Go Back   Cyber Tech Help Support Forums > Software > Malware Removal Forum

Notices

Reply
 
Topic Tools
  #31  
Old January 4th, 2017, 05:36 AM
ryno ryno is offline
CTH Subscriber
 
Join Date: Aug 2007
Posts: 177
RogueKiller V12.9.1.0 [Jan 2 2017] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Started in : Normal mode
User : ryan [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller.exe
Mode : Scan -- Date : 01/03/2017 16:43:52 (Duration : 01:56:48)

Processes : 0

Registry : 31
[PUM.Proxy] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\N laSvc\Parameters\Internet\ManualProxies | (default) : -> Found
[PUM.Proxy] HKEY_LOCAL_MACHINE\System\ControlSet003\Services\N laSvc\Parameters\Internet\ManualProxies | (default) : -> Found
[PUM.HomePage] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Start Page : http://homepage.acer.com/rdr.aspx?b=...m=aspire_4810t -> Found
[PUM.HomePage] HKEY_USERS\S-1-5-21-1035236229-421214943-2964462030-1000\Software\Microsoft\Internet Explorer\Main | Start Page : https://spirit.flica.net/index.html?...20160101120311 -> Found
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | TCP Query User{C04E0068-4CED-42BD-BA81-CCFAABA1C4C1}C:\users\ryan\appdata\local\temp\temp 1_ipcameratool version 1.0.0.1 - 20131120.zip\ipcamera.exe : v2.0|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Pr ofile=Private|App=C:\users\ryan\appdata\local\temp \temp1_ipcameratool version 1.0.0.1 - 20131120.zip\ipcamera.exe|Name=ipcamera.exe|Desc=i pcamera.exe|Edge=FALSE| [-] -> Found
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | UDP Query User{8D36467C-DC69-4476-A2AB-4522F19ACE3A}C:\users\ryan\appdata\local\temp\temp 1_ipcameratool version 1.0.0.1 - 20131120.zip\ipcamera.exe : v2.0|Action=Allow|Active=TRUE|Dir=In|Protocol=17|P rofile=Private|App=C:\users\ryan\appdata\local\tem p\temp1_ipcameratool version 1.0.0.1 - 20131120.zip\ipcamera.exe|Name=ipcamera.exe|Desc=i pcamera.exe|Edge=FALSE| [-] -> Found
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | TCP Query User{54DC915A-800E-40D2-A7FF-B400DFBEEE4F}C:\users\ryan\appdata\local\temp\temp 2_ipcameratool version 1.0.0.1 - 20131120.zip\ipcamera.exe : v2.0|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Pr ofile=Private|App=C:\users\ryan\appdata\local\temp \temp2_ipcameratool version 1.0.0.1 - 20131120.zip\ipcamera.exe|Name=ipcamera.exe|Desc=i pcamera.exe|Edge=FALSE| [-] -> Found
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | UDP Query User{D4B17561-FD5A-41F4-B4F2-41C518C5F86B}C:\users\ryan\appdata\local\temp\temp 2_ipcameratool version 1.0.0.1 - 20131120.zip\ipcamera.exe : v2.0|Action=Allow|Active=TRUE|Dir=In|Protocol=17|P rofile=Private|App=C:\users\ryan\appdata\local\tem p\temp2_ipcameratool version 1.0.0.1 - 20131120.zip\ipcamera.exe|Name=ipcamera.exe|Desc=i pcamera.exe|Edge=FALSE| [-] -> Found
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | TCP Query User{87BBFB4D-8DE9-4456-9DF6-95F93177F665}C:\users\ryan\appdata\local\temp\temp 3_ipcameratool version 1.0.0.1 - 20131120.zip\ipcamera.exe : v2.0|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Pr ofile=Private|App=C:\users\ryan\appdata\local\temp \temp3_ipcameratool version 1.0.0.1 - 20131120.zip\ipcamera.exe|Name=ipcamera.exe|Desc=i pcamera.exe|Edge=FALSE| [-] -> Found
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | UDP Query User{596F9469-A559-47BC-B4A3-EC1FFA636C27}C:\users\ryan\appdata\local\temp\temp 3_ipcameratool version 1.0.0.1 - 20131120.zip\ipcamera.exe : v2.0|Action=Allow|Active=TRUE|Dir=In|Protocol=17|P rofile=Private|App=C:\users\ryan\appdata\local\tem p\temp3_ipcameratool version 1.0.0.1 - 20131120.zip\ipcamera.exe|Name=ipcamera.exe|Desc=i pcamera.exe|Edge=FALSE| [-] -> Found
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | TCP Query User{E940CA82-7421-4D1A-9EA2-60920E0FD5A1}C:\users\ryan\appdata\local\temp\temp 4_ipcameratool version 1.0.0.1 - 20131120.zip\ipcamera.exe : v2.0|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Pr ofile=Private|App=C:\users\ryan\appdata\local\temp \temp4_ipcameratool version 1.0.0.1 - 20131120.zip\ipcamera.exe|Name=ipcamera.exe|Desc=i pcamera.exe|Edge=FALSE| [x] -> Found
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | UDP Query User{A90535BE-0826-44D2-9594-AAA7EB422F18}C:\users\ryan\appdata\local\temp\temp 4_ipcameratool version 1.0.0.1 - 20131120.zip\ipcamera.exe : v2.0|Action=Allow|Active=TRUE|Dir=In|Protocol=17|P rofile=Private|App=C:\users\ryan\appdata\local\tem p\temp4_ipcameratool version 1.0.0.1 - 20131120.zip\ipcamera.exe|Name=ipcamera.exe|Desc=i pcamera.exe|Edge=FALSE| [x] -> Found
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | TCP Query User{8724BDC1-BBDB-4AD3-9260-1193E4BBA3D3}C:\users\ryan\appdata\local\temp\lmic 1cd.tmp\logmein client.exe : v2.0|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Pr ofile=Private|App=C:\users\ryan\appdata\local\temp \lmic1cd.tmp\logmein client.exe|Name=logmein client.exe|Desc=logmein client.exe|Edge=FALSE| [x] -> Found
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | UDP Query User{68A81238-6FCF-48FD-9EC7-2F2B11DB2CCF}C:\users\ryan\appdata\local\temp\lmic 1cd.tmp\logmein client.exe : v2.0|Action=Allow|Active=TRUE|Dir=In|Protocol=17|P rofile=Private|App=C:\users\ryan\appdata\local\tem p\lmic1cd.tmp\logmein client.exe|Name=logmein client.exe|Desc=logmein client.exe|Edge=FALSE| [x] -> Found
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | TCP Query User{8B48AF91-FC9D-4B94-844A-4626711B0B9A}C:\programdata\blockbuster on demand\blockbusterondemand.exe : v2.0|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Pr ofile=Private|App=C:\programdata\blockbuster on demand\blockbusterondemand.exe|Name=BlockbusterOnD emand|Desc=BlockbusterOnDemand|Edge=FALSE| [x] -> Found
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | UDP Query User{EE48E03F-9E0A-499A-97AD-AFA94FFD8FC7}C:\programdata\blockbuster on demand\blockbusterondemand.exe : v2.0|Action=Allow|Active=TRUE|Dir=In|Protocol=17|P rofile=Private|App=C:\programdata\blockbuster on demand\blockbusterondemand.exe|Name=BlockbusterOnD emand|Desc=BlockbusterOnDemand|Edge=FALSE| [x] -> Found
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet003\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | TCP Query User{C04E0068-4CED-42BD-BA81-CCFAABA1C4C1}C:\users\ryan\appdata\local\temp\temp 1_ipcameratool version 1.0.0.1 - 20131120.zip\ipcamera.exe : v2.0|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Pr ofile=Private|App=C:\users\ryan\appdata\local\temp \temp1_ipcameratool version 1.0.0.1 - 20131120.zip\ipcamera.exe|Name=ipcamera.exe|Desc=i pcamera.exe|Edge=FALSE| [-] -> Found
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet003\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | UDP Query User{8D36467C-DC69-4476-A2AB-4522F19ACE3A}C:\users\ryan\appdata\local\temp\temp 1_ipcameratool version 1.0.0.1 - 20131120.zip\ipcamera.exe : v2.0|Action=Allow|Active=TRUE|Dir=In|Protocol=17|P rofile=Private|App=C:\users\ryan\appdata\local\tem p\temp1_ipcameratool version 1.0.0.1 - 20131120.zip\ipcamera.exe|Name=ipcamera.exe|Desc=i pcamera.exe|Edge=FALSE| [-] -> Found
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet003\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | TCP Query User{54DC915A-800E-40D2-A7FF-B400DFBEEE4F}C:\users\ryan\appdata\local\temp\temp 2_ipcameratool version 1.0.0.1 - 20131120.zip\ipcamera.exe : v2.0|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Pr ofile=Private|App=C:\users\ryan\appdata\local\temp \temp2_ipcameratool version 1.0.0.1 - 20131120.zip\ipcamera.exe|Name=ipcamera.exe|Desc=i pcamera.exe|Edge=FALSE| [-] -> Found
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet003\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | UDP Query User{D4B17561-FD5A-41F4-B4F2-41C518C5F86B}C:\users\ryan\appdata\local\temp\temp 2_ipcameratool version 1.0.0.1 - 20131120.zip\ipcamera.exe : v2.0|Action=Allow|Active=TRUE|Dir=In|Protocol=17|P rofile=Private|App=C:\users\ryan\appdata\local\tem p\temp2_ipcameratool version 1.0.0.1 - 20131120.zip\ipcamera.exe|Name=ipcamera.exe|Desc=i pcamera.exe|Edge=FALSE| [-] -> Found
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet003\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | TCP Query User{87BBFB4D-8DE9-4456-9DF6-95F93177F665}C:\users\ryan\appdata\local\temp\temp 3_ipcameratool version 1.0.0.1 - 20131120.zip\ipcamera.exe : v2.0|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Pr ofile=Private|App=C:\users\ryan\appdata\local\temp \temp3_ipcameratool version 1.0.0.1 - 20131120.zip\ipcamera.exe|Name=ipcamera.exe|Desc=i pcamera.exe|Edge=FALSE| [-] -> Found
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet003\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | UDP Query User{596F9469-A559-47BC-B4A3-EC1FFA636C27}C:\users\ryan\appdata\local\temp\temp 3_ipcameratool version 1.0.0.1 - 20131120.zip\ipcamera.exe : v2.0|Action=Allow|Active=TRUE|Dir=In|Protocol=17|P rofile=Private|App=C:\users\ryan\appdata\local\tem p\temp3_ipcameratool version 1.0.0.1 - 20131120.zip\ipcamera.exe|Name=ipcamera.exe|Desc=i pcamera.exe|Edge=FALSE| [-] -> Found
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet003\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | TCP Query User{E940CA82-7421-4D1A-9EA2-60920E0FD5A1}C:\users\ryan\appdata\local\temp\temp 4_ipcameratool version 1.0.0.1 - 20131120.zip\ipcamera.exe : v2.0|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Pr ofile=Private|App=C:\users\ryan\appdata\local\temp \temp4_ipcameratool version 1.0.0.1 - 20131120.zip\ipcamera.exe|Name=ipcamera.exe|Desc=i pcamera.exe|Edge=FALSE| [x] -> Found
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet003\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | UDP Query User{A90535BE-0826-44D2-9594-AAA7EB422F18}C:\users\ryan\appdata\local\temp\temp 4_ipcameratool version 1.0.0.1 - 20131120.zip\ipcamera.exe : v2.0|Action=Allow|Active=TRUE|Dir=In|Protocol=17|P rofile=Private|App=C:\users\ryan\appdata\local\tem p\temp4_ipcameratool version 1.0.0.1 - 20131120.zip\ipcamera.exe|Name=ipcamera.exe|Desc=i pcamera.exe|Edge=FALSE| [x] -> Found
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet003\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | TCP Query User{8724BDC1-BBDB-4AD3-9260-1193E4BBA3D3}C:\users\ryan\appdata\local\temp\lmic 1cd.tmp\logmein client.exe : v2.0|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Pr ofile=Private|App=C:\users\ryan\appdata\local\temp \lmic1cd.tmp\logmein client.exe|Name=logmein client.exe|Desc=logmein client.exe|Edge=FALSE| [x] -> Found
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet003\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | UDP Query User{68A81238-6FCF-48FD-9EC7-2F2B11DB2CCF}C:\users\ryan\appdata\local\temp\lmic 1cd.tmp\logmein client.exe : v2.0|Action=Allow|Active=TRUE|Dir=In|Protocol=17|P rofile=Private|App=C:\users\ryan\appdata\local\tem p\lmic1cd.tmp\logmein client.exe|Name=logmein client.exe|Desc=logmein client.exe|Edge=FALSE| [x] -> Found
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet003\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | TCP Query User{8B48AF91-FC9D-4B94-844A-4626711B0B9A}C:\programdata\blockbuster on demand\blockbusterondemand.exe : v2.0|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Pr ofile=Private|App=C:\programdata\blockbuster on demand\blockbusterondemand.exe|Name=BlockbusterOnD emand|Desc=BlockbusterOnDemand|Edge=FALSE| [x] -> Found
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet003\Services\S haredAccess\Parameters\FirewallPolicy\FirewallRule s | UDP Query User{EE48E03F-9E0A-499A-97AD-AFA94FFD8FC7}C:\programdata\blockbuster on demand\blockbusterondemand.exe : v2.0|Action=Allow|Active=TRUE|Dir=In|Protocol=17|P rofile=Private|App=C:\programdata\blockbuster on demand\blockbusterondemand.exe|Name=BlockbusterOnD emand|Desc=BlockbusterOnDemand|Edge=FALSE| [x] -> Found
[PUM.StartMenu] HKEY_USERS\S-1-5-21-1035236229-421214943-2964462030-1000\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Advanced | Start_ShowPrinters : 0 -> Found
[PUM.StartMenu] HKEY_USERS\S-1-5-21-1035236229-421214943-2964462030-1000\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Advanced | Start_ShowRecentDocs : 0 -> Found
[PUM.WallPaper] HKEY_USERS\S-1-5-21-1035236229-421214943-2964462030-1000\Control Panel\Desktop | WallPaper : -> Found

Tasks : 0

Files : 4
[Hj.Shortcut][File] C:\Users\ryan\Desktop\AT&T Service Information.lnk [LNK@] C:\PROGRA~1\MOZILL~1\firefox.exe http://att.com/userguides -> Found
[Hj.Shortcut][File] C:\Users\ryan\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\Power E-TRADE Pro.lnk [LNK@] C:\PROGRA~1\INTERN~1\iexplore.exe https://us.etrade.com/e/t/user/login_etpro -> Found
[Hj.Shortcut][File] C:\Users\ryan\Desktop\AT&T Service Information.lnk [LNK@] C:\PROGRA~1\MOZILL~1\firefox.exe http://att.com/userguides -> Found
[Hj.Shortcut][File] C:\Users\ryan\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\Power E-TRADE Pro.lnk [LNK@] C:\PROGRA~1\INTERN~1\iexplore.exe https://us.etrade.com/e/t/user/login_etpro -> Found

WMI : 0

Hosts File : 0

Antirootkit : 0 (Driver: Loaded)

Web browsers : 0

MBR Check :
+++++ PhysicalDrive0: +++++
--- User ---
[MBR] 6bf690d13d2beb46bf4e882aff3f4a38
[BSP] 930414f638cc2380a942806440dd14f2 : Windows XP|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 10000 MB
1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 20482048 | Size: 295243 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK
Reply With Quote


  #32  
Old January 5th, 2017, 01:09 AM
Jintan's Avatar
Jintan Jintan is offline
Malware Removal Team Advisor
 
Join Date: Dec 2004
Posts: 51,204
Really nothing in that that would suggest why Gmer had such an effect. I had expected different.


Add a new Admin user, then reboot to that user, and run Gmer again please. Problems may stem from a corrupt user account.
Reply With Quote
  #33  
Old January 6th, 2017, 12:35 AM
ryno ryno is offline
CTH Subscriber
 
Join Date: Aug 2007
Posts: 177
GMER 2.2.19882 - http://www.gmer.net
Rootkit scan 2017-01-05 15:25:06
Windows 6.0.6002 Service Pack 2 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD32 rev.11.0 298.09GB
Running: g4hydybe.exe; Driver: C:\Users\cth\AppData\Local\Temp\kgldrpog.sys


---- User code sections - GMER 2.2 ----

.text C:\Program Files\Mozilla Firefox\firefox.exe[1092] ntdll.dll!LdrLoadDll 779B93BE 5 Bytes JMP 743B8230 C:\Program Files\Mozilla Firefox\mozglue.dll
.text C:\Program Files\Mozilla Firefox\firefox.exe[1092] kernel32.dll!HeapSetInformation + 26 765DA9A0 7 Bytes JMP 5C7F2853 C:\Program Files\Mozilla Firefox\xul.dll
.text C:\Program Files\Mozilla Firefox\firefox.exe[1092] kernel32.dll!LockResource + C 765F6C73 7 Bytes JMP 5CAEDD1D C:\Program Files\Mozilla Firefox\xul.dll
.text C:\Program Files\Mozilla Firefox\firefox.exe[1092] kernel32.dll!VirtualAllocEx + 54 765FB0F0 7 Bytes JMP 5CAEEBE6 C:\Program Files\Mozilla Firefox\xul.dll
.text C:\Program Files\Mozilla Firefox\firefox.exe[1092] USER32.dll!CreateWindowExA 763BDC2A 3 Bytes JMP 5CC711A3 C:\Program Files\Mozilla Firefox\xul.dll
.text C:\Program Files\Mozilla Firefox\firefox.exe[1092] USER32.dll!CreateWindowExA + 4 763BDC2E 1 Byte [E6]
.text C:\Program Files\Mozilla Firefox\firefox.exe[1092] USER32.dll!CreateWindowExW 763C1305 5 Bytes JMP 5C7A8839 C:\Program Files\Mozilla Firefox\xul.dll
.text C:\Program Files\Mozilla Firefox\firefox.exe[1092] USER32.dll!GetWindowInfo 763C428E 5 Bytes JMP 5D768648 C:\Program Files\Mozilla Firefox\xul.dll
.text C:\Program Files\Mozilla Firefox\firefox.exe[1092] GDI32.dll!StretchDIBits + 179 77AF6FFD 7 Bytes JMP 5CAED5D4 C:\Program Files\Mozilla Firefox\xul.dll
.text C:\Windows\Explorer.EXE[5692] SHELL32.dll!SHGetFolderPathAndSubDirW + 81C5 76EAB37C 4 Bytes [B0, 22, 00, 10] {MOV AL, 0x22; ADD [EAX], DL}

---- User IAT/EAT - GMER 2.2 ----

IAT C:\Windows\Explorer.EXE[3056] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [748576CF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_65 95b64144ccf1df_1.0.6002.19672_none_9e57fb02ca11119 2\gdiplus.dll
IAT C:\Windows\Explorer.EXE[3056] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [74895B61] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_65 95b64144ccf1df_1.0.6002.19672_none_9e57fb02ca11119 2\gdiplus.dll
IAT C:\Windows\Explorer.EXE[3056] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [7485B9D2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_65 95b64144ccf1df_1.0.6002.19672_none_9e57fb02ca11119 2\gdiplus.dll
IAT C:\Windows\Explorer.EXE[3056] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [7484F695] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_65 95b64144ccf1df_1.0.6002.19672_none_9e57fb02ca11119 2\gdiplus.dll
IAT C:\Windows\Explorer.EXE[3056] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [748574A1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_65 95b64144ccf1df_1.0.6002.19672_none_9e57fb02ca11119 2\gdiplus.dll
IAT C:\Windows\Explorer.EXE[3056] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [7484E7CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_65 95b64144ccf1df_1.0.6002.19672_none_9e57fb02ca11119 2\gdiplus.dll
IAT C:\Windows\Explorer.EXE[3056] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStreamICM] [748A8EE5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_65 95b64144ccf1df_1.0.6002.19672_none_9e57fb02ca11119 2\gdiplus.dll
IAT C:\Windows\Explorer.EXE[3056] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStream] [7485D910] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_65 95b64144ccf1df_1.0.6002.19672_none_9e57fb02ca11119 2\gdiplus.dll
IAT C:\Windows\Explorer.EXE[3056] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [7484FFFA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_65 95b64144ccf1df_1.0.6002.19672_none_9e57fb02ca11119 2\gdiplus.dll
IAT C:\Windows\Explorer.EXE[3056] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [7484FF61] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_65 95b64144ccf1df_1.0.6002.19672_none_9e57fb02ca11119 2\gdiplus.dll
IAT C:\Windows\Explorer.EXE[3056] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [748471CF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_65 95b64144ccf1df_1.0.6002.19672_none_9e57fb02ca11119 2\gdiplus.dll
IAT C:\Windows\Explorer.EXE[3056] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFileICM] [748DCE35] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_65 95b64144ccf1df_1.0.6002.19672_none_9e57fb02ca11119 2\gdiplus.dll
IAT C:\Windows\Explorer.EXE[3056] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFile] [7487C5BC] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_65 95b64144ccf1df_1.0.6002.19672_none_9e57fb02ca11119 2\gdiplus.dll
IAT C:\Windows\Explorer.EXE[3056] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [7484D968] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_65 95b64144ccf1df_1.0.6002.19672_none_9e57fb02ca11119 2\gdiplus.dll
IAT C:\Windows\Explorer.EXE[3056] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [74846853] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_65 95b64144ccf1df_1.0.6002.19672_none_9e57fb02ca11119 2\gdiplus.dll
IAT C:\Windows\Explorer.EXE[3056] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [7484687E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_65 95b64144ccf1df_1.0.6002.19672_none_9e57fb02ca11119 2\gdiplus.dll
IAT C:\Windows\Explorer.EXE[3056] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [74852AD1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_65 95b64144ccf1df_1.0.6002.19672_none_9e57fb02ca11119 2\gdiplus.dll
IAT C:\Windows\Explorer.EXE[5692] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [748576CF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_65 95b64144ccf1df_1.0.6002.19672_none_9e57fb02ca11119 2\gdiplus.dll
IAT C:\Windows\Explorer.EXE[5692] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [74895B61] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_65 95b64144ccf1df_1.0.6002.19672_none_9e57fb02ca11119 2\gdiplus.dll
IAT C:\Windows\Explorer.EXE[5692] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [7485B9D2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_65 95b64144ccf1df_1.0.6002.19672_none_9e57fb02ca11119 2\gdiplus.dll
IAT C:\Windows\Explorer.EXE[5692] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [7484F695] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_65 95b64144ccf1df_1.0.6002.19672_none_9e57fb02ca11119 2\gdiplus.dll
IAT C:\Windows\Explorer.EXE[5692] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [748574A1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_65 95b64144ccf1df_1.0.6002.19672_none_9e57fb02ca11119 2\gdiplus.dll
IAT C:\Windows\Explorer.EXE[5692] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [7484E7CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_65 95b64144ccf1df_1.0.6002.19672_none_9e57fb02ca11119 2\gdiplus.dll
IAT C:\Windows\Explorer.EXE[5692] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStreamICM] [748A8EE5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_65 95b64144ccf1df_1.0.6002.19672_none_9e57fb02ca11119 2\gdiplus.dll
IAT C:\Windows\Explorer.EXE[5692] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStream] [7485D910] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_65 95b64144ccf1df_1.0.6002.19672_none_9e57fb02ca11119 2\gdiplus.dll
IAT C:\Windows\Explorer.EXE[5692] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [7484FFFA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_65 95b64144ccf1df_1.0.6002.19672_none_9e57fb02ca11119 2\gdiplus.dll
IAT C:\Windows\Explorer.EXE[5692] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [7484FF61] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_65 95b64144ccf1df_1.0.6002.19672_none_9e57fb02ca11119 2\gdiplus.dll
IAT C:\Windows\Explorer.EXE[5692] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [748471CF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_65 95b64144ccf1df_1.0.6002.19672_none_9e57fb02ca11119 2\gdiplus.dll
IAT C:\Windows\Explorer.EXE[5692] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFileICM] [748DCE35] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_65 95b64144ccf1df_1.0.6002.19672_none_9e57fb02ca11119 2\gdiplus.dll
IAT C:\Windows\Explorer.EXE[5692] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFile] [7487C5BC] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_65 95b64144ccf1df_1.0.6002.19672_none_9e57fb02ca11119 2\gdiplus.dll
IAT C:\Windows\Explorer.EXE[5692] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [7484D968] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_65 95b64144ccf1df_1.0.6002.19672_none_9e57fb02ca11119 2\gdiplus.dll
IAT C:\Windows\Explorer.EXE[5692] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [74846853] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_65 95b64144ccf1df_1.0.6002.19672_none_9e57fb02ca11119 2\gdiplus.dll
IAT C:\Windows\Explorer.EXE[5692] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [7484687E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_65 95b64144ccf1df_1.0.6002.19672_none_9e57fb02ca11119 2\gdiplus.dll
IAT C:\Windows\Explorer.EXE[5692] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [74852AD1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_65 95b64144ccf1df_1.0.6002.19672_none_9e57fb02ca11119 2\gdiplus.dll

---- Devices - GMER 2.2 ----

AttachedDevice \FileSystem\Ntfs \Ntfs mwlPSDFilter.sys

---- Disk sectors - GMER 2.2 ----

Disk \Device\Harddisk0\DR0 unknown MBR code

---- EOF - GMER 2.2 ----
Reply With Quote
  #34  
Old January 6th, 2017, 12:37 AM
ryno ryno is offline
CTH Subscriber
 
Join Date: Aug 2007
Posts: 177
I accidentally left the firefox window open when i started the scan but closed just a few minutes into the process.
Reply With Quote
  #35  
Old January 6th, 2017, 11:14 PM
Jintan's Avatar
Jintan Jintan is offline
Malware Removal Team Advisor
 
Join Date: Dec 2004
Posts: 51,204
I'm inclined to read those Gmer results as benign, and the real issue is a corrupt user account. Close Firefox and ALL programs, and run and post a new Gmer scan log please. Just close everything and take a break while the scan runs.


Then download AVZ Antiviral Toolkit from here and unzip it to your desktop, then locate and click on avz.exe to open the scanner.

When AVZ opens, click your Local Disk.

Then click "Enable malware removal mode". Also click "Copy suspicious files to quarantine".

Then click Start.

Once the scan completes, click File, the Save log, and post it back here please.

These should be our last looks behind things there.

I notice you named the new user account cth. Best guess is you are going to end up transferring everything from your old user account, then deleting it. So if you want a different name you will have to create another account. But first run the scans please.
Reply With Quote
  #36  
Old January 10th, 2017, 03:57 AM
ryno ryno is offline
CTH Subscriber
 
Join Date: Aug 2007
Posts: 177
Ran gmer under cth and it wouldn't let me paste to new txt doc. Poked around and I was locked out again just like before. Powered off, got functionality back and re ran gmer which quit 5 min in citing same prob as before w/original user. Tried to switch users, screen went black, only the mouse arrow worked ctl-alt-del= nothing, had to shutdown w/power button. Made a third user, d/l'd gmer and ran it. Again it quit. So, total now is 3 users that can't run gmer.
Reply With Quote
  #37  
Old January 11th, 2017, 12:27 AM
Jintan's Avatar
Jintan Jintan is offline
Malware Removal Team Advisor
 
Join Date: Dec 2004
Posts: 51,204
Okay, no more Gmer or added user accounts, and sorry all that happened. Must be some driver in conflict with Gmer's.


Be sure to continue to temporarily disable any protective software when running the scan tools we use here.

Click here and download Kaspersky's TDSSKiller to your desktop and run it. Agree to the prompts, then click Start scan. Once that completes, follow any prompts to act on anything it located, including as reboot (Reboot Now) if requested.
When the scan completes it will create a log file on your C drive.

Similar in name to this:

C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt

Your copy will be different - some of those numbers will reflect the date/time it was just run by you there.

Copy/paste those contents back here please. If it does locate malware, but does not prompt for a reboot, go ahead and do reboot.

Big log, but it provides a list of the drivers loading.


Also run the avz scan steps posted previously.

Last edited by Jintan; January 11th, 2017 at 12:33 AM.
Reply With Quote
  #38  
Old January 11th, 2017, 07:37 PM
ryno ryno is offline
CTH Subscriber
 
Join Date: Aug 2007
Posts: 177
10:32:24.0944 0x0d6c TDSS rootkit removing tool 3.1.0.12 Nov 7 2016 07:10:01
10:32:37.0811 0x0d6c ================================================== ==========
10:32:37.0811 0x0d6c Current date / time: 2017/01/11 10:32:37.0811
10:32:37.0811 0x0d6c SystemInfo:
10:32:37.0811 0x0d6c
10:32:37.0811 0x0d6c OS Version: 6.0.6002 ServicePack: 2.0
10:32:37.0811 0x0d6c Product type: Workstation
10:32:37.0811 0x0d6c ComputerName: RYAN-PC
10:32:37.0817 0x0d6c UserName: ryan
10:32:37.0817 0x0d6c Windows directory: C:\Windows
10:32:37.0817 0x0d6c System windows directory: C:\Windows
10:32:37.0817 0x0d6c Processor architecture: Intel x86
10:32:37.0817 0x0d6c Number of processors: 1
10:32:37.0817 0x0d6c Page size: 0x1000
10:32:37.0817 0x0d6c Boot type: Normal boot
10:32:37.0817 0x0d6c CodeIntegrityOptions = 0x00000000
10:32:37.0817 0x0d6c ================================================== ==========
10:32:38.0097 0x0d6c KLMD registered as C:\Windows\system32\drivers\31207690.sys
10:32:38.0097 0x0d6c KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 6002.19636, osProperties = 0x0
10:32:38.0351 0x0d6c System UUID: {D25380C2-7199-77E6-F2EA-B90D003ECE9F}
10:32:39.0385 0x0d6c Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
10:32:39.0387 0x0d6c ================================================== ==========
10:32:39.0387 0x0d6c \Device\Harddisk0\DR0:
10:32:39.0387 0x0d6c MBR partitions:
10:32:39.0387 0x0d6c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1388800, BlocksNum 0x240A5800
10:32:39.0387 0x0d6c ================================================== ==========
10:32:39.0415 0x0d6c C: <-> \Device\Harddisk0\DR0\Partition1
10:32:39.0415 0x0d6c ================================================== ==========
10:32:39.0415 0x0d6c Initialize success
10:32:39.0415 0x0d6c ================================================== ==========
10:32:45.0615 0x0c50 ================================================== ==========
10:32:45.0615 0x0c50 Scan started
10:32:45.0615 0x0c50 Mode: Manual;
10:32:45.0615 0x0c50 ================================================== ==========
10:32:45.0615 0x0c50 KSN ping started
10:32:45.0877 0x0c50 KSN ping finished: true
10:32:47.0965 0x0c50 ================ Scan system memory ========================
10:32:47.0965 0x0c50 System memory - ok
10:32:47.0965 0x0c50 ================ Scan services =============================
10:32:48.0078 0x0c50 [ ADC420616C501B45D26C0FD3EF1E54E4, 29FC41D40A35AC5476E2A673CE5B12684E0CFA12A1AEBEEBE5 883FBA5CA68B67 ] ACDaemon C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
10:32:48.0083 0x0c50 ACDaemon - ok
10:32:48.0236 0x0c50 [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9B ECE203661FEBF3 ] ACPI C:\Windows\system32\drivers\acpi.sys
10:32:48.0247 0x0c50 ACPI - ok
10:32:48.0287 0x0c50 AdobeARMservice - ok
10:32:48.0386 0x0c50 [ CA363F172E1978FD155764F2840B0BE8, CB14E2C94ABB8C8809F4E96472F6D1A9A3A0860217631F592E 0F62F043165575 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpda teService.exe
10:32:48.0414 0x0c50 AdobeFlashPlayerUpdateSvc - ok
10:32:48.0503 0x0c50 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303, FBBDD38574A1F66A5AA12B82E34FDE60B870180C4B7100C157 57539DC869ED4B ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
10:32:48.0533 0x0c50 adp94xx - ok
10:32:48.0566 0x0c50 [ 60505E0041F7751BDBB80F88BF45C2CE, 1DE16042B8ABD7B643189E836DE273832EE743FD66AFBB641E 8049C4E0CD04D8 ] adpahci C:\Windows\system32\drivers\adpahci.sys
10:32:48.0586 0x0c50 adpahci - ok
10:32:48.0633 0x0c50 [ 8A42779B02AEC986EAB64ECFC98F8BD7, B89938EFF4E81FA44197D2D839EBD3340DDE01FBC79605049C 088621784C1B91 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
10:32:48.0638 0x0c50 adpu160m - ok
10:32:48.0678 0x0c50 [ 241C9E37F8CE45EF51C3DE27515CA4E5, 1A03E93DD8C1F3640C96124A14A3D0F4E349B06CCA2118CE40 B8AE201A4030A7 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
10:32:48.0686 0x0c50 adpu320 - ok
10:32:48.0748 0x0c50 [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FB CDD6BD7790CAA8 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
10:32:48.0750 0x0c50 AeLookupSvc - ok
10:32:48.0784 0x0c50 [ FE3EA6E9AFC1A78E6EDCA121E006AFB7, B596ABBAC058D93C505C9DBF8685049C88E4364195A4092DB5 80D2D44FA8C23C ] Afc C:\Windows\system32\drivers\Afc.sys
10:32:48.0786 0x0c50 Afc - ok
10:32:48.0863 0x0c50 [ 4A0978779958D8FE8F5849F452BCC812, C57002A721F3DCAFB00CF4DEC57E9E761393BDB471ACEAFFDB D1ABA9AE308598 ] AFD C:\Windows\system32\drivers\afd.sys
10:32:48.0885 0x0c50 AFD - ok
10:32:48.0929 0x0c50 [ 13F9E33747E6B41A3FF305C37DB0D360, 066DD6060B1CF93F85BBAAA52848C801128CD294E8B7EACD91 2E0EF219DBFBC2 ] agp440 C:\Windows\system32\drivers\agp440.sys
10:32:48.0932 0x0c50 agp440 - ok
10:32:48.0953 0x0c50 [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761E B90ABD0F8D96B1 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
10:32:48.0957 0x0c50 aic78xx - ok
10:32:49.0030 0x0c50 [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5B AC1AA3423E3E7F ] ALG C:\Windows\System32\alg.exe
10:32:49.0034 0x0c50 ALG - ok
10:32:49.0053 0x0c50 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91, 0EADB6AE21FEDAB55D41F41B638198B556CC2BE2EE57F6C8B4 0EB044A318319F ] aliide C:\Windows\system32\drivers\aliide.sys
10:32:49.0055 0x0c50 aliide - ok
10:32:49.0090 0x0c50 [ C47344BC706E5F0B9DCE369516661578, 689C9CDAF6F38227F1C34359CAEB3C7798F318EDFD4B7FE532 FBE3C8E4EE3DC8 ] amdagp C:\Windows\system32\drivers\amdagp.sys
10:32:49.0094 0x0c50 amdagp - ok
10:32:49.0113 0x0c50 [ 9B78A39A4C173FDBC1321E0DD659B34C, 2CA66EB68AD7A317D91C13B8CFD4E8CA985926A610D19595B6 13F5553B145C7B ] amdide C:\Windows\system32\drivers\amdide.sys
10:32:49.0115 0x0c50 amdide - ok
10:32:49.0141 0x0c50 [ 18F29B49AD23ECEE3D2A826C725C8D48, 0FA08882301D218E367E63E1966B6406220EE94BAE7E7DAD6E 55EB70BF6FED7F ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
10:32:49.0144 0x0c50 AmdK7 - ok
10:32:49.0166 0x0c50 [ 93AE7F7DD54AB986A6F1A1B37BE7442D, ECE0ABA2DECEED94AC678240A4B604F04022F0740F2295CBD0 7D25F5917E878A ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
10:32:49.0173 0x0c50 AmdK8 - ok
10:32:49.0268 0x0c50 [ 8F7D200717A58E9800D391F4C2101577, F07CF0F5636F46D8F3D5133284943E991E8739E5A644BCA5F1 8BB896B374620D ] Appinfo C:\Windows\System32\appinfo.dll
10:32:49.0270 0x0c50 Appinfo - ok
10:32:49.0386 0x0c50 [ A9AE03362A846898368653E94B6DB1AA, EF6EE35E85C75561C1E6D38D0005C8E31FF492F0B2CDEB914A CA4E026759511D ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:32:49.0392 0x0c50 Apple Mobile Device - ok
10:32:49.0443 0x0c50 [ 5D2888182FB46632511ACEE92FDAD522, 2E53231ACAF9B2FB7993DBC1CD15C06D7B0CCE0D08DAFF7B0C C13A2040028A75 ] arc C:\Windows\system32\drivers\arc.sys
10:32:49.0448 0x0c50 arc - ok
10:32:49.0493 0x0c50 [ 5E2A321BD7C8B3624E41FDEC3E244945, 9D47FF6C823868F2267FEFAB5851D3CD2BC3F619A2D6EFF803 EA22DB0509C450 ] arcsas C:\Windows\system32\drivers\arcsas.sys
10:32:49.0497 0x0c50 arcsas - ok
10:32:49.0638 0x0c50 [ 537B2948976F5D9B5767B74A63EBB395, 1A14F8B582E74AD15B612EDA5B707AA3CB0B2A107ED14572B4 232EAA7383B634 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspn et_state.exe
10:32:49.0641 0x0c50 aspnet_state - ok
10:32:49.0681 0x0c50 [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D 00B9F6896DDE70 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
10:32:49.0683 0x0c50 AsyncMac - ok
10:32:49.0714 0x0c50 [ 2D9C903DC76A66813D350A562DE40ED9, 82609F01A08C6842E4C17C077BB641C1429C0E6657964B7F2D 114035E1BDCBF3 ] atapi C:\Windows\system32\drivers\atapi.sys
10:32:49.0715 0x0c50 atapi - ok
10:32:49.0804 0x0c50 [ ACDB46B1A467752A2F280C68C8461556, 8996E8A3CC01C6852F0CC4E698E8577E8625807C65ABD339D9 E118AD86AD906A ] athr C:\Windows\system32\DRIVERS\athr.sys
10:32:49.0884 0x0c50 athr - ok
10:32:49.0974 0x0c50 [ 8E98A99187FF17FC1D48E6FAFFD870BE, 7C935191A0A2BA95CA9A9E450F7C8802E6184F73BC297E9190 8B59F34C22AB06 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:32:49.0999 0x0c50 AudioEndpointBuilder - ok
10:32:50.0021 0x0c50 [ 8E98A99187FF17FC1D48E6FAFFD870BE, 7C935191A0A2BA95CA9A9E450F7C8802E6184F73BC297E9190 8B59F34C22AB06 ] Audiosrv C:\Windows\System32\Audiosrv.dll
10:32:50.0032 0x0c50 Audiosrv - ok
10:32:50.0100 0x0c50 [ 502F1C30BD50B32D00CE4DCAECC3D3C7, F1F74D821C0D436C438313B522704F5DCA38A008725B74C2F6 659ACAABDB210C ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
10:32:50.0109 0x0c50 b57nd60x - ok
10:32:50.0153 0x0c50 [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB4 69E68EEEF65669 ] Beep C:\Windows\system32\drivers\Beep.sys
10:32:50.0154 0x0c50 Beep - ok
10:32:50.0229 0x0c50 [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2 B2863A54F62BF5 ] BFE C:\Windows\System32\bfe.dll
10:32:50.0252 0x0c50 BFE - ok
10:32:50.0383 0x0c50 [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE4 5ED487CAC59EBD ] BITS C:\Windows\system32\qmgr.dll
10:32:50.0439 0x0c50 BITS - ok
10:32:50.0487 0x0c50 [ D4DF28447741FD3D953526E33A617397, E7239BA432090F8AC7DF453DB876507CD4419ECA964D289408 A1B2B353618693 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
10:32:50.0490 0x0c50 blbdrive - ok
10:32:50.0639 0x0c50 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B 614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:32:50.0662 0x0c50 Bonjour Service - ok
10:32:50.0729 0x0c50 [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167 C1334B0B54DFE9 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
10:32:50.0733 0x0c50 bowser - ok
10:32:50.0755 0x0c50 [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF146 4F2787BDEAE98F ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
10:32:50.0757 0x0c50 BrFiltLo - ok
10:32:50.0800 0x0c50 [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C685 6549EA16F33361 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
10:32:50.0802 0x0c50 BrFiltUp - ok
10:32:50.0858 0x0c50 [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE6 4317F97DB38DDF ] Browser C:\Windows\System32\browser.dll
10:32:50.0863 0x0c50 Browser - ok
10:32:50.0896 0x0c50 [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5 B42B3A3A17BFB0 ] Brserid C:\Windows\system32\drivers\brserid.sys
10:32:50.0900 0x0c50 Brserid - ok
10:32:50.0943 0x0c50 [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC8 5E6FBBB7D49A6D ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
10:32:50.0946 0x0c50 BrSerWdm - ok
10:32:50.0978 0x0c50 [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D450 54DE43EE15EC4D ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
10:32:50.0980 0x0c50 BrUsbMdm - ok
10:32:51.0012 0x0c50 [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190B ACC8D7E0C44468 ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
10:32:51.0014 0x0c50 BrUsbSer - ok
10:32:51.0062 0x0c50 [ AD07C1EC6665B8B35741AB91200C6B68, DCE1305A30D6713222A01C1F1D03ED0ADABE23C742CE1E82BB 142531B82A3FF7 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
10:32:51.0064 0x0c50 BTHMODEM - ok
10:32:51.0112 0x0c50 [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959C ABAD79B8846F1D ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
10:32:51.0116 0x0c50 cdfs - ok
10:32:51.0181 0x0c50 [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B174055 98C1EDAA93C2D5 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
10:32:51.0184 0x0c50 cdrom - ok
10:32:51.0242 0x0c50 [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458 B9FE183FC18C5D ] CertPropSvc C:\Windows\System32\certprop.dll
10:32:51.0245 0x0c50 CertPropSvc - ok
10:32:51.0293 0x0c50 [ E5D4133F37219DBCFE102BC61072589D, 74C7F8C53D9C71CE3C8B33BC0331948571318402B0A8E1AC45 52360504092A46 ] circlass C:\Windows\system32\drivers\circlass.sys
10:32:51.0296 0x0c50 circlass - ok
10:32:51.0347 0x0c50 [ 5D9311526801643000D7032A83B18B12, C5A98868A41446617B3A27C6C4AAFA4E7C093E253E8C1DD5DB FE6FAE21991209 ] CLFS C:\Windows\system32\CLFS.sys
10:32:51.0369 0x0c50 CLFS - ok
10:32:51.0454 0x0c50 [ 6B6943A0CA56B47D6FB2EE476890854F, 6DA779879487F4A187DF54B0362642643D7871AA8F7E30992D 781F558C50F052 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\msco rsvw.exe
10:32:51.0459 0x0c50 clr_optimization_v2.0.50727_32 - ok
10:32:51.0552 0x0c50 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F 0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\msco rsvw.exe
10:32:51.0583 0x0c50 clr_optimization_v4.0.30319_32 - ok
10:32:51.0617 0x0c50 [ 99AFC3795B58CC478FBBBCDC658FCB56, 0D1B27C42A058C5D56A0157B5ECA9A054254F6B9C8015D0321 021A7EFCE10CE2 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
10:32:51.0618 0x0c50 CmBatt - ok
10:32:51.0647 0x0c50 [ 0CA25E686A4928484E9FDABD168AB629, C2CB2333CAB40CDF93219870E66700F957188C86A1B1A004BC 4652953091E5C5 ] cmdide C:\Windows\system32\drivers\cmdide.sys
10:32:51.0649 0x0c50 cmdide - ok
10:32:51.0667 0x0c50 [ 6AFEF0B60FA25DE07C0968983EE4F60A, E4037EF9EDE57A1039AB814EBCE9A8B12C9A084E7FAC629621 2ACF2394DD37B6 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
10:32:51.0668 0x0c50 Compbatt - ok
10:32:51.0676 0x0c50 COMSysApp - ok
10:32:51.0690 0x0c50 [ 741E9DFF4F42D2D8477D0FC1DC0DF871, 06EA43D771E3455F943AB624CC00C2259FE5E5611649086307 55E933EF44A522 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
10:32:51.0691 0x0c50 crcdisk - ok
10:32:51.0729 0x0c50 [ 1F07BECDCA750766A96CDA811BA86410, F4E36F0003184BCB36D59B23AC903421AD8C0A1FD2D6315E06 375235ABC9A0AD ] Crusoe C:\Windows\system32\drivers\crusoe.sys
10:32:51.0732 0x0c50 Crusoe - ok
10:32:51.0791 0x0c50 [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C45506602 7F8D549D4C3B92 ] CryptSvc C:\Windows\system32\cryptsvc.dll
10:32:51.0798 0x0c50 CryptSvc - ok
10:32:51.0888 0x0c50 [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C 8C1784F76C73DC ] dbupdate C:\Program Files\Dropbox\Update\DropboxUpdate.exe
10:32:51.0895 0x0c50 dbupdate - ok
10:32:51.0988 0x0c50 [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C 8C1784F76C73DC ] dbupdatem C:\Program Files\Dropbox\Update\DropboxUpdate.exe
10:32:51.0994 0x0c50 dbupdatem - ok
10:32:52.0043 0x0c50 dbx - ok
10:32:52.0115 0x0c50 [ 5E99A4FA833190EC87654DE2542C431C, 0D38CC9A6D346E65F4DA8BA7CF2806750DFABADBF755A8CC04 4A241255B83A06 ] DbxSvc C:\Windows\system32\DbxSvc.exe
10:32:52.0118 0x0c50 DbxSvc - ok
10:32:52.0204 0x0c50 [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE8714581 2F354FC8F5E183 ] DcomLaunch C:\Windows\system32\rpcss.dll
10:32:52.0260 0x0c50 DcomLaunch - ok
10:32:52.0340 0x0c50 [ 622C41A07CA7E6DD91770F50D532CB6C, 2A9040949CB45F9970FDE930278F30D2F08E957290CB3D4DC4 F2CA94F3D444D2 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
10:32:52.0344 0x0c50 DfsC - ok
10:32:52.0494 0x0c50 [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E8 3D011C5F7812B0 ] DFSR C:\Windows\system32\DFSR.exe
10:32:52.0639 0x0c50 DFSR - ok
10:32:52.0725 0x0c50 [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036 EE647931B7A94D ] Dhcp C:\Windows\System32\dhcpcsvc.dll
10:32:52.0747 0x0c50 Dhcp - ok
10:32:52.0785 0x0c50 [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC37 43CB004CA96B08 ] disk C:\Windows\system32\drivers\disk.sys
10:32:52.0788 0x0c50 disk - ok
10:32:52.0835 0x0c50 [ C701324C9E0C25DD9D60311BD87FBC84, 86BE238FCC60A55C92D303452A9D5DFA838AE560BDC03A5C6F 0F9ABE92062B5A ] DKbFltr C:\Windows\system32\DRIVERS\DKbFltr.sys
10:32:52.0837 0x0c50 DKbFltr - ok
10:32:52.0902 0x0c50 [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8 046D9C6AD48F3C ] Dnscache C:\Windows\System32\dnsrslvr.dll
10:32:52.0907 0x0c50 Dnscache - ok
10:32:52.0969 0x0c50 [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29 E678834BB22C5B ] dot3svc C:\Windows\System32\dot3svc.dll
10:32:52.0978 0x0c50 dot3svc - ok
10:32:53.0028 0x0c50 [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71 D8EA34328C772A ] DPS C:\Windows\system32\dps.dll
10:32:53.0036 0x0c50 DPS - ok
10:32:53.0098 0x0c50 [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA5 70EEF9C36281BE ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
10:32:53.0099 0x0c50 drmkaud - ok
10:32:53.0157 0x0c50 [ D8ECF13E587619CDF716B2AE8E12DDBB, 5F0571A706BFADF31891EB51D3E7FEE67422F2A99F9D10263C CA64663F7F4C11 ] DsiWMIService C:\Program Files\Launch Manager\dsiwmis.exe
10:32:53.0163 0x0c50 DsiWMIService - ok
10:32:53.0259 0x0c50 [ 6D2A164686B15F590DF012ABA4735888, 8A7A2656571FCFE0B56F64E5FDF48B37D101C0D3CE50A8A224 81DC440CAB46D9 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
10:32:53.0314 0x0c50 DXGKrnl - ok
10:32:53.0365 0x0c50 [ 5425F74AC0C1DBD96A1E04F17D63F94C, AD133CEDCDEA75420C75A91BB4CF7152475D46ED7B7703E3BA E5F9946D610292 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
10:32:53.0371 0x0c50 E1G60 - ok
10:32:53.0429 0x0c50 [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F5 3FC1368F806A4E ] EapHost C:\Windows\System32\eapsvc.dll
10:32:53.0434 0x0c50 EapHost - ok
10:32:53.0508 0x0c50 [ 9BAB89DBB27891DEEF6E1F1B589A6ED4, 61BE4A6394ED5C99CB84B720F6AA6B97C7FE71A7A04D822F6E E99AB084C55606 ] Ecache C:\Windows\system32\drivers\ecache.sys
10:32:53.0514 0x0c50 Ecache - ok
10:32:53.0567 0x0c50 [ 9BE3744D295A7701EB425332014F0797, 1A139EE9232581E466591C5EBEF41E4BF1F82D99C1959F1C68 C879B240E9F46D ] ehRecvr C:\Windows\ehome\ehRecvr.exe
10:32:53.0590 0x0c50 ehRecvr - ok
10:32:53.0682 0x0c50 [ AD1870C8E5D6DD340C829E6074BF3C3F, 064D07106A1BBE80294F1913354832F2B67D22274BB4D36C81 D2D83C96FE0B88 ] ehSched C:\Windows\ehome\ehsched.exe
10:32:53.0688 0x0c50 ehSched - ok
10:32:53.0722 0x0c50 [ C27C4EE8926E74AA72EFCAB24C5242C3, F1EBF78CCE9BA76AFD0478BC66B67CA44DEAF3C380369BFCE9 1BD8F678C8608A ] ehstart C:\Windows\ehome\ehstart.dll
10:32:53.0723 0x0c50 ehstart - ok
10:32:53.0796 0x0c50 [ 23B62471681A124889978F6295B3F4C6, A90C521F06125B86A26EA625B0E7F811AF7D328E1313165E7A D4A83596A23819 ] elxstor C:\Windows\system32\drivers\elxstor.sys
10:32:53.0819 0x0c50 elxstor - ok
10:32:53.0916 0x0c50 [ E798C0BDFA4913CCF8A646D29BB34796, 7CDB2BCCDD8A8A70C6248C327A357EA3488C7ADED32D4F89B9 33ED72AE12B73B ] EMDMgmt C:\Windows\system32\emdmgmt.dll
10:32:53.0962 0x0c50 EMDMgmt - ok
10:32:54.0068 0x0c50 [ 31925667E3F622C5BFE82773669EE26C, E97721C52287AC060435AA210A7355DBB5C0D2A69952C90887 F339F5A8FD78E2 ] ePowerSvc C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
10:32:54.0123 0x0c50 ePowerSvc - ok
10:32:54.0148 0x0c50 [ 3DB974F3935483555D7148663F726C61, C288CFC04213B0340ABEC752C0A7B308B29122B5F51E68387B A1D9E9D7166FDD ] ErrDev C:\Windows\system32\drivers\errdev.sys
10:32:54.0149 0x0c50 ErrDev - ok
10:32:54.0223 0x0c50 [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2 FF355120EA097D ] EventSystem C:\Windows\system32\es.dll
10:32:54.0248 0x0c50 EventSystem - ok
10:32:54.0316 0x0c50 [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D 127FC5492AA6B2 ] exfat C:\Windows\system32\drivers\exfat.sys
10:32:54.0322 0x0c50 exfat - ok
10:32:54.0404 0x0c50 [ 4E404505B3F62ECFBDBCBBCF0A72DBC5, 9F446ED06A31BFE52C4F1E8ACC400B8E3F47A3CC02FFC950DB 861B2B3BA4C5B9 ] fastfat C:\Windows\system32\drivers\fastfat.sys
10:32:54.0412 0x0c50 fastfat - ok
10:32:54.0457 0x0c50 [ AFE1E8B9782A0DD7FB46BBD88E43F89A, B4CBE1DC3430F2F3485F49007C71293D5B86E9C405741EA00A 67B00A38BE1F8D ] fdc C:\Windows\system32\DRIVERS\fdc.sys
10:32:54.0460 0x0c50 fdc - ok
10:32:54.0490 0x0c50 [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B 25C968E986132C ] fdPHost C:\Windows\system32\fdPHost.dll
10:32:54.0492 0x0c50 fdPHost - ok
10:32:54.0512 0x0c50 [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AE DD981EFD691BF9 ] FDResPub C:\Windows\system32\fdrespub.dll
10:32:54.0515 0x0c50 FDResPub - ok
10:32:54.0550 0x0c50 [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922 880EF5A077E49B ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
10:32:54.0554 0x0c50 FileInfo - ok
10:32:54.0604 0x0c50 [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0 DB90A898F22244 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
10:32:54.0606 0x0c50 Filetrace - ok
10:32:54.0626 0x0c50 [ 85B7CF99D532820495D68D747FDA9EBD, 682D35D219D1AFBE51CF0AB03F2D3E15C940F5AF291C1A611A 19F4D279143F3C ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
10:32:54.0628 0x0c50 flpydisk - ok
10:32:54.0677 0x0c50 [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06 FEDAB6EE92CF99 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
10:32:54.0685 0x0c50 FltMgr - ok
10:32:54.0822 0x0c50 [ 61AC5BF24A155C95F865290F046F91EF, 89F6A96F5CBD04390CF0509DDC22E4FDC1F8AB862F23957D58 3A757C1E51C20B ] FontCache C:\Windows\system32\FntCache.dll
10:32:54.0890 0x0c50 FontCache - ok
10:32:54.0992 0x0c50 [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C 49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\Presen tationFontCache.exe
10:32:54.0995 0x0c50 FontCache3.0.0.0 - ok
10:32:55.0030 0x0c50 [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65C C3F99A1DBDE455 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
10:32:55.0032 0x0c50 Fs_Rec - ok
10:32:55.0083 0x0c50 [ 34582A6E6573D54A07ECE5FE24A126B5, 5F45DC38F8015AD90616EAD3B57820CCD284938A96B2C4E1FF 5FC7BDEE8A848D ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
10:32:55.0087 0x0c50 gagp30kx - ok
10:32:55.0127 0x0c50 [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B 2114D47B272A89 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:32:55.0129 0x0c50 GEARAspiWDM - ok
10:32:55.0213 0x0c50 [ 1E74AA0D84B3AF74B39D63142DB0D2AA, EFA23EA053FB2CF2A374201F662680712F475C2461A8464375 5E9BC2E066E0A2 ] gpsvc C:\Windows\System32\gpsvc.dll
10:32:55.0258 0x0c50 gpsvc - ok
10:32:55.0433 0x0c50 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3 418A1CF0BC53E9 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
10:32:55.0440 0x0c50 gupdate - ok
10:32:55.0489 0x0c50 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3 418A1CF0BC53E9 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
10:32:55.0498 0x0c50 gupdatem - ok
10:32:55.0580 0x0c50 [ CB04C744BE0A61B1D648FAED182C3B59, 61DC0FF94325DAFCCB7B3980A48727EFBF1283FCF753EC16EF 04C730525994C0 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:32:55.0592 0x0c50 HdAudAddService - ok
10:32:55.0672 0x0c50 [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17 EA3D93201F2B56 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
10:32:55.0739 0x0c50 HDAudBus - ok
10:32:55.0785 0x0c50 [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCE DDF2169B7ECF9D ] HidBth C:\Windows\system32\drivers\hidbth.sys
10:32:55.0788 0x0c50 HidBth - ok
10:32:55.0817 0x0c50 [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058 E74A871E0BAD4A ] HidIr C:\Windows\system32\drivers\hidir.sys
10:32:55.0819 0x0c50 HidIr - ok
10:32:55.0882 0x0c50 [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518 A2BE5D1CA19015 ] hidserv C:\Windows\System32\hidserv.dll
10:32:55.0885 0x0c50 hidserv - ok
10:32:55.0943 0x0c50 [ CCA4B519B17E23A00B826C55716809CC, 91AD0758A6185B0FBBE383BDB1B457FFB850477AFF8DE040DE 9527A97D28EF62 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
10:32:55.0944 0x0c50 HidUsb - ok
10:32:55.0970 0x0c50 [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA 4ACDE17E28899D ] hkmsvc C:\Windows\system32\kmsvc.dll
10:32:55.0976 0x0c50 hkmsvc - ok
10:32:56.0022 0x0c50 [ 16EE7B23A009E00D835CDB79574A91A6, 964AFE7D2F7E48C7DE7FDAB48F57ADC4AD44A0B2A9A03071E0 E8D334007E5572 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
10:32:56.0024 0x0c50 HpCISSs - ok
10:32:56.0166 0x0c50 [ 7F437A78C5B0105B67B830D00AD719F8, F84EA4269F1B5DF14D0C027CC0940E047EACB420A9F33CB6C6 18122187E4AE65 ] HPSLPSVC C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
10:32:56.0222 0x0c50 HPSLPSVC - ok
10:32:56.0274 0x0c50 [ F870AA3E254628EBEAFE754108D664DE, B0444E7D246AA1982094030ACB991690F6A7DD3FB07B1BB6A1 BC0F3AA9718A70 ] HTTP C:\Windows\system32\drivers\HTTP.sys
10:32:56.0297 0x0c50 HTTP - ok
10:32:56.0321 0x0c50 [ C6B032D69650985468160FC9937CF5B4, 4D5A944C70037F35A9DBA4F49F174455FA80ED7EAEDAA143F0 A2C0E05AE585D8 ] i2omp C:\Windows\system32\drivers\i2omp.sys
10:32:56.0323 0x0c50 i2omp - ok
10:32:56.0376 0x0c50 [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB96 5E66B85FF7D8CA ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
10:32:56.0382 0x0c50 i8042prt - ok
10:32:56.0451 0x0c50 [ 52E8A3CC8269ADB27D25182284C5E650, 2D33F0B461C8C0B929E5CE1A3293437BC55E6F61134872558F 9BB1F1097AFE34 ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
10:32:56.0473 0x0c50 IAANTMON - ok
10:32:56.0508 0x0c50 [ 71ECC07BC7C5E24C3DD01D8A29A24054, 03BB7E80212B038E26B439F41D757152B00CBC5E20ADE54B0F C903B199B73E88 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
10:32:56.0520 0x0c50 iaStor - ok
10:32:56.0570 0x0c50 [ 54155EA1B0DF185878E0FC9EC3AC3A14, 344A0793499261D2E4FF2FCCC70501329485F8E299EBC68953 D07BA86F0D4729 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
10:32:56.0581 0x0c50 iaStorV - ok
10:32:56.0675 0x0c50 [ 6F95324909B502E2651442C1548AB12F, FF1B104990FE186C6100ED229A45345FF695323AC778688EC1 1AA8F5A87B141E ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
10:32:56.0679 0x0c50 IDriverT - ok
10:32:56.0806 0x0c50 [ DD386C45D2B5863740166783448A2E7A, 10B912BA70306644BE73A53AF4DCDFF63880C4C5860FF6DBA9 2B0914EB566718 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:32:56.0885 0x0c50 idsvc - ok
10:32:57.0397 0x0c50 [ 8266AE06DF974E5BA047B3E9E9E70B3F, 44E5A8EED802A1DDF3CCDB478A88A3AB3CF009F449FB11E0F9 4A28498342B4E2 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
10:32:57.0929 0x0c50 igfx - ok
10:32:58.0021 0x0c50 [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA86399 45609001D790CE ] iirsp C:\Windows\system32\drivers\iirsp.sys
10:32:58.0024 0x0c50 iirsp - ok
10:32:58.0134 0x0c50 [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78, FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803 372B37B122AEB3 ] IKEEXT C:\Windows\System32\ikeext.dll
10:32:58.0211 0x0c50 IKEEXT - ok
10:32:58.0470 0x0c50 [ D4A1767FD9D5C7762E9B8B36527B8AF3, A82584CFFCB1002FE9D566B4C7E4139FE83CDDBD425B6FEDA4 884E0559A1F94B ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
10:32:58.0657 0x0c50 IntcAzAudAddService - ok
10:32:58.0744 0x0c50 [ 092A78E9C6F71BF0E22379503B90E800, ABD38BC713274C7F24336A03A42A3778EF82043AE7E6815804 55EF74862632AB ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
10:32:58.0750 0x0c50 IntcHdmiAddService - ok
10:32:58.0861 0x0c50 [ 83AA759F3189E6370C30DE5DC5590718, 7406FE41EA8FB80052517318CB72E2641E92E579FAFAF5E8DD DFF0BF8DAE773A ] intelide C:\Windows\system32\drivers\intelide.sys
10:32:58.0863 0x0c50 intelide - ok
10:32:58.0918 0x0c50 [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638 BBFFF1D5FC2563 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
10:32:58.0920 0x0c50 intelppm - ok
10:32:58.0976 0x0c50 [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B59 4AAA48B0F5D3C2 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
10:32:58.0985 0x0c50 IPBusEnum - ok
10:32:59.0036 0x0c50 [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB 0EE83A7F2063D8 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:32:59.0039 0x0c50 IpFilterDriver - ok
10:32:59.0110 0x0c50 [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD1 6B59C414CCB9D8 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
10:32:59.0121 0x0c50 iphlpsvc - ok
10:32:59.0163 0x0c50 IpInIp - ok
10:32:59.0200 0x0c50 [ B25AAF203552B7B3491139D582B39AD1, EA9C38F512F40FF12975A6719E6FE4D7EA93A4B2497103E0FD A5A4CD6033C0A6 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
10:32:59.0204 0x0c50 IPMIDRV - ok
10:32:59.0255 0x0c50 [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B30542 1251BE40850907 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
10:32:59.0264 0x0c50 IPNAT - ok
10:32:59.0386 0x0c50 [ C23748B33D431E4CD5CA2E62500545FF, C62BDF433F50536BCDBC574D2F3B12D470C3B0FD950A553BB3 921BB3195E41AA ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
10:32:59.0435 0x0c50 iPod Service - ok
10:32:59.0504 0x0c50 [ E50A95179211B12946F7E035D60AF560, 69765E2548BA708FF35545EC944DBA1940AD4065AF90E53B97 A7792AC231DCF7 ] irda C:\Windows\system32\DRIVERS\irda.sys
10:32:59.0509 0x0c50 irda - ok
10:32:59.0565 0x0c50 [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7B F6DC31A7FBEFB6 ] IRENUM C:\Windows\system32\drivers\irenum.sys
10:32:59.0567 0x0c50 IRENUM - ok
10:32:59.0636 0x0c50 [ CBB0D940221A281BCFEAEA695BD1CDA5, D05D192019524A02FE3FAE6827B98A942FA1AD651BF7AA5353 0A8A6F4ADFB7EB ] Irmon C:\Windows\System32\irmon.dll
10:32:59.0639 0x0c50 Irmon - ok
10:32:59.0714 0x0c50 [ 6C70698A3E5C4376C6AB5C7C17FB0614, 10FBCBA5A74AF5D136B152FD4D3DFA2A1F2CEBC3F979D5BA6D B98B3DCB2F7A07 ] isapnp C:\Windows\system32\drivers\isapnp.sys
10:32:59.0717 0x0c50 isapnp - ok
10:32:59.0824 0x0c50 [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503 CED5C014BD17B1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
10:32:59.0832 0x0c50 iScsiPrt - ok
10:32:59.0872 0x0c50 [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C 1517B8F9C340D4 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
10:32:59.0875 0x0c50 iteatapi - ok
10:32:59.0916 0x0c50 [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE 0E99CD7658EA88 ] iteraid C:\Windows\system32\drivers\iteraid.sys
10:32:59.0921 0x0c50 iteraid - ok
10:33:00.0000 0x0c50 [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B2 83BE5DAE9A7F30 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
10:33:00.0002 0x0c50 kbdclass - ok
10:33:00.0104 0x0c50 [ EDE59EC70E25C24581ADD1FBEC7325F7, 41B37778E9A12675FC0DF74606AAF18C652EB88513B3C4889C 5C512E14587CEE ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
10:33:00.0107 0x0c50 kbdhid - ok
10:33:00.0215 0x0c50 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5D A831A72E1D52BB ] KeyIso C:\Windows\system32\lsass.exe
10:33:00.0218 0x0c50 KeyIso - ok
10:33:00.0319 0x0c50 [ FBBC2D3579E6CF8279D46B44C89C49FF, C7188643CDB7DADAD944241F554266BEFA2239ED4AD7E85F4D 37319D3FAC4FFE ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
10:33:00.0342 0x0c50 KSecDD - ok
10:33:00.0443 0x0c50 [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0 441128FE656347 ] KtmRm C:\Windows\system32\msdtckrm.dll
10:33:00.0465 0x0c50 KtmRm - ok
10:33:00.0587 0x0c50 [ D2862BF2E43718DBDD24664EF4B6C0F0, 188CFBC5B8B9A7DFE0ECFA44F87DEAF3B3E8C3A75E5A211CD1 6B1F17CA80A5BA ] L1C C:\Windows\system32\DRIVERS\L1C60x86.sys
10:33:00.0590 0x0c50 L1C - ok
10:33:00.0690 0x0c50 [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9 453E52A7B9288A ] LanmanServer C:\Windows\System32\srvsvc.dll
10:33:00.0700 0x0c50 LanmanServer - ok
10:33:00.0777 0x0c50 [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC 1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:33:00.0800 0x0c50 LanmanWorkstation - ok
10:33:00.0862 0x0c50 [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E88 1C41F50E4AB911 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
10:33:00.0864 0x0c50 lltdio - ok
10:33:00.0953 0x0c50 [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1 F3F35D9BDDD4F0 ] lltdsvc C:\Windows\System32\lltdsvc.dll
10:33:00.0970 0x0c50 lltdsvc - ok
10:33:01.0015 0x0c50 [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5 E246FDDAB81664 ] lmhosts C:\Windows\System32\lmhsvc.dll
10:33:01.0018 0x0c50 lmhosts - ok
10:33:01.0081 0x0c50 [ C7E15E82879BF3235B559563D4185365, 98C9268ADF6BAEB0522BB84BE6C98D0D6D5EB4BD27BB61412D 208232164C8435 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
10:33:01.0086 0x0c50 LSI_FC - ok
10:33:01.0142 0x0c50 [ EE01EBAE8C9BF0FA072E0FF68718920A, 655924440E611278998226299645BC72B3627A8A057286DC8D 65A162CFBBE484 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
10:33:01.0147 0x0c50 LSI_SAS - ok
10:33:01.0199 0x0c50 [ 912A04696E9CA30146A62AFA1463DD5C, 1D336D47B9D1C8449F29CDB776C092235E3D70CE53D9440970 533E376EB004D3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
10:33:01.0205 0x0c50 LSI_SCSI - ok
10:33:01.0265 0x0c50 [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A62 11F64B7AC9EC6E ] luafv C:\Windows\system32\drivers\luafv.sys
10:33:01.0270 0x0c50 luafv - ok
10:33:01.0323 0x0c50 [ AEF9BABB8A506BC4CE0451A64AADED46, D5608A703EA7E97F11ED4D029B4B820440B0C9317DB7D7DC01 52253CD723DC07 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
10:33:01.0328 0x0c50 Mcx2Svc - ok
10:33:01.0415 0x0c50 [ 0001CE609D66632FA17B84705F658879, D5F9758BDC2B733307B565A74B33F5581FB425A5A9F32CCFA3 07DA1569EBD6CD ] megasas C:\Windows\system32\drivers\megasas.sys
10:33:01.0417 0x0c50 megasas - ok
10:33:01.0499 0x0c50 [ C252F32CD9A49DBFC25ECF26EBD51A99, 47EC8F475AB62A00FAF989CD2C3ABDF2922588F75CC15C83CD 99A62EF6400FB0 ] MegaSR C:\Windows\system32\drivers\megasr.sys
10:33:01.0525 0x0c50 MegaSR - ok
10:33:01.0686 0x0c50 [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC83 2AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
10:33:01.0690 0x0c50 Microsoft Office Groove Audit Service - ok
10:33:01.0750 0x0c50 [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724 EBC486238DA0AA ] MMCSS C:\Windows\system32\mmcss.dll
10:33:01.0754 0x0c50 MMCSS - ok
10:33:01.0779 0x0c50 [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F 7E3329F05A334A ] Modem C:\Windows\system32\drivers\modem.sys
10:33:01.0782 0x0c50 Modem - ok
10:33:01.0880 0x0c50 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD4 02EED5D0A89595 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
10:33:01.0882 0x0c50 monitor - ok
10:33:01.0945 0x0c50 [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE 71A29B2E95923D ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
10:33:01.0947 0x0c50 mouclass - ok
10:33:02.0000 0x0c50 [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1 BE4426E67F5EC2 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
10:33:02.0002 0x0c50 mouhid - ok
10:33:02.0091 0x0c50 [ 3EAE06B0D9E32A3D45DC3E07F1FBFA97, 0C56D92C5131D60AF2FCCF071976F2932A2C544C5EC4C2A547 6E99CDE17FF08C ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
10:33:02.0094 0x0c50 MountMgr - ok
10:33:02.0162 0x0c50 [ 511D011289755DD9F9A7579FB0B064E6, 1FD0D0D5B6E08FE06F7A5D0821BCD859B0F98A6DEA58AAB7FB 6C95B64212FFC8 ] mpio C:\Windows\system32\drivers\mpio.sys
10:33:02.0167 0x0c50 mpio - ok
10:33:02.0230 0x0c50 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61 421A0C6D4736CD ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
10:33:02.0233 0x0c50 mpsdrv - ok
10:33:02.0335 0x0c50 [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4 E08CDCDCE160D9 ] MpsSvc C:\Windows\system32\mpssvc.dll
10:33:02.0360 0x0c50 MpsSvc - ok
10:33:02.0457 0x0c50 [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1 ACF4FD3B248F0A ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
10:33:02.0460 0x0c50 Mraid35x - ok
10:33:02.0523 0x0c50 MREMP50 - ok
10:33:02.0536 0x0c50 MREMPR5 - ok
10:33:02.0549 0x0c50 MRENDIS5 - ok
10:33:02.0629 0x0c50 MRESP50 - ok
10:33:02.0704 0x0c50 [ DADF6D90942C198CD15D345A9F6CF4CD, 993240684DA9EC5B45B28EEEB36B4676A0ADE5CA385C231DF7 F94B81F6A69DD3 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
10:33:02.0709 0x0c50 MRxDAV - ok
10:33:02.0791 0x0c50 [ 1B864548B2ACEC1C0BB29B615CC42978, E1DA3E6764A2C7072D99F2F093E5F40DB6DC809701B59C155C 6B4EE327AB9E41 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
10:33:02.0797 0x0c50 mrxsmb - ok
10:33:02.0886 0x0c50 [ 3F39B02EEDC5B8A0ED896EA1CDF7245F, 41C1DCD82F964A398B7C3D44178DBF7C8AF1C2DBC5F2D944BE 6B00E909FE083B ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:33:02.0908 0x0c50 mrxsmb10 - ok
10:33:02.0972 0x0c50 [ D0670EC8E5AD3FA5BE372BF70AC0EABF, BD2D1BA151FD5409EAA41ECCBEB863FE52FF7C2D92349961FE E736D66970748E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:33:02.0977 0x0c50 mrxsmb20 - ok
10:33:03.0060 0x0c50 [ 28023E86F17001F7CD9B15A5BC9AE07D, FC7EAA592C5F796E3BCD7F7EF261709CD899B33FC8486E594A 480F143D0D6320 ] msahci C:\Windows\system32\drivers\msahci.sys
10:33:03.0063 0x0c50 msahci - ok
10:33:03.0121 0x0c50 [ 4468B0F385A86ECDDAF8D3CA662EC0E7, EAEDC9CDD2EEC5000AF8190A4BE7729282576C3F88E64FDF57 F455F5CECC81C9 ] msdsm C:\Windows\system32\drivers\msdsm.sys
10:33:03.0126 0x0c50 msdsm - ok
10:33:03.0193 0x0c50 [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8A DB793F2CD5EC1F ] MSDTC C:\Windows\System32\msdtc.exe
10:33:03.0201 0x0c50 MSDTC - ok
10:33:03.0272 0x0c50 [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C201939 1FB36DEE0738C0 ] Msfs C:\Windows\system32\drivers\Msfs.sys
10:33:03.0274 0x0c50 Msfs - ok
10:33:03.0307 0x0c50 [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB7 2F51EED433C4BC ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
10:33:03.0309 0x0c50 msisadrv - ok
10:33:03.0384 0x0c50 [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A2 2225DC8EFD70A6 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
10:33:03.0391 0x0c50 MSiSCSI - ok
10:33:03.0435 0x0c50 msiserver - ok
10:33:03.0474 0x0c50 [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E 165F051A1AD2AE ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
10:33:03.0476 0x0c50 MSKSSRV - ok
10:33:03.0522 0x0c50 [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE0855 4772808476357B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
10:33:03.0524 0x0c50 MSPCLOCK - ok
10:33:03.0572 0x0c50 [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692 D0E61490CF4BAA ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
10:33:03.0574 0x0c50 MSPQM - ok
10:33:03.0656 0x0c50 [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C4 5604613385C92F ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
10:33:03.0664 0x0c50 MsRPC - ok
10:33:03.0721 0x0c50 [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C98 55E9C0A04F026C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
10:33:03.0723 0x0c50 mssmbios - ok
10:33:03.0812 0x0c50 [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C3 20CD22B10B8A3B ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
10:33:03.0814 0x0c50 MSTEE - ok
10:33:03.0875 0x0c50 [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425 BCA99E7ACF6821 ] Mup C:\Windows\system32\Drivers\mup.sys
10:33:03.0878 0x0c50 Mup - ok
10:33:03.0965 0x0c50 [ 2DE94E435C3EFDE58C7B1856D4F20724, AD36759F23D9E83135F5CBAA851942A35D81E74D09E7951F88 45F7B7A9E0A63B ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
10:33:03.0968 0x0c50 mwlPSDFilter - ok
10:33:04.0069 0x0c50 [ 61920A7146EED3D903DBBB8EC295AF76, A170C90517CC30604E30A87BFFC6E150C264D362C6C521E089 AFD3198A372448 ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
10:33:04.0071 0x0c50 mwlPSDNServ - ok
10:33:04.0118 0x0c50 [ E0F49721E68EBD2983E84C44FADA6665, C9F491B1FB7DD02DB80907B20E1DD2212B19DF8A2D7902EC64 5411A916210D58 ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
10:33:04.0121 0x0c50 mwlPSDVDisk - ok
10:33:04.0212 0x0c50 [ 77F8AD024059A9A8E17E654B887D1EF0, 8EED7043017C02D76A9CAAD553AEA6D45B878E9D355574C307 507D8D103F2C55 ] MWLService C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe
10:33:04.0234 0x0c50 MWLService - ok
10:33:04.0285 0x0c50 [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB 1653F373F8D9AF ] napagent C:\Windows\system32\qagentRT.dll
10:33:04.0307 0x0c50 napagent - ok
10:33:04.0420 0x0c50 [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024 FA8614989E0956 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
10:33:04.0427 0x0c50 NativeWifiP - ok
10:33:04.0575 0x0c50 [ DEC4B200C459FA929B0A764E79904B79, 40261D7D0BEE45E6E3F4F25D7ACAB00744BAF5D515B6D84B41 A25ED22380DC13 ] NDIS C:\Windows\system32\drivers\ndis.sys
10:33:04.0647 0x0c50 NDIS - ok
10:33:04.0728 0x0c50 [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F02910 5B58279622FC1B ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
10:33:04.0730 0x0c50 NdisTapi - ok
10:33:04.0794 0x0c50 [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013 E5EF45DB237EFC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
10:33:04.0796 0x0c50 Ndisuio - ok
10:33:04.0906 0x0c50 [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB 8F1891CBAA9140 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
10:33:04.0912 0x0c50 NdisWan - ok
10:33:04.0967 0x0c50 [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1 EA0A5E64551684 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
10:33:04.0973 0x0c50 NDProxy - ok
10:33:05.0099 0x0c50 [ 510C138564486FF926A3F773205C63D1, 50FBB8555C284ED22F71D99750899321B63E3B4C255174FE9B 4F31084F9A34B1 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
10:33:05.0102 0x0c50 Net Driver HPZ12 - ok
10:33:05.0139 0x0c50 [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E42 37B07A598B3EBD ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
10:33:05.0145 0x0c50 NetBIOS - ok
10:33:05.0251 0x0c50 [ BF84E55A9B3AD3CBAB4AAE3BE043E579, A01D03836E67C6B434687FF3388DB0BD935BCF81A611728C32 E7392694E7689C ] netbt C:\Windows\system32\DRIVERS\netbt.sys
10:33:05.0260 0x0c50 netbt - ok
10:33:05.0297 0x0c50 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5D A831A72E1D52BB ] Netlogon C:\Windows\system32\lsass.exe
10:33:05.0299 0x0c50 Netlogon - ok
10:33:05.0377 0x0c50 [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6 C02BF207070B35 ] Netman C:\Windows\System32\netman.dll
10:33:05.0400 0x0c50 Netman - ok
10:33:05.0465 0x0c50 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE 07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSv cHost.exe
10:33:05.0472 0x0c50 NetMsmqActivator - ok
10:33:05.0576 0x0c50 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE 07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSv cHost.exe
10:33:05.0581 0x0c50 NetPipeActivator - ok
10:33:05.0632 0x0c50 [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45 BB79D4B54B80BF ] netprofm C:\Windows\System32\netprofm.dll
10:33:05.0654 0x0c50 netprofm - ok
10:33:05.0722 0x0c50 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE 07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSv cHost.exe
10:33:05.0727 0x0c50 NetTcpActivator - ok
10:33:05.0746 0x0c50 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE 07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSv cHost.exe
10:33:05.0752 0x0c50 NetTcpPortSharing - ok
10:33:05.0822 0x0c50 [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059 661D057094B1A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
10:33:05.0825 0x0c50 nfrd960 - ok
10:33:05.0903 0x0c50 [ C96411DD46AABC0D6F3CF06D0E0E7E14, 0D36F322AF1B923D96735BFFCAC3FDB0B282E59220BADAB8B4 9AC178A6765380 ] NlaSvc C:\Windows\System32\nlasvc.dll
10:33:05.0913 0x0c50 NlaSvc - ok
10:33:05.0997 0x0c50 [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD 999CD08FC4A637 ] Npfs C:\Windows\system32\drivers\Npfs.sys
10:33:05.0999 0x0c50 Npfs - ok
Reply With Quote
  #39  
Old January 11th, 2017, 07:38 PM
ryno ryno is offline
CTH Subscriber
 
Join Date: Aug 2007
Posts: 177
10:33:06.0068 0x0c50 [ 6D8D2E5652FC2442C810C5D8BE784148, 013FF4FA03CA2E066B1946CC09889616B243068BA0FB2E58D4 C1435BF66FBC87 ] NSCIRDA C:\Windows\system32\DRIVERS\nscirda.sys
10:33:06.0070 0x0c50 NSCIRDA - ok
10:33:06.0149 0x0c50 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E98417 03B5A55870C8F6 ] nsi C:\Windows\system32\nsisvc.dll
10:33:06.0153 0x0c50 nsi - ok
10:33:06.0200 0x0c50 [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20F FB6DEACD70F2BD ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
10:33:06.0202 0x0c50 nsiproxy - ok
10:33:06.0349 0x0c50 [ 2C1121F2B87E9A6B12485DF53CD848C7, E580428F3BA7B201C6C7CFADF1F44A6ECA4F589EDB034DA142 60136236195936 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
10:33:06.0406 0x0c50 Ntfs - ok
10:33:06.0493 0x0c50 [ 453A4AA289CA08DFDD7B34C3064D0B05, 2468284F75A9711DEC62CAFFAD1C7D0A4239280C7676192073 9754A04D07CBB4 ] NTI IScheduleSvc C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
10:33:06.0495 0x0c50 NTI IScheduleSvc - ok
10:33:06.0570 0x0c50 [ 973DCB15731339FCA176E534055CF115, AB27B6B248436BDAC9E2E314FE195FEFEA63E147E558C6B720 19015CAB7CA02A ] NTIBackupSvc C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
10:33:06.0573 0x0c50 NTIBackupSvc - ok
10:33:06.0596 0x0c50 [ 6DCAA65F49EF3B97A5CFFC0CB5DE1C2F, 97CE08B0797A6A13567B49A2AD9BE95C019E3F199857823005 F68702CD6A5B08 ] NTIDrvr C:\Windows\system32\Drivers\NTIDrvr.sys
10:33:06.0630 0x0c50 NTIDrvr - ok
10:33:06.0682 0x0c50 [ 58751F9248D50BCE1053976C9E2F0859, E4E831C5B706149907F3ED82C9A3277E5C59EACDC33FB2A8F9 4CEE6C13128929 ] NTISchedulerSvc C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
10:33:06.0689 0x0c50 NTISchedulerSvc - ok
10:33:06.0734 0x0c50 [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE 1D444949FD8DE7 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
10:33:06.0736 0x0c50 ntrigdigi - ok
10:33:06.0770 0x0c50 [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB 768F95BA674108 ] Null C:\Windows\system32\drivers\Null.sys
10:33:06.0771 0x0c50 Null - ok
10:33:06.0835 0x0c50 [ 2EDF9E7751554B42CBB60116DE727101, 37A0AA78E83DBB5A788F7F067EB71DDF6CCC72A66BB41B209E 1A5E2F68F8AF9B ] nvraid C:\Windows\system32\drivers\nvraid.sys
10:33:06.0841 0x0c50 nvraid - ok
10:33:06.0885 0x0c50 [ ABED0C09758D1D97DB0042DBB2688177, 84B9BF886EF9181915E8AB6D971446BC681E6DE4485DBECD62 838EAFA10E7F46 ] nvstor C:\Windows\system32\drivers\nvstor.sys
10:33:06.0888 0x0c50 nvstor - ok
10:33:06.0971 0x0c50 [ 18BBDF913916B71BD54575BDB6EEAC0B, 5FBA165149AB09E869DCE35622E91CFC964BDD22B31A5E76CF 12F1565402B207 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
10:33:06.0977 0x0c50 nv_agp - ok
10:33:07.0012 0x0c50 NwlnkFlt - ok
10:33:07.0024 0x0c50 NwlnkFwd - ok
10:33:07.0111 0x0c50 [ 69316583D4CC032B3E4E72FD86C2FFA8, 86F4B10C05EEE969AB87A653621F6C135F26AC7438A7FB73A7 7662FC37E799EA ] ODDPwrSvc C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe
10:33:07.0117 0x0c50 ODDPwrSvc - ok
10:33:07.0255 0x0c50 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266 DD0E076C0822B6 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:33:07.0305 0x0c50 odserv - ok
10:33:07.0336 0x0c50 [ 790E27C3DB53410B40FF9EF2FD10A1D9, FD06F2702B8F7E04ECF1B6E88602F14301E7AE7FC44AD11428 2E580FAD530A9C ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
10:33:07.0340 0x0c50 ohci1394 - ok
10:33:07.0405 0x0c50 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8 E11F665F8B9A71 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:33:07.0412 0x0c50 ose - ok
10:33:07.0508 0x0c50 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE334 52BE3B2A550649 ] p2pimsvc C:\Windows\system32\p2psvc.dll
10:33:07.0553 0x0c50 p2pimsvc - ok
10:33:07.0637 0x0c50 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE334 52BE3B2A550649 ] p2psvc C:\Windows\system32\p2psvc.dll
10:33:07.0665 0x0c50 p2psvc - ok
10:33:07.0710 0x0c50 [ 0FA9B5055484649D63C303FE404E5F4D, ABF357001A5E7B21621560E74FA538E2D899C5111A6AAC784B 5B12D9D819C6CD ] Parport C:\Windows\system32\drivers\parport.sys
10:33:07.0715 0x0c50 Parport - ok
10:33:07.0773 0x0c50 [ B9C2B89F08670E159F7181891E449CD9, BD48CE95CF4B75D1FD5FD379B2A8727BC000F2B6748B77636C 6BDB0B37B0344A ] partmgr C:\Windows\system32\drivers\partmgr.sys
10:33:07.0777 0x0c50 partmgr - ok
10:33:07.0813 0x0c50 [ 4F9A6A8A31413180D0FCB279AD5D8112, DCE48BC6E3447403521BB9FBF727E629DEE45B69B8AE8CFEE1 A67FECAE3CB9D3 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
10:33:07.0815 0x0c50 Parvdm - ok
10:33:07.0882 0x0c50 [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582 722A49322357CE ] PcaSvc C:\Windows\System32\pcasvc.dll
10:33:07.0887 0x0c50 PcaSvc - ok
10:33:07.0947 0x0c50 [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F2 9DFE7B53BBA802 ] pci C:\Windows\system32\drivers\pci.sys
10:33:07.0954 0x0c50 pci - ok
10:33:08.0000 0x0c50 [ FC175F5DDAB666D7F4D17449A547626F, 7D6108213D1AD3F97A3B83E491BCCC7D6F5BC72C32A182BDDE 8736851A26C8D2 ] pciide C:\Windows\system32\drivers\pciide.sys
10:33:08.0002 0x0c50 pciide - ok
10:33:08.0105 0x0c50 [ B7C5A8769541900F6DFA6FE0C5E4D513, 1885FE8AE9D6929E8B43D674B43B7B3FEAA25AF6E45973A0B4 9CBA7B9CBA34C4 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
10:33:08.0113 0x0c50 pcmcia - ok
10:33:08.0266 0x0c50 [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415 AA470D24294F92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
10:33:08.0311 0x0c50 PEAUTH - ok
10:33:08.0512 0x0c50 [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0 FE9B99453BDBEF ] pla C:\Windows\system32\pla.dll
10:33:08.0599 0x0c50 pla - ok
10:33:08.0665 0x0c50 [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD 3B715DACD4B61F ] PlugPlay C:\Windows\system32\umpnpmgr.dll
10:33:08.0691 0x0c50 PlugPlay - ok
10:33:08.0882 0x0c50 [ 89A7BBD2033B16A915966F2C63E53FD5, 92B1F0F4CCC4EFDC6DE929AFCA21451D31F3867A165F95A964 2C92090EA8AD8A ] PMBDeviceInfoProvider C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
10:33:08.0916 0x0c50 PMBDeviceInfoProvider - ok
10:33:09.0089 0x0c50 [ 37E5E8FFBAD35605DAEEC3224EA0E465, E3A9BE275D3C8A3E143DF3A795964E9860A1F6C18BE36F8FE5 52E954435AC927 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
10:33:09.0093 0x0c50 Pml Driver HPZ12 - ok
10:33:09.0154 0x0c50 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE334 52BE3B2A550649 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
10:33:09.0179 0x0c50 PNRPAutoReg - ok
10:33:09.0265 0x0c50 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE334 52BE3B2A550649 ] PNRPsvc C:\Windows\system32\p2psvc.dll
10:33:09.0304 0x0c50 PNRPsvc - ok
10:33:09.0388 0x0c50 [ E16D328D6C5382916C1F7925E2A20662, D904E886614E9C18B1FE0FDE884777F01FAE7CD1688C5DB3CE E772E6BDEF1516 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
10:33:09.0410 0x0c50 PolicyAgent - ok
10:33:09.0470 0x0c50 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129 CB9F36A02E4354 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
10:33:09.0474 0x0c50 PptpMiniport - ok
10:33:09.0522 0x0c50 [ 2027293619DD0F047C584CF2E7DF4FFD, B7C172CCD08D8A30483D27536355ED1E5009B33629355B4264 70AFBA8542B394 ] Processor C:\Windows\system32\drivers\processr.sys
10:33:09.0525 0x0c50 Processor - ok
10:33:09.0590 0x0c50 [ 0D5DAD610D7EA1627581ED06FB2BAA9A, 6E27CF3A1624AE10EECB8B5F38E03D76A6AABE4E75DD66DEDD 67E0773935A396 ] ProfSvc C:\Windows\system32\profsvc.dll
10:33:09.0600 0x0c50 ProfSvc - ok
10:33:09.0654 0x0c50 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5D A831A72E1D52BB ] ProtectedStorage C:\Windows\system32\lsass.exe
10:33:09.0657 0x0c50 ProtectedStorage - ok
10:33:09.0757 0x0c50 [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB 49C7F486B52C18 ] PSched C:\Windows\system32\DRIVERS\pacer.sys
10:33:09.0761 0x0c50 PSched - ok
10:33:09.0881 0x0c50 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6, 8B7D44A7698B95FE34CBBE4FAB2F01EC1F5BA86C2B19672F99 767E650E99BF1C ] ql2300 C:\Windows\system32\drivers\ql2300.sys
10:33:09.0950 0x0c50 ql2300 - ok
10:33:09.0991 0x0c50 [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F3 15CC92E5C9E128 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
10:33:09.0997 0x0c50 ql40xx - ok
10:33:10.0105 0x0c50 [ 3B68696914E467BBE827D2552B5B85EF, 6ACD286EE3A558C41A7D2B649383B04759CA1C7882CF6C0E08 5A99FE1ADD9F2F ] qrkis C:\Windows\system32\DRIVERS\qrkis.sys
10:33:10.0108 0x0c50 qrkis - ok
10:33:10.0200 0x0c50 [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840 CEB31448F7F432 ] QWAVE C:\Windows\system32\qwave.dll
10:33:10.0226 0x0c50 QWAVE - ok
10:33:10.0281 0x0c50 [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABED DC1201B60D720E ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
10:33:10.0284 0x0c50 QWAVEdrv - ok
10:33:10.0330 0x0c50 [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70 ACC12FC3CFEFD7 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
10:33:10.0331 0x0c50 RasAcd - ok
10:33:10.0384 0x0c50 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DF F71904AF232DB2 ] RasAuto C:\Windows\System32\rasauto.dll
10:33:10.0394 0x0c50 RasAuto - ok
10:33:10.0448 0x0c50 [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A933 78386174A70A32 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
10:33:10.0452 0x0c50 Rasl2tp - ok
10:33:10.0539 0x0c50 [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950 598D89CCF25E14 ] RasMan C:\Windows\System32\rasmans.dll
10:33:10.0562 0x0c50 RasMan - ok
10:33:10.0653 0x0c50 [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB 8772C7DE1A60B1 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
10:33:10.0656 0x0c50 RasPppoe - ok
10:33:10.0740 0x0c50 [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59 AB384C52F0FD94 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
10:33:10.0744 0x0c50 RasSstp - ok
10:33:10.0831 0x0c50 [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533 BDA9B649548269 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
10:33:10.0841 0x0c50 rdbss - ok
10:33:10.0895 0x0c50 [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD 7940AA619570BB ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
10:33:10.0896 0x0c50 RDPCDD - ok
10:33:10.0977 0x0c50 [ FBC0BACD9C3D7F6956853F64A66E252D, 7672B10C7039295B152C02C96903E869FF2C0A88A2C3FA89BA E9F1D593B43569 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
10:33:10.0997 0x0c50 rdpdr - ok
10:33:11.0030 0x0c50 [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A5 1F125BF09E487B ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
10:33:11.0031 0x0c50 RDPENCDD - ok
10:33:11.0109 0x0c50 [ C127EBD5AFAB31524662C48DFCEB773A, 40A6B88FEAFF02D1B5C0CA32F290CF3D9B48B85D248C7532F3 0CC5C09BAA4D89 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
10:33:11.0118 0x0c50 RDPWD - ok
10:33:11.0241 0x0c50 [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B4202 76D2D6B20F86FC ] RemoteAccess C:\Windows\System32\mprdim.dll
10:33:11.0247 0x0c50 RemoteAccess - ok
10:33:11.0324 0x0c50 [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53 F65AD988819E67 ] RemoteRegistry C:\Windows\system32\regsvc.dll
10:33:11.0332 0x0c50 RemoteRegistry - ok
10:33:11.0407 0x0c50 RimUsb - ok
10:33:11.0476 0x0c50 [ D9B34325EE5DF78B8F28A3DE9F577C7D, 20E5655B79A252E012B6FB6DA5F4419DBF2577A9737D4A04BF E6A769D507E00B ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial.sys
10:33:11.0478 0x0c50 RimVSerPort - ok
10:33:11.0568 0x0c50 [ 75E8A6BFA7374ABA833AE92BF41AE4E6, 5A4CF4CDEFFCC4892D01FF4A5918D91193AA44AA29469B52E8 3824E6BCC877A5 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
10:33:11.0570 0x0c50 ROOTMODEM - ok
10:33:11.0627 0x0c50 RoxLiveShare9 - ok
10:33:11.0724 0x0c50 [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E7 76297E21815225 ] RpcLocator C:\Windows\system32\locator.exe
10:33:11.0727 0x0c50 RpcLocator - ok
10:33:11.0834 0x0c50 [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE8714581 2F354FC8F5E183 ] RpcSs C:\Windows\System32\rpcss.dll
10:33:11.0856 0x0c50 RpcSs - ok
10:33:11.0904 0x0c50 [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F6151 09FD9E2690FFDB ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
10:33:11.0907 0x0c50 rspndr - ok
10:33:12.0027 0x0c50 [ 8E250687E5F020CD337CC9D8252C0B56, 4C9C82F5AC2D90E53EAF339EE4F2C6E3EE2E96C606E6D129CB CAB0FA1D092D0E ] RS_Service C:\Program Files\Acer\Acer VCM\RS_Service.exe
10:33:12.0038 0x0c50 RS_Service - ok
10:33:12.0108 0x0c50 [ 9B09F336DE36A7A6CA871DE8A7847B65, 1F99D1F3298F0C66E93287E269EAB001140A9F2A6E867E11B3 0F21B04B720AB9 ] RTSTOR C:\Windows\system32\drivers\RTSTOR.SYS
10:33:12.0112 0x0c50 RTSTOR - ok
10:33:12.0156 0x0c50 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5D A831A72E1D52BB ] SamSs C:\Windows\system32\lsass.exe
10:33:12.0158 0x0c50 SamSs - ok
10:33:12.0212 0x0c50 [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D90 55B7D8952BDC88 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
10:33:12.0216 0x0c50 sbp2port - ok
10:33:12.0287 0x0c50 [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8 E5B14714892C00 ] SCardSvr C:\Windows\System32\SCardSvr.dll
10:33:12.0295 0x0c50 SCardSvr - ok
10:33:12.0416 0x0c50 [ F79CC0F814748E15538BF4D808030739, 396E94A309AFB163791095A25950CB7D85EEC43B416E1E7F05 6F430E1B719F4D ] Schedule C:\Windows\system32\schedsvc.dll
10:33:12.0462 0x0c50 Schedule - ok
10:33:12.0550 0x0c50 [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458 B9FE183FC18C5D ] SCPolicySvc C:\Windows\System32\certprop.dll
10:33:12.0552 0x0c50 SCPolicySvc - ok
10:33:12.0655 0x0c50 [ 126EA89BCC413EE45E3004FB0764888F, 367BE2B56113177AE867E00D019C707C6449E0FC4A642101B1 1036A0534D6901 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
10:33:12.0660 0x0c50 sdbus - ok
10:33:12.0722 0x0c50 [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61 B481C9B5FAB251 ] SDRSVC C:\Windows\System32\SDRSVC.dll
10:33:12.0731 0x0c50 SDRSVC - ok
10:33:12.0797 0x0c50 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CD D67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
10:33:12.0800 0x0c50 secdrv - ok
10:33:12.0858 0x0c50 [ 7D7A5D3CB5AB4B394E03BDE27E6114E8, 590644469036B9C2DF3D6E56D41FD7D09D0AE5021B0FA96A8C BA873F923865C8 ] seclogon C:\Windows\system32\seclogon.dll
10:33:12.0863 0x0c50 seclogon - ok
10:33:12.0924 0x0c50 [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C76 55683717EDAD75 ] SENS C:\Windows\system32\sens.dll
10:33:12.0930 0x0c50 SENS - ok
10:33:12.0954 0x0c50 [ 68E44E331D46F0FB38F0863A84CD1A31, 0778D85B6869CE2610820DC9724360538BFE832426E898AEBC 34E53D2AB4322B ] Serenum C:\Windows\system32\drivers\serenum.sys
10:33:12.0956 0x0c50 Serenum - ok
10:33:13.0028 0x0c50 [ C70D69A918B178D3C3B06339B40C2E1B, 40BEEECA4C797A3355F4B01C57C2763C33028F278263150623 20789A496D0810 ] Serial C:\Windows\system32\drivers\serial.sys
10:33:13.0033 0x0c50 Serial - ok
10:33:13.0061 0x0c50 [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF357 4891110CA68B45 ] sermouse C:\Windows\system32\drivers\sermouse.sys
10:33:13.0067 0x0c50 sermouse - ok
10:33:13.0154 0x0c50 [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288E F1DB22F89434B9 ] SessionEnv C:\Windows\system32\sessenv.dll
10:33:13.0162 0x0c50 SessionEnv - ok
10:33:13.0234 0x0c50 [ 3EFA810BDCA87F6ECC24F9832243FE86, E50FEA94DB9851A46A8A71A8C061AC953A9D5B14585382B3F0 FFC84931A0A68F ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
10:33:13.0237 0x0c50 sffdisk - ok
10:33:13.0307 0x0c50 [ E95D451F7EA3E583AEC75F3B3EE42DC5, B014BE4F9B0C79ECCE2537D1CF4AAD48ACB4C5AD3DACAC4444 F0F465B9689921 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
10:33:13.0310 0x0c50 sffp_mmc - ok
10:33:13.0335 0x0c50 [ 3D0EA348784B7AC9EA9BD9F317980979, 2500CE188C9B71C50E966FA575303AEFE50934E376C530AECE C7C7533C15EF08 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
10:33:13.0337 0x0c50 sffp_sd - ok
10:33:13.0407 0x0c50 [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B 6DEAF751A04B5D ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
10:33:13.0409 0x0c50 sfloppy - ok
10:33:13.0489 0x0c50 [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F 8C5E7DFB0605A5 ] SharedAccess C:\Windows\System32\ipnathlp.dll
10:33:13.0512 0x0c50 SharedAccess - ok
10:33:13.0610 0x0c50 [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD69 50BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:33:13.0633 0x0c50 ShellHWDetection - ok
10:33:13.0675 0x0c50 [ 1D76624A09A054F682D746B924E2DBC3, DC903DD466AB8899883253F09477B02E4E93A31C8B279F9F02 BD555F1AA083B7 ] sisagp C:\Windows\system32\drivers\sisagp.sys
10:33:13.0679 0x0c50 sisagp - ok
10:33:13.0735 0x0c50 [ 43CB7AA756C7DB280D01DA9B676CFDE2, 08484CAEA0518C0A4CCCD292D8C803B27FEC453537EE1E4CEE 74A7208356A474 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
10:33:13.0738 0x0c50 SiSRaid2 - ok
10:33:13.0777 0x0c50 [ A99C6C8B0BAA970D8AA59DDC50B57F94, 97AC9DD6DC4F58AC60E819B999BB157663EE7C1739521D1676 8AA9AC00DAD012 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
10:33:13.0806 0x0c50 SiSRaid4 - ok
10:33:14.0087 0x0c50 [ 753D254205E0A62100A050BD8B458D06, DFDFCC6FAE853C690DB11EC44E5C105C6B6A0302AFC92ADC62 260E727E1987C1 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
10:33:14.0268 0x0c50 Skype C2C Service - ok
10:33:14.0428 0x0c50 [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11 EFD29BA7541F2A ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
10:33:14.0451 0x0c50 SkypeUpdate - ok
10:33:14.0725 0x0c50 [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D66 6357F22CC3143D ] slsvc C:\Windows\system32\SLsvc.exe
10:33:14.0976 0x0c50 slsvc - ok
10:33:15.0078 0x0c50 [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728 874E42F639D6CA ] SLUINotify C:\Windows\system32\SLUINotify.dll
10:33:15.0087 0x0c50 SLUINotify - ok
10:33:15.0178 0x0c50 [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5 F622CD59F3227E ] Smb C:\Windows\system32\DRIVERS\smb.sys
10:33:15.0182 0x0c50 Smb - ok
10:33:15.0247 0x0c50 [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513 A21EAD579CFE47 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
10:33:15.0252 0x0c50 SNMPTRAP - ok
10:33:15.0299 0x0c50 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE6 9ABF64FC54EDF7 ] spldr C:\Windows\system32\drivers\spldr.sys
10:33:15.0301 0x0c50 spldr - ok
10:33:15.0394 0x0c50 [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056 E455020CC15FB0 ] Spooler C:\Windows\System32\spoolsv.exe
10:33:15.0403 0x0c50 Spooler - ok
10:33:15.0506 0x0c50 [ E822F009416F6CC21C6545D58E8F9B62, 8536F4386303137BF3618E640F66EE2DA272BA3E7CDCD68C76 1BA74204A29608 ] srv C:\Windows\system32\DRIVERS\srv.sys
10:33:15.0528 0x0c50 srv - ok
10:33:15.0562 0x0c50 [ 37DBD18CDC429690F34862F39BFEBDA5, 43EA2A23A36271CDFED93823822D7DDE550EC7492412ECBE89 31ED6D2BEC632B ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
10:33:15.0569 0x0c50 srv2 - ok
10:33:15.0620 0x0c50 [ 40CD9883E862BF84A35D58A10652C0E0, B4205536ADC4BE98F076751DFC8F86EC070F03A4B15EE13339 1498A3FDEC2798 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
10:33:15.0629 0x0c50 srvnet - ok
10:33:15.0682 0x0c50 [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66 CAC8907DBD8327 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
10:33:15.0707 0x0c50 SSDPSRV - ok
10:33:15.0815 0x0c50 [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA 149FCB2D1D4C4C ] SstpSvc C:\Windows\system32\sstpsvc.dll
10:33:15.0824 0x0c50 SstpSvc - ok
10:33:15.0932 0x0c50 [ EF70B3D22B4BFFDA6EA851ECB063EFAA, 1666572F8F988805C3A2E949FA6B060B35B72DBB115B86F4CF C710FB6A86C3E3 ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
10:33:15.0933 0x0c50 StillCam - ok
10:33:16.0049 0x0c50 [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD 1340754A22F997 ] stisvc C:\Windows\System32\wiaservc.dll
10:33:16.0083 0x0c50 stisvc - ok
10:33:16.0139 0x0c50 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295 B3A56C51E9486A ] swenum C:\Windows\system32\DRIVERS\swenum.sys
10:33:16.0141 0x0c50 swenum - ok
10:33:16.0224 0x0c50 [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CF F1B51C9B620ED3 ] swprv C:\Windows\System32\swprv.dll
10:33:16.0247 0x0c50 swprv - ok
10:33:16.0298 0x0c50 [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E98 5D71FA04D1AD05 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
10:33:16.0301 0x0c50 Symc8xx - ok
10:33:16.0352 0x0c50 [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2F F396927CAADEC5 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
10:33:16.0354 0x0c50 Sym_hi - ok
10:33:16.0418 0x0c50 [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2 EA11CC363D82B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
10:33:16.0421 0x0c50 Sym_u3 - ok
10:33:16.0497 0x0c50 [ 5C3E900F41426A372DE60675AFC8AA07, 78DECA291FDE8C8F7E86F7AFAFD8F8EEB9B1A50480D41129E9 CE278FCEA258C5 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
10:33:16.0507 0x0c50 SynTP - ok
10:33:16.0604 0x0c50 [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6 FF708CAE5D9962 ] SysMain C:\Windows\system32\sysmain.dll
10:33:16.0683 0x0c50 SysMain - ok
10:33:16.0773 0x0c50 [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40 A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:33:16.0783 0x0c50 TabletInputService - ok
10:33:16.0883 0x0c50 [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA 18D2849CEC6AF0 ] TapiSrv C:\Windows\System32\tapisrv.dll
10:33:16.0906 0x0c50 TapiSrv - ok
10:33:16.0986 0x0c50 [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A2 5375F2A2C93F0E ] TBS C:\Windows\System32\tbssvc.dll
10:33:16.0993 0x0c50 TBS - ok
10:33:17.0120 0x0c50 [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF5 9EC057A2791550 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
10:33:17.0165 0x0c50 Tcpip - ok
10:33:17.0262 0x0c50 [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF5 9EC057A2791550 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
10:33:17.0294 0x0c50 Tcpip6 - ok
10:33:17.0349 0x0c50 [ 608C345A255D82A6289C2D468EB41FD7, 74ECFDD45DC3EB3AFAEF9C42B546241AA1D6ACB2F6591A76DD B8BB1768545889 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
10:33:17.0351 0x0c50 tcpipreg - ok
10:33:17.0396 0x0c50 [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90 F4E001AD15473B ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
10:33:17.0398 0x0c50 TDPIPE - ok
10:33:17.0453 0x0c50 [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E 4EAD27DC50CB17 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
10:33:17.0455 0x0c50 TDTCP - ok
10:33:17.0523 0x0c50 [ EC565DFA3D9C45D8083B72DEC5B33710, BC4F41795AF98FD87F8CC92F946E6896BAC1925A35C3E5E159 E8BF4E6A34A35D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
10:33:17.0527 0x0c50 tdx - ok
10:33:17.0616 0x0c50 [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865 D1EEC0BFD2F61C ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
10:33:17.0619 0x0c50 TermDD - ok
10:33:17.0742 0x0c50 [ DBD84E59D631569EC3E756EF144E8431, 9E58629EC762584A2D294A619593620626F7CBE467045AD0F9 20B6CF1D4B4724 ] TermService C:\Windows\System32\termsrv.dll
10:33:17.0776 0x0c50 TermService - ok
10:33:17.0849 0x0c50 [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD69 50BF0C718CC774 ] Themes C:\Windows\system32\shsvcs.dll
10:33:17.0860 0x0c50 Themes - ok
10:33:17.0915 0x0c50 [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724 EBC486238DA0AA ] THREADORDER C:\Windows\system32\mmcss.dll
10:33:17.0919 0x0c50 THREADORDER - ok
10:33:17.0998 0x0c50 [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D4033280 1D533E445C6667 ] TrkWks C:\Windows\System32\trkwks.dll
10:33:18.0036 0x0c50 TrkWks - ok
10:33:18.0164 0x0c50 [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F94 7D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:33:18.0167 0x0c50 TrustedInstaller - ok
10:33:18.0234 0x0c50 [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3, 1CBB5106A32362ABDEE73BF170E205FE64DDBF826C5F6DFFCC D229F220B9C85E ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
10:33:18.0236 0x0c50 tssecsrv - ok
10:33:18.0271 0x0c50 [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19 DA8E62C9DAC9A8 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
10:33:18.0273 0x0c50 tunmp - ok
10:33:18.0339 0x0c50 [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0E D8202135553D8C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
10:33:18.0341 0x0c50 tunnel - ok
10:33:18.0410 0x0c50 [ 7D33C4DB2CE363C8518D2DFCF533941F, C6A539AD31B0BD9F895E0A537783AA75D5760C8590D83BA832 D59A9B090CA0E9 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
10:33:18.0417 0x0c50 uagp35 - ok
10:33:18.0484 0x0c50 [ F763E070843EE2803DE1395002B42938, 0060F5D7AD091D7F0CC25C98AB9DD8258A9837958AFE845971 CD04E29A6A8658 ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
10:33:18.0486 0x0c50 UBHelper - ok
10:33:18.0566 0x0c50 [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B 9A4E3C30BC28CE ] udfs C:\Windows\system32\DRIVERS\udfs.sys
10:33:18.0588 0x0c50 udfs - ok
10:33:18.0638 0x0c50 [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C 7AC0141C7DABF1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
10:33:18.0643 0x0c50 UI0Detect - ok
10:33:18.0708 0x0c50 [ B0ACFDC9E4AF279E9116C03E014B2B27, 455D30859E381361FF6EE8B01EDC22A2E66CD5EC22CA9F314E 88009DB77A8BAF ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
10:33:18.0712 0x0c50 uliagpkx - ok
10:33:18.0770 0x0c50 [ 9224BB254F591DE4CA8D572A5F0D635C, C5E7B24587AC5A28ECA63300307AD95B8A846833340126AE37 8840A40E53C056 ] uliahci C:\Windows\system32\drivers\uliahci.sys
10:33:18.0781 0x0c50 uliahci - ok
10:33:18.0832 0x0c50 [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C 68329232C31BB9 ] UlSata C:\Windows\system32\drivers\ulsata.sys
10:33:18.0837 0x0c50 UlSata - ok
10:33:18.0941 0x0c50 [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A 06AD5EDCEFD0BA ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
10:33:18.0947 0x0c50 ulsata2 - ok
10:33:19.0019 0x0c50 [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B7 8F2350DB964EBC ] umbus C:\Windows\system32\DRIVERS\umbus.sys
10:33:19.0022 0x0c50 umbus - ok
10:33:19.0075 0x0c50 [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DA E1D9B9FEC1A72D ] upnphost C:\Windows\System32\upnphost.dll
10:33:19.0097 0x0c50 upnphost - ok
10:33:19.0211 0x0c50 [ A176718F0DF45F60F545CF3E14F4D108, 5E767CB0B51B3BA05B6F99A7E46BEC275489DCFE874343C9B9 92843AA1F2334E ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
10:33:19.0214 0x0c50 USBAAPL - ok
10:33:19.0270 0x0c50 [ AAB0B5F72D2D726FBFDC895A2902DE1D, 7824AF6E2ADEA23F208526F3A62AD1BACDBBDB23E58EB58068 90B0761529C50F ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
10:33:19.0275 0x0c50 usbccgp - ok
10:33:19.0332 0x0c50 [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D 8D03E9BD2143B6 ] usbcir C:\Windows\system32\drivers\usbcir.sys
10:33:19.0336 0x0c50 usbcir - ok
10:33:19.0417 0x0c50 [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266 401431169DAE14 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
10:33:19.0420 0x0c50 usbehci - ok
10:33:19.0478 0x0c50 [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F14650760353 5CEBF0BA4684A4 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
10:33:19.0498 0x0c50 usbhub - ok
10:33:19.0528 0x0c50 [ 38DBC7DD6CC5A72011F187425384388B, 456CFCD190035C3033709C8DC0F6DC4352BBF751D57C0C52DD 04F8C301FEBACD ] usbohci C:\Windows\system32\drivers\usbohci.sys
10:33:19.0556 0x0c50 usbohci - ok
10:33:19.0638 0x0c50 [ E75C4B5269091D15A2E7DC0B6D35F2F5, B0A4141B69B66276890836DE98EB8BC790D35CE59FA5030605 93E8CC12AA106B ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
10:33:19.0640 0x0c50 usbprint - ok
10:33:19.0725 0x0c50 [ 1D714B8497CD68307806D5D3F60A5169, 1914D92ECE39995168E3C8F5A7694B7A94954DB299410A2781 D1321C8E60C3D9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
10:33:19.0728 0x0c50 usbscan - ok
10:33:19.0788 0x0c50 [ 234F76D9337BBD25D849C3860418723A, 8AC74D4FFFDEF5CCAA34BA185B45D252BAC15FE37E00515F93 65878325764E7F ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:33:19.0792 0x0c50 USBSTOR - ok
10:33:19.0874 0x0c50 [ 44056325428A8E4C755830426E29878F, 95F182047746D352B7DC2B22298D5E58738E1B787C110D1DE8 41C026FB8A67EB ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
10:33:19.0876 0x0c50 usbuhci - ok
10:33:19.0910 0x0c50 [ 73FF24E21B690625A58109637DDA0DF7, 62B1F9CD82678E2110D4BB5CC86EE8A7AB0757681443916620 B6AAA1EF0DECEB ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
10:33:19.0917 0x0c50 usbvideo - ok
10:33:20.0011 0x0c50 [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE 11B7473BA53337 ] UxSms C:\Windows\System32\uxsms.dll
10:33:20.0016 0x0c50 UxSms - ok
10:33:20.0091 0x0c50 [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F39 0A24A72E0AA528 ] vds C:\Windows\System32\vds.exe
10:33:20.0124 0x0c50 vds - ok
10:33:20.0198 0x0c50 [ 87B06E1F30B749A114F74622D013F8D4, 06C06EF87F7DC668D23B50AA5F419F62474ACF90E325E16749 1BF290286D6594 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
10:33:20.0201 0x0c50 vga - ok
10:33:20.0225 0x0c50 [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB 9AB4FB4E581755 ] VgaSave C:\Windows\System32\drivers\vga.sys
10:33:20.0227 0x0c50 VgaSave - ok
10:33:20.0317 0x0c50 [ 5D7159DEF58A800D5781BA3A879627BC, 499A8E51FDE61AE0D7C1812D1E5B331211A36BD095A4992C62 9B93DE6D80F4E6 ] viaagp C:\Windows\system32\drivers\viaagp.sys
10:33:20.0320 0x0c50 viaagp - ok
10:33:20.0360 0x0c50 [ C4F3A691B5BAD343E6249BD8C2D45DEE, 19DE07AD6CD51036FA8A6B8EE82F34D7F5264FF3A12CBE6E52 BD036D0303E319 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
10:33:20.0367 0x0c50 ViaC7 - ok
10:33:20.0420 0x0c50 [ AADF5587A4063F52C2C3FED7887426FC, 0A74791A236FDAFCD045CFB79A159245B94F7C2033E0CD830C 1B76F0F994E06D ] viaide C:\Windows\system32\drivers\viaide.sys
10:33:20.0423 0x0c50 viaide - ok
10:33:20.0479 0x0c50 [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98A E5ED45279F5006 ] volmgr C:\Windows\system32\drivers\volmgr.sys
10:33:20.0482 0x0c50 volmgr - ok
10:33:20.0573 0x0c50 [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8 F9A21833C8EFC5 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
10:33:20.0595 0x0c50 volmgrx - ok
10:33:20.0657 0x0c50 [ 786DB5771F05EF300390399F626BF30A, 4A07BE5AEDBA4C15C2F9A91250F0488A0B0305C67BB7A03750 8D5CBF86D4E1B7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
10:33:20.0681 0x0c50 volsnap - ok
10:33:20.0752 0x0c50 [ 587253E09325E6BF226B299774B728A9, C9F46197819C2A095456393C518A9B00B59ECDC54F464D038A A7F8DCCDB93CCF ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
10:33:20.0759 0x0c50 vsmraid - ok
10:33:20.0853 0x0c50 [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2 F6EF30E2121704 ] VSS C:\Windows\system32\vssvc.exe
10:33:20.0976 0x0c50 VSS - ok
10:33:21.0093 0x0c50 [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2F BEB3E67AC6A10B ] W32Time C:\Windows\system32\w32time.dll
10:33:21.0116 0x0c50 W32Time - ok
10:33:21.0214 0x0c50 [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D559 6885FF1772F148 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
10:33:21.0216 0x0c50 WacomPen - ok
10:33:21.0293 0x0c50 [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E 7B671B9E48F7CC ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
10:33:21.0297 0x0c50 Wanarp - ok
10:33:21.0340 0x0c50 [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E 7B671B9E48F7CC ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
10:33:21.0345 0x0c50 Wanarpv6 - ok
10:33:21.0424 0x0c50 [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B 7B28CECF329674 ] wcncsvc C:\Windows\System32\wcncsvc.dll
10:33:21.0456 0x0c50 wcncsvc - ok
10:33:21.0527 0x0c50 [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A4 1249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:33:21.0533 0x0c50 WcsPlugInService - ok
10:33:21.0594 0x0c50 [ 78FE9542363F297B18C027B2D7E7C07F, 6BC3ED2A48EF41E1EE597FD58271DB12256EC013518663331C D0FBCB3FC415EE ] Wd C:\Windows\system32\drivers\wd.sys
10:33:21.0597 0x0c50 Wd - ok
10:33:21.0684 0x0c50 [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3 946887203F7BEE ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
10:33:21.0740 0x0c50 Wdf01000 - ok
10:33:21.0773 0x0c50 [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94 661EB31BD63511 ] WdiServiceHost C:\Windows\system32\wdi.dll
10:33:21.0781 0x0c50 WdiServiceHost - ok
10:33:21.0818 0x0c50 [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94 661EB31BD63511 ] WdiSystemHost C:\Windows\system32\wdi.dll
10:33:21.0824 0x0c50 WdiSystemHost - ok
10:33:21.0942 0x0c50 [ BB77BAA3E7FD8F1A5D092A96D37B5A2D, 880C37347091224DFB7C442252FE4A29FD7002DA6A8BA994B8 CEAABC5E535593 ] WebClient C:\Windows\System32\webclnt.dll
10:33:21.0958 0x0c50 WebClient - ok
10:33:22.0048 0x0c50 [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055 EB981AEA0453D1 ] Wecsvc C:\Windows\system32\wecsvc.dll
10:33:22.0104 0x0c50 Wecsvc - ok
10:33:22.0173 0x0c50 [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7 EC7E2B6F83F7FD ] wercplsupport C:\Windows\System32\wercplsupport.dll
10:33:22.0183 0x0c50 wercplsupport - ok
10:33:22.0279 0x0c50 [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277 EFB57A3BD50E37 ] WerSvc C:\Windows\System32\WerSvc.dll
10:33:22.0288 0x0c50 WerSvc - ok
10:33:22.0405 0x0c50 [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0 B7616F5F44649A ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
10:33:22.0428 0x0c50 WinDefend - ok
10:33:22.0465 0x0c50 WinHttpAutoProxySvc - ok
10:33:22.0559 0x0c50 [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949 233C74A51306C2 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
10:33:22.0567 0x0c50 Winmgmt - ok
10:33:22.0702 0x0c50 [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97 AD387FB7574533 ] WinRM C:\Windows\system32\WsmSvc.dll
10:33:22.0805 0x0c50 WinRM - ok
10:33:22.0897 0x0c50 [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFB F90A27E8DEB157 ] Wlansvc C:\Windows\System32\wlansvc.dll
10:33:22.0967 0x0c50 Wlansvc - ok
10:33:23.0002 0x0c50 [ 2E7255D172DF0B8283CDFB7B433B864E, 60C786CF0EA4A29B309B9457F0496D5A0AF1F093FC2C5D8807 8865814B7DBBA3 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
10:33:23.0004 0x0c50 WmiAcpi - ok
10:33:23.0086 0x0c50 [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F5 47901872FB9703 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
10:33:23.0105 0x0c50 wmiApSrv - ok
10:33:23.0254 0x0c50 [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18C B5F2E51EEBE59F ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
10:33:23.0299 0x0c50 WMPNetworkSvc - ok
10:33:23.0354 0x0c50 [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A5257 70BF9DBFED7D2B ] WPCSvc C:\Windows\System32\wpcsvc.dll
10:33:23.0364 0x0c50 WPCSvc - ok
10:33:23.0435 0x0c50 [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6 EE8BAED4379CB2 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
10:33:23.0447 0x0c50 WPDBusEnum - ok
10:33:23.0497 0x0c50 [ DE9D36F91A4DF3D911626643DEBF11EA, 8029ECE76E29276BFB6ED3387AC560A9A779AAF683A4416E96 334FAF7BDBADA0 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
10:33:23.0501 0x0c50 WpdUsb - ok
10:33:23.0703 0x0c50 [ C108DC20ACE05072350DBB6934E277FB, 548E6ABE4C4ADE48260FFDC7BADFD1697972EA3AE94D657649 8C8A183D8CE0C8 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\ WPFFontCache_v0400.exe
10:33:23.0748 0x0c50 WPFFontCache_v0400 - ok
10:33:23.0790 0x0c50 [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176 D0A5CFF11EDF79 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
10:33:23.0792 0x0c50 ws2ifsl - ok
10:33:23.0853 0x0c50 [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5 A4017B7F2F7B88 ] wscsvc C:\Windows\system32\wscsvc.dll
10:33:23.0860 0x0c50 wscsvc - ok
10:33:23.0878 0x0c50 WSearch - ok
10:33:24.0060 0x0c50 [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A 7831B770ECD257 ] wuauserv C:\Windows\system32\wuaueng.dll
10:33:24.0197 0x0c50 wuauserv - ok
10:33:24.0278 0x0c50 [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0 C68C5E8011F943 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
10:33:24.0282 0x0c50 WudfPf - ok
10:33:24.0334 0x0c50 [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863 D4A642352F0855 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
10:33:24.0342 0x0c50 WUDFRd - ok
10:33:24.0416 0x0c50 [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D 639FBAF02222EA ] wudfsvc C:\Windows\System32\WUDFSvc.dll
10:33:24.0424 0x0c50 wudfsvc - ok
10:33:24.0480 0x0c50 ================ Scan global ===============================
10:33:24.0553 0x0c50 [ 2F2DFC846D75D680B9018823A8B5EF07, DBC823CF0C659B6D7482CB080CD042EC6BBAEDB6297DB712CA DA1BCEAA8A95C8 ] C:\Windows\system32\basesrv.dll
10:33:24.0643 0x0c50 [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC7 3653A9EFB6340D ] C:\Windows\system32\winsrv.dll
10:33:24.0729 0x0c50 [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC7 3653A9EFB6340D ] C:\Windows\system32\winsrv.dll
10:33:24.0824 0x0c50 [ 4F0A7910FC7D8A66433FA9961EEF8BB5, 2086EDEE8CF9CC9BDBDC03018F7C28BB56172F941CB4D6F3D8 57BCF82B32FB6B ] C:\Windows\system32\services.exe
10:33:24.0846 0x0c50 [ Global ] - ok
10:33:24.0884 0x0c50 ================ Scan MBR ==================================
10:33:24.0897 0x0c50 [ BEEDF9B7F43A72A91456F7131AFC11B2 ] \Device\Harddisk0\DR0
10:33:25.0322 0x0c50 \Device\Harddisk0\DR0 - ok
10:33:25.0326 0x0c50 ================ Scan VBR ==================================
10:33:25.0330 0x0c50 [ 8BB25061D51D5F9AFFBA0F54E21BD814 ] \Device\Harddisk0\DR0\Partition1
10:33:25.0333 0x0c50 \Device\Harddisk0\DR0\Partition1 - ok
10:33:25.0370 0x0c50 ================ Scan generic autorun ======================
10:33:25.0487 0x0c50 [ 3BE8C00F8834FB2EC5D00DED729C2061, 0B919D58FB3492D19605B098B0CCE0A31FB5812E5FBE9FD859 6E51718CD95CF8 ] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
10:33:25.0496 0x0c50 IAAnotif - ok
10:33:25.0610 0x0c50 [ 1029B84ECBE4B95ACB8491A3FE63D70F, DF765BEE2B20800646F70B9E473B95F52457316CB331A3E0BF 6974D827AB989D ] C:\Windows\system32\igfxtray.exe
10:33:25.0618 0x0c50 IgfxTray - ok
10:33:25.0703 0x0c50 [ 3CD5BBDA19A1AB4EBA359E0A14FDF0F0, 992E7322C86DA533F6DB9192427EBDC5A8F4D1A878F4B30A17 ABD54656CFF6C1 ] C:\Windows\system32\hkcmd.exe
10:33:25.0722 0x0c50 HotKeysCmds - ok
10:33:25.0819 0x0c50 [ 3142195521FEE436088EE8A5748DE1B1, EE8E65977AA0EAC0BF48F7C4620946E48679F047EFC515D5F2 E52EA4B88C5731 ] C:\Windows\system32\igfxpers.exe
10:33:25.0828 0x0c50 Persistence - ok
10:33:26.0365 0x0c50 [ 77FA27D99D23F457879FFD13C163DE5B, 700C69FA0EF725BA5FEA52B4548AF961E910DDD78985711566 B826265AF72D7F ] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
10:33:26.0847 0x0c50 RtHDVCpl - ok
10:33:27.0020 0x0c50 [ 1ABF80D4F4941ECEE600AEC768173523, 744AA2CC30BE14CC8E992347B3AE4AC0C5555A80DC520B4921 65C3C0EE48B57C ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
10:33:27.0083 0x0c50 SynTPEnh - ok
10:33:27.0231 0x0c50 [ 175DCB28BE4AC0E5C6F7AB4073AF574E, D511A1AB08F60CACAAD099BA3FF1B88B8259CA6E85991BB1D4 7647D6BB090FB6 ] C:\Program Files\Launch Manager\LManager.exe
10:33:27.0265 0x0c50 LManager - ok
10:33:27.0335 0x0c50 [ CFFE32FE04C171ED21808D3B3FEADA4C, 5CB9077321CD2A93E624DB63907ADECCD15F6F74D6DF6150A7 9C3ACBD1C5379C ] C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
10:33:27.0357 0x0c50 BackupManagerTray - ok
10:33:27.0457 0x0c50 [ 15EC5609E40BC94EAFF4EBA5FA3836CA, 2022556C6D64FBB4C37E7AE981D85A05D2E66E134768849A00 DB526201709048 ] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe
10:33:27.0460 0x0c50 LanguageShortcut - ok
10:33:27.0564 0x0c50 [ DA703FF5396ED2CAA5162D0BFBBC94F5, F56AD4F67D3B439519DC387810454980BA285800DC183977BC B3C98A822C349D ] C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe
10:33:27.0588 0x0c50 Acer ePower Management - ok
10:33:27.0670 0x0c50 [ ABF2D789623C780F3CC30649E9F3E395, 9C18B0C1592C2BAF66DB3686A9F8B83C69F2674870D4FA4FC4 F4D8B4CEEFE0D2 ] C:\Program Files\Acer\Optical Drive Power Management\ODDPwr.exe
10:33:27.0677 0x0c50 ODDPwr - ok
10:33:27.0770 0x0c50 [ 2B2D8EF4BE4648FC0BB91DE59D395574, 47A6E3F9980A33A04282422F252BD63C43FB70CC4CD6F03DDD EF6E00408C1F6A ] C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe
10:33:27.0788 0x0c50 EgisTecLiveUpdate - ok
10:33:27.0871 0x0c50 [ 25173C73A8E66BDCE0991643B3810BC8, 272B325558B52731A9AAF5730631AF3841065B41A4F5049509 51F935EE19CFCE ] C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
10:33:27.0894 0x0c50 mwlDaemon - ok
10:33:28.0029 0x0c50 [ 19B2731AFB82729F8FF10B082CD609B3, 34AAEC8E2CBDB46BBB88CD588CD6FD915A99C8598F65702B7A 0BC04880840E9C ] C:\Program Files\Acer\Acer Assist\launcher.exe
10:33:28.0091 0x0c50 Acer Assist Launcher - ok
10:33:28.0377 0x0c50 [ CBA663475AB6D117C164988EC2098C9E, DBB8614EB22D8688406BC549ACF274064A1953204B9CE3EA5E 56CF1565447AF8 ] C:\Program Files\Acer\Acer Registration\ACE1.exe
10:33:28.0556 0x0c50 Acer Product Registration - ok
10:33:28.0661 0x0c50 [ 0E34B7BB1FCF22BCC1E394D16F9E992B, 382CA8E6BAC301E2F277F8EDA03D263FF71272796A8EED582C 36294EEE9191F9 ] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
10:33:28.0664 0x0c50 GrooveMonitor - ok
10:33:28.0792 0x0c50 [ BDBA829B2BEB50642EBC0F9AE65C82DD, 0BD379B98FB2F054C2927C44C52C96334D535BE16E408EC7F5 75A377648B8ABC ] C:\Program Files\Kodak\MediaImpression\ArcMonitor.exe
10:33:28.0796 0x0c50 ArcSoft MediaImpression Monitor - ok
10:33:28.0886 0x0c50 [ A7810B302294793DE88542AAE177D1B1, F0EE3684DBEB0AAAD912DC04D060976D1EAE92489E192BAE90 0FA0F417AD20A7 ] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
10:33:28.0895 0x0c50 ArcSoft Connection Service - ok
10:33:29.0068 0x0c50 [ 4275C55AA440DC08EA0267AED31D9654, A5EF4505960D9CECC45376026A8B51FF43282AE811C88617CC D8F7F1E6E56A7B ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
10:33:29.0071 0x0c50 APSDaemon - ok
10:33:29.0165 0x0c50 Dropbox - ok
10:33:29.0292 0x0c50 [ 627201AE01E87E730C70C6E256937E8D, 7F839397133344B0626E0ECC39AD12679182BEA10CCA2DF26A B80E43B17F3232 ] C:\Program Files\iTunes\iTunesHelper.exe
10:33:29.0299 0x0c50 iTunesHelper - ok
10:33:29.0568 0x0c50 [ 52671EBF209E2312725C6B3CFD02B45B, 344644DC94AB748E393527413CFC3AFCA3600AF765F744C495 E1D7CFF47C71C9 ] C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe
10:33:29.0750 0x0c50 PMBVolumeWatcher - ok
10:33:29.0905 0x0c50 [ 5153C06FC9D4D094D1A785545928B134, 0037C935722663F9EF028F841DE222FC6418E9D60939AB60C9 65807E67A458DC ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
10:33:29.0944 0x0c50 SunJavaUpdateSched - ok
10:33:30.0022 0x0c50 [ BF08674925F151BD4537B89A493E3E0C, 6A97562E998A2B90649FF7986313AD33823053FF98BBE163AD 39AAA5E01FC545 ] C:\Windows\ehome\ehTray.exe
10:33:30.0028 0x0c50 ehTray.exe - ok
10:33:30.0076 0x0c50 MobileDocuments - ok
10:33:30.0144 0x0c50 Skype - ok
10:33:30.0178 0x0c50 [ 35937EAD711207544E219C2A19A78A7D, EE6E5EAE00F577D7C3FFB8C0D8EE484552A337CEAA27FCB107 174A9879FE7362 ] C:\Program Files\Windows Media Player\WMPNSCFG.exe
10:33:30.0187 0x0c50 WMPNSCFG - ok
10:33:30.0215 0x0c50 WindowsWelcomeCenter - ok
10:33:30.0226 0x0c50 WindowsWelcomeCenter - ok
10:33:30.0230 0x0c50 Waiting for KSN requests completion. In queue: 79
10:33:31.0352 0x0c50 Win FW state via NFP2: enabled ( trusted )
10:33:31.0694 0x0c50 ================================================== ==========
10:33:31.0694 0x0c50 Scan finished
10:33:31.0694 0x0c50 ================================================== ==========
10:33:31.0713 0x14cc Detected object count: 0
10:33:31.0713 0x14cc Actual detected object count: 0
Reply With Quote
  #40  
Old January 11th, 2017, 08:53 PM
ryno ryno is offline
CTH Subscriber
 
Join Date: Aug 2007
Posts: 177
Attention !!! Database was last updated 3/1/2016 it is necessary to update the database (via File - Database update)
AVZ Antiviral Toolkit log; AVZ version is 4.46
Scanning started at 11.01.2017 10:42:05
Database loaded: signatures - 297570, NN profile(s) - 2, malware removal microprograms - 56, signature database released 01.03.2016 12:37
Heuristic microprograms loaded: 412
PVS microprograms loaded: 9
Digital signatures of system files loaded: 790760
Heuristic analyzer mode: Medium heuristics mode
Malware removal mode: enabled
Windows version is: 6.0.6002, Service Pack 2 "Windows Vista (TM) Home Premium", install date 19.05.2009 23:49:32 ; AVZ is run with administrator rights (+)
System Restore: enabled
1. Searching for Rootkits and other software intercepting API functions
1.1 Searching for user-mode API hooks
Analysis: kernel32.dll, export table found in section .text
Analysis: ntdll.dll, export table found in section .text
Analysis: user32.dll, export table found in section .text
Analysis: advapi32.dll, export table found in section .text
Analysis: ws2_32.dll, export table found in section .text
Analysis: wininet.dll, export table found in section .text
Analysis: rasapi32.dll, export table found in section .text
Analysis: urlmon.dll, export table found in section .text
Analysis: netapi32.dll, export table found in section .text
1.2 Searching for kernel-mode API hooks
Driver loaded successfully
SDT found (RVA=137B00)
Kernel ntkrnlpa.exe found in memory at address 82214000
SDT = 8234BB00
KiST = 822C0754 (391)
Functions checked: 391, intercepted: 0, restored: 0
1.3 Checking IDT and SYSENTER
Analyzing CPU 1
Checking IDT and SYSENTER - complete
1.4 Searching for masking processes and drivers
Checking not performed: extended monitoring driver (AVZPM) is not installed
1.5 Checking IRP handlers
Driver loaded successfully
Checking - complete
2. Scanning RAM
Number of processes found: 82
Number of modules loaded: 603
Scanning RAM - complete
3. Scanning disks
4. Checking Winsock Layered Service Provider (SPI/LSP)
LSP settings checked. No errors detected
5. Searching for keyboard/mouse/windows events hooks (Keyloggers, Trojan DLLs)
C:\Program Files\Dropbox\Client\DropboxExt.3.0.dll --> Suspicion for Keylogger or Trojan DLL
C:\Program Files\Dropbox\Client\DropboxExt.3.0.dll>>> Behaviour analysis
Behaviour typical for keyloggers was not detected
File quarantined succesfully (C:\Program Files\Dropbox\Client\DropboxExt.3.0.dll)
C:\Program Files\Acer\Acer PowerSmart Manager\SysHook.dll --> Suspicion for Keylogger or Trojan DLL
C:\Program Files\Acer\Acer PowerSmart Manager\SysHook.dll>>> Behaviour analysis
Behaviour typical for keyloggers was not detected
File quarantined succesfully (C:\Program Files\Acer\Acer PowerSmart Manager\SysHook.dll)
Note: Do NOT delete suspicious files, send them for analysis (see FAQ for more details), because there are lots of useful hooking DLLs
6. Searching for opened TCP/UDP ports used by malicious software
Checking - disabled by user
7. Heuristic system check
Found a call command line interpreter in startup [DR=1] HKLM\Software\Microsoft\Windows\CurrentVersion\Run \HotKeysCmds = [C:\Windows\system32\hkcmd.exe]
Checking - complete
8. Searching for vulnerabilities
>> Services: potentially dangerous service allowed: TermService (Terminal Services)
>> Services: potentially dangerous service allowed: SSDPSRV (SSDP Discovery)
>> Services: potentially dangerous service allowed: Schedule (Task Scheduler)
> Services: please bear in mind that the set of services depends on the use of the PC (home PC, office PC connected to corporate network, etc)!
>> Security: disk drives' autorun is enabled
>> Security: administrative shares (C$, D$ ...) are enabled
>> Security: anonymous user access is enabled
>> Security: sending Remote Assistant queries is enabled
Checking - complete
9. Troubleshooting wizard
>> HDD autorun is allowed
>> Network drives autorun is allowed
>> Removable media autorun is allowed
Checking - complete
Files scanned: 122930, extracted from archives: 76248, malicious software found 0, suspicions - 0
Scanning finished at 11.01.2017 11:26:16
Time of scanning: 00:44:16
If you have a suspicion on presence of viruses or questions on the suspected objects,
you can address http://forum.kaspersky.com/index.php?showforum=19
For automatic scanning of files from the AVZ quarantine you can use the service http://virusdetector.ru/
Reply With Quote
  #41  
Old January 11th, 2017, 11:09 PM
Jintan's Avatar
Jintan Jintan is offline
Malware Removal Team Advisor
 
Join Date: Dec 2004
Posts: 51,204
Both scans okay, and everything found by avz has a legit use. No uninstalled past antivirus driver I had hoped for, that would cause the Gmer issues. Does everything run okay, and still the only issue is a Reader install?
Reply With Quote
  #42  
Old January 12th, 2017, 03:19 PM
ryno ryno is offline
CTH Subscriber
 
Join Date: Aug 2007
Posts: 177
Yes. For the most part that is the pressing issue.
Reply With Quote
  #43  
Old January 13th, 2017, 12:21 AM
Jintan's Avatar
Jintan Jintan is offline
Malware Removal Team Advisor
 
Join Date: Dec 2004
Posts: 51,204
I assume you still have the Reader uninstaller.

Uninstall Adobe Reader in Control Panel (if it shows there).

Run the Reader uninstaller, but do not reboot after.

Make sure you have an accurate view of files there, make sure you can View Hidden Files.


Navigate to C:\Program Files. Look in the Adobe folder to make sure it doesn't contain Flash Player. If not, delete the Adobe folder.

Navigate to Users\your-user-name\AppData\Local, and again look in the Adobe folder to make sure it doesn't contain Flash Player. If not, delete the Adobe folder.

Reboot, and try installing Reader again.
Reply With Quote
  #44  
Old January 18th, 2017, 07:28 PM
ryno ryno is offline
CTH Subscriber
 
Join Date: Aug 2007
Posts: 177
When I try to delete the adobe folder it tells me I can't.

Destination folder access denied

You need permission to perform this action





I don't see an adobe folder in Users\your-user-name\AppData\Local

Last edited by ryno; January 18th, 2017 at 08:50 PM.
Reply With Quote
  #45  
Old January 19th, 2017, 01:10 AM
Jintan's Avatar
Jintan Jintan is offline
Malware Removal Team Advisor
 
Join Date: Dec 2004
Posts: 51,204
Click here and download Inherit.exe to your desktop.

Then open Explorer, and navigate to the Adobe folder that you couldn't delete.

Alter the size of the Explorer view so you can see the Adobe folder, and Inherit.exe on the desktop.

Then just right click, hold, and drag the Adobe folder into Inherit.exe, and release.

Once Inherit completes the permissions changes it makes, a "Finish" popup showing "OK" should appear. Just click the OK button to close that.

Then try deleting the Adobe folder again. Reboot, try installing Reader.
Reply With Quote
Reply

Bookmarks

Topic Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump




All times are GMT +1. The time now is 12:43 AM.