7DB02BD81FA034BA1329E76E26E5D36B87618DE3D7129FE95 ] exfat           C:\Windows\system32\drivers\exfat.sys

21:17:43.0484 0x1080  exfat - ok

21:17:43.0502 0x1080  [ FE731D345ED9EEABBC72A59B35941834, 92B20565814B3182A6236DA73557D116FC15B7739DF33714E93C6F962239B6C9 ] fastfat         C:\Windows\system32\drivers\fastfat.sys

21:17:43.0506 0x1080  fastfat - ok

21:17:43.0548 0x1080  [ 989A776A2FF32A148FCF15C44058B129, FD1CB55A8FA76F3BC72C9962D61A16EC003400D4F551184953C87BDAE8A0A727 ] Fax             C:\Windows\system32\fxssvc.exe

21:17:43.0567 0x1080  Fax - ok

21:17:43.0584 0x1080  [ 81B79B6DF71FA1D2C6D688D830616E39, 62F8BC0DB918A49B10A5BE1724A2E2F17FA7D8208D5D86822FACB2DCD97B3591 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys

21:17:43.0586 0x1080  fdc - ok

21:17:43.0605 0x1080  [ BB9267ACACD8B7533DD936C34A0CBA5E, 32DE6E10ABA540D62F0D8AE30DE8769D7BF29E547838BEBE67C04183CC0B32C7 ] fdPHost         C:\Windows\system32\fdPHost.dll

21:17:43.0607 0x1080  fdPHost - ok

21:17:43.0617 0x1080  [ 300C80931EABBE1DB7591C516EFE8D0F, F031DA96B06B6FA8E0AD56D5E10E5A5882765C3FF258A4DE06A47EC34829FF04 ] FDResPub        C:\Windows\system32\fdrespub.dll

21:17:43.0619 0x1080  FDResPub - ok

21:17:43.0639 0x1080  [ 457B7D1D533E4BD62A99AED9C7BB4C59, 3933907DE163F8D3A81ED25169B693D723296C437C7C990BFE9DEFD60F7635FD ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys

21:17:43.0643 0x1080  FileInfo - ok

21:17:43.0660 0x1080  [ D421327FD6EFCCAF884A54C58E1B0D7F, C2F3B72EA36BA8B74A30E128C088307CA768FDBE232BFA216CD78B0F9B7AF18A ] Filetrace       C:\Windows\system32\drivers\filetrace.sys

21:17:43.0662 0x1080  Filetrace - ok

21:17:43.0702 0x1080  [ 81822519C4CBCD0BD4119C10E5A5DE52, 6D311237126687B4AB76E0F189370C6D0F2EB1277259E260B438261EFC0D4602 ] FLCDLOCK        C:\Windows\SysWOW64\flcdlock.exe

21:17:43.0710 0x1080  FLCDLOCK - ok

21:17:43.0728 0x1080  [ 230923EA2B80F79B0F88D90F87B87EBD, 1F3287970FEC73011F3B675C447BF0CA35416490D4740C6960595B091181059C ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys

21:17:43.0730 0x1080  flpydisk - ok

21:17:43.0742 0x1080  [ 7DACF1A3A4219575070C6DC7C957428A, B55B98ECC29CE895E57AA017876772ECF3F2FB5EBE95E1958F61F9D13E7782EE ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys

21:17:43.0750 0x1080  FltMgr - ok

21:17:43.0789 0x1080  [ 73D0F1D32EDAE3DCC4E84468BF910ADD, 246FB79A06A095E578E4A40B57C648D00019C6B61736EAC5ED46374EDAFCD627 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

21:17:43.0791 0x1080  FontCache3.0.0.0 - ok

21:17:43.0840 0x1080  [ 53DAB1791917A72738539AD25C4EED7F, 3DE667E8B894EE1A1A814AF2153901AFE2A320BDB3B2A51330D987636B1BC6BE ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys

21:17:43.0844 0x1080  fssfltr - ok

21:17:43.0925 0x1080  [ 45B52394F9624237F33A8A3D73C0B221, AC3E26F9D0E8A91164C54E87C9C8BFCF824A14C80D4CEF3255C6127A482F25FE ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe

21:17:43.0944 0x1080  fsssvc - ok

21:17:43.0974 0x1080  [ 29D99E860A1CA0A03C6A733FDD0DA703, A5CAEFBFDD74991ECEAA068572E8FAF51BEA2CD4EB39D28EEB60D936760E3589 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys

21:17:43.0975 0x1080  Fs_Rec - ok

21:17:44.0013 0x1080  [ C8E416668D3DC2BE3D4FE4C79224997F, 7DBC8E7687179A649638F606C9584F2E8EC2065762997CDF151F9BB99FA8D535 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys

21:17:44.0025 0x1080  gagp30kx - ok

21:17:44.0102 0x1080  GGSAFERDriver - ok

21:17:44.0176 0x1080  [ 9E5B254D58232EC8921EC3C5A94C81ED, 99465633B61B51079C809113D8B3D1D34E1044068AECF3E9A05DAE4D619C4F9D ] gpsvc           C:\Windows\System32\gpsvc.dll

21:17:44.0189 0x1080  gpsvc - ok

21:17:44.0351 0x1080  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

21:17:44.0353 0x1080  gupdate - ok

21:17:44.0362 0x1080  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

21:17:44.0365 0x1080  gupdatem - ok

21:17:44.0420 0x1080  [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

21:17:44.0423 0x1080  gusvc - ok

21:17:44.0490 0x1080  [ F8F0851D336C3B88DBD7232B6348E09A, BD2D98B419325663FF09B07BA8D0BA47896C4B0CE60A9C73702CCBAA3C6EF1CF ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys

21:17:44.0508 0x1080  hamachi - ok

21:17:44.0541 0x1080  [ 41202372F452CB4E6D15D9DE8784BDDD, 3F71BE7BD300DB149C793909F563418697AA204F78C9DA70E69DAA89911CC447 ] HBtnKey         C:\Windows\system32\DRIVERS\cpqbttn64.sys

21:17:44.0548 0x1080  HBtnKey - ok

21:17:44.0613 0x1080  [ DF45F8142DC6DF9D18C39B3EFFBD0409, E0F04525530FF403C5A34B7E9A03CDE70B7BACE12E2E50103554E92AF374BD09 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

21:17:44.0634 0x1080  HdAudAddService - ok

21:17:44.0659 0x1080  [ 0C0D0F8A3FF09ECC81963D09EC6A0A84, CB5F5E81F6E149D5E65717B5F9D4C3CF52F28FD424D6DECA7116EA3F7DA92265 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys

21:17:44.0660 0x1080  HDAudBus - ok

21:17:44.0687 0x1080  [ B4881C84A180E75B8C25DC1D726C375F, C0BEDBF43EFB0DD442A1D7985EA4A7493671648954B7D1840E30FB2FC46589A4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys

21:17:44.0689 0x1080  HidBth - ok

21:17:44.0701 0x1080  [ 4E77A77E2C986E8F88F996BB3E1AD829, 1748676EB038A145405080B829DF4156C2596691BE5C67FD8269BE8D9351B400 ] HidIr           C:\Windows\system32\drivers\hidir.sys

21:17:44.0703 0x1080  HidIr - ok

21:17:44.0729 0x1080  [ 0AA154538544E988429DA2D5AA803A6C, 72FA9D73CCCEDA49743FD932D2E941CC629634FF472323BACBAA0A4107434551 ] hidserv         C:\Windows\system32\hidserv.dll

21:17:44.0731 0x1080  hidserv - ok

21:17:44.0760 0x1080  [ 59A7B5E13356C20D67983868242167C5, D8618B0B91B1D2A254FF6AD325296726CA62084544FD458B976B137C209F4DB3 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys

21:17:44.0761 0x1080  HidUsb - ok

21:17:44.0776 0x1080  [ B12F367EA39C0795FD57E31242CE1A5A, 498439FE4D1217211EB6C1AC35CDA5D59F3AE8F06AF5E41EE9FDB0DC559FBE27 ] hkmsvc          C:\Windows\system32\kmsvc.dll

21:17:44.0779 0x1080  hkmsvc - ok

21:17:44.0829 0x1080  [ 89F9E1984C1CD9E5F4FE39642D886E11, 5663B9081D469B67A08EB0292DCF41C92150D78C30D2989DF0C9779A67C5544E ] HP Health Check Service c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe

21:17:44.0832 0x1080  HP Health Check Service - ok

21:17:44.0860 0x1080  [ D7109A1E6BD2DFDBCBA72A6BC626A13B, 6141B6645F4152A326ECA8AD0DD04CB38C9EDA395BDF6FF260AB17CB86FC4C87 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys

21:17:44.0863 0x1080  HpCISSs - ok

21:17:44.0884 0x1080  [ 2F396EF793ACF48AD9D2E1F885FC2752, 0271CD866F1EDBC51CEA695124787CFF679169C9DB1D876457D5A5B9F0CAC70B ] hpdskflt        C:\Windows\system32\DRIVERS\hpdskflt.sys

21:17:44.0887 0x1080  hpdskflt - ok

21:17:44.0899 0x1080  [ 0ECC54FD34D6A089C300846B011E81D6, 7C3F04575370912D0DB048B386D018C9F81786E4458FEFE79C19182CFA6386C0 ] HpqKbFiltr      C:\Windows\system32\DRIVERS\HpqKbFiltr.sys

21:17:44.0901 0x1080  HpqKbFiltr - ok

21:17:44.0928 0x1080  [ 1665C7121A026DF10C903DB9BC5E9D43, D96189406774842923BC420C4AF33FA81C83B815E14CE7C444F9CCF545971B7E ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

21:17:44.0932 0x1080  hpqwmiex - ok

21:17:44.0962 0x1080  [ 9EDBF245161654724C8D0AAF2B477809, 36355497F9EB180E3A9EDE65B098236279E1BFA60F6929F92CEC4825B5F83CB0 ] hpsrv           C:\Windows\system32\Hpservice.exe

21:17:44.0964 0x1080  hpsrv - ok

21:17:45.0017 0x1080  [ E690736DA6C543F5D99C8FA27BEA31DB, 2CDD9D548907D28D2E4C25CD3AE48AD0C7B5276A3EF3707B591E374ED8C002F1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys

21:17:45.0037 0x1080  HTTP - ok

21:17:45.0069 0x1080  [ DA94C854CEA5FAC549D4E1F6E88349E8, 10BEB47DB90F55BD1792C2041E49ED13E4E52BCC11BE6599F6DA8D91B79CC8D1 ] i2omp           C:\Windows\system32\drivers\i2omp.sys

21:17:45.0072 0x1080  i2omp - ok

21:17:45.0101 0x1080  [ CBB597659A2713CE0C9CC20C88C7591F, A2BAC75F7247D871842A32EAA7594D338E728D1BFEAEA3C1FCDBF65F007BC06A ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys

21:17:45.0104 0x1080  i8042prt - ok

21:17:45.0166 0x1080  [ 96D36B2CF37308E5BAE3E2993493C330, 860B159C05C93CCA993A4002456A8F96B385ACBD4FADCFBB752E97BF794148E3 ] IAANTMON        C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe

21:17:45.0174 0x1080  IAANTMON - ok

21:17:45.0213 0x1080  [ A5AFC75C01044C0DDA0231C4E26C15A0, 9426F1C24B20E4EEA8E795A3AE49BE27704062FA64314342D82BCE5C6BE65CAE ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys

21:17:45.0220 0x1080  iaStor - ok

21:17:45.0243 0x1080  [ 3E3BF3627D886736D0B4E90054F929F6, 95A138B65DC9133E92F53A529C7AD897D8823EFAED343756549FDF6C8C749CD0 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys

21:17:45.0252 0x1080  iaStorV - ok

21:17:45.0309 0x1080  [ 6F95324909B502E2651442C1548AB12F, FF1B104990FE186C6100ED229A45345FF695323AC778688EC11AA8F5A87B141E ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

21:17:45.0313 0x1080  IDriverT - ok

21:17:45.0385 0x1080  [ 76EA63CDB2D88DAE7209691D089BEF1D, B7C14DA4346FE3B3CBCC2C5FA8DE76E1E3E23907AEED850E367CD5D1F24DBF48 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

21:17:45.0407 0x1080  idsvc - ok

21:17:45.0421 0x1080  [ 8C3951AD2FE886EF76C7B5027C3125D3, 85CF7231756E02BD9E5F4378F3FC794394A072B8028F27827F83ACE9EE554499 ] iirsp           C:\Windows\system32\drivers\iirsp.sys

21:17:45.0423 0x1080  iirsp - ok

21:17:45.0456 0x1080  [ 3A3B232140C33376E134E7B61A0EAA44, 8F4605216DC2F792C0EC01A1FD60A863021E400DB80854EB022CA2CF50A1F706 ] IKEEXT          C:\Windows\System32\ikeext.dll

21:17:45.0469 0x1080  IKEEXT - ok

21:17:45.0493 0x1080  [ DF797A12176F11B2D301C5B234BB200E, 384343636B21CA7EDF28EFD1B6728EAB1508CA49CE48FF3DC0D91DB843C0C73E ] intelide        C:\Windows\system32\drivers\intelide.sys

21:17:45.0495 0x1080  intelide - ok

21:17:45.0513 0x1080  [ BFD84AF32FA1BAD6231C4585CB469630, 33E0842F2D0879B02C115301174FCB19ED3AAF7B1B8E6284839CE16DE56476EA ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys

21:17:45.0515 0x1080  intelppm - ok

21:17:45.0525 0x1080  [ 5624BC1BC5EEB49C0AB76A8114F05EA3, BD5AA534D8A923AF4D205EEC6DA55A3DC5F915E5F3223BF23F24C09824FA90B6 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll

21:17:45.0528 0x1080  IPBusEnum - ok

21:17:45.0551 0x1080  [ 99B821F5BEBD6A3CC3FE564F802AE0FD, ACBD24DF39544B3562E6C80448540DBF9B695F90990CEBBF0C00065B511501D6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys

21:17:45.0555 0x1080  IpFilterDriver - ok

21:17:45.0596 0x1080  [ 3A0427F35E7F8C16BBC5B1BE32B8DE76, 847D45256628086BE984DD508749ABC6945CC4E750FDC2DE1544E72D8D6056EE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll

21:17:45.0601 0x1080  iphlpsvc - ok

21:17:45.0617 0x1080  IpInIp - ok

21:17:45.0635 0x1080  [ 9C2EE2E6E5A7203BFAE15C299475EC67, E51628ECAB9CCCBCE02801C5E71406487A280765FEE318D14B0C227141B87658 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys

21:17:45.0639 0x1080  IPMIDRV - ok

21:17:45.0661 0x1080  [ B7E6212F581EA5F6AB0C3A6CEEEB89BE, C29D7F392116BB09F7047A90702331F200DACFB3C94E7F912932971E0B7F0413 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys

21:17:45.0665 0x1080  IPNAT - ok

21:17:45.0681 0x1080  [ 8C42CA155343A2F11D29FECA67FAA88D, 699F06D25C5F270CE1194F4D350CB0BE22C6AB609EECF35D066C034AC380BEE3 ] IRENUM          C:\Windows\system32\drivers\irenum.sys

21:17:45.0683 0x1080  IRENUM - ok

21:17:45.0695 0x1080  [ 0672BFCEDC6FC468A2B0500D81437F4F, A0322B569C309F258684AFECCD52924A33F363186261730469245B7FA357C645 ] isapnp          C:\Windows\system32\drivers\isapnp.sys

21:17:45.0697 0x1080  isapnp - ok

21:17:45.0736 0x1080  [ 49E4CCBF74783FCE5D2CC1FF6480E1F4, 1685841CD3F64415D7E3DDE6AC4E1D9F21E420089485F23E970CE5C8C2D929F0 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys

21:17:45.0741 0x1080  iScsiPrt - ok

21:17:45.0760 0x1080  [ 63C766CDC609FF8206CB447A65ABBA4A, D9CA006FA852C95E90E8A0837E296FCBFD76246DA8AFDE563863D5F95BDFEC52 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys

21:17:45.0763 0x1080  iteatapi - ok

21:17:45.0775 0x1080  [ 1281FE73B17664631D12F643CBEA3F59, B27571A0348CDF81DC102A61712CBA9A4AF7AC0015A7702B0DE73AD4E4646853 ] iteraid         C:\Windows\system32\drivers\iteraid.sys

21:17:45.0777 0x1080  iteraid - ok

21:17:45.0791 0x1080  [ 423696F3BA6472DD17699209B933BC26, 00C2EAA1A8E9D422D178B7678598743234930C1858D76C632F079EF789BB56C3 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys

21:17:45.0793 0x1080  kbdclass - ok

21:17:45.0802 0x1080  [ BF8783A5066CFECF45095459E8010FA7, 90845E1A154189258B2754C4FF8E6732AA462FF3777E8DFBAF8246C7C5B2740D ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys

21:17:45.0804 0x1080  kbdhid - ok

21:17:45.0827 0x1080  [ 80F4593E92FF960E4763380D3168E498, 56FF903E5569B7FDD4E6CF1722299BC3C90C84AD9358982109C7634C0DE01B25 ] KeyIso          C:\Windows\system32\lsass.exe

21:17:45.0828 0x1080  KeyIso - ok

21:17:45.0871 0x1080  [ CCDCCE6224E1E207E953AF826B98A9D9, E255A21DE2FCB4F89EC694B1A1855119F6D4BDA88CDA358F7A88EEFDE399E048 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys

21:17:45.0887 0x1080  KSecDD - ok

21:17:45.0893 0x1080  [ 1D419CF43DB29396ECD7113D129D94EB, 21ECCE9D17F055C7B5066110864E10C99291CE50B389C545371333904CE2DBB5 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys

21:17:45.0895 0x1080  ksthunk - ok

21:17:45.0938 0x1080  [ 1FAF6926F3416D3DA05C5B265491BDAE, 3989E18522691CC3820092033E00ED39D08861DFB369AA0DFFF4B379E48EA1F0 ] KtmRm           C:\Windows\system32\msdtckrm.dll

21:17:45.0947 0x1080  KtmRm - ok

21:17:46.0016 0x1080  [ 3F27C9CDAE606D74431E3AB39571A7F3, 13DE6CF1E04C3B07A6986DD143B0662110A917D72CA93669006927321663E9D2 ] LanmanServer    C:\Windows\system32\srvsvc.dll

21:17:46.0022 0x1080  LanmanServer - ok

21:17:46.0062 0x1080  [ 6E25FFC6FEAD6544C6E9F1D23329570C, CE9CBE5401AE805E678882ACEFAAF86044E68E04D5FA833DC3246F6E306217D5 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

21:17:46.0069 0x1080  LanmanWorkstation - ok

21:17:46.0111 0x1080  [ C215E09622118383B236DD56C2065183, AF5F7C8806BF9C203DB8AD9DA2062E31FF9A2282B5FE1222A3B9DEEB435EBAB4 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

21:17:46.0113 0x1080  LightScribeService - ok

21:17:46.0135 0x1080  [ 96ECE2659B6654C10A0C310AE3A6D02C, 3322E87B9F64C3ACBCB634F2390AAB212FA7695383BF01F0092A803871BF19B2 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys

21:17:46.0143 0x1080  lltdio - ok

21:17:46.0265 0x1080  [ 961CCBD0B1CCB5675D64976FAE37D092, 258378BE76A13E4368C9587E6A22727721E4B267B0D26D3D3E333B3B2A5A0611 ] lltdsvc         C:\Windows\System32\lltdsvc.dll

21:17:46.0293 0x1080  lltdsvc - ok

21:17:46.0302 0x1080  [ A47F8080CACC23C91FE823AD19AA5612, 161575406D158D6D5C9220F1E82C0CC19108C74ADC35C509BAF9B0C414EFD8EE ] lmhosts         C:\Windows\System32\lmhsvc.dll

21:17:46.0304 0x1080  lmhosts - ok

21:17:46.0327 0x1080  [ ACBE1AF32D3123E330A07BFBC5EC4A9B, 0E17E4DD30B5AF8F269EF8EA003836C9E16273262A050B9BE3ED802DD3AC9319 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys

21:17:46.0332 0x1080  LSI_FC - ok

21:17:46.0350 0x1080  [ 799FFB2FC4729FA46D2157C0065B3525, AB462A34D061C113DA12641C45159A58D0AEA1C440233D061A20DF99586CFA93 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys

21:17:46.0354 0x1080  LSI_SAS - ok

21:17:46.0367 0x1080  [ F445FF1DAAD8A226366BFAF42551226B, 92B63E15363F1EAE8A54D4E74ED21669D0A9FE99C654671556C58456228278B1 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys

21:17:46.0371 0x1080  LSI_SCSI - ok

21:17:46.0393 0x1080  [ 52F87B9CC8932C2A7375C3B2A9BE5E3E, 2EB22DD418D4934BDD22C5DB49D5D06178EC0419AB5CC28DD544CA91823987B0 ] luafv           C:\Windows\system32\drivers\luafv.sys

21:17:46.0396 0x1080  luafv - ok

21:17:46.0509 0x1080  [ 49F5B235EDC9C6AC0ABA44737B190317, 096D8D583ED024F1B3AD30DD5EBA38B1FEE518166E157C0E3890D80687181F60 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe

21:17:46.0516 0x1080  McComponentHostService - ok

21:17:46.0572 0x1080  [ 7CF1B716372B89568AE4C0FE769F5869, 0D70A7A594BCFBB26D7249C0F4B0AF9EF874F2318B3FDCE44648CC61279594ED ] MDM             C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe

21:17:46.0580 0x1080  MDM - ok

21:17:46.0612 0x1080  [ 5C5CD6AACED32FB26C3FB34B3DCF972F, 34A66C21FA79800D3CDE933CFA71343218F94D67AAE763EA0B53AC49060CB6D0 ] megasas         C:\Windows\system32\drivers\megasas.sys

21:17:46.0615 0x1080  megasas - ok

21:17:46.0669 0x1080  [ 859BC2436B076C77C159ED694ACFE8F8, 4AEA57A8B9EACEC1B8DED3ECC95621C56E6D65CFE2DA9F07DAF7C7BAD132B624 ] MegaSR          C:\Windows\system32\drivers\megasr.sys

21:17:46.0682 0x1080  MegaSR - ok

21:17:46.0760 0x1080  [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe

21:17:46.0763 0x1080  Microsoft Office Groove Audit Service - ok

21:17:46.0788 0x1080  [ 3CBE4995E80E13CCFBC42E5DCF3AC81A, 18B0E3E83E41C80809E8140F4C90AB051566C84DD891EA411746EA74E6EAF053 ] MMCSS           C:\Windows\system32\mmcss.dll

21:17:46.0791 0x1080  MMCSS - ok

21:17:46.0810 0x1080  [ 59848D5CC74606F0EE7557983BB73C2E, EA6ACF0619DE1E4272AEDC69F2E66E29DA499E8E8094243C9EF735FD8369229D ] Modem           C:\Windows\system32\drivers\modem.sys

21:17:46.0811 0x1080  Modem - ok

21:17:46.0824 0x1080  [ C247CC2A57E0A0C8C6DCCF7807B3E9E5, 357811D1B8F70828F6432879F59DAB916FBB55673B3473D879382DE33CFB3FAF ] monitor         C:\Windows\system32\DRIVERS\monitor.sys

21:17:46.0825 0x1080  monitor - ok

21:17:46.0834 0x1080  [ 9367304E5E412B120CF5F4EA14E4E4F1, F87EBACEE27A50E6610FDCB4BD3001C35A99FEE6D63D643FF2CBF0D484CD082C ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys

21:17:46.0839 0x1080  mouclass - ok

21:17:46.0853 0x1080  [ C2C2BD5C5CE5AAF786DDD74B75D2AC69, B77E4A7511923E7BD35A177A40B4E461AC9CB050D6F0575D4799DEF85DA6DA38 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys

21:17:46.0855 0x1080  mouhid - ok

21:17:46.0870 0x1080  [ 11BC9B1E8801B01F7F6ADB9EAD30019B, 1BAF820C0AB1B70A114E767B2155A58BF86CD0D9CF582813C1635A86BE3A7A05 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys

21:17:46.0873 0x1080  MountMgr - ok

21:17:46.0940 0x1080  [ 3B9398E0146855B1DC0E3D9769C80F01, DF69DB5CA30A5577648635C27DD468AF98515D07DF379B3FFDCC6B40744EDE66 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

21:17:46.0945 0x1080  MozillaMaintenance - ok

21:17:46.0967 0x1080  [ F8276EB8698142884498A528DFEA8478, C0FF504F721F1D00F42CFE783D4F32C6728518F64646F5C5C11BA3A4824815BB ] mpio            C:\Windows\system32\drivers\mpio.sys

21:17:46.0971 0x1080  mpio - ok

21:17:46.0990 0x1080  [ C92B9ABDB65A5991E00C28F13491DBA2, D1233381A9E4262F0AB396BBDB7DE402D4370805E11EB8A118C846F6E9474098 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys

21:17:46.0993 0x1080  mpsdrv - ok

21:17:47.0031 0x1080  [ 8A670648C755867A3AA38DA50BA569AA, 8CB16EA50DCA5F9C294AC85DE7D2CB7F4B6B5016C1F878BC864D83F2ADF4F423 ] MpsSvc          C:\Windows\system32\mpssvc.dll

21:17:47.0049 0x1080  MpsSvc - ok

21:17:47.0064 0x1080  [ 3C200630A89EF2C0864D515B7A75802E, AA4A312E7A28FCE7A944747BADB809CAAD3D67899EBBE663D473621DB25B140A ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys

21:17:47.0066 0x1080  Mraid35x - ok

21:17:47.0093 0x1080  [ FE2706C15F8345C342820E4E4583FEA0, EA954064272D65E5BDAA66772D35D1BE8985A0ABDA0E09857F8F522BEC37EE70 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys

21:17:47.0098 0x1080  MRxDAV - ok

21:17:47.0150 0x1080  [ B698EB9ACC7ECD4927D99D268918F912, CAC3BDD8EB81725D46AA3A0C3DE70C803ABA7EBA1B2CBA202203730DC191C4B2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys

21:17:47.0155 0x1080  mrxsmb - ok

21:17:47.0197 0x1080  [ 9A797E27FD28500EE13D43000C931435, 4D1956F106529CB003009247FF82A679D8DECD117B413554F71EE267E8D2F670 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys

21:17:47.0205 0x1080  mrxsmb10 - ok

21:17:47.0230 0x1080  [ F9425D610712533107A264E2D5B2154B, DF00BA3E8B0D6A8601A7A65E5FB4FA6AF1BFB20CB1075AA4930D5ED25B724375 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys

21:17:47.0234 0x1080  mrxsmb20 - ok

21:17:47.0262 0x1080  [ 1AC860612B85D8E85EE257D372E39F4D, 74682CCE44BCEE31BCA286D4F4E53B64CAAE244155F2B4C8FEB6AE7C391CA89D ] msahci          C:\Windows\system32\drivers\msahci.sys

21:17:47.0264 0x1080  msahci - ok

21:17:47.0282 0x1080  [ 264BBB4AAF312A485F0E44B65A6B7202, 1DF36540C77D5D885B6C2EE91F0446864D8E6D6CFED87A9ED0765E76FE05E102 ] msdsm           C:\Windows\system32\drivers\msdsm.sys

21:17:47.0287 0x1080  msdsm - ok

21:17:47.0318 0x1080  [ 7EC02CE772F068ED0BEAFA3DA341A9BC, 3B5B4EA0BF1D1E57F4DF74A569304A5EE41821F5E2F352760B8C9CA82C6D8292 ] MSDTC           C:\Windows\System32\msdtc.exe

21:17:47.0323 0x1080  MSDTC - ok

21:17:47.0338 0x1080  [ 704F59BFC4512D2BB0146AEC31B10A7C, F7712944DDC192C47953D577BE31B79B4D11217305B1C3D0DCA31B1518CB8DCB ] Msfs            C:\Windows\system32\drivers\Msfs.sys

21:17:47.0340 0x1080  Msfs - ok

21:17:47.0345 0x1080  [ 00EBC952961664780D43DCA157E79B27, 4F8F5718D8574A128E0F6CD54C9BE59A93A7638A5689A8FF68D0C81D3E67808F ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys

21:17:47.0346 0x1080  msisadrv - ok

21:17:47.0381 0x1080  [ 366B0C1F4478B519C181E37D43DCDA32, A98E2BC397FAD7D90653F55AC283CACAE7465D7F10A198D715046B1D896AF246 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll

21:17:47.0387 0x1080  MSiSCSI - ok

21:17:47.0401 0x1080  msiserver - ok

21:17:47.0417 0x1080  [ 0EA73E498F53B96D83DBFCA074AD4CF8, E3DDE34FCFF272E06CD8DA836F8D79E2515885715D4A7CD7BF8D97D7A4E0E781 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys

21:17:47.0418 0x1080  MSKSSRV - ok

21:17:47.0433 0x1080  [ 52E59B7E992A58E740AA63F57EDBAE8B, A89F607B330BA1F42CA9FF01EF289BBD088350CF376568E58CB9865F1DA6CD72 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys

21:17:47.0435 0x1080  MSPCLOCK - ok

21:17:47.0454 0x1080  [ 49084A75BAE043AE02D5B44D02991BB2, 4CD2692D191035CE9D18F4D21F054FF8C3F9CF2734464EA33EAB480A28AD447F ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys

21:17:47.0456 0x1080  MSPQM - ok

21:17:47.0492 0x1080  [ B8E32E6103FBBA9FBB1D0C11FF0D13B5, A12F218C6B0AFE3CB6E3B5925CFF7FB586946924FA22F4D0478588F1B5CED53A ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys

21:17:47.0501 0x1080  MsRPC - ok

21:17:47.0518 0x1080  [ 855796E59DF77EA93AF46F20155BF55B, 75DFCEE16A9D94EDF74295B9686D92552817E8A00958917CB0E17089EDCF6A97 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys

21:17:47.0519 0x1080  mssmbios - ok

21:17:47.0536 0x1080  [ 86D632D75D05D5B7C7C043FA3564AE86, 96911FBC106B91E76598EE110B5147D4C55E42C9194E857F866B6B395E78D2CB ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys

21:17:47.0537 0x1080  MSTEE - ok

21:17:47.0544 0x1080  [ DDF133501F68D6988A0F55DFA88637B4, 172CDD021E1EBB519168986021EB8129F9D9DF5DE658534C1D4FBDAF22D8B2E8 ] Mup             C:\Windows\system32\Drivers\mup.sys

21:17:47.0547 0x1080  Mup - ok

21:17:47.0574 0x1080  [ C25022CDD18980846973B598900915F8, 43372D206BD98FFBA817551E6D66C8568314636FC0826476F2A706C1F6AFA6CF ] napagent        C:\Windows\system32\qagentRT.dll

21:17:47.0584 0x1080  napagent - ok

21:17:47.0616 0x1080  [ 73B99C98FA3A2ED1566E02D6FE1913A5, 573EF5FF593C9DC91B1586C693E0D9BD956061401D7BF56ECDBE73EF42234738 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys

21:17:47.0623 0x1080  NativeWifiP - ok

21:17:47.0674 0x1080  [ F9A3AE5C9F047D71A36A99F9ABCA7D02, 1F804D9BFB903E7BEE232826AAF5C17CED0E4D010F3754590A009776CC647968 ] NDIS            C:\Windows\system32\drivers\ndis.sys

21:17:47.0694 0x1080  NDIS - ok

21:17:47.0719 0x1080  [ 64DF698A425478E321981431AC171334, C43177CB60F5D58E1FF7A31E9BE5DA7D92C4B25235867DD65BADC069EDF023F3 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys

21:17:47.0721 0x1080  NdisTapi - ok

21:17:47.0728 0x1080  [ 8BAA43196D7B5BB972C9A6B2BBF61A19, 8AFFB26F6E8CF67F562818BBFE12FB448E4FCDF9B68858B625681565DE30DDC1 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys

21:17:47.0730 0x1080  Ndisuio - ok

21:17:47.0750 0x1080  [ 52E3E8E35101399BE9B2938C992AA087, FF71F48DFDEC95C7C57C2CBE2B2B94588683ADFC17B7702CFE49056B0A95A2AD ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys

21:17:47.0756 0x1080  NdisWan - ok

21:17:47.0769 0x1080  [ 9CB77ED7CB72850253E973A2D6AFDF49, C3C15B317A7F7AE68B7BC62343962C47F075240F252727811DB4BEE443F9103F ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys

21:17:47.0772 0x1080  NDProxy - ok

21:17:47.0782 0x1080  [ A499294F5029A7862ADC115BDA7371CE, 6BE0AAFE4EB59E056A929D6C1A009D8DFD547025481108CEFB12E5D6F86DBE14 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys

21:17:47.0785 0x1080  NetBIOS - ok

21:17:47.0805 0x1080  [ 7A29CA243A629230799754162D80120F, 6856641397B5264EE0E35CBF77AD5B4A052D52B25DCC8757AAD9C0FAC7A4067E ] netbt           C:\Windows\system32\DRIVERS\netbt.sys

21:17:47.0813 0x1080  netbt - ok

21:17:47.0835 0x1080  [ 80F4593E92FF960E4763380D3168E498, 56FF903E5569B7FDD4E6CF1722299BC3C90C84AD9358982109C7634C0DE01B25 ] Netlogon        C:\Windows\system32\lsass.exe

21:17:47.0836 0x1080  Netlogon - ok

21:17:47.0872 0x1080  [ 9B63B29DEFC0F3115A559D2597BF5D75, 297319D3F2E97CB34464EA59D8FD96AC2B8B1A4F2AEE666937F16A041128021F ] Netman          C:\Windows\System32\netman.dll

21:17:47.0881 0x1080  Netman - ok

21:17:47.0910 0x1080  [ 7846D0136CC2B264926A73047BA7688A, 6F56CC1B17095C378D98B58A92F9EDA2D009529DDB6F60E815D85C7606C8EDC0 ] netprofm        C:\Windows\System32\netprofm.dll

21:17:47.0918 0x1080  netprofm - ok

21:17:47.0950 0x1080  [ B84613B469B98E09F50A748C1D02E132, E448841E7C4994196AE7487D13A9217669BFCF7619A08A21476C676A547B8ADE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

21:17:47.0952 0x1080  NetTcpPortSharing - ok

21:17:48.0109 0x1080  [ 2BDCB7B7917380794C9D87AC2153CE33, F190B59DDEAE676589D197CF31942EF891CAACA3033353416BC08FEA665F01AA ] NETw5v64        C:\Windows\system32\DRIVERS\NETw5v64.sys

21:17:48.0227 0x1080  NETw5v64 - ok

21:17:48.0268 0x1080  [ 4AC08BD6AF2DF42E0C3196D826C8AEA7, 8D7DE921E14BAF09D7E2704CFB2FB1C8A78A46DAF86CDF7A347C5D113A8C110B ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys

21:17:48.0271 0x1080  nfrd960 - ok

21:17:48.0304 0x1080  [ F145BF4C4668E7E312069F81EF847CFC, C4926EFB41FE2813E90D83456C6CB8F3157D835391B443C7E26168F4E1D67DC7 ] NlaSvc          C:\Windows\System32\nlasvc.dll

21:17:48.0310 0x1080  NlaSvc - ok

21:17:48.0313 0x1080  npf - ok

21:17:48.0323 0x1080  [ B06154E2A2C91E9BE5599FCA53BC4CD0, 7D4DDF1B7C1A8B08231DB9A005CB83E5FBB9681FD35B12C29BA1C9DCA8A5678C ] Npfs            C:\Windows\system32\drivers\Npfs.sys

21:17:48.0326 0x1080  Npfs - ok

21:17:48.0333 0x1080  [ ACB62BAA1C319B17752553DF3026EEEB, 5A309DF390A097245250BB64AD5F8575BECA601E0A122DDCB494C67D3D9EA089 ] nsi             C:\Windows\system32\nsisvc.dll

21:17:48.0335 0x1080  nsi - ok

21:17:48.0343 0x1080  [ 1523AF19EE8B030BA682F7A53537EAEB, B000630CE4B562D39B5EE4148409B2E01D8924D33D27607B24ADC901357E7AA5 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys

21:17:48.0345 0x1080  nsiproxy - ok

21:17:48.0419 0x1080  [ FE86BA5AC3B50E2CA911E9C60C07B638, 8C5E8FDA50C91A6B45DDA7D7BA70B28EDE48259E358E4F59AF9C3ABCD9396FB6 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys

21:17:48.0463 0x1080  Ntfs - ok

21:17:48.0469 0x1080  [ DD5D684975352B85B52E3FD5347C20CB, BB03C50D5178643550C024130E20FD9A023AE110B3C85A2D6E18FB8DBB3A12E4 ] Null            C:\Windows\system32\drivers\Null.sys

21:17:48.0471 0x1080  Null - ok

21:17:48.0497 0x1080  [ 2C040B7ADA5B06F6FACADAC8514AA034, EF32F7C411090230ED1D95B2D01E8464DCC89D72EFD94BBC8DF6856D00B1A783 ] nvraid          C:\Windows\system32\drivers\nvraid.sys

21:17:48.0501 0x1080  nvraid - ok

21:17:48.0521 0x1080  [ F7EA0FE82842D05EDA3EFDD376DBFDBA, 0ED0543A5331C0D8BBFD1BE3174482ED1B3EE70CA41CE8CE5C81977C37B3D129 ] nvstor          C:\Windows\system32\drivers\nvstor.sys

21:17:48.0523 0x1080  nvstor - ok

21:17:48.0542 0x1080  [ 19067CA93075EF4823E3938A686F532F, 81339372E90CE9E2594461146A82B62452CF9DB3FF53381D30F6922059EDCF99 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys

21:17:48.0547 0x1080  nv_agp - ok

21:17:48.0550 0x1080  NwlnkFlt - ok

21:17:48.0553 0x1080  NwlnkFwd - ok

21:17:48.0649 0x1080  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

21:17:48.0660 0x1080  odserv - ok

21:17:48.0695 0x1080  [ 1B30103FDE512915A9214B108B6E7A9C, C572D3DCB2058A0619D165D4EFC389AFB6C93CDD70D80C29ED34C6397C88356B ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys

21:17:48.0698 0x1080  ohci1394 - ok

21:17:48.0735 0x1080  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

21:17:48.0738 0x1080  ose - ok

21:17:48.0803 0x1080  [ 430F35C5592D253F43A26B4F5A523DBF, 0FE1E4BDBFF3DE8B363521C41D8EC56BD4504C129B155ED95731D43DA125B9BB ] p2pimsvc        C:\Windows\system32\p2psvc.dll

21:17:48.0827 0x1080  p2pimsvc - ok

21:17:48.0852 0x1080  [ 430F35C5592D253F43A26B4F5A523DBF, 0FE1E4BDBFF3DE8B363521C41D8EC56BD4504C129B155ED95731D43DA125B9BB ] p2psvc          C:\Windows\system32\p2psvc.dll

21:17:48.0868 0x1080  p2psvc - ok

21:17:48.0900 0x1080  [ 4C6A7FD04DDF4DB88791048382E3EDB1, 0F3827F8C41549C4B41A688ED78B8EE27EBBF5F907595481D37C635D2583DBA6 ] Parport         C:\Windows\system32\DRIVERS\parport.sys

21:17:48.0904 0x1080  Parport - ok

21:17:48.0948 0x1080  [ 5AB40C36894F4C06BDAB0C9A2FBA282D, AD3F5BC00EC03250F103BB854DD94A98D2F1BE283C1C985B4E8DDB6D56B9BC15 ] partmgr         C:\Windows\system32\drivers\partmgr.sys

21:17:48.0951 0x1080  partmgr - ok

21:17:48.0955 0x1080  PBUS - ok

21:17:48.0971 0x1080  [ 9AB157B374192FF276C1628FBDBA2B0E, E63E2EE1ABEEC5234F4F1318757EDB4A7567057B1DF1A2414C8698D47062B6AC ] PcaSvc          C:\Windows\System32\pcasvc.dll

21:17:48.0975 0x1080  PcaSvc - ok

21:17:48.0999 0x1080  [ 2A5B2A51559066EA84742909B5B2CD69, 62ACE27DD439D28FA0FA9A701443A25EDF9BC390BBB25332FC04BF3377795053 ] pci             C:\Windows\system32\drivers\pci.sys

21:17:49.0005 0x1080  pci - ok

21:17:49.0029 0x1080  [ 8D618C829034479985A9ED56106CC732, 9F3773A5184064092920FA2C88CCF5BFE44C63573B443E67230C4F596B7884C2 ] pciide          C:\Windows\system32\drivers\pciide.sys

21:17:49.0031 0x1080  pciide - ok

21:17:49.0053 0x1080  [ A2D6B9C3F532BAA27CB0C158D8EF4DA6, 87983C2428E1C41FC9B11779A5589C853F1FB5F0CEFFB53AFE7ECAB3461568D2 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys

21:17:49.0061 0x1080  pcmcia - ok

21:17:49.0087 0x1080  pdfcDispatcher - ok

21:17:49.0115 0x1080  [ 58865916F53592A61549B04941BFD80D, 3511AF2EFD06636E144C36ECA8C7AA1A33C269EDB10A6D879AA25D9E11359AA9 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys

21:17:49.0137 0x1080  PEAUTH - ok

21:17:49.0190 0x1080  [ 0ED8727EA0172860F47258456C06CAEA, 3CDAA1044E412EC4303CEABD36A8C7BADA2D6C6692E09B8FE440709E3F4F0166 ] PerfHost        C:\Windows\SysWow64\perfhost.exe

21:17:49.0191 0x1080  PerfHost - ok

21:17:49.0265 0x1080  [ 4E87EF38A053F02E454935C8440EC91A, 1EC83AA741EDF4899B73E395C2C3AD92242F5580C5FFDCFD9FEBA0D3330A1D31 ] pgsql-8.3       C:\Program Files (x86)\PostgreSQL\8.3\bin\pg_ctl.exe

21:17:49.0267 0x1080  pgsql-8.3 - ok

21:17:49.0333 0x1080  [ E9E68C1A0F25CF4A7AC966EEA74EE89E, 6C6903A856C29AD690FDA1B74ADB2222C3453FBE2B364245FA61D53C77C586C0 ] pla             C:\Windows\system32\pla.dll

21:17:49.0370 0x1080  pla - ok

21:17:49.0400 0x1080  [ 5AAA0C5534B05ED49919FCD9DBD11A5B, E12044443B0495274D422A851878CC96CAA3C37EA9D4F7C500BE45DFF1060FAA ] PlugPlay        C:\Windows\system32\umpnpmgr.dll

21:17:49.0408 0x1080  PlugPlay - ok

21:17:49.0461 0x1080  [ 430F35C5592D253F43A26B4F5A523DBF, 0FE1E4BDBFF3DE8B363521C41D8EC56BD4504C129B155ED95731D43DA125B9BB ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll

21:17:49.0476 0x1080  PNRPAutoReg - ok

21:17:49.0501 0x1080  [ 430F35C5592D253F43A26B4F5A523DBF, 0FE1E4BDBFF3DE8B363521C41D8EC56BD4504C129B155ED95731D43DA125B9BB ] PNRPsvc         C:\Windows\system32\p2psvc.dll

21:17:49.0517 0x1080  PNRPsvc - ok

21:17:49.0561 0x1080  [ EEF3688D5E9592CBBBED00DE71DDA1EF, 548DACC5FD01ED948723252E32D658C3E5A318546E3AA2D69710D7969D8E0D0D ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll

21:17:49.0575 0x1080  PolicyAgent - ok

21:17:49.0607 0x1080  [ F5739F2C6DB2534C384AD5150808E8F5, CCA899B2D3477219E1424A7162AEF367AD9B8FF88E4782DAC6C74EC70247C552 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys

21:17:49.0611 0x1080  PptpMiniport - ok

21:17:49.0630 0x1080  [ 5080E59ECEE0BC923F14018803AA7A01, 2E201511821AECCF056962399AFA3533ED765A3E7FD30E7B38A6D13837367E69 ] Processor       C:\Windows\system32\drivers\processr.sys

21:17:49.0632 0x1080  Processor - ok

21:17:49.0660 0x1080  [ B21FE10DAD3AB59E78DF7AA3FBF41E70, 11CFACDEDE7FB6FA100E4611CAC32AFDCA556D4BDF674943695FACC44E11EA2C ] ProfSvc         C:\Windows\system32\profsvc.dll

21:17:49.0665 0x1080  ProfSvc - ok

21:17:49.0676 0x1080  [ 80F4593E92FF960E4763380D3168E498, 56FF903E5569B7FDD4E6CF1722299BC3C90C84AD9358982109C7634C0DE01B25 ] ProtectedStorage C:\Windows\system32\lsass.exe

21:17:49.0678 0x1080  ProtectedStorage - ok

21:17:49.0716 0x1080  [ 0E0E205A296095FE4C631E6A4775AD6C, E2F607880C34246595774FE7888F7211B6BDF2A20498154C547713B090A38769 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys

21:17:49.0719 0x1080  PSched - ok

21:17:49.0796 0x1080  [ 0B83F4E681062F3839BE2EC1D98FD94A, 47E1B8014C59981693F5544872AF00383528AAEF0C6FE9AE8C45A6359EFB067D ] ql2300          C:\Windows\system32\drivers\ql2300.sys

21:17:49.0830 0x1080  ql2300 - ok

21:17:49.0861 0x1080  [ E1C80F8D4D1E39EF9595809C1369BF2A, 5C18F8366049C690FC8AA4A992AA0765A6607F72E0EF889A5F3757E59FB1C143 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys

21:17:49.0866 0x1080  ql40xx - ok

21:17:49.0888 0x1080  [ 90574842C3DA781E279061A3EFF91F07, F87DE7355DAA4FACF2126A0427C08BAAD9E647E0B02EE5447746BE969B28DA8D ] QWAVE           C:\Windows\system32\qwave.dll

21:17:49.0896 0x1080  QWAVE - ok

21:17:49.0913 0x1080  [ E8D76EDAB77EC9C634C27B8EAC33ADC5, 171A3C5D5C3C5845C3BF9A4BCD88E744B025C910AC2F528D0E7D66F173FF0BED ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys

21:17:49.0915 0x1080  QWAVEdrv - ok

21:17:49.0926 0x1080  [ 1013B3B663A56D3DDD784F581C1BD005, 36B83F234C2D6A6112BC8B5EF0AB5075EE98AC0BED702C37E4C1C3D17EB49956 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys

21:17:49.0928 0x1080  RasAcd - ok

21:17:49.0976 0x1080  [ B2AE18F847D07F0044404DDF7CB04497, 24B1D5E1D0621160640264656E3D447C611DEE1B0EE308971EF85F0AC3D9F7DD ] RasAuto         C:\Windows\System32\rasauto.dll

21:17:49.0979 0x1080  RasAuto - ok

21:17:49.0995 0x1080  [ 3B9085F91EF00ABD15A6F36570E90E12, 9FE715633828ECED7D9BA050F212AA2AE305023CB9ECF86E5C4029D2906F953B ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys

21:17:49.0999 0x1080  Rasl2tp - ok

21:17:50.0019 0x1080  [ 2A63D46B01685FD4BE9778CA3C231C2D, 5FE84104BBACE5BBC22AC6A30B67E1E707383E0B17AD1D27C11FE9B9E6B0F192 ] RasMan          C:\Windows\System32\rasmans.dll

21:17:50.0026 0x1080  RasMan - ok

21:17:50.0049 0x1080  [ 2CE1703C27196094FB6E4C6E439F2C21, CA15FC617DA68697BE06E9262D5D1291211C9BAC125BAC4842A740D88627B283 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys

21:17:50.0051 0x1080  RasPppoe - ok

21:17:50.0080 0x1080  [ FCD04FA67E8B40FA0AD361DD38593942, 380292419783FA5B8BEE0CEF66CED3B5CF740FF41F50902FA99611367C0533BE ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys

21:17:50.0083 0x1080  RasSstp - ok

21:17:50.0099 0x1080  [ 33FA5B6136D92EE0F53F021C79091300, BEF7E6D07ACF2011D512B267FAED0D9F5165DA5F7DA646396523DEFDF0C21E18 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys

21:17:50.0108 0x1080  rdbss - ok

21:17:50.0112 0x1080  [ 603900CC05F6BE65CCBF373800AF3716, 83B010D51D1087673CF15FD0A992FD91CC910A073FEA9A8F20F6124B6E5489F2 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys

21:17:50.0113 0x1080  RDPCDD - ok

21:17:50.0132 0x1080  [ C045D1FB111C28DF0D1BE8D4BDA22C06, 572986C93B982387EE94797A1EDE1C6C444B0F1078AC8201099452BFA021458F ] rdpdr           C:\Windows\system32\DRIVERS\rdpdr.sys

21:17:50.0141 0x1080  rdpdr - ok

21:17:50.0154 0x1080  [ CAB9421DAF3D97B33D0D055858E2C3AB, 66C353CD310A91FAB0D0871ACCE71110595B63536560D0331DA70B1E33AC45BE ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys

21:17:50.0155 0x1080  RDPENCDD - ok

21:17:50.0183 0x1080  [ 7747082F672AA2846235C9CEA42E2E72, F675464466311DEE6B4EC07B4F734120DEAF4CA32AD6BB02D3C1D4C7D3CBE710 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys

21:17:50.0190 0x1080  RDPWD - ok

21:17:50.0210 0x1080  [ C612B9557DA73F70D41F8A6FBC8E5344, D7D11F202066F848FBD3F26D9FF915C7F3D68F30631393B2049F3AC5A40FD108 ] RemoteAccess    C:\Windows\System32\mprdim.dll

21:17:50.0214 0x1080  RemoteAccess - ok

21:17:50.0238 0x1080  [ 416C611369CBE49074B89CEE2F83ABEF, 238F1F5C532344E63EA23891657E30B00EB4D091C3B485432ED7E814C1026D4F ] RemoteRegistry  C:\Windows\system32\regsvc.dll

21:17:50.0245 0x1080  RemoteRegistry - ok

21:17:50.0272 0x1080  [ 72C35598BA591ABDDC37FCE7D26FE1C4, 6931E6D2FFD21C3F6CC7DBAE65B8B17CB15576C7DDCE165F1305E94D90AB7605 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys

21:17:50.0279 0x1080  RFCOMM - ok

21:17:50.0302 0x1080  [ 528D70EABE8305A02F387FEC839B9A47, EDF7458C4B860B26B95824BD570B8132C273DCEE8C2975F4C39DB530BFA6E572 ] rimmptsk        C:\Windows\system32\DRIVERS\rimmpx64.sys

21:17:50.0305 0x1080  rimmptsk - ok

21:17:50.0327 0x1080  [ BB9EDC55B0B8CB4FCD713428820E0776, 5342230EFF26C7307AFA0E89B7AC7BD5BE5F344DFB5EBFFFE6A449F40280ED21 ] rimsptsk        C:\Windows\system32\DRIVERS\rimspx64.sys

21:17:50.0330 0x1080  rimsptsk - ok

21:17:50.0354 0x1080  [ 858BBB1B592CF7016E67B17B07E20E61, FB8932CF30901A6A1B5DFB5CA3D359F2B4FA6E72218D0B0DA680398265684E5B ] rismcx64        C:\Windows\system32\DRIVERS\rismcx64.sys

21:17:50.0358 0x1080  rismcx64 - ok

21:17:50.0381 0x1080  [ 481C3FDEACAAE04B74C58288DBC91DF9, D7F2AB5E97C0293A5CAC977695EC1D0DBB354D0EA3662D37803098D9477DE03F ] rismxdp         C:\Windows\system32\DRIVERS\rixdpx64.sys

21:17:50.0384 0x1080  rismxdp - ok

21:17:50.0395 0x1080  [ F46C457840D4B7A4DAAFEE739CE04102, 94E946036240B3BAFF17C4A49745E29E492ABBC7BE5110741B212DF4D7F45B84 ] RpcLocator      C:\Windows\system32\locator.exe

21:17:50.0396 0x1080  RpcLocator - ok

21:17:50.0466 0x1080  [ 52CDADE8289FF21F1F2215FF51A5F36C, 27DD3BA84FB864FD685979C3404EFEB536ECD62FEF3069ECADAA5D5CA4469DE8 ] RpcSs           C:\Windows\system32\rpcss.dll

21:17:50.0480 0x1080  RpcSs - ok

21:17:50.0506 0x1080  [ 22A9CB08B1A6707C1550C6BF099AAE73, 46A9D40A03DC0B6C93274C0C1CDB132B2339E76E77CAB0F12AEDAD4C31822B91 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys

21:17:50.0510 0x1080  rspndr - ok

21:17:50.0518 0x1080  [ 80F4593E92FF960E4763380D3168E498, 56FF903E5569B7FDD4E6CF1722299BC3C90C84AD9358982109C7634C0DE01B25 ] SamSs           C:\Windows\system32\lsass.exe

21:17:50.0519 0x1080  SamSs - ok

21:17:50.0543 0x1080  [ CD9C693589C60AD59BBBCFB0E524E01B, F9EBD4FF4C712A563B1120D123012E41105D31402BE45D6F8C8DA71155D64ECB ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys

21:17:50.0547 0x1080  sbp2port - ok

21:17:50.0578 0x1080  [ F024D560FEA06F8B56D673849EB89AE6, 0D7D9642363C05750D068A3A484D268D1BAA56A87D7D7C521EACCD45A5863EC2 ] SCardSvr        C:\Windows\System32\SCardSvr.dll

21:17:50.0583 0x1080  SCardSvr - ok

21:17:50.0649 0x1080  [ CE75D26E0A1106129F4D156851E298ED, EFE9DF62AE04A749D5A101E4274DC46ABC701CFED2C4235BDB7367512598DA18 ] Schedule        C:\Windows\system32\schedsvc.dll

21:17:50.0672 0x1080  Schedule - ok

21:17:50.0697 0x1080  [ EDFFFC8B6AFB609BF33DBE0A900426B6, 069E51698CADB01800CD4D1D98010B809652A93647670EC612373D154FA1E9CC ] SCPolicySvc     C:\Windows\System32\certprop.dll

21:17:50.0698 0x1080  SCPolicySvc - ok

21:17:50.0720 0x1080  [ B42EE50F7D24F837F925332EB349ECA5, 5DA793DADA7E244A48FFE3249A0271974BA31839A70173F2F14BE80673C86014 ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys

21:17:50.0724 0x1080  sdbus - ok

21:17:50.0741 0x1080  [ 4FF71B076A7760FE75EA5AE2D0EE0018, DDDBC9530120F8C1AB449076F6F06F74354149B4C458E6682F957628EE795DE8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll

21:17:50.0745 0x1080  SDRSVC - ok

[Infected by TrojanAgent]

Hello,

 

First all I would to thank you for spending time helping me to get rid of this virus. I have ran Malwarebytes 3 times, but every time the same virus comes back. 

I do not know if it is related, but I have exceeded my download limit today, which is rather impossible. I hardly download anything, the limit is 102GB, and it seems to be exceeded while my computer was idle... If this is unrelated, all help is welcome in how to track the cause of the excessive downloading!

 

A big thanks,

 

Dimi

 

Here are the logs from the DDS:

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 

Internet Explorer: 7.0.6001.18639  BrowserJavaVersion: 1.6.0_14

Run by CZC8507XQB at 15:40:25 on 2014-03-23

Microsoft® Windows Vista™ Business   6.0.6001.1.1252.32.1043.18.4090.1795 [GMT 1:00]

.

AV: ESET NOD32 Antivirus 3.0 *Enabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}

SP: ESET NOD32 Antivirus 3.0 *Enabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\system32\Ati2evxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\Ati2evxx.exe

C:\Windows\system32\AEADISRV.EXE

C:\Windows\system32\agr64svc.exe

C:\Program Files\BrAutomation\AsTools\BrAuthorization\BrAuthorizationSvc.exe

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe

C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe

C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe

C:\Program Files (x86)\PDF Complete\pdfsvc.exe

C:\Program Files (x86)\PostgreSQL\8.3\bin\pg_ctl.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files (x86)\PostgreSQL\8.3\bin\postgres.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Program Files (x86)\PostgreSQL\8.3\bin\postgres.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files (x86)\PostgreSQL\8.3\bin\postgres.exe

C:\Program Files (x86)\PostgreSQL\8.3\bin\postgres.exe

C:\Program Files (x86)\PostgreSQL\8.3\bin\postgres.exe

C:\Program Files (x86)\PostgreSQL\8.3\bin\postgres.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\System32\alg.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANOTIF.EXE

C:\Windows\snuvcdsm.exe

C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe

C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe

C:\Program Files (x86)\Steam\Steam.exe

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Program Files (x86)\Hp\HP Software Update\hpwuSchd2.exe

C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe

C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe

C:\Program Files (x86)\Microsoft Games\Age of Empires II\Config.exe

C:\Program Files (x86)\Java\jre6\bin\jusched.exe

C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe

C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe

C:\Windows\system32\msiexec.exe

C:\Program Files (x86)\Common Files\Steam\SteamService.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

C:\Windows\system32\wuauclt.exe

C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe

C:\Program Files (x86)\Steam\GameOverlayUI.exe

C:\Windows\System32\SnippingTool.exe

C:\Windows\SYSTEM32\WISPTIS.EXE

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Windows\sysWOW64\wbem\wmiprvse.exe

C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>

BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

BHO: Windows Live Aanmelden - Help: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden

uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

uRun: [utopia Angel] "C:\Utopia\Angel\Angel.exe"

uRun: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020

uRun: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe

uRun: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silent

uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [QlbCtrl.exe] "C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" /Start

mRun: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe

mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe

mRun: [PDF Complete] "C:\Program Files (x86)\PDF Complete\pdfsty.exe"

mRun: [hpWirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

mRun: [WatchDog] "C:\Program Files (x86)\InterVideo\DVD Check\DVDCheck.exe"

mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

mRun: [soundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe

mRun: [Config] "C:\Program Files (x86)\Microsoft Games\Age Of Empires ii\Config.exe"

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"

mRun: [NBKeyScan] "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mExplorerRun: [42033] C:\PROGRA~3\LOCALS~1\Temp\mseqwbi.scr

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\DVDCHE~1.LNK - C:\Program Files (x86)\InterVideo\DVD Check\DVDCheck.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200

IE: E&xporteren naar Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll

IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe

IE: {878AC5FC-BE78-4bae-896C-7F75B790A71E} - C:\Program Files (x86)\PokerStars.BE\PokerStarsUpdate.exe

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

IE: {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe

IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

TCP: NameServer = 195.130.131.2 195.130.130.130

TCP: Interfaces\{19529A3F-73CB-49DA-81E3-B7D08B2DF1BF} : DHCPNameServer = 195.130.131.2 195.130.130.130

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

Notify: DeviceNP - DeviceNP.dll

SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

LSA: Security Packages =  kerberos msv1_0 schannel wdigest tspkg

mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

x64-BHO: Windows Live Family Safety Browser Helper Class: {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll

x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-Run: [Windows Defender] C:\Program Files (x86)\Windows Defender\MSASCui.exe -hide

x64-Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

x64-Run: [soundMAX] "C:\Program Files (x86)\Analog Devices\SoundMAX\soundmax.exe" /tray

x64-Run: [iAAnotif] "C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe"

x64-Run: [snuvcdsm] C:\Windows\snuvcdsm.exe

x64-Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice

x64-ExplorerRun: [42033] C:\PROGRA~3\LOCALS~1\Temp\mseqwbi.scr

x64-mPolicies-Explorer: NoActiveDesktop = dword:1

x64-mPolicies-Explorer: NoActiveDesktopChanges = dword:1

x64-mPolicies-System: EnableUIADesktopToggle = dword:0

x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>

x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

Hosts: 173.212.255.178 ad.garenanow.com

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\CZC8507XQB\AppData\Roaming\Mozilla\Firefox\Profiles\v05rurev.default\

FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll

FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

FF - plugin: C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMSS.dll

FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll

.

---- FIREFOX POLICIES ----

FF - user.js: extensions.funmoods_i.hmpg - true

FF - user.js: extensions.funmoods_i.dfltSrch - true

FF - user.js: extensions.funmoods_i.srchPrvdr - Search

FF - user.js: extensions.funmoods_i.dnsErr - true

FF - user.js: extensions.funmoods_i.newTab - true

FF - user.js: extensions.funmoods_i.id - 86dda43100000000000000216b2c7322

FF - user.js: extensions.funmoods_i.instlDay - 15374

FF - user.js: extensions.funmoods_i.vrsn - 1.5.11.16

FF - user.js: extensions.funmoods_i.vrsni - 1.5.11.16

FF - user.js: extensions.funmoods_i.vrsnTs - 1.5.11.1615:57:40

FF - user.js: extensions.funmoods_i.prtnrId - funmoods

FF - user.js: extensions.funmoods_i.prdct - funmoods

FF - user.js: extensions.funmoods_i.aflt - ddrnw

FF - user.js: extensions.funmoods_i.smplGrp - none

FF - user.js: extensions.funmoods_i.tlbrId - base

FF - user.js: extensions.funmoods_i.instlRef - 

FF - user.js: extensions.funmoods_i.dfltLng - 

FF - user.js: extensions.funmoods_i.excTlbr - false

.

============= SERVICES / DRIVERS ===============

.

R1 epfwtdir;epfwtdir;C:\Windows\System32\drivers\epfwtdir.sys [2009-10-7 38776]

R2 BrAuthorizationSvcx;B&R Authorization;C:\Program Files\BrAutomation\AsTools\BrAuthorization\BrAuthorizationSvc.exe [2008-12-18 40960]

R2 ekrn;Eset Service;C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2008-8-18 472280]

R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2009-1-6 576024]

R2 pgsql-8.3;PostgreSQL Database Server 8.3;C:\Program Files (x86)\PostgreSQL\8.3\bin\pg_ctl.exe [2008-9-19 65536]

R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-9 3275136]

R3 Com4QLBEx;Com4QLBEx;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-1-6 193840]

R3 e1yexpress;Intel® Gigabit Network Connections Driver;C:\Windows\System32\drivers\e1y60x64.sys [2009-1-6 315008]

R3 NETw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\NETw5v64.sys [2008-11-17 4751360]

R3 rismcx64;RICOH Smart Card Reader;C:\Windows\System32\drivers\rismcx64.sys [2009-1-6 79872]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]

S3 DAMDrv;DAMDrv;C:\Windows\System32\drivers\DAMDrv64.sys [2008-4-9 38912]

S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;C:\Windows\SysWOW64\flcdlock.exe [2008-4-21 349432]

S3 fssfltr;FssFltr;C:\Windows\System32\drivers\fssfltr.sys [2009-11-10 61280]

S3 fsssvc;De service Windows Live Family Safety;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-4-28 704872]

S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [2014-1-16 289256]

S3 PerfHost;Host van prestatiemeter-DLL;C:\Windows\SysWOW64\perfhost.exe [2008-1-21 19968]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-3-18 1020768]

S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2012-11-1 93184]

S4 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2008-4-7 28464]

.

=============== Created Last 30 ================

.

.

==================== Find3M  ====================

.

2014-03-19 18:47:31 90015360 ----a-w- C:\Windows\System32\mrt.exe

2014-03-12 19:47:45 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2014-03-12 19:47:45 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2014-01-06 19:23:36 4558848 ----a-w- C:\Windows\SysWow64\GPhotos.scr

2013-12-23 17:55:32 381440 ----a-w- C:\Windows\System32\drivers\sptd.sys

.

============= FINISH: 15:41:55,64 ===============

 

 

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft® Windows Vista™ Business 

Boot Device: \Device\HarddiskVolume1

Install Date: 6/01/2009 5:36:27

System Uptime: 23/03/2014 15:11:48 (0 hours ago)

.

Motherboard: Hewlett-Packard |  | 30E7

Processor: Intel® Core2 Duo CPU     T9400  @ 2.53GHz | Intel® Genuine processor | 2534/266mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 233 GiB total, 16,199 GiB free.

Z: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: Microsoft 6to4 Adapter

Device ID: ROOT\*6TO4MP\0026

Manufacturer: Microsoft

Name: Microsoft 6to4 Adapter

PNP Device ID: ROOT\*6TO4MP\0026

Service: tunnel

.

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: Microsoft 6to4 Adapter

Device ID: ROOT\*6TO4MP\0027

Manufacturer: Microsoft

Name: Microsoft 6to4 Adapter #2

PNP Device ID: ROOT\*6TO4MP\0027

Service: tunnel

.

Class GUID: 

Description: Fingerprint Sensor

Device ID: USB\VID_08FF&PID_2810\5&2529B433&0&1

Manufacturer: 

Name: Fingerprint Sensor

PNP Device ID: USB\VID_08FF&PID_2810\5&2529B433&0&1

Service: 

.

==== System Restore Points ===================

.

RP982: 21/03/2014 18:10:36 - Windows Update

.

==== Installed Programs ======================

.

 Update for Microsoft Office 2007 (KB2508958)

Acrobat.com

Adobe AIR

Adobe Flash Player 12 ActiveX

Adobe Flash Player 12 Plugin

Adobe Reader 9.5.5 - Nederlands

Adobe Shockwave Player 12.0

Age Of Empires II(All in One)

Age of Empires II: HD Edition

Agere Systems HDA Modem

ATI Catalyst Install Manager

µTorrent

AutoHotkey 1.1.07.03

BIOS Configuration for HP ProtectTools

Brorsoft Video Converter Ver 1.3.1.5065

Catalyst Control Center - Branding

Catalyst Control Center Core Implementation

Catalyst Control Center Graphics Full Existing

Catalyst Control Center Graphics Full New

Catalyst Control Center Graphics Light

Catalyst Control Center Graphics Previews Vista

Catalyst Control Center Localization Chinese Standard

Catalyst Control Center Localization Chinese Traditional

Catalyst Control Center Localization Czech

Catalyst Control Center Localization Danish

Catalyst Control Center Localization Dutch

Catalyst Control Center Localization Finnish

Catalyst Control Center Localization French

Catalyst Control Center Localization German

Catalyst Control Center Localization Greek

Catalyst Control Center Localization Hungarian

Catalyst Control Center Localization Italian

Catalyst Control Center Localization Japanese

Catalyst Control Center Localization Korean

Catalyst Control Center Localization Norwegian

Catalyst Control Center Localization Polish

Catalyst Control Center Localization Portuguese

Catalyst Control Center Localization Russian

Catalyst Control Center Localization Spanish

Catalyst Control Center Localization Swedish

Catalyst Control Center Localization Thai

Catalyst Control Center Localization Turkish

ccc-core-static

ccc-utility64

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

Counter-Strike 1.6

Device Access Manager for HP ProtectTools

Dota 2

ESET NOD32 Antivirus

ESU for Microsoft Vista SP1

Football Manager 2014

Free Avi To Mp4 Converter

Full Tilt Poker

GanttProject

Google Chrome

Google Update Helper

Hewlett-Packard Active Check for Health Check

Hewlett-Packard Asset Agent for Health Check

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

HP 3D DriveGuard

HP Active Support Library

HP Doc Viewer

HP Help and Support

HP Integrated Module with Bluetooth wireless technology 6.0.1.6204

HP MULTIPLE MODEM INSTALLER for VISTA

HP Performance Tuning Framework

HP Quick Launch Buttons 6.40 F1

HP Update

HP User Guides 0099

HP Wallpaper

HP Webcam

HP Webcam Application

HP Wireless Assistant

Intel® Network Connections Drivers

Intel® Matrix Storage Manager

InterVideo DVD Check

InterVideo WinDVD

Java 6 Update 14

Java 6 Update 6

JDownloader 0.9

Junk Mail filter update

Kruidvat fotoservice

LightScribe System Software  1.12.37.1

Malwarebytes Anti-Malware versie 1.75.0.1300

MathType 5

McAfee Security Scan Plus

Microsoft-invoegtoepassing Opslaan als PDF of XPS voor 2007 Microsoft Office-programma's

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Security Update (KB2416447)

Microsoft .NET Framework 1.1 Security Update (KB979906)

Microsoft .NET Framework 3.5 Language Pack SP1 - nld

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Client Profile NLD Language Pack

Microsoft Application Error Reporting

Microsoft Choice Guard

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Access MUI (Dutch) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (Dutch) 2007

Microsoft Office Groove MUI (Dutch) 2007

Microsoft Office InfoPath MUI (Dutch) 2007

Microsoft Office Live Add-in 1.3

Microsoft Office Office 64-bit Components 2007

Microsoft Office OneNote MUI (Dutch) 2007

Microsoft Office Outlook MUI (Dutch) 2007

Microsoft Office PowerPoint MUI (Dutch) 2007

Microsoft Office Proof (Dutch) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (German) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (Dutch) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (Dutch) 2007

Microsoft Office Shared 64-bit MUI (Dutch) 2007

Microsoft Office Shared 64-bit MUI (English) 2007

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007

Microsoft Office Shared MUI (Dutch) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Visio 2007 Service Pack 3 (SP3)

Microsoft Office Visio MUI (English) 2007

Microsoft Office Visio Professional 2007

Microsoft Office Word MUI (Dutch) 2007

Microsoft Silverlight

Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable (x64)

Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175

Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106

Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106

Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106

Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106

Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106

Microsoft WSE 3.0 Runtime

mIRC

Mozilla Firefox 26.0 (x86 nl)

Mozilla Maintenance Service

MSVCRT

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

neroxml

Pando Media Booster

PartyPoker

PDF Complete

Personalize Your PC

Picasa 3

Poker Partouche.be

PokerStars

PokerStars.be

PokerTracker 3 (remove only)

PostgreSQL 8.3

RapidShare Manager

RICOH R5C853 Media Driver Ver.1.02.00.09

Security Update for CAPICOM (KB931906)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2817641) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2837615) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition 

Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition 

Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition 

Security Update for Microsoft Office Outlook 2007 (KB2825644) 32-Bit Edition 

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition 

Security Update for Microsoft Office Visio 2007 suites (KB2596595) 32-Bit Edition 

Security Update for Microsoft Office Word 2007 (KB2837617) 32-Bit Edition 

Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2478663)

Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2518870)

Skins

Skype Click to Call

Skype™ 6.14

SoundMAX

Spotify

Steam

Super Monday Night Combat

swMSM

Synaptics Pointing Device Driver

Taalpakket voor Microsoft .NET Framework 3.5 SP1 - NL

Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD

TeamSpeak 3 Client

Tell Poker

The Sims 3

UltimateBet

Unibet

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft .NET Framework 4 Client Profile (KB2473228)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition

Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2878234) 32-Bit Edition

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Visio 2007 Help (KB963666)

Update voor Microsoft Office Excel 2007 Help (KB963678)

Update voor Microsoft Office Powerpoint 2007 Help (KB963669)

Update voor Microsoft Office Word 2007 Help (KB963665)

Vista Default Settings

VLC media player 2.0.6

Windows Live - Hulpprogramma voor uploaden

Windows Live aanmeldhulp

Windows Live Call

Windows Live Communications Platform

Windows Live Essentials

Windows Live Family Safety

Windows Live Mail

Windows Live Messenger

WinRAR

.

==== End Of File ===========================