Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer Freezing Intermittently


  • Please log in to reply
11 replies to this topic

#1 Finnlay

Finnlay

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:36 AM

Posted 18 October 2012 - 01:15 AM

Hi everyone,
I have been having an issue with my computer freezing for a couple of days now. Sometimes it will freeze a couple of minutes after start up and sometimes after a couple of hours. Please let me know if you need anymore info regarding my computer or my problem. The computer is one I built myself a year ago. No problems freezing until now.
Before I give details on my computer:
I noticed this problem the day of changing ISP. I was using Wi-Fi, but I switched to Charter cable. To make the switch I downloaded the driver for the onboard LAN chip from GIGABYTE's site. I have also noticed quite a few notifications from ESET regarding Port Scanning attacks. I have never seen this on my computer before. These may or may not be related to the problem.

Attempts to find source of problem:
I have searched the even viewer and I have seen an error with WMI this seems to correspond with the times I have issues with the computer freezing.
Details for WMI error:
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

This is the details of an error in the event viewer, it says the source is SidebySide:
Activation context generation failed for "C:\Program Files\Autodesk\Composite 2012\python\lib\distutils\command\wininst-8_d.exe". Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found. Please use sxstrace.exe for detailed diagnosis.

System Info:
OS Name Microsoft Windows 7 Home Premium
Version 6.1.7601 Service Pack 1 Build 7601
Other OS Description Not Available
OS Manufacturer Microsoft Corporation
System Name ROBOT-PC
System Manufacturer Gigabyte Technology Co., Ltd.
System Model Z68A-D3H-B3
System Type x64-based PC
Processor Intel® Core™ i7-2600K CPU @ 3.40GHz, 3701 Mhz, 4 Core(s), 8 Logical Processor(s)
BIOS Version/Date Award Software International, Inc. F5, 5/13/2011
SMBIOS Version 2.4
Windows Directory C:\Windows
System Directory C:\Windows\system32
Boot Device \Device\HarddiskVolume1
Locale United States
Hardware Abstraction Layer Version = "6.1.7601.17514"
User Name Robot-PC\Robot
Time Zone Pacific Daylight Time
Installed Physical Memory (RAM) 16.0 GB
Total Physical Memory 16.0 GB
Available Physical Memory 13.3 GB
Total Virtual Memory 32.0 GB
Available Virtual Memory 29.0 GB
Page File Space 16.0 GB
Page File C:\pagefile.sys

BC AdBot (Login to Remove)

 


#2 Finnlay

Finnlay
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:36 AM

Posted 18 October 2012 - 08:49 PM

I was finally able to get my ESET to scan the computer, but for some reason I can't copy and paste the log. It says no files were infected but there were a lot of files that it mentions : error opening
It only lets me select one of the files at a time.

I will be downloading anti-malware bytes and showing what I get. I have seen you guys mention that program in a lot of posts.

#3 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,176 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:36 AM

Posted 18 October 2012 - 09:11 PM

Hello it may not be malware but also run these.

Please download MiniToolBox, save it to your desktop and run it.Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • List Minidump Files

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Please Download

TDSSkiller


Launch it. Click on change parameters-Select TDLFS file system

Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.




Please download AdwCleaner by Xplode onto your desktop.


  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.

Edited by boopme, 18 October 2012 - 09:46 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#4 Finnlay

Finnlay
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:36 AM

Posted 18 October 2012 - 09:19 PM

Hello it may not be malware but also run these.

Please download MiniToolBox, save it to your desktop and run it.Checkmark the following checkboxes:

  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • List Minidump Files

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.


Thanks for your help. I have downloaded the files you suggested. I really want to be clear on your Note. Should the "Reset FF Proxy Settings" option be checked or unchecked?

Also, do you suggest I wait on running Anti-MalwareBytes until after these steps?

Thank you again.
Nice signature by the way.

#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,176 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:36 AM

Posted 18 October 2012 - 09:49 PM

Hi, since we will check the box •Reset FF Proxy Settings
Firefox should be closed.

No run MBAM whenever ,,,,, if needed


Please download Malwarebytes Anti-Malware Posted Image and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When the scan is complete, click OK, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

-- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, use Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).


Thanks I feel that sig is pretty appropriate nowadays.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 Finnlay

Finnlay
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:36 AM

Posted 18 October 2012 - 09:56 PM

Ok thanks, first log from MiniToolBox

MiniToolBox by Farbar Version: 23-07-2012
Ran by Robot (administrator) on 18-10-2012 at 19:50:44
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================
# Any other entries you had go here (new line no # no space);
127.0.0.1 localhost
127.0.0.1 3dns.adobe.com 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com activate.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.wip.adobe.com
127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com
127.0.0.1 adobeereg.com practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com
127.0.0.1 ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com
127.0.0.1 www.adobeereg.com wwis-dubc1-vip60.adobe.com www.wip.adobe.com www.wip1.adobe.com
127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com wwis-dubc1-vip60.adobe.com crl.verisign.net CRL.VERISIGN.NET ood.opsource.net

========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)
802.11n Wireless LAN Card = Wireless Network Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Robot-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : charter.com

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : charter.com
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 50-E5-49-52-61-4C
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::6d7d:a587:b77e:1174%14(Preferred)
IPv4 Address. . . . . . . . . . . : 66.214.4.23(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.252.0
Lease Obtained. . . . . . . . . . : Thursday, October 18, 2012 4:58:01 PM
Lease Expires . . . . . . . . . . : Friday, October 19, 2012 1:28:01 AM
Default Gateway . . . . . . . . . : 66.214.4.1
DHCP Server . . . . . . . . . . . : 68.114.39.98
DHCPv6 IAID . . . . . . . . . . . : 374400329
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-02-CF-90-00-1A-EF-1D-96-35
DNS Servers . . . . . . . . . . . : 71.9.127.107
68.190.192.35
24.205.224.36
NetBIOS over Tcpip. . . . . . . . : Enabled

Wireless LAN adapter Wireless Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : lan
Description . . . . . . . . . . . : 802.11n Wireless LAN Card
Physical Address. . . . . . . . . : 00-1A-EF-1D-96-35
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.lan:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:c3a:1534:bd29:fbe8(Preferred)
Link-local IPv6 Address . . . . . : fe80::c3a:1534:bd29:fbe8%12(Preferred)
Default Gateway . . . . . . . . . :
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.charter.com:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : charter.com
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

Connection-specific DNS Suffix . : charter.com
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2002:42d6:417::42d6:417(Preferred)
Default Gateway . . . . . . . . . : 2002:c058:6301::c058:6301
DNS Servers . . . . . . . . . . . : 71.9.127.107
68.190.192.35
24.205.224.36
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: vip01mtpkca.mtpk.ca.charter.com
Address: 71.9.127.107

Name: google.com
Addresses: 2607:f8b0:4007:801::1006
74.125.239.9
74.125.239.0
74.125.239.4
74.125.239.14
74.125.239.6
74.125.239.7
74.125.239.3
74.125.239.5
74.125.239.8
74.125.239.1
74.125.239.2


Pinging google.com [74.125.239.9] with 32 bytes of data:
Reply from 74.125.239.9: bytes=32 time=9ms TTL=54
Reply from 74.125.239.9: bytes=32 time=10ms TTL=54

Ping statistics for 74.125.239.9:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 9ms, Maximum = 10ms, Average = 9ms
Server: vip01mtpkca.mtpk.ca.charter.com
Address: 71.9.127.107

Name: yahoo.com
Addresses: 98.138.253.109
98.139.183.24
72.30.38.140


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=70ms TTL=48
Reply from 98.138.253.109: bytes=32 time=69ms TTL=48

Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 69ms, Maximum = 70ms, Average = 69ms
Server: vip01mtpkca.mtpk.ca.charter.com
Address: 71.9.127.107

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
14...50 e5 49 52 61 4c ......Realtek PCIe GBE Family Controller
11...00 1a ef 1d 96 35 ......802.11n Wireless LAN Card
1...........................Software Loopback Interface 1
13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
16...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 66.214.4.1 66.214.4.23 10
66.214.4.0 255.255.252.0 On-link 66.214.4.23 266
66.214.4.23 255.255.255.255 On-link 66.214.4.23 266
66.214.7.255 255.255.255.255 On-link 66.214.4.23 266
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 66.214.4.23 266
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 66.214.4.23 266
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
16 1110 ::/0 2002:c058:6301::c058:6301
1 306 ::1/128 On-link
12 58 2001::/32 On-link
12 306 2001:0:9d38:6ab8:c3a:1534:bd29:fbe8/128
On-link
16 1010 2002::/16 On-link
16 266 2002:42d6:417::42d6:417/128
On-link
14 266 fe80::/64 On-link
12 306 fe80::/64 On-link
12 306 fe80::c3a:1534:bd29:fbe8/128
On-link
14 266 fe80::6d7d:a587:b77e:1174/128
On-link
1 306 ff00::/8 On-link
12 306 ff00::/8 On-link
14 266 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/17/2012 07:11:49 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (10/16/2012 07:19:48 PM) (Source: Application Error) (User: )
Description: Faulting application name: Mahjong.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc9f5
Faulting module name: Mahjong.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc9f5
Exception code: 0xc0000005
Fault offset: 0x000000000003d7b4
Faulting process id: 0xfb8
Faulting application start time: 0xMahjong.exe0
Faulting application path: Mahjong.exe1
Faulting module path: Mahjong.exe2
Report Id: Mahjong.exe3

Error: (10/16/2012 07:17:43 PM) (Source: MsiInstaller) (User: Robot-PC)Robot-PC
Description: Product: Microsoft .NET Framework 4 Client Profile -- Error 1712. One or more of the files required to restore your computer to its previous state could not be found. Restoration will not be possible.

Error: (10/16/2012 07:17:43 PM) (Source: MsiInstaller) (User: Robot-PC)Robot-PC
Description: Product: Microsoft .NET Framework 4 Client Profile -- The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 2906. The arguments are: c:\Config.Msi\b7b40.rbs, ,

Error: (10/16/2012 07:17:41 PM) (Source: MsiInstaller) (User: Robot-PC)Robot-PC
Description: Product: Microsoft .NET Framework 4 Client Profile -- Error 1704. An installation for Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 is currently suspended. You must undo the changes made by that installation to continue. Do you want to undo those changes?

Error: (10/16/2012 06:30:11 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/16/2012 06:19:04 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/16/2012 06:06:31 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/16/2012 05:43:16 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/16/2012 05:25:34 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (10/17/2012 10:00:13 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 8:27:09 PM on ?10/?17/?2012 was unexpected.

Error: (10/16/2012 07:03:40 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 6:57:39 PM on ?10/?16/?2012 was unexpected.

Error: (10/16/2012 06:44:53 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 6:41:20 PM on ?10/?16/?2012 was unexpected.

Error: (10/16/2012 06:28:27 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 6:25:26 PM on ?10/?16/?2012 was unexpected.

Error: (10/16/2012 06:17:20 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 6:15:40 PM on ?10/?16/?2012 was unexpected.

Error: (10/16/2012 06:04:46 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 5:52:25 PM on ?10/?16/?2012 was unexpected.

Error: (10/16/2012 05:41:31 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 5:38:43 PM on ?10/?16/?2012 was unexpected.

Error: (10/16/2012 05:23:50 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 4:56:39 PM on ?10/?16/?2012 was unexpected.

Error: (10/16/2012 01:51:41 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (10/16/2012 01:15:17 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.


Microsoft Office Sessions:
=========================
Error: (10/17/2012 07:11:49 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files\Autodesk\Composite 2012\python\lib\distutils\command\wininst-8_d.exe

Error: (10/16/2012 07:19:48 PM) (Source: Application Error)(User: )
Description: Mahjong.exe6.1.7600.163854a5bc9f5Mahjong.exe6.1.7600.163854a5bc9f5c0000005000000000003d7b4fb801cdac0d9e45e002C:\Program Files\Microsoft Games\Mahjong\Mahjong.exeC:\Program Files\Microsoft Games\Mahjong\Mahjong.exe1faa9306-1801-11e2-9dc9-50e54952614c

Error: (10/16/2012 07:17:43 PM) (Source: MsiInstaller)(User: Robot-PC)Robot-PC
Description: Product: Microsoft .NET Framework 4 Client Profile -- Error 1712. One or more of the files required to restore your computer to its previous state could not be found. Restoration will not be possible.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (10/16/2012 07:17:43 PM) (Source: MsiInstaller)(User: Robot-PC)Robot-PC
Description: Product: Microsoft .NET Framework 4 Client Profile -- The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 2906. The arguments are: c:\Config.Msi\b7b40.rbs, , (NULL)(NULL)(NULL)(NULL)(NULL)

Error: (10/16/2012 07:17:41 PM) (Source: MsiInstaller)(User: Robot-PC)Robot-PC
Description: Product: Microsoft .NET Framework 4 Client Profile -- Error 1704. An installation for Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 is currently suspended. You must undo the changes made by that installation to continue. Do you want to undo those changes?(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (10/16/2012 06:30:11 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/16/2012 06:19:04 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/16/2012 06:06:31 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/16/2012 05:43:16 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/16/2012 05:25:34 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


=========================== Installed Programs ============================

µTorrent (Version: 3.1.3)
7-Zip 9.20
Adobe After Effects CS5 (Version: 10)
Adobe AIR (Version: 3.4.0.2540)
Adobe Captivate 5.5 (Version: 5.5)
Adobe Captivate Quiz Results Analyzer (Version: 1.5)
Adobe Captivate Reviewer (Version: 2.5)
Adobe Community Help (Version: 3.4.980)
Adobe Connect Add-in
Adobe Creative Suite 5 Web Premium (Version: 5.0)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.287)
Adobe Flash Player 11 Plugin (Version: 11.4.402.287)
Adobe Media Player (Version: 1.8)
Adobe Reader X (10.1.3) (Version: 10.1.3)
AlwaysOnTop
AMCap (Version: 9.21.156.3)
Annotate!Pro (Version: 2.0.1)
Apple Application Support (Version: 2.1.5)
Apple Software Update (Version: 2.1.3.127)
Ardesia version 1.0 (Version: 1.0)
Audacity 2.0
Autodesk Backburner 2012.0.0 (Version: 2012.0.0)
Autodesk DirectConnect 2012 64-bit (Version: 6.0.443.0)
Autodesk MatchMover 2012 64-bit (Version: 14.00.0000)
Autodesk Maya 2012 64-bit (Version: 14.0.4.0)
Autodesk Maya 2012 64-bit Hotfix 4 (Version: 14.0.4.0)
Autodesk SketchBook Pro 2011 sp2 (Version: 5.20.0000)
AVS Update Manager 1.0
AVS Video Converter 8
AVS4YOU Software Navigator 1.4
calibre (Version: 0.8.56)
CameraHelperMsi (Version: 13.40.836.0)
Composite 2012 64-bit (Version: 7.0.0)
DigiCel FlipBook 6.86
Dropbox (Version: 1.4.8)
Epic Pen
erLT (Version: 1.20.138.34)
ESET Smart Security (Version: 5.0.95.0)
Etron USB3.0 Host Controller (Version: 0.109)
FormatFactory 2.96 (Version: 2.96)
Google Chrome (Version: 22.0.1229.94)
Google Talk Plugin (Version: 3.9.1.9832)
GoToMeeting 5.1.0.880 (Version: 5.1.0.880)
Groovedown version 0.84 (Version: 0.84)
GURPS Character Assistant 4
Intel® Management Engine Components (Version: 7.0.0.1144)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 35 (Version: 6.0.350)
Logitech Solar App 1.0 (Version: 1.00.46)
Logitech Vid HD (Version: 7.2 (7259))
Logitech Webcam Software (Version: 2.40)
LWS Facebook (Version: 13.31.1038.0)
LWS Gallery (Version: 13.40.835.0)
LWS Help_main (Version: 13.40.845.0)
LWS Launcher (Version: 13.40.836.0)
LWS Motion Detection (Version: 13.40.844.0)
LWS Pictures And Video (Version: 13.40.844.0)
LWS Twitter (Version: 13.30.1346.0)
LWS Video Mask Maker (Version: 13.30.1379.0)
LWS VideoEffects (Version: 13.30.1379.0)
LWS Webcam Software (Version: 13.31.1038.0)
LWS WLM Plugin (Version: 1.30.1201.0)
LWS YouTube Plugin (Version: 13.31.1038.0)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (Version: 9.0.30411)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
Mozilla Firefox 15.0.1 (x86 en-US) (Version: 15.0.1)
Mozilla Maintenance Service (Version: 15.0.1)
Nikon Message Center 2 (Version: 2.1.0)
Nikon Movie Editor (Version: 2.5.0)
NVIDIA 3D Vision Controller Driver 296.10 (Version: 296.10)
NVIDIA 3D Vision Driver 306.97 (Version: 306.97)
NVIDIA Control Panel 306.97 (Version: 306.97)
NVIDIA Graphics Driver 306.97 (Version: 306.97)
NVIDIA HD Audio Driver 1.3.12.0 (Version: 1.3.12.0)
NVIDIA Install Application (Version: 2.1002.85.551)
NVIDIA PhysX (Version: 9.12.0213)
NVIDIA PhysX Plug-in for Autodesk Maya 2012 64 bit (Version: 2.60.0216.1828)
NVIDIA PhysX System Software 9.12.0213 (Version: 9.12.0213)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.0697)
NVIDIA Update 1.10.8 (Version: 1.10.8)
NVIDIA Update Components (Version: 1.10.8)
OpenOffice.org 3.4 (Version: 3.4.9590)
PDF Settings CS5 (Version: 10.0)
Picture Control Utility x64 (Version: 1.4.6)
PowerISO (Version: 4.8)
QuickTime (Version: 7.71.80.42)
Realtek Ethernet Controller Driver (Version: 7.49.927.2011)
Realtek High Definition Audio Driver (Version: 6.0.1.6554)
Sentinel Protection Installer 7.5.0 (Version: 7.5.0)
Skype™ 5.10 (Version: 5.10.116)
Star Wars Galactic Battlegrounds: Saga
TVP Animation 9.5 Professional Edition (remove only)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
ViewNX 2 (Version: 2.5.0)
VLC media player 2.0.1 (Version: 2.0.1)
Wacom Tablet (Version: 6.3.1w3)
WebTablet FB Plugin (Version: 2.0.0.6)
WebTablet IE Plugin (Version: 1.1.0.12)
WebTablet Netscape Plugin (Version: 1.1.0.10)
Wondershare DemoCreator (Build 3.5.2)
Youtube Downloader HD v. 2.6
ZBrush 4R4 (Version: 4R4)
ZBrush 4R4 Patch 02 (Version: 4R4)

========================= Memory info: ===================================

Percentage of memory in use: 14%
Total physical RAM: 16367.12 MB
Available physical RAM: 14040.64 MB
Total Pagefile: 32732.43 MB
Available Pagefile: 30459.89 MB
Total Virtual: 4095.88 MB
Available Virtual: 3975.09 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:931.41 GB) (Free:769.78 GB) NTFS
2 Drive d: (HMS_VOL_1_BONUS_DISC) (CDROM) (Total:3.45 GB) (Free:0 GB) UDF

========================= Users: ========================================

User accounts for \\ROBOT-PC

Administrator Guest Robot
UpdatusUser


**** End of log ****

#7 Finnlay

Finnlay
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:36 AM

Posted 18 October 2012 - 10:00 PM

19:57:17.0535 4304 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
19:57:18.0845 4304 ============================================================
19:57:18.0845 4304 Current date / time: 2012/10/18 19:57:18.0845
19:57:18.0845 4304 SystemInfo:
19:57:18.0845 4304
19:57:18.0845 4304 OS Version: 6.1.7601 ServicePack: 1.0
19:57:18.0845 4304 Product type: Workstation
19:57:18.0845 4304 ComputerName: ROBOT-PC
19:57:18.0845 4304 UserName: Robot
19:57:18.0845 4304 Windows directory: C:\Windows
19:57:18.0845 4304 System windows directory: C:\Windows
19:57:18.0845 4304 Running under WOW64
19:57:18.0845 4304 Processor architecture: Intel x64
19:57:18.0845 4304 Number of processors: 8
19:57:18.0845 4304 Page size: 0x1000
19:57:18.0845 4304 Boot type: Normal boot
19:57:18.0845 4304 ============================================================
19:57:19.0687 4304 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:57:19.0687 4304 ============================================================
19:57:19.0687 4304 \Device\Harddisk0\DR0:
19:57:19.0687 4304 MBR partitions:
19:57:19.0687 4304 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800
19:57:19.0687 4304 ============================================================
19:57:19.0719 4304 C: <-> \Device\Harddisk0\DR0\Partition1
19:57:19.0719 4304 ============================================================
19:57:19.0719 4304 Initialize success
19:57:19.0719 4304 ============================================================
19:57:52.0526 3688 ============================================================
19:57:52.0526 3688 Scan started
19:57:52.0526 3688 Mode: Manual; TDLFS;
19:57:52.0526 3688 ============================================================
19:57:53.0025 3688 ================ Scan system memory ========================
19:57:53.0025 3688 System memory - ok
19:57:53.0025 3688 ================ Scan services =============================
19:57:53.0150 3688 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
19:57:53.0150 3688 1394ohci - ok
19:57:53.0181 3688 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:57:53.0181 3688 ACPI - ok
19:57:53.0181 3688 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:57:53.0196 3688 AcpiPmi - ok
19:57:53.0290 3688 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:57:53.0290 3688 AdobeARMservice - ok
19:57:53.0352 3688 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:57:53.0352 3688 AdobeFlashPlayerUpdateSvc - ok
19:57:53.0399 3688 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
19:57:53.0399 3688 adp94xx - ok
19:57:53.0415 3688 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
19:57:53.0415 3688 adpahci - ok
19:57:53.0430 3688 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
19:57:53.0430 3688 adpu320 - ok
19:57:53.0446 3688 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:57:53.0446 3688 AeLookupSvc - ok
19:57:53.0477 3688 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
19:57:53.0477 3688 AFD - ok
19:57:53.0493 3688 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:57:53.0493 3688 agp440 - ok
19:57:53.0508 3688 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
19:57:53.0508 3688 ALG - ok
19:57:53.0524 3688 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
19:57:53.0524 3688 aliide - ok
19:57:53.0524 3688 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
19:57:53.0524 3688 amdide - ok
19:57:53.0524 3688 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
19:57:53.0524 3688 AmdK8 - ok
19:57:53.0524 3688 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
19:57:53.0524 3688 AmdPPM - ok
19:57:53.0540 3688 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:57:53.0540 3688 amdsata - ok
19:57:53.0555 3688 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
19:57:53.0555 3688 amdsbs - ok
19:57:53.0571 3688 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:57:53.0571 3688 amdxata - ok
19:57:53.0586 3688 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
19:57:53.0586 3688 AppID - ok
19:57:53.0602 3688 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:57:53.0602 3688 AppIDSvc - ok
19:57:53.0618 3688 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
19:57:53.0618 3688 Appinfo - ok
19:57:53.0633 3688 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
19:57:53.0633 3688 arc - ok
19:57:53.0649 3688 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
19:57:53.0649 3688 arcsas - ok
19:57:53.0664 3688 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:57:53.0664 3688 AsyncMac - ok
19:57:53.0680 3688 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
19:57:53.0680 3688 atapi - ok
19:57:53.0696 3688 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:57:53.0696 3688 AudioEndpointBuilder - ok
19:57:53.0711 3688 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:57:53.0711 3688 AudioSrv - ok
19:57:53.0727 3688 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:57:53.0727 3688 AxInstSV - ok
19:57:53.0758 3688 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
19:57:53.0758 3688 b06bdrv - ok
19:57:53.0789 3688 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
19:57:53.0789 3688 b57nd60a - ok
19:57:53.0805 3688 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
19:57:53.0805 3688 BDESVC - ok
19:57:53.0836 3688 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
19:57:53.0836 3688 Beep - ok
19:57:53.0852 3688 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
19:57:53.0852 3688 BFE - ok
19:57:53.0898 3688 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
19:57:53.0898 3688 BITS - ok
19:57:53.0914 3688 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:57:53.0914 3688 blbdrive - ok
19:57:53.0930 3688 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:57:53.0930 3688 bowser - ok
19:57:53.0945 3688 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
19:57:53.0945 3688 BrFiltLo - ok
19:57:53.0945 3688 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
19:57:53.0945 3688 BrFiltUp - ok
19:57:53.0976 3688 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
19:57:53.0976 3688 Browser - ok
19:57:53.0992 3688 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:57:53.0992 3688 Brserid - ok
19:57:53.0992 3688 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:57:53.0992 3688 BrSerWdm - ok
19:57:53.0992 3688 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:57:53.0992 3688 BrUsbMdm - ok
19:57:53.0992 3688 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:57:53.0992 3688 BrUsbSer - ok
19:57:54.0008 3688 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
19:57:54.0008 3688 BTHMODEM - ok
19:57:54.0008 3688 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
19:57:54.0008 3688 bthserv - ok
19:57:54.0023 3688 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:57:54.0023 3688 cdfs - ok
19:57:54.0039 3688 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:57:54.0039 3688 cdrom - ok
19:57:54.0054 3688 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
19:57:54.0054 3688 CertPropSvc - ok
19:57:54.0054 3688 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
19:57:54.0054 3688 circlass - ok
19:57:54.0070 3688 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
19:57:54.0070 3688 CLFS - ok
19:57:54.0117 3688 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:57:54.0117 3688 clr_optimization_v2.0.50727_32 - ok
19:57:54.0148 3688 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:57:54.0148 3688 clr_optimization_v2.0.50727_64 - ok
19:57:54.0226 3688 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:57:54.0226 3688 clr_optimization_v4.0.30319_32 - ok
19:57:54.0242 3688 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:57:54.0242 3688 clr_optimization_v4.0.30319_64 - ok
19:57:54.0257 3688 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
19:57:54.0257 3688 CmBatt - ok
19:57:54.0273 3688 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:57:54.0273 3688 cmdide - ok
19:57:54.0320 3688 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
19:57:54.0320 3688 CNG - ok
19:57:54.0320 3688 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
19:57:54.0320 3688 Compbatt - ok
19:57:54.0351 3688 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
19:57:54.0351 3688 CompositeBus - ok
19:57:54.0351 3688 COMSysApp - ok
19:57:54.0351 3688 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
19:57:54.0351 3688 crcdisk - ok
19:57:54.0382 3688 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:57:54.0382 3688 CryptSvc - ok
19:57:54.0413 3688 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:57:54.0413 3688 DcomLaunch - ok
19:57:54.0429 3688 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
19:57:54.0429 3688 defragsvc - ok
19:57:54.0444 3688 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:57:54.0444 3688 DfsC - ok
19:57:54.0476 3688 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
19:57:54.0476 3688 Dhcp - ok
19:57:54.0491 3688 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
19:57:54.0491 3688 discache - ok
19:57:54.0507 3688 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
19:57:54.0522 3688 Disk - ok
19:57:54.0522 3688 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:57:54.0522 3688 Dnscache - ok
19:57:54.0554 3688 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
19:57:54.0554 3688 dot3svc - ok
19:57:54.0554 3688 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
19:57:54.0554 3688 DPS - ok
19:57:54.0585 3688 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:57:54.0585 3688 drmkaud - ok
19:57:54.0600 3688 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:57:54.0616 3688 DXGKrnl - ok
19:57:54.0632 3688 [ 13533557D01B88C83110D5CF749F14D7 ] eamonm C:\Windows\system32\DRIVERS\eamonm.sys
19:57:54.0632 3688 eamonm - ok
19:57:54.0647 3688 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
19:57:54.0663 3688 EapHost - ok
19:57:54.0710 3688 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
19:57:54.0725 3688 ebdrv - ok
19:57:54.0741 3688 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
19:57:54.0741 3688 EFS - ok
19:57:54.0756 3688 [ E097728129E7B79BF1089D7AEF42332B ] ehdrv C:\Windows\system32\DRIVERS\ehdrv.sys
19:57:54.0772 3688 ehdrv - ok
19:57:54.0819 3688 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:57:54.0819 3688 ehRecvr - ok
19:57:54.0819 3688 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
19:57:54.0819 3688 ehSched - ok
19:57:54.0928 3688 [ C7BB95CF9631AA401E4ADED1648F6AF7 ] ekrn C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
19:57:54.0928 3688 ekrn - ok
19:57:54.0944 3688 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
19:57:54.0959 3688 elxstor - ok
19:57:54.0959 3688 [ 198C6FBC30BBD9632EA051203DCCF204 ] epfw C:\Windows\system32\DRIVERS\epfw.sys
19:57:54.0959 3688 epfw - ok
19:57:54.0975 3688 [ 56DE463F517710A8AA44EEF82C35B3C9 ] EpfwLWF C:\Windows\system32\DRIVERS\EpfwLWF.sys
19:57:54.0975 3688 EpfwLWF - ok
19:57:54.0990 3688 [ 710B0442BB2F99278D7B8E02A8849C11 ] epfwwfp C:\Windows\system32\DRIVERS\epfwwfp.sys
19:57:54.0990 3688 epfwwfp - ok
19:57:54.0990 3688 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:57:55.0006 3688 ErrDev - ok
19:57:55.0022 3688 [ F4845B5EECA94D200F621BBAAF7946C1 ] EtronHub3 C:\Windows\system32\Drivers\EtronHub3.sys
19:57:55.0022 3688 EtronHub3 - ok
19:57:55.0053 3688 [ 4A5945B5CDCF8EC3F842AE8AAA146A1F ] EtronXHCI C:\Windows\system32\Drivers\EtronXHCI.sys
19:57:55.0053 3688 EtronXHCI - ok
19:57:55.0068 3688 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
19:57:55.0068 3688 EventSystem - ok
19:57:55.0100 3688 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
19:57:55.0100 3688 exfat - ok
19:57:55.0115 3688 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:57:55.0115 3688 fastfat - ok
19:57:55.0131 3688 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
19:57:55.0131 3688 Fax - ok
19:57:55.0131 3688 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
19:57:55.0131 3688 fdc - ok
19:57:55.0178 3688 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
19:57:55.0178 3688 fdPHost - ok
19:57:55.0178 3688 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
19:57:55.0178 3688 FDResPub - ok
19:57:55.0209 3688 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:57:55.0209 3688 FileInfo - ok
19:57:55.0209 3688 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:57:55.0209 3688 Filetrace - ok
19:57:55.0256 3688 [ 5CEE6CD43AE5844C49300EA0B1E557EE ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
19:57:55.0271 3688 FLEXnet Licensing Service 64 - ok
19:57:55.0287 3688 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
19:57:55.0287 3688 flpydisk - ok
19:57:55.0302 3688 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:57:55.0302 3688 FltMgr - ok
19:57:55.0334 3688 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
19:57:55.0349 3688 FontCache - ok
19:57:55.0380 3688 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:57:55.0380 3688 FontCache3.0.0.0 - ok
19:57:55.0396 3688 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:57:55.0396 3688 FsDepends - ok
19:57:55.0412 3688 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:57:55.0412 3688 Fs_Rec - ok
19:57:55.0427 3688 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:57:55.0427 3688 fvevol - ok
19:57:55.0443 3688 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
19:57:55.0443 3688 gagp30kx - ok
19:57:55.0458 3688 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
19:57:55.0458 3688 gpsvc - ok
19:57:55.0474 3688 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:57:55.0474 3688 hcw85cir - ok
19:57:55.0505 3688 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:57:55.0505 3688 HdAudAddService - ok
19:57:55.0536 3688 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
19:57:55.0536 3688 HDAudBus - ok
19:57:55.0552 3688 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
19:57:55.0552 3688 HidBatt - ok
19:57:55.0552 3688 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
19:57:55.0552 3688 HidBth - ok
19:57:55.0552 3688 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
19:57:55.0552 3688 HidIr - ok
19:57:55.0599 3688 [ 3CC53BC405F609F61D4A879F3E7EBC4A ] hidkmdf C:\Windows\system32\DRIVERS\hidkmdf.sys
19:57:55.0599 3688 hidkmdf - ok
19:57:55.0614 3688 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
19:57:55.0614 3688 hidserv - ok
19:57:55.0630 3688 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:57:55.0630 3688 HidUsb - ok
19:57:55.0661 3688 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:57:55.0661 3688 hkmsvc - ok
19:57:55.0661 3688 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:57:55.0677 3688 HomeGroupListener - ok
19:57:55.0692 3688 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:57:55.0692 3688 HomeGroupProvider - ok
19:57:55.0708 3688 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:57:55.0708 3688 HpSAMD - ok
19:57:55.0724 3688 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:57:55.0739 3688 HTTP - ok
19:57:55.0770 3688 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:57:55.0770 3688 hwpolicy - ok
19:57:55.0786 3688 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
19:57:55.0786 3688 i8042prt - ok
19:57:55.0817 3688 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:57:55.0817 3688 iaStorV - ok
19:57:55.0864 3688 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:57:55.0864 3688 idsvc - ok
19:57:55.0864 3688 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
19:57:55.0864 3688 iirsp - ok
19:57:55.0895 3688 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
19:57:55.0895 3688 IKEEXT - ok
19:57:55.0973 3688 [ ACACD1B925D448558C1C9D0258749451 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:57:56.0004 3688 IntcAzAudAddService - ok
19:57:56.0020 3688 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
19:57:56.0020 3688 intelide - ok
19:57:56.0036 3688 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:57:56.0036 3688 intelppm - ok
19:57:56.0051 3688 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:57:56.0051 3688 IPBusEnum - ok
19:57:56.0067 3688 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:57:56.0067 3688 IpFilterDriver - ok
19:57:56.0082 3688 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:57:56.0082 3688 iphlpsvc - ok
19:57:56.0082 3688 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:57:56.0082 3688 IPMIDRV - ok
19:57:56.0082 3688 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:57:56.0082 3688 IPNAT - ok
19:57:56.0098 3688 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:57:56.0098 3688 IRENUM - ok
19:57:56.0114 3688 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:57:56.0114 3688 isapnp - ok
19:57:56.0129 3688 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:57:56.0129 3688 iScsiPrt - ok
19:57:56.0145 3688 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:57:56.0145 3688 kbdclass - ok
19:57:56.0160 3688 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:57:56.0160 3688 kbdhid - ok
19:57:56.0176 3688 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
19:57:56.0176 3688 KeyIso - ok
19:57:56.0207 3688 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:57:56.0207 3688 KSecDD - ok
19:57:56.0223 3688 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:57:56.0223 3688 KSecPkg - ok
19:57:56.0223 3688 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:57:56.0223 3688 ksthunk - ok
19:57:56.0254 3688 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
19:57:56.0254 3688 KtmRm - ok
19:57:56.0316 3688 [ CAEAA16039485B2D3BB069C1107442A5 ] L4301_Solar C:\Program Files\Logitech\SolarApp\L4301_Solar.exe
19:57:56.0316 3688 L4301_Solar - ok
19:57:56.0348 3688 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
19:57:56.0348 3688 LanmanServer - ok
19:57:56.0363 3688 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:57:56.0363 3688 LanmanWorkstation - ok
19:57:56.0394 3688 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:57:56.0394 3688 lltdio - ok
19:57:56.0410 3688 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:57:56.0426 3688 lltdsvc - ok
19:57:56.0426 3688 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:57:56.0426 3688 lmhosts - ok
19:57:56.0472 3688 [ 5495EB40DF7061059C57F0DEFDBD72A1 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
19:57:56.0472 3688 LMS - ok
19:57:56.0488 3688 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
19:57:56.0488 3688 LSI_FC - ok
19:57:56.0504 3688 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
19:57:56.0504 3688 LSI_SAS - ok
19:57:56.0519 3688 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
19:57:56.0519 3688 LSI_SAS2 - ok
19:57:56.0535 3688 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
19:57:56.0535 3688 LSI_SCSI - ok
19:57:56.0566 3688 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
19:57:56.0566 3688 luafv - ok
19:57:56.0597 3688 [ A832517901EEF41C206D70FCEC89B275 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
19:57:56.0597 3688 LVRS64 - ok
19:57:56.0691 3688 [ 644E919936A8017B5F205E7FE7EDD19F ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
19:57:56.0722 3688 LVUVC64 - ok
19:57:56.0753 3688 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:57:56.0753 3688 Mcx2Svc - ok
19:57:56.0769 3688 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
19:57:56.0769 3688 megasas - ok
19:57:56.0784 3688 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
19:57:56.0784 3688 MegaSR - ok
19:57:56.0800 3688 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
19:57:56.0800 3688 MEIx64 - ok
19:57:56.0816 3688 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
19:57:56.0816 3688 MMCSS - ok
19:57:56.0831 3688 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
19:57:56.0831 3688 Modem - ok
19:57:56.0847 3688 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:57:56.0847 3688 monitor - ok
19:57:56.0878 3688 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:57:56.0878 3688 mouclass - ok
19:57:56.0894 3688 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:57:56.0894 3688 mouhid - ok
19:57:56.0909 3688 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:57:56.0909 3688 mountmgr - ok
19:57:56.0940 3688 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:57:56.0940 3688 MozillaMaintenance - ok
19:57:56.0956 3688 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
19:57:56.0956 3688 mpio - ok
19:57:56.0972 3688 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:57:56.0972 3688 mpsdrv - ok
19:57:56.0987 3688 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:57:56.0987 3688 MpsSvc - ok
19:57:57.0003 3688 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:57:57.0003 3688 MRxDAV - ok
19:57:57.0018 3688 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:57:57.0018 3688 mrxsmb - ok
19:57:57.0018 3688 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:57:57.0034 3688 mrxsmb10 - ok
19:57:57.0034 3688 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:57:57.0050 3688 mrxsmb20 - ok
19:57:57.0050 3688 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
19:57:57.0050 3688 msahci - ok
19:57:57.0065 3688 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:57:57.0065 3688 msdsm - ok
19:57:57.0081 3688 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
19:57:57.0081 3688 MSDTC - ok
19:57:57.0096 3688 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:57:57.0096 3688 Msfs - ok
19:57:57.0112 3688 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:57:57.0112 3688 mshidkmdf - ok
19:57:57.0128 3688 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:57:57.0128 3688 msisadrv - ok
19:57:57.0143 3688 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:57:57.0143 3688 MSiSCSI - ok
19:57:57.0143 3688 msiserver - ok
19:57:57.0159 3688 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:57:57.0159 3688 MSKSSRV - ok
19:57:57.0174 3688 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:57:57.0174 3688 MSPCLOCK - ok
19:57:57.0174 3688 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:57:57.0174 3688 MSPQM - ok
19:57:57.0190 3688 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:57:57.0190 3688 MsRPC - ok
19:57:57.0206 3688 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
19:57:57.0206 3688 mssmbios - ok
19:57:57.0221 3688 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:57:57.0221 3688 MSTEE - ok
19:57:57.0237 3688 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
19:57:57.0237 3688 MTConfig - ok
19:57:57.0237 3688 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
19:57:57.0237 3688 Mup - ok
19:57:57.0268 3688 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
19:57:57.0268 3688 napagent - ok
19:57:57.0299 3688 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:57:57.0299 3688 NativeWifiP - ok
19:57:57.0346 3688 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:57:57.0346 3688 NDIS - ok
19:57:57.0362 3688 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:57:57.0362 3688 NdisCap - ok
19:57:57.0393 3688 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:57:57.0393 3688 NdisTapi - ok
19:57:57.0393 3688 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:57:57.0393 3688 Ndisuio - ok
19:57:57.0408 3688 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:57:57.0408 3688 NdisWan - ok
19:57:57.0408 3688 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:57:57.0408 3688 NDProxy - ok
19:57:57.0424 3688 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:57:57.0424 3688 NetBIOS - ok
19:57:57.0424 3688 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:57:57.0440 3688 NetBT - ok
19:57:57.0455 3688 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
19:57:57.0455 3688 Netlogon - ok
19:57:57.0486 3688 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
19:57:57.0486 3688 Netman - ok
19:57:57.0502 3688 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
19:57:57.0502 3688 netprofm - ok
19:57:57.0533 3688 [ D66596DB0A0739A89C25B590CE36D628 ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys
19:57:57.0549 3688 netr28x - ok
19:57:57.0564 3688 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:57:57.0564 3688 NetTcpPortSharing - ok
19:57:57.0580 3688 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
19:57:57.0580 3688 nfrd960 - ok
19:57:57.0596 3688 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:57:57.0596 3688 NlaSvc - ok
19:57:57.0596 3688 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:57:57.0596 3688 Npfs - ok
19:57:57.0627 3688 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
19:57:57.0627 3688 nsi - ok
19:57:57.0642 3688 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:57:57.0642 3688 nsiproxy - ok
19:57:57.0674 3688 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:57:57.0689 3688 Ntfs - ok
19:57:57.0705 3688 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
19:57:57.0705 3688 Null - ok
19:57:57.0736 3688 [ 8D4AAC74B571FC356560E5B308955E93 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
19:57:57.0736 3688 NVHDA - ok
19:57:57.0908 3688 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:57:58.0017 3688 nvlddmkm - ok
19:57:58.0048 3688 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:57:58.0048 3688 nvraid - ok
19:57:58.0064 3688 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:57:58.0064 3688 nvstor - ok
19:57:58.0095 3688 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] nvsvc C:\Windows\system32\nvvsvc.exe
19:57:58.0110 3688 nvsvc - ok
19:57:58.0157 3688 [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
19:57:58.0157 3688 nvUpdatusService - ok
19:57:58.0188 3688 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:57:58.0188 3688 nv_agp - ok
19:57:58.0188 3688 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:57:58.0188 3688 ohci1394 - ok
19:57:58.0220 3688 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:57:58.0220 3688 p2pimsvc - ok
19:57:58.0235 3688 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
19:57:58.0235 3688 p2psvc - ok
19:57:58.0251 3688 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
19:57:58.0251 3688 Parport - ok
19:57:58.0266 3688 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:57:58.0266 3688 partmgr - ok
19:57:58.0282 3688 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:57:58.0282 3688 PcaSvc - ok
19:57:58.0298 3688 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
19:57:58.0298 3688 pci - ok
19:57:58.0313 3688 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
19:57:58.0313 3688 pciide - ok
19:57:58.0313 3688 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
19:57:58.0329 3688 pcmcia - ok
19:57:58.0329 3688 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
19:57:58.0329 3688 pcw - ok
19:57:58.0344 3688 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:57:58.0344 3688 PEAUTH - ok
19:57:58.0407 3688 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:57:58.0407 3688 PerfHost - ok
19:57:58.0422 3688 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
19:57:58.0438 3688 pla - ok
19:57:58.0469 3688 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:57:58.0485 3688 PlugPlay - ok
19:57:58.0485 3688 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:57:58.0485 3688 PNRPAutoReg - ok
19:57:58.0485 3688 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:57:58.0500 3688 PNRPsvc - ok
19:57:58.0516 3688 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:57:58.0516 3688 PolicyAgent - ok
19:57:58.0547 3688 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
19:57:58.0547 3688 Power - ok
19:57:58.0563 3688 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:57:58.0563 3688 PptpMiniport - ok
19:57:58.0578 3688 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
19:57:58.0578 3688 Processor - ok
19:57:58.0594 3688 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
19:57:58.0594 3688 ProfSvc - ok
19:57:58.0610 3688 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:57:58.0610 3688 ProtectedStorage - ok
19:57:58.0625 3688 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:57:58.0625 3688 Psched - ok
19:57:58.0656 3688 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
19:57:58.0672 3688 ql2300 - ok
19:57:58.0688 3688 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
19:57:58.0688 3688 ql40xx - ok
19:57:58.0719 3688 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
19:57:58.0719 3688 QWAVE - ok
19:57:58.0734 3688 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:57:58.0734 3688 QWAVEdrv - ok
19:57:58.0734 3688 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:57:58.0734 3688 RasAcd - ok
19:57:58.0750 3688 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:57:58.0750 3688 RasAgileVpn - ok
19:57:58.0766 3688 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
19:57:58.0766 3688 RasAuto - ok
19:57:58.0766 3688 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:57:58.0766 3688 Rasl2tp - ok
19:57:58.0797 3688 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
19:57:58.0797 3688 RasMan - ok
19:57:58.0812 3688 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:57:58.0812 3688 RasPppoe - ok
19:57:58.0812 3688 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:57:58.0812 3688 RasSstp - ok
19:57:58.0828 3688 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:57:58.0828 3688 rdbss - ok
19:57:58.0844 3688 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
19:57:58.0844 3688 rdpbus - ok
19:57:58.0859 3688 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:57:58.0859 3688 RDPCDD - ok
19:57:58.0875 3688 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:57:58.0875 3688 RDPENCDD - ok
19:57:58.0890 3688 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:57:58.0890 3688 RDPREFMP - ok
19:57:58.0922 3688 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:57:58.0922 3688 RDPWD - ok
19:57:58.0937 3688 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:57:58.0937 3688 rdyboost - ok
19:57:58.0953 3688 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:57:58.0953 3688 RemoteAccess - ok
19:57:58.0968 3688 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:57:58.0968 3688 RemoteRegistry - ok
19:57:59.0000 3688 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:57:59.0000 3688 RpcEptMapper - ok
19:57:59.0000 3688 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
19:57:59.0015 3688 RpcLocator - ok
19:57:59.0031 3688 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
19:57:59.0031 3688 RpcSs - ok
19:57:59.0046 3688 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:57:59.0046 3688 rspndr - ok
19:57:59.0093 3688 [ 7F4F11527AF5A7E4526CB6A146B3E40C ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
19:57:59.0093 3688 RTL8167 - ok
19:57:59.0093 3688 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
19:57:59.0093 3688 SamSs - ok
19:57:59.0109 3688 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:57:59.0109 3688 sbp2port - ok
19:57:59.0124 3688 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:57:59.0140 3688 SCardSvr - ok
19:57:59.0187 3688 [ B2F50286DC82B93C013E3FC57BA1A956 ] SCDEmu C:\Windows\system32\drivers\SCDEmu.sys
19:57:59.0187 3688 SCDEmu - ok
19:57:59.0202 3688 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:57:59.0218 3688 scfilter - ok
19:57:59.0234 3688 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
19:57:59.0234 3688 Schedule - ok
19:57:59.0249 3688 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
19:57:59.0249 3688 SCPolicySvc - ok
19:57:59.0265 3688 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:57:59.0265 3688 SDRSVC - ok
19:57:59.0280 3688 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:57:59.0280 3688 secdrv - ok
19:57:59.0296 3688 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
19:57:59.0296 3688 seclogon - ok
19:57:59.0296 3688 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
19:57:59.0296 3688 SENS - ok
19:57:59.0327 3688 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:57:59.0327 3688 SensrSvc - ok
19:57:59.0358 3688 [ 255476B54C82A89416EFDF09FD62F107 ] Sentinel64 C:\Windows\System32\Drivers\Sentinel64.sys
19:57:59.0358 3688 Sentinel64 - ok
19:57:59.0405 3688 [ A9EEB7B09B898A53EC8B7063B923AC32 ] SentinelKeysServer C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
19:57:59.0405 3688 SentinelKeysServer - ok
19:57:59.0452 3688 [ FD8723219C907C7AB753C93334FA4610 ] SentinelProtectionServer C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
19:57:59.0452 3688 SentinelProtectionServer - ok
19:57:59.0452 3688 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
19:57:59.0452 3688 Serenum - ok
19:57:59.0468 3688 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
19:57:59.0468 3688 Serial - ok
19:57:59.0483 3688 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
19:57:59.0483 3688 sermouse - ok
19:57:59.0499 3688 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
19:57:59.0499 3688 SessionEnv - ok
19:57:59.0499 3688 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:57:59.0499 3688 sffdisk - ok
19:57:59.0499 3688 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:57:59.0499 3688 sffp_mmc - ok
19:57:59.0499 3688 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:57:59.0499 3688 sffp_sd - ok
19:57:59.0499 3688 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
19:57:59.0514 3688 sfloppy - ok
19:57:59.0514 3688 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:57:59.0530 3688 SharedAccess - ok
19:57:59.0530 3688 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:57:59.0530 3688 ShellHWDetection - ok
19:57:59.0546 3688 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
19:57:59.0546 3688 SiSRaid2 - ok
19:57:59.0561 3688 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
19:57:59.0561 3688 SiSRaid4 - ok
19:57:59.0592 3688 [ DDAA5F4A6B958FC313EBD02DD925752F ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
19:57:59.0592 3688 SkypeUpdate - ok
19:57:59.0608 3688 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:57:59.0608 3688 Smb - ok
19:57:59.0624 3688 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:57:59.0624 3688 SNMPTRAP - ok
19:57:59.0639 3688 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
19:57:59.0639 3688 spldr - ok
19:57:59.0655 3688 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
19:57:59.0670 3688 Spooler - ok
19:57:59.0717 3688 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
19:57:59.0717 3688 sppsvc - ok
19:57:59.0748 3688 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:57:59.0748 3688 sppuinotify - ok
19:57:59.0764 3688 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
19:57:59.0780 3688 srv - ok
19:57:59.0780 3688 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:57:59.0780 3688 srv2 - ok
19:57:59.0795 3688 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:57:59.0795 3688 srvnet - ok
19:57:59.0826 3688 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:57:59.0826 3688 SSDPSRV - ok
19:57:59.0842 3688 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:57:59.0842 3688 SstpSvc - ok
19:57:59.0920 3688 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
19:57:59.0920 3688 Stereo Service - ok
19:57:59.0936 3688 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
19:57:59.0936 3688 stexstor - ok
19:57:59.0967 3688 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
19:57:59.0982 3688 stisvc - ok
19:57:59.0982 3688 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
19:57:59.0982 3688 swenum - ok
19:58:00.0045 3688 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
19:58:00.0045 3688 SwitchBoard - ok
19:58:00.0060 3688 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
19:58:00.0060 3688 swprv - ok
19:58:00.0092 3688 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
19:58:00.0092 3688 SysMain - ok
19:58:00.0107 3688 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:58:00.0107 3688 TabletInputService - ok
19:58:00.0263 3688 [ 17A341D41F30FEA2EFF7223148899FEC ] TabletServiceWacom C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
19:58:00.0294 3688 TabletServiceWacom - ok
19:58:00.0294 3688 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:58:00.0294 3688 TapiSrv - ok
19:58:00.0310 3688 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
19:58:00.0326 3688 TBS - ok
19:58:00.0357 3688 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:58:00.0357 3688 Tcpip - ok
19:58:00.0388 3688 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:58:00.0388 3688 TCPIP6 - ok
19:58:00.0404 3688 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:58:00.0404 3688 tcpipreg - ok
19:58:00.0404 3688 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:58:00.0419 3688 TDPIPE - ok
19:58:00.0435 3688 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:58:00.0435 3688 TDTCP - ok
19:58:00.0450 3688 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:58:00.0450 3688 tdx - ok
19:58:00.0450 3688 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
19:58:00.0450 3688 TermDD - ok
19:58:00.0466 3688 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
19:58:00.0466 3688 TermService - ok
19:58:00.0482 3688 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
19:58:00.0482 3688 Themes - ok
19:58:00.0497 3688 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
19:58:00.0497 3688 THREADORDER - ok
19:58:00.0528 3688 [ A15A789141C74AAD7971FBCB4847A593 ] TouchServiceWacom C:\Program Files\Tablet\Wacom\Wacom_TouchService.exe
19:58:00.0528 3688 TouchServiceWacom - ok
19:58:00.0544 3688 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
19:58:00.0544 3688 TrkWks - ok
19:58:00.0575 3688 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:58:00.0575 3688 TrustedInstaller - ok
19:58:00.0575 3688 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:58:00.0575 3688 tssecsrv - ok
19:58:00.0591 3688 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:58:00.0591 3688 TsUsbFlt - ok
19:58:00.0591 3688 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
19:58:00.0591 3688 TsUsbGD - ok
19:58:00.0606 3688 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:58:00.0606 3688 tunnel - ok
19:58:00.0606 3688 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
19:58:00.0622 3688 uagp35 - ok
19:58:00.0622 3688 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:58:00.0622 3688 udfs - ok
19:58:00.0653 3688 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:58:00.0653 3688 UI0Detect - ok
19:58:00.0669 3688 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:58:00.0669 3688 uliagpkx - ok
19:58:00.0684 3688 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
19:58:00.0684 3688 umbus - ok
19:58:00.0700 3688 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
19:58:00.0700 3688 UmPass - ok
19:58:00.0762 3688 [ AEBE8F338432F9DE5AE0CAE4D4BAED76 ] UMVPFSrv C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
19:58:00.0762 3688 UMVPFSrv - ok
19:58:00.0825 3688 [ D329A1589257FB671338E8CDBC6CB6DB ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
19:58:00.0840 3688 UNS - ok
19:58:00.0856 3688 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
19:58:00.0856 3688 upnphost - ok
19:58:00.0872 3688 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
19:58:00.0872 3688 usbaudio - ok
19:58:00.0903 3688 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:58:00.0903 3688 usbccgp - ok
19:58:00.0918 3688 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:58:00.0918 3688 usbcir - ok
19:58:00.0950 3688 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
19:58:00.0950 3688 usbehci - ok
19:58:00.0981 3688 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:58:00.0981 3688 usbhub - ok
19:58:00.0996 3688 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
19:58:00.0996 3688 usbohci - ok
19:58:01.0012 3688 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
19:58:01.0012 3688 usbprint - ok
19:58:01.0012 3688 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
19:58:01.0028 3688 USBSTOR - ok
19:58:01.0028 3688 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
19:58:01.0028 3688 usbuhci - ok
19:58:01.0043 3688 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
19:58:01.0043 3688 usbvideo - ok
19:58:01.0059 3688 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
19:58:01.0059 3688 UxSms - ok
19:58:01.0059 3688 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
19:58:01.0059 3688 VaultSvc - ok
19:58:01.0059 3688 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:58:01.0059 3688 vdrvroot - ok
19:58:01.0090 3688 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
19:58:01.0090 3688 vds - ok
19:58:01.0090 3688 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:58:01.0106 3688 vga - ok
19:58:01.0106 3688 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
19:58:01.0106 3688 VgaSave - ok
19:58:01.0121 3688 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:58:01.0121 3688 vhdmp - ok
19:58:01.0137 3688 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
19:58:01.0137 3688 viaide - ok
19:58:01.0152 3688 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:58:01.0168 3688 volmgr - ok
19:58:01.0184 3688 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:58:01.0184 3688 volmgrx - ok
19:58:01.0199 3688 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:58:01.0199 3688 volsnap - ok
19:58:01.0215 3688 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
19:58:01.0215 3688 vsmraid - ok
19:58:01.0246 3688 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
19:58:01.0246 3688 VSS - ok
19:58:01.0262 3688 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
19:58:01.0262 3688 vwifibus - ok
19:58:01.0277 3688 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
19:58:01.0277 3688 vwififlt - ok
19:58:01.0308 3688 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
19:58:01.0308 3688 W32Time - ok
19:58:01.0340 3688 [ 7CB1898A29188FB8DB102406EF0D8D9E ] WacHidRouter C:\Windows\system32\DRIVERS\wachidrouter.sys
19:58:01.0355 3688 WacHidRouter - ok
19:58:01.0371 3688 [ FE75777289278A4941FE6139E82B3BD9 ] wacmoumonitor C:\Windows\system32\DRIVERS\wacmoumonitor.sys
19:58:01.0371 3688 wacmoumonitor - ok
19:58:01.0386 3688 wacommousefilter - ok
19:58:01.0402 3688 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
19:58:01.0402 3688 WacomPen - ok
19:58:01.0418 3688 [ B59EC4DD1026F059CD95C1627562F3F3 ] wacomrouterfilter C:\Windows\system32\DRIVERS\wacomrouterfilter.sys
19:58:01.0418 3688 wacomrouterfilter - ok
19:58:01.0418 3688 wacomvhid - ok
19:58:01.0433 3688 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:58:01.0433 3688 WANARP - ok
19:58:01.0449 3688 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:58:01.0449 3688 Wanarpv6 - ok
19:58:01.0480 3688 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
19:58:01.0480 3688 WatAdminSvc - ok
19:58:01.0511 3688 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
19:58:01.0511 3688 wbengine - ok
19:58:01.0527 3688 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:58:01.0527 3688 WbioSrvc - ok
19:58:01.0542 3688 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:58:01.0542 3688 wcncsvc - ok
19:58:01.0558 3688 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:58:01.0558 3688 WcsPlugInService - ok
19:58:01.0558 3688 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
19:58:01.0574 3688 Wd - ok
19:58:01.0589 3688 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:58:01.0589 3688 Wdf01000 - ok
19:58:01.0605 3688 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:58:01.0605 3688 WdiServiceHost - ok
19:58:01.0605 3688 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:58:01.0605 3688 WdiSystemHost - ok
19:58:01.0620 3688 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
19:58:01.0620 3688 WebClient - ok
19:58:01.0636 3688 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:58:01.0636 3688 Wecsvc - ok
19:58:01.0667 3688 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:58:01.0667 3688 wercplsupport - ok
19:58:01.0683 3688 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
19:58:01.0683 3688 WerSvc - ok
19:58:01.0698 3688 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:58:01.0698 3688 WfpLwf - ok
19:58:01.0698 3688 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:58:01.0698 3688 WIMMount - ok
19:58:01.0714 3688 WinDefend - ok
19:58:01.0714 3688 WinHttpAutoProxySvc - ok
19:58:01.0745 3688 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:58:01.0745 3688 Winmgmt - ok
19:58:01.0792 3688 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
19:58:01.0792 3688 WinRM - ok
19:58:01.0823 3688 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
19:58:01.0823 3688 Wlansvc - ok
19:58:01.0839 3688 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
19:58:01.0839 3688 WmiAcpi - ok
19:58:01.0854 3688 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:58:01.0854 3688 wmiApSrv - ok
19:58:01.0870 3688 WMPNetworkSvc - ok
19:58:01.0886 3688 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:58:01.0886 3688 WPCSvc - ok
19:58:01.0886 3688 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:58:01.0886 3688 WPDBusEnum - ok
19:58:01.0901 3688 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:58:01.0901 3688 ws2ifsl - ok
19:58:01.0917 3688 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
19:58:01.0917 3688 wscsvc - ok
19:58:01.0917 3688 WSearch - ok
19:58:01.0964 3688 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
19:58:01.0979 3688 wuauserv - ok
19:58:01.0979 3688 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:58:01.0979 3688 WudfPf - ok
19:58:02.0010 3688 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:58:02.0010 3688 WUDFRd - ok
19:58:02.0010 3688 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:58:02.0010 3688 wudfsvc - ok
19:58:02.0026 3688 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
19:58:02.0042 3688 WwanSvc - ok
19:58:02.0042 3688 ================ Scan global ===============================
19:58:02.0073 3688 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
19:58:02.0104 3688 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
19:58:02.0104 3688 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
19:58:02.0135 3688 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
19:58:02.0151 3688 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
19:58:02.0151 3688 [Global] - ok
19:58:02.0151 3688 ================ Scan MBR ==================================
19:58:02.0166 3688 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:58:02.0338 3688 \Device\Harddisk0\DR0 - ok
19:58:02.0338 3688 ================ Scan VBR ==================================
19:58:02.0338 3688 [ 5BE13D6482C0A6B56DEF37413ACBF089 ] \Device\Harddisk0\DR0\Partition1
19:58:02.0338 3688 \Device\Harddisk0\DR0\Partition1 - ok
19:58:02.0338 3688 ============================================================
19:58:02.0338 3688 Scan finished
19:58:02.0338 3688 ============================================================
19:58:02.0354 4008 Detected object count: 0
19:58:02.0354 4008 Actual detected object count: 0

#8 Finnlay

Finnlay
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:36 AM

Posted 18 October 2012 - 10:08 PM

I will be running mbam soon. It asks me to disable my AV firewall to install. Is that ok to do?




# AdwCleaner v2.005 - Logfile created 10/18/2012 at 20:03:00
# Updated 14/10/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Robot - ROBOT-PC
# Boot Mode : Normal
# Running from : C:\Users\Robot\Desktop\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\ProgramData\boost_interprocess

***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7601.17514

[OK] Registry is clean.

-\\ Mozilla Firefox v15.0.1 (en-US)

Profile name : default
File : C:\Users\Robot\AppData\Roaming\Mozilla\Firefox\Profiles\48ubw2zm.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v22.0.1229.94

File : C:\Users\Robot\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [1230 octets] - [18/10/2012 20:03:00]

########## EOF - C:\AdwCleaner[S1].txt - [1290 octets] ##########

#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,176 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:36 AM

Posted 18 October 2012 - 10:13 PM

Hello, what is your AV..
and yes disable only for the install after that restart them
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 Finnlay

Finnlay
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:36 AM

Posted 18 October 2012 - 10:26 PM

ESET Smart Security 5 is what it says when I open it. I can find the box if that isn't enough.

Also, mbam is telling me to disable the AV and the firewall. I thought it said the AV's firewall. I don't know how to disable the AV though. I am looking it up now.

Edited by Finnlay, 18 October 2012 - 10:30 PM.


#11 Finnlay

Finnlay
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:36 AM

Posted 18 October 2012 - 10:35 PM

Figured it out with a little persistence.


Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.10.19.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Robot :: ROBOT-PC [administrator]

10/18/2012 8:32:44 PM
mbam-log-2012-10-18 (20-32-44).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 220194
Time elapsed: 1 minute(s), 36 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,176 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:36 AM

Posted 19 October 2012 - 02:19 PM

I think we should get a deeper look. Please follow this Preparation Guide and post in a new topic.
If Gmer won't run,skip it.

Let me know if all went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users