Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected? Computer shuts down, Blue Screen message pops up


  • This topic is locked This topic is locked
24 replies to this topic

#1 HippieBea

HippieBea

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:03:55 AM

Posted 11 August 2013 - 06:13 PM

I'm running Windows 7 and my pc recently began shutting down frequenlty on it's own.  Before it shuts down, I have a blue screen with white lettering that has mentioned something about Memory, but it flashes so quickly I can't read the whole thing. I have used Malwarebytes and gotten rid of a few trojans and adwares several times. I've run Antispyware as well and got rid of PUPS.  ESET Online scanner caught a few problems and erased those. But I continue to have the shut down issue.  I thiought I'd start here and if this is the wrong topic to post under, please direct me accordingly. Thank you in advance for all your help!  The logs follow -

 

Attached File  dds.txt   14.62KB   3 downloads

 

Attached File  attach.txt   22.97KB   0 downloads



BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,761 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:55 AM

Posted 16 August 2013 - 06:15 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/504079 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,761 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:55 AM

Posted 21 August 2013 - 06:20 PM

Hello again!

I haven't heard from you in 5 days. Therefore, I am going to assume that you no longer need our help, and close this topic.

If you do still need help, please send a Private Message to any Moderator within the next five days. Be sure to include a link to your topic in your Private Message.

Thank you for using Bleeping Computer, and have a great day!

#4 Andrew

Andrew

    Bleepin' Night Watchman


  • Moderator
  • 8,260 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Right behind you
  • Local time:11:55 PM

Posted 22 August 2013 - 12:00 PM

This topic has been re-opened at the request of the person who originally posted.

#5 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:07:55 AM

Posted 22 August 2013 - 02:07 PM

Hi,

My forum name is Dev00790 and I'll be helping you clean up your computer.

I will reply as soon as possible (typically within 24 hours). In turn, I ask that you please respond within 72 hours. If you know you will be away longer than that, I just ask for notice ahead of time.
Please be patient while I assist you.

Some points for you to keep in mind while I am helping you to make things go easier and faster for both of us:

  • Please do NOT run, install or uninstall any programs,  unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
          
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
          
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
          
  • I'm currently a trainee in the Malware Removal Training program and therefore my answers have to be checked by a Teacher before they get posted to you.
    There may be a delay due to this. I apologize in advance if this happens. Hold tight while I get the first set of instructions out to you.

NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.
 
----------------------
 
:step1:

  • Please rerun DDS by double clicking on the DDS icon, and allow it to run.
  • DDS will now display a red window with an option screen called DDS: Settings
  • Mark the options dds.txt and attach.txt.
  • Click on Start.
  • If you did not disable a script-blocker that may be part of your antimalware program, you may receive a warning from your antimalware product asking if you would like DDS.com to run. Please allow it to do so.
  • DDS will automatically open both logfiles.
  • You can find them on your desktop as well.
  • Please post the content of those logfiles with your next answer.

Please note:  You may have to disable any script protection running if the scan fails to run.  After downloading the tool, disconnect from the internet and disable all antivirus protection.  Run the scan, enable your A/V and reconnect to the internet.  

Information on A/V control HERE


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#6 HippieBea

HippieBea
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:03:55 AM

Posted 22 August 2013 - 07:12 PM

ATTACH

 

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 4/13/2013 11:53:10 AM
System Uptime: 8/22/2013 8:02:44 PM (0 hours ago)
.
Motherboard: ECS  |  | Nettle2
Processor: AMD Athlon™ 64 X2 Dual Core Processor 6000+ | Socket M2  | 3000/201mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 466 GiB total, 432.46 GiB free.
D: is CDROM ()
E: is Removable
F: is Removable
G: is Removable
H: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP59: 7/30/2013 9:47:39 PM - Windows Update
RP60: 8/2/2013 10:29:10 PM - Windows Update
RP61: 8/4/2013 9:59:43 PM - Windows Update
RP62: 8/8/2013 3:43:31 PM - Restore Operation
RP63: 8/8/2013 3:49:37 PM - Removed Apple Application Support
RP64: 8/8/2013 3:50:49 PM - Removed Java 7 Update 25
RP65: 8/8/2013 3:51:14 PM - Removed iTunes
RP66: 8/8/2013 3:52:52 PM - Removed Bonjour
RP67: 8/8/2013 3:53:21 PM - Removed Apple Software Update
RP68: 8/8/2013 3:53:52 PM - Removed Apple Mobile Device Support
RP69: 8/8/2013 4:07:08 PM - Windows Update
RP70: 8/11/2013 7:06:12 PM - Windows Update
RP71: 8/22/2013 8:04:37 PM - Windows Update
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader XI (11.0.01)
CCleaner
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Google Chrome
Google Update Helper
HP Product Detection
iLivid
Java 7 Update 25
Java Auto Updater
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft .NET Framework 4.5
Microsoft Application Error Reporting
Microsoft Mouse and Keyboard Center
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
Mozilla Firefox 22.0 (x86 en-US)
Mozilla Maintenance Service
Netflix in Windows Media Center
NVIDIA Control Panel 307.83
NVIDIA Drivers
NVIDIA Graphics Driver 307.83
NVIDIA Install Application
NVIDIA Update 1.10.8
NVIDIA Update Components
Realtek High Definition Audio Driver
Revo Uninstaller 1.95
Security Update for Microsoft .NET Framework 4.5 (KB2737083)
Security Update for Microsoft .NET Framework 4.5 (KB2742613)
Security Update for Microsoft .NET Framework 4.5 (KB2789648)
Security Update for Microsoft .NET Framework 4.5 (KB2804582)
Security Update for Microsoft .NET Framework 4.5 (KB2833957)
Security Update for Microsoft .NET Framework 4.5 (KB2840642)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
SpywareBlaster 5.0
SUPERAntiSpyware
Update for Microsoft .NET Framework 4.5 (KB2750147)
Update for Microsoft .NET Framework 4.5 (KB2805221)
Update for Microsoft .NET Framework 4.5 (KB2805226)
VLC media player 2.0.7
WOT for Internet Explorer
.
==== Event Viewer Messages From Past Week ========
.
8/22/2013 8:02:58 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001]  - The computer has rebooted from a bugcheck.  The bugcheck was: 0x0000000a (0x0000000000000000, 0x0000000000000002, 0x0000000000000001, 0xfffff80002acb162). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 082213-13540-01.
.
==== End Of File ===========================
 

DDS

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16635  BrowserJavaVersion: 10.25.2
Run by Bea at 20:06:23 on 2013-08-22
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.1918.721 [GMT -4:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\taskhost.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\rundll32.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Windows\ehome\mcupdate.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\ehome\ehsched.exe
C:\Windows\eHome\EhTray.exe
C:\Windows\ehome\ehRec.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe,
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Define: {B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE} -
BHO: WOT Helper: {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files (x86)\WOT\WOT.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: WOT: {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll
TB: WOT: {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll
uRun: [GoogleChromeAutoLaunch_140299A73DDFBEE682C1057A74DE4DC2] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
uRun: [SSync] "C:\Users\Bea\AppData\Roaming\SSync\SSync.exe"
uRun: [DataMgr] "C:\Users\Bea\AppData\Roaming\DataMgr\DataMgr.exe"
uRun: [Intermediate] "C:\Users\Bea\AppData\Roaming\Intermediate\Intermediate.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{58372BFC-7A23-42FF-A8C8-165E53AC549A} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{58372BFC-7A23-42FF-A8C8-165E53AC549A}\45964716E6 : DHCPNameServer = 209.18.47.61 209.18.47.62 192.168.1.1
TCP: Interfaces\{9A886341-A361-4CE4-9034-57C150248474} : DHCPNameServer = 192.168.1.254
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll
AppInit_DLLs=  
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: WOT Helper: {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll
x64-TB: WOT: {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll
x64-SSODL: WebCheck - <orphaned>
Hosts: 127.0.0.1 validation.sls.microsoft.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Bea\AppData\Roaming\Mozilla\Firefox\Profiles\x5iei7wj.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3227981&CUI=UN37732296901684615&UM=2&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - appbario7 Customized Web Search
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3227981&SearchSource=2&CUI=UN37732296901684615&UM=2&q=
FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dll
FF - plugin: C:\Windows\System32\TVUAx\npTVUAx.dll
FF - plugin: C:\Windows\System32\Wat\npWatWeb.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2013-07-19 14:54; om@offermosquito.com; C:\Users\Bea\AppData\Roaming\Mozilla\Firefox\Profiles\x5iei7wj.default\extensions\om@offermosquito.com.xpi
FF - ExtSQL: 2013-08-05 14:25; {e001c731-5e37-4538-a5cb-8168736a2360}; C:\Users\Bea\AppData\Roaming\Mozilla\Firefox\Profiles\x5iei7wj.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
.
============= SERVICES / DRIVERS ===============
.
R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2013-4-13 20024]
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-6-18 247216]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2012-7-11 140672]
R3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter;C:\Windows\System32\drivers\RTL8192cu.sys [2010-8-12 748648]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-7-9 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-7-8 123856]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2013-1-20 139616]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-6-20 366600]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-4-13 19456]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-4-13 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-4-13 30208]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-7-3 1255736]
.
=============== Created Last 30 ================
.
2013-08-23 00:05:55    941720    ----a-w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3C96893F-C026-49AA-B07C-2206A0092F10}\gapaengine.dll
2013-08-23 00:05:38    9515512    ----a-w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{562D62EE-0199-4F82-A845-2A9FDFBB99E2}\mpengine.dll
2013-08-11 23:06:39    9460976    ------w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-08-08 19:53:46    --------    d-----w-    C:\Users\Bea\AppData\Local\Apple
2013-08-08 19:42:25    --------    d-----w-    C:\Users\Bea\AppData\Local\ElevatedDiagnostics
2013-07-29 10:29:02    --------    d-----w-    C:\Users\Bea\AppData\Roaming\Snz
2013-07-29 10:29:02    --------    d-----w-    C:\Users\Bea\AppData\Roaming\SCheck
2013-07-25 00:36:18    --------    d-----w-    C:\Program Files (x86)\VS Revo Group
2013-07-24 03:25:54    --------    d-----w-    C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-07-24 03:23:33    --------    d-----w-    C:\Users\Bea\AppData\Roaming\Intermediate
2013-07-24 03:23:33    --------    d-----w-    C:\Users\Bea\AppData\Roaming\DataMgr
2013-07-24 03:23:32    --------    d-----w-    C:\Users\Bea\AppData\Roaming\SSync
2013-07-24 03:23:22    --------    d-----w-    C:\Users\Bea\AppData\Roaming\OfferMosquito
2013-07-24 03:23:22    --------    d-----w-    C:\Users\Bea\AppData\Roaming\Common
2013-07-24 03:21:21    --------    d-----w-    C:\Users\Bea\AppData\Roaming\SeeSimilar
.
==================== Find3M  ====================
.
2013-07-13 01:35:23    71048    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-07-13 01:35:23    692104    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2013-07-01 03:59:50    96168    ----a-w-    C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-07-01 03:59:47    867240    ----a-w-    C:\Windows\SysWow64\npDeployJava1.dll
2013-07-01 03:59:47    789416    ----a-w-    C:\Windows\SysWow64\deployJava1.dll
2013-06-19 01:50:08    247216    ----a-w-    C:\Windows\System32\drivers\MpFilter.sys
2013-06-19 01:50:08    139616    ----a-w-    C:\Windows\System32\drivers\NisDrvWFP.sys
2013-06-12 02:56:08    9089416    ----a-w-    C:\Windows\SysWow64\FlashPlayerInstaller.exe
2013-06-11 23:43:37    1767936    ----a-w-    C:\Windows\SysWow64\wininet.dll
2013-06-11 23:43:00    2877440    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2013-06-11 23:42:58    61440    ----a-w-    C:\Windows\SysWow64\iesetup.dll
2013-06-11 23:42:58    109056    ----a-w-    C:\Windows\SysWow64\iesysprep.dll
2013-06-11 23:26:20    2241024    ----a-w-    C:\Windows\System32\wininet.dll
2013-06-11 23:25:16    3958784    ----a-w-    C:\Windows\System32\jscript9.dll
2013-06-11 23:25:13    67072    ----a-w-    C:\Windows\System32\iesetup.dll
2013-06-11 23:25:13    136704    ----a-w-    C:\Windows\System32\iesysprep.dll
2013-06-11 22:51:45    71680    ----a-w-    C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-06-11 22:50:58    89600    ----a-w-    C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-07 03:22:18    2706432    ----a-w-    C:\Windows\System32\mshtml.tlb
2013-06-07 02:37:52    2706432    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2013-06-05 03:34:27    3153920    ----a-w-    C:\Windows\System32\win32k.sys
2013-06-04 06:00:13    624128    ----a-w-    C:\Windows\System32\qedit.dll
2013-06-04 04:53:07    509440    ----a-w-    C:\Windows\SysWow64\qedit.dll
.
============= FINISH: 20:06:46.65 ===============
 



#7 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:07:55 AM

Posted 24 August 2013 - 07:32 AM

Hi

Please do the following next:

:step1:

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!

  • Double-click on TDSSKiller.exe on your desktop to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click on change parameters
  • Under Objects to scan, check the boxes next to Verify file digital signatures, Detect TDLFS file system, then click OK.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not an option, Skip instead, do NOT choose Delete or Quarantine unless instructed.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the full contents of that file in your next reply. - If the log is too long, then split it into multiple posts.


:step2:

Please download AdwCleaner by Xplode onto your desktop.


  • Double click on AdwCleaner.exe to run the tool.
  • Click on Search.
  • A logfile will automatically open after the scan has finished.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[R1].txt as well.


:step3:

We need to analyse the BSOD:

Download BlueScreenView (in Zip file) to your desktop.



  • No installation required.
  • Unzip downloaded file to your desktop
  • Double click on BlueScreenView.exe file to run the program and When scanning is done, go to Edit > Select All.
  • Then go to File > Save Selected Items, and save the report as BSOD.txt.
  • Open BSOD.txt in Notepad
  • Copy all content, and paste it into your next reply.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#8 HippieBea

HippieBea
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:03:55 AM

Posted 24 August 2013 - 03:53 PM

TDSS:

 

16:25:18.0296 0x060c  TDSS rootkit removing tool 2.9.2.0 Aug 15 2013 16:44:29
16:25:19.0286 0x060c  ============================================================
16:25:19.0286 0x060c  Current date / time: 2013/08/24 16:25:19.0286
16:25:19.0286 0x060c  SystemInfo:
16:25:19.0286 0x060c  
16:25:19.0286 0x060c  OS Version: 6.1.7601 ServicePack: 1.0
16:25:19.0286 0x060c  Product type: Workstation
16:25:19.0286 0x060c  ComputerName: BEA-PC
16:25:19.0286 0x060c  UserName: Bea
16:25:19.0286 0x060c  Windows directory: C:\Windows
16:25:19.0286 0x060c  System windows directory: C:\Windows
16:25:19.0286 0x060c  Running under WOW64
16:25:19.0286 0x060c  Processor architecture: Intel x64
16:25:19.0286 0x060c  Number of processors: 2
16:25:19.0286 0x060c  Page size: 0x1000
16:25:19.0286 0x060c  Boot type: Normal boot
16:25:19.0286 0x060c  ============================================================
16:25:21.0298 0x060c  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xFC59, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
16:25:21.0408 0x060c  ============================================================
16:25:21.0408 0x060c  \Device\Harddisk0\DR0:
16:25:21.0408 0x060c  MBR partitions:
16:25:21.0408 0x060c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
16:25:21.0408 0x060c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
16:25:21.0408 0x060c  ============================================================
16:25:21.0438 0x060c  C: <-> \Device\Harddisk0\DR0\Partition2
16:25:21.0438 0x060c  ============================================================
16:25:21.0438 0x060c  Initialize success
16:25:21.0438 0x060c  ============================================================
16:25:39.0392 0x0e48  ============================================================
16:25:39.0392 0x0e48  Scan started
16:25:39.0392 0x0e48  Mode: Manual;
16:25:39.0392 0x0e48  ============================================================
16:25:40.0092 0x0e48  ================ Scan system memory ========================
16:25:40.0092 0x0e48  System memory - ok
16:25:40.0092 0x0e48  ================ Scan services =============================
16:25:40.0132 0x0e48  [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
16:25:40.0132 0x0e48  !SASCORE - ok
16:25:40.0282 0x0e48  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
16:25:40.0292 0x0e48  1394ohci - ok
16:25:40.0312 0x0e48  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
16:25:40.0322 0x0e48  ACPI - ok
16:25:40.0332 0x0e48  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
16:25:40.0332 0x0e48  AcpiPmi - ok
16:25:40.0362 0x0e48  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:25:40.0372 0x0e48  AdobeARMservice - ok
16:25:40.0472 0x0e48  [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:25:40.0572 0x0e48  AdobeFlashPlayerUpdateSvc - ok
16:25:40.0612 0x0e48  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
16:25:40.0622 0x0e48  adp94xx - ok
16:25:40.0642 0x0e48  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
16:25:40.0652 0x0e48  adpahci - ok
16:25:40.0672 0x0e48  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
16:25:40.0672 0x0e48  adpu320 - ok
16:25:40.0702 0x0e48  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
16:25:40.0702 0x0e48  AeLookupSvc - ok
16:25:40.0742 0x0e48  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
16:25:40.0752 0x0e48  AFD - ok
16:25:40.0772 0x0e48  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
16:25:40.0772 0x0e48  agp440 - ok
16:25:40.0792 0x0e48  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
16:25:40.0792 0x0e48  ALG - ok
16:25:40.0812 0x0e48  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
16:25:40.0812 0x0e48  aliide - ok
16:25:40.0822 0x0e48  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
16:25:40.0822 0x0e48  amdide - ok
16:25:40.0832 0x0e48  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
16:25:40.0832 0x0e48  AmdK8 - ok
16:25:40.0842 0x0e48  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
16:25:40.0842 0x0e48  AmdPPM - ok
16:25:40.0862 0x0e48  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
16:25:40.0862 0x0e48  amdsata - ok
16:25:40.0872 0x0e48  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
16:25:40.0882 0x0e48  amdsbs - ok
16:25:40.0892 0x0e48  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
16:25:40.0892 0x0e48  amdxata - ok
16:25:40.0902 0x0e48  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
16:25:40.0902 0x0e48  AppID - ok
16:25:40.0922 0x0e48  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
16:25:40.0922 0x0e48  AppIDSvc - ok
16:25:40.0942 0x0e48  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
16:25:40.0942 0x0e48  Appinfo - ok
16:25:40.0952 0x0e48  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
16:25:40.0962 0x0e48  arc - ok
16:25:40.0972 0x0e48  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
16:25:40.0972 0x0e48  arcsas - ok
16:25:41.0032 0x0e48  [ 108FB6DDB69E537A2EA53F425363FAE5 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:25:41.0042 0x0e48  aspnet_state - ok
16:25:41.0062 0x0e48  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
16:25:41.0062 0x0e48  AsyncMac - ok
16:25:41.0082 0x0e48  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
16:25:41.0082 0x0e48  atapi - ok
16:25:41.0102 0x0e48  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:25:41.0122 0x0e48  AudioEndpointBuilder - ok
16:25:41.0142 0x0e48  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
16:25:41.0142 0x0e48  AudioSrv - ok
16:25:41.0162 0x0e48  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
16:25:41.0172 0x0e48  AxInstSV - ok
16:25:41.0202 0x0e48  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
16:25:41.0212 0x0e48  b06bdrv - ok
16:25:41.0242 0x0e48  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
16:25:41.0242 0x0e48  b57nd60a - ok
16:25:41.0272 0x0e48  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
16:25:41.0272 0x0e48  BDESVC - ok
16:25:41.0282 0x0e48  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
16:25:41.0282 0x0e48  Beep - ok
16:25:41.0322 0x0e48  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
16:25:41.0342 0x0e48  BFE - ok
16:25:41.0372 0x0e48  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
16:25:41.0392 0x0e48  BITS - ok
16:25:41.0412 0x0e48  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
16:25:41.0412 0x0e48  blbdrive - ok
16:25:41.0422 0x0e48  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
16:25:41.0422 0x0e48  bowser - ok
16:25:41.0432 0x0e48  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
16:25:41.0432 0x0e48  BrFiltLo - ok
16:25:41.0442 0x0e48  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
16:25:41.0442 0x0e48  BrFiltUp - ok
16:25:41.0462 0x0e48  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
16:25:41.0462 0x0e48  Browser - ok
16:25:41.0472 0x0e48  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
16:25:41.0482 0x0e48  Brserid - ok
16:25:41.0492 0x0e48  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
16:25:41.0492 0x0e48  BrSerWdm - ok
16:25:41.0502 0x0e48  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
16:25:41.0502 0x0e48  BrUsbMdm - ok
16:25:41.0512 0x0e48  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
16:25:41.0522 0x0e48  BrUsbSer - ok
16:25:41.0532 0x0e48  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
16:25:41.0532 0x0e48  BTHMODEM - ok
16:25:41.0552 0x0e48  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
16:25:41.0562 0x0e48  bthserv - ok
16:25:41.0582 0x0e48  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
16:25:41.0582 0x0e48  cdfs - ok
16:25:41.0612 0x0e48  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
16:25:41.0632 0x0e48  cdrom - ok
16:25:41.0652 0x0e48  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
16:25:41.0652 0x0e48  CertPropSvc - ok
16:25:41.0672 0x0e48  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
16:25:41.0672 0x0e48  circlass - ok
16:25:41.0682 0x0e48  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
16:25:41.0692 0x0e48  CLFS - ok
16:25:41.0732 0x0e48  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:25:41.0742 0x0e48  clr_optimization_v2.0.50727_32 - ok
16:25:41.0752 0x0e48  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:25:41.0762 0x0e48  clr_optimization_v2.0.50727_64 - ok
16:25:41.0802 0x0e48  [ 6D7C8A951AF6AD6835C029B3CB88D333 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:25:41.0832 0x0e48  clr_optimization_v4.0.30319_32 - ok
16:25:41.0852 0x0e48  [ 86329C35FF23CFEF0FB6C0023BA06BCE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:25:41.0852 0x0e48  clr_optimization_v4.0.30319_64 - ok
16:25:41.0872 0x0e48  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
16:25:41.0872 0x0e48  CmBatt - ok
16:25:41.0872 0x0e48  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
16:25:41.0882 0x0e48  cmdide - ok
16:25:41.0912 0x0e48  [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG             C:\Windows\system32\Drivers\cng.sys
16:25:41.0932 0x0e48  CNG - ok
16:25:41.0932 0x0e48  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
16:25:41.0932 0x0e48  Compbatt - ok
16:25:41.0952 0x0e48  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
16:25:41.0952 0x0e48  CompositeBus - ok
16:25:41.0962 0x0e48  COMSysApp - ok
16:25:41.0972 0x0e48  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
16:25:41.0972 0x0e48  crcdisk - ok
16:25:42.0012 0x0e48  [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc        C:\Windows\system32\cryptsvc.dll
16:25:42.0012 0x0e48  CryptSvc - ok
16:25:42.0042 0x0e48  [ C6E1C081C0849E08FECEC18DF73B10C4 ] dc3d            C:\Windows\system32\DRIVERS\dc3d.sys
16:25:42.0042 0x0e48  dc3d - ok
16:25:42.0072 0x0e48  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
16:25:42.0082 0x0e48  DcomLaunch - ok
16:25:42.0122 0x0e48  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
16:25:42.0122 0x0e48  defragsvc - ok
16:25:42.0152 0x0e48  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
16:25:42.0152 0x0e48  DfsC - ok
16:25:42.0172 0x0e48  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
16:25:42.0182 0x0e48  Dhcp - ok
16:25:42.0202 0x0e48  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
16:25:42.0202 0x0e48  discache - ok
16:25:42.0222 0x0e48  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
16:25:42.0222 0x0e48  Disk - ok
16:25:42.0232 0x0e48  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
16:25:42.0242 0x0e48  Dnscache - ok
16:25:42.0262 0x0e48  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
16:25:42.0272 0x0e48  dot3svc - ok
16:25:42.0302 0x0e48  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
16:25:42.0302 0x0e48  DPS - ok
16:25:42.0332 0x0e48  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
16:25:42.0332 0x0e48  drmkaud - ok
16:25:42.0372 0x0e48  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
16:25:42.0392 0x0e48  DXGKrnl - ok
16:25:42.0432 0x0e48  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
16:25:42.0432 0x0e48  EapHost - ok
16:25:42.0502 0x0e48  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
16:25:42.0562 0x0e48  ebdrv - ok
16:25:42.0582 0x0e48  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
16:25:42.0592 0x0e48  EFS - ok
16:25:42.0642 0x0e48  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
16:25:42.0662 0x0e48  ehRecvr - ok
16:25:42.0682 0x0e48  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
16:25:42.0692 0x0e48  ehSched - ok
16:25:42.0712 0x0e48  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
16:25:42.0732 0x0e48  elxstor - ok
16:25:42.0742 0x0e48  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
16:25:42.0742 0x0e48  ErrDev - ok
16:25:42.0762 0x0e48  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
16:25:42.0772 0x0e48  EventSystem - ok
16:25:42.0782 0x0e48  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
16:25:42.0782 0x0e48  exfat - ok
16:25:42.0802 0x0e48  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
16:25:42.0802 0x0e48  fastfat - ok
16:25:42.0832 0x0e48  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
16:25:42.0852 0x0e48  Fax - ok
16:25:42.0872 0x0e48  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
16:25:42.0872 0x0e48  fdc - ok
16:25:42.0882 0x0e48  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
16:25:42.0882 0x0e48  fdPHost - ok
16:25:42.0892 0x0e48  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
16:25:42.0892 0x0e48  FDResPub - ok
16:25:42.0902 0x0e48  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
16:25:42.0902 0x0e48  FileInfo - ok
16:25:42.0912 0x0e48  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
16:25:42.0922 0x0e48  Filetrace - ok
16:25:42.0922 0x0e48  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
16:25:42.0932 0x0e48  flpydisk - ok
16:25:42.0942 0x0e48  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
16:25:42.0952 0x0e48  FltMgr - ok
16:25:42.0992 0x0e48  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
16:25:43.0022 0x0e48  FontCache - ok
16:25:43.0052 0x0e48  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:25:43.0052 0x0e48  FontCache3.0.0.0 - ok
16:25:43.0062 0x0e48  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
16:25:43.0072 0x0e48  FsDepends - ok
16:25:43.0082 0x0e48  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
16:25:43.0082 0x0e48  Fs_Rec - ok
16:25:43.0102 0x0e48  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
16:25:43.0102 0x0e48  fvevol - ok
16:25:43.0122 0x0e48  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
16:25:43.0122 0x0e48  gagp30kx - ok
16:25:43.0142 0x0e48  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
16:25:43.0162 0x0e48  gpsvc - ok
16:25:43.0202 0x0e48  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:25:43.0202 0x0e48  gupdate - ok
16:25:43.0212 0x0e48  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:25:43.0212 0x0e48  gupdatem - ok
16:25:43.0222 0x0e48  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
16:25:43.0232 0x0e48  hcw85cir - ok
16:25:43.0252 0x0e48  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:25:43.0262 0x0e48  HdAudAddService - ok
16:25:43.0282 0x0e48  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
16:25:43.0282 0x0e48  HDAudBus - ok
16:25:43.0282 0x0e48  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
16:25:43.0292 0x0e48  HidBatt - ok
16:25:43.0302 0x0e48  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
16:25:43.0312 0x0e48  HidBth - ok
16:25:43.0322 0x0e48  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
16:25:43.0322 0x0e48  HidIr - ok
16:25:43.0332 0x0e48  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
16:25:43.0332 0x0e48  hidserv - ok
16:25:43.0352 0x0e48  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
16:25:43.0352 0x0e48  HidUsb - ok
16:25:43.0372 0x0e48  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
16:25:43.0372 0x0e48  hkmsvc - ok
16:25:43.0392 0x0e48  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:25:43.0402 0x0e48  HomeGroupListener - ok
16:25:43.0422 0x0e48  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:25:43.0432 0x0e48  HomeGroupProvider - ok
16:25:43.0452 0x0e48  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
16:25:43.0452 0x0e48  HpSAMD - ok
16:25:43.0482 0x0e48  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
16:25:43.0492 0x0e48  HTTP - ok
16:25:43.0512 0x0e48  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
16:25:43.0512 0x0e48  hwpolicy - ok
16:25:43.0522 0x0e48  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
16:25:43.0522 0x0e48  i8042prt - ok
16:25:43.0542 0x0e48  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
16:25:43.0562 0x0e48  iaStorV - ok
16:25:43.0602 0x0e48  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:25:43.0632 0x0e48  idsvc - ok
16:25:43.0642 0x0e48  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
16:25:43.0642 0x0e48  iirsp - ok
16:25:43.0672 0x0e48  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
16:25:43.0692 0x0e48  IKEEXT - ok
16:25:43.0762 0x0e48  [ 59B0BBA422F04467E8C89B7CE6AE95E1 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
16:25:43.0802 0x0e48  IntcAzAudAddService - ok
16:25:43.0812 0x0e48  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
16:25:43.0812 0x0e48  intelide - ok
16:25:43.0832 0x0e48  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
16:25:43.0832 0x0e48  intelppm - ok
16:25:43.0842 0x0e48  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
16:25:43.0852 0x0e48  IPBusEnum - ok
16:25:43.0862 0x0e48  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:25:43.0872 0x0e48  IpFilterDriver - ok
16:25:43.0892 0x0e48  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
16:25:43.0912 0x0e48  iphlpsvc - ok
16:25:43.0922 0x0e48  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
16:25:43.0932 0x0e48  IPMIDRV - ok
16:25:43.0932 0x0e48  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
16:25:43.0942 0x0e48  IPNAT - ok
16:25:43.0952 0x0e48  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
16:25:43.0952 0x0e48  IRENUM - ok
16:25:43.0962 0x0e48  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
16:25:43.0962 0x0e48  isapnp - ok
16:25:43.0982 0x0e48  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
16:25:43.0982 0x0e48  iScsiPrt - ok
16:25:44.0002 0x0e48  [ 7A4D015FF432645C55C162DADAEA143E ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
16:25:44.0002 0x0e48  iusb3hcs - ok
16:25:44.0012 0x0e48  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
16:25:44.0022 0x0e48  kbdclass - ok
16:25:44.0032 0x0e48  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
16:25:44.0032 0x0e48  kbdhid - ok
16:25:44.0042 0x0e48  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
16:25:44.0042 0x0e48  KeyIso - ok
16:25:44.0062 0x0e48  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
16:25:44.0062 0x0e48  KSecDD - ok
16:25:44.0092 0x0e48  [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
16:25:44.0092 0x0e48  KSecPkg - ok
16:25:44.0102 0x0e48  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
16:25:44.0112 0x0e48  ksthunk - ok
16:25:44.0152 0x0e48  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
16:25:44.0162 0x0e48  KtmRm - ok
16:25:44.0192 0x0e48  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
16:25:44.0192 0x0e48  LanmanServer - ok
16:25:44.0212 0x0e48  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:25:44.0212 0x0e48  LanmanWorkstation - ok
16:25:44.0232 0x0e48  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
16:25:44.0232 0x0e48  lltdio - ok
16:25:44.0252 0x0e48  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
16:25:44.0262 0x0e48  lltdsvc - ok
16:25:44.0272 0x0e48  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
16:25:44.0272 0x0e48  lmhosts - ok
16:25:44.0292 0x0e48  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
16:25:44.0302 0x0e48  LSI_FC - ok
16:25:44.0302 0x0e48  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
16:25:44.0312 0x0e48  LSI_SAS - ok
16:25:44.0322 0x0e48  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
16:25:44.0322 0x0e48  LSI_SAS2 - ok
16:25:44.0332 0x0e48  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
16:25:44.0332 0x0e48  LSI_SCSI - ok
16:25:44.0352 0x0e48  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
16:25:44.0362 0x0e48  luafv - ok
16:25:44.0392 0x0e48  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
16:25:44.0392 0x0e48  Mcx2Svc - ok
16:25:44.0402 0x0e48  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
16:25:44.0402 0x0e48  megasas - ok
16:25:44.0422 0x0e48  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
16:25:44.0422 0x0e48  MegaSR - ok
16:25:44.0442 0x0e48  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
16:25:44.0442 0x0e48  MMCSS - ok
16:25:44.0462 0x0e48  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
16:25:44.0462 0x0e48  Modem - ok
16:25:44.0472 0x0e48  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
16:25:44.0472 0x0e48  monitor - ok
16:25:44.0482 0x0e48  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
16:25:44.0482 0x0e48  mouclass - ok
16:25:44.0502 0x0e48  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
16:25:44.0502 0x0e48  mouhid - ok
16:25:44.0512 0x0e48  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
16:25:44.0512 0x0e48  mountmgr - ok
16:25:44.0532 0x0e48  [ 528A5C2570F468155A1B3CF0A2FF5EBD ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:25:44.0542 0x0e48  MozillaMaintenance - ok
16:25:44.0582 0x0e48  [ FC1D590039EF06A381768710E6C07E75 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
16:25:44.0592 0x0e48  MpFilter - ok
16:25:44.0602 0x0e48  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
16:25:44.0602 0x0e48  mpio - ok
16:25:44.0622 0x0e48  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
16:25:44.0622 0x0e48  mpsdrv - ok
16:25:44.0652 0x0e48  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
16:25:44.0672 0x0e48  MpsSvc - ok
16:25:44.0682 0x0e48  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
16:25:44.0682 0x0e48  MRxDAV - ok
16:25:44.0692 0x0e48  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
16:25:44.0692 0x0e48  mrxsmb - ok
16:25:44.0712 0x0e48  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:25:44.0712 0x0e48  mrxsmb10 - ok
16:25:44.0732 0x0e48  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:25:44.0732 0x0e48  mrxsmb20 - ok
16:25:44.0752 0x0e48  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
16:25:44.0752 0x0e48  msahci - ok
16:25:44.0762 0x0e48  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
16:25:44.0762 0x0e48  msdsm - ok
16:25:44.0782 0x0e48  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
16:25:44.0782 0x0e48  MSDTC - ok
16:25:44.0802 0x0e48  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
16:25:44.0802 0x0e48  Msfs - ok
16:25:44.0822 0x0e48  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
16:25:44.0822 0x0e48  mshidkmdf - ok
16:25:44.0842 0x0e48  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
16:25:44.0842 0x0e48  msisadrv - ok
16:25:44.0872 0x0e48  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
16:25:44.0872 0x0e48  MSiSCSI - ok
16:25:44.0882 0x0e48  msiserver - ok
16:25:44.0902 0x0e48  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
16:25:44.0902 0x0e48  MSKSSRV - ok
16:25:44.0952 0x0e48  [ 66238063B53E51ADDA16764BAB9A3F7C ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
16:25:44.0952 0x0e48  MsMpSvc - ok
16:25:44.0952 0x0e48  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
16:25:44.0962 0x0e48  MSPCLOCK - ok
16:25:44.0972 0x0e48  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
16:25:44.0972 0x0e48  MSPQM - ok
16:25:44.0992 0x0e48  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
16:25:45.0002 0x0e48  MsRPC - ok
16:25:45.0012 0x0e48  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
16:25:45.0012 0x0e48  mssmbios - ok
16:25:45.0022 0x0e48  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
16:25:45.0022 0x0e48  MSTEE - ok
16:25:45.0042 0x0e48  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
16:25:45.0042 0x0e48  MTConfig - ok
16:25:45.0052 0x0e48  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
16:25:45.0052 0x0e48  Mup - ok
16:25:45.0082 0x0e48  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
16:25:45.0102 0x0e48  napagent - ok
16:25:45.0122 0x0e48  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
16:25:45.0142 0x0e48  NativeWifiP - ok
16:25:45.0172 0x0e48  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
16:25:45.0202 0x0e48  NDIS - ok
16:25:45.0212 0x0e48  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
16:25:45.0222 0x0e48  NdisCap - ok
16:25:45.0232 0x0e48  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
16:25:45.0232 0x0e48  NdisTapi - ok
16:25:45.0242 0x0e48  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
16:25:45.0242 0x0e48  Ndisuio - ok
16:25:45.0262 0x0e48  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
16:25:45.0262 0x0e48  NdisWan - ok
16:25:45.0272 0x0e48  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
16:25:45.0282 0x0e48  NDProxy - ok
16:25:45.0292 0x0e48  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
16:25:45.0292 0x0e48  NetBIOS - ok
16:25:45.0312 0x0e48  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
16:25:45.0312 0x0e48  NetBT - ok
16:25:45.0332 0x0e48  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
16:25:45.0332 0x0e48  Netlogon - ok
16:25:45.0352 0x0e48  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
16:25:45.0362 0x0e48  Netman - ok
16:25:45.0392 0x0e48  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:25:45.0402 0x0e48  NetMsmqActivator - ok
16:25:45.0412 0x0e48  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:25:45.0412 0x0e48  NetPipeActivator - ok
16:25:45.0432 0x0e48  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
16:25:45.0452 0x0e48  netprofm - ok
16:25:45.0452 0x0e48  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:25:45.0452 0x0e48  NetTcpActivator - ok
16:25:45.0462 0x0e48  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:25:45.0462 0x0e48  NetTcpPortSharing - ok
16:25:45.0482 0x0e48  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
16:25:45.0482 0x0e48  nfrd960 - ok
16:25:45.0522 0x0e48  [ 8FB3C853E886E1E4D57271672486111C ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
16:25:45.0522 0x0e48  NisDrv - ok
16:25:45.0542 0x0e48  [ 869A808253726EA11939EC4FE76346A4 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
16:25:45.0542 0x0e48  NisSrv - ok
16:25:45.0562 0x0e48  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
16:25:45.0572 0x0e48  NlaSvc - ok
16:25:45.0582 0x0e48  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
16:25:45.0582 0x0e48  Npfs - ok
16:25:45.0592 0x0e48  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
16:25:45.0592 0x0e48  nsi - ok
16:25:45.0602 0x0e48  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
16:25:45.0602 0x0e48  nsiproxy - ok
16:25:45.0652 0x0e48  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
16:25:45.0692 0x0e48  Ntfs - ok
16:25:45.0702 0x0e48  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
16:25:45.0712 0x0e48  Null - ok
16:25:45.0742 0x0e48  [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD        C:\Windows\system32\DRIVERS\nvm62x64.sys
16:25:45.0752 0x0e48  NVENETFD - ok
16:25:46.0012 0x0e48  [ 8E6247F418B4C8AE9EEB0B532CABCC21 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:25:46.0242 0x0e48  nvlddmkm - ok
16:25:46.0292 0x0e48  [ 909EEDCBD365BB81027D8E742E6B3416 ] NVNET           C:\Windows\system32\DRIVERS\nvmf6264.sys
16:25:46.0292 0x0e48  NVNET - ok
16:25:46.0322 0x0e48  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
16:25:46.0322 0x0e48  nvraid - ok
16:25:46.0332 0x0e48  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
16:25:46.0332 0x0e48  nvstor - ok
16:25:46.0372 0x0e48  [ 4D9ABA962D7ECE81866F96D5F69FB2B8 ] nvstor64        C:\Windows\system32\DRIVERS\nvstor64.sys
16:25:46.0372 0x0e48  nvstor64 - ok
16:25:46.0412 0x0e48  [ 41B97DCE2B2D113B831EB197F02A7398 ] nvsvc           C:\Windows\system32\nvvsvc.exe
16:25:46.0432 0x0e48  nvsvc - ok
16:25:46.0482 0x0e48  [ A3A25E0509F67473B960DAF214828BE3 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
16:25:46.0502 0x0e48  nvUpdatusService - ok
16:25:46.0512 0x0e48  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
16:25:46.0522 0x0e48  nv_agp - ok
16:25:46.0532 0x0e48  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
16:25:46.0532 0x0e48  ohci1394 - ok
16:25:46.0572 0x0e48  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:25:46.0572 0x0e48  ose - ok
16:25:46.0692 0x0e48  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:25:46.0782 0x0e48  osppsvc - ok
16:25:46.0822 0x0e48  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
16:25:46.0822 0x0e48  p2pimsvc - ok
16:25:46.0852 0x0e48  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
16:25:46.0862 0x0e48  p2psvc - ok
16:25:46.0872 0x0e48  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
16:25:46.0872 0x0e48  Parport - ok
16:25:46.0882 0x0e48  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
16:25:46.0892 0x0e48  partmgr - ok
16:25:46.0902 0x0e48  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
16:25:46.0902 0x0e48  PcaSvc - ok
16:25:46.0922 0x0e48  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
16:25:46.0922 0x0e48  pci - ok
16:25:46.0932 0x0e48  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
16:25:46.0942 0x0e48  pciide - ok
16:25:46.0952 0x0e48  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
16:25:46.0952 0x0e48  pcmcia - ok
16:25:46.0972 0x0e48  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
16:25:46.0972 0x0e48  pcw - ok
16:25:46.0992 0x0e48  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
16:25:47.0012 0x0e48  PEAUTH - ok
16:25:47.0062 0x0e48  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
16:25:47.0062 0x0e48  PerfHost - ok
16:25:47.0112 0x0e48  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
16:25:47.0142 0x0e48  pla - ok
16:25:47.0172 0x0e48  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
16:25:47.0182 0x0e48  PlugPlay - ok
16:25:47.0192 0x0e48  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
16:25:47.0202 0x0e48  PNRPAutoReg - ok
16:25:47.0222 0x0e48  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
16:25:47.0222 0x0e48  PNRPsvc - ok
16:25:47.0252 0x0e48  [ 520D48ECB54A33821C95EE496A4235AF ] Point64         C:\Windows\system32\DRIVERS\point64.sys
16:25:47.0252 0x0e48  Point64 - ok
16:25:47.0292 0x0e48  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
16:25:47.0302 0x0e48  PolicyAgent - ok
16:25:47.0322 0x0e48  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
16:25:47.0322 0x0e48  Power - ok
16:25:47.0342 0x0e48  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
16:25:47.0352 0x0e48  PptpMiniport - ok
16:25:47.0362 0x0e48  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
16:25:47.0372 0x0e48  Processor - ok
16:25:47.0382 0x0e48  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
16:25:47.0392 0x0e48  ProfSvc - ok
16:25:47.0402 0x0e48  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:25:47.0402 0x0e48  ProtectedStorage - ok
16:25:47.0432 0x0e48  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
16:25:47.0432 0x0e48  Psched - ok
16:25:47.0462 0x0e48  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
16:25:47.0502 0x0e48  ql2300 - ok
16:25:47.0512 0x0e48  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
16:25:47.0512 0x0e48  ql40xx - ok
16:25:47.0522 0x0e48  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
16:25:47.0532 0x0e48  QWAVE - ok
16:25:47.0542 0x0e48  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
16:25:47.0552 0x0e48  QWAVEdrv - ok
16:25:47.0562 0x0e48  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
16:25:47.0562 0x0e48  RasAcd - ok
16:25:47.0572 0x0e48  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
16:25:47.0582 0x0e48  RasAgileVpn - ok
16:25:47.0592 0x0e48  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
16:25:47.0602 0x0e48  RasAuto - ok
16:25:47.0622 0x0e48  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
16:25:47.0622 0x0e48  Rasl2tp - ok
16:25:47.0642 0x0e48  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
16:25:47.0652 0x0e48  RasMan - ok
16:25:47.0662 0x0e48  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
16:25:47.0662 0x0e48  RasPppoe - ok
16:25:47.0682 0x0e48  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
16:25:47.0682 0x0e48  RasSstp - ok
16:25:47.0702 0x0e48  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
16:25:47.0702 0x0e48  rdbss - ok
16:25:47.0712 0x0e48  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
16:25:47.0712 0x0e48  rdpbus - ok
16:25:47.0722 0x0e48  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
16:25:47.0722 0x0e48  RDPCDD - ok
16:25:47.0732 0x0e48  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
16:25:47.0732 0x0e48  RDPENCDD - ok
16:25:47.0742 0x0e48  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
16:25:47.0752 0x0e48  RDPREFMP - ok
16:25:47.0792 0x0e48  [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
16:25:47.0792 0x0e48  RdpVideoMiniport - ok
16:25:47.0802 0x0e48  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
16:25:47.0812 0x0e48  RDPWD - ok
16:25:47.0822 0x0e48  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
16:25:47.0832 0x0e48  rdyboost - ok
16:25:47.0852 0x0e48  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
16:25:47.0852 0x0e48  RemoteAccess - ok
16:25:47.0872 0x0e48  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
16:25:47.0882 0x0e48  RemoteRegistry - ok
16:25:47.0892 0x0e48  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
16:25:47.0892 0x0e48  RpcEptMapper - ok
16:25:47.0922 0x0e48  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
16:25:47.0922 0x0e48  RpcLocator - ok
16:25:47.0942 0x0e48  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
16:25:47.0952 0x0e48  RpcSs - ok
16:25:47.0962 0x0e48  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
16:25:47.0962 0x0e48  rspndr - ok
16:25:48.0002 0x0e48  [ A4F7F9BB5576BF1D3A57F785C5DBEDB7 ] RTL8192cu       C:\Windows\system32\DRIVERS\RTL8192cu.sys
16:25:48.0022 0x0e48  RTL8192cu - ok
16:25:48.0032 0x0e48  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
16:25:48.0032 0x0e48  SamSs - ok
16:25:48.0062 0x0e48  [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
16:25:48.0062 0x0e48  SASDIFSV - ok
16:25:48.0072 0x0e48  [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
16:25:48.0072 0x0e48  SASKUTIL - ok
16:25:48.0072 0x0e48  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
16:25:48.0082 0x0e48  sbp2port - ok
16:25:48.0102 0x0e48  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
16:25:48.0102 0x0e48  SCardSvr - ok
16:25:48.0132 0x0e48  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
16:25:48.0132 0x0e48  scfilter - ok
16:25:48.0162 0x0e48  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
16:25:48.0192 0x0e48  Schedule - ok
16:25:48.0212 0x0e48  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
16:25:48.0212 0x0e48  SCPolicySvc - ok
16:25:48.0222 0x0e48  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
16:25:48.0232 0x0e48  SDRSVC - ok
16:25:48.0252 0x0e48  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
16:25:48.0262 0x0e48  secdrv - ok
16:25:48.0272 0x0e48  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
16:25:48.0272 0x0e48  seclogon - ok
16:25:48.0282 0x0e48  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
16:25:48.0282 0x0e48  SENS - ok
16:25:48.0312 0x0e48  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
16:25:48.0312 0x0e48  SensrSvc - ok
16:25:48.0322 0x0e48  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\drivers\serenum.sys
16:25:48.0332 0x0e48  Serenum - ok
16:25:48.0342 0x0e48  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\drivers\serial.sys
16:25:48.0342 0x0e48  Serial - ok
16:25:48.0352 0x0e48  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
16:25:48.0352 0x0e48  sermouse - ok
16:25:48.0382 0x0e48  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
16:25:48.0382 0x0e48  SessionEnv - ok
16:25:48.0392 0x0e48  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
16:25:48.0402 0x0e48  sffdisk - ok
16:25:48.0402 0x0e48  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
16:25:48.0412 0x0e48  sffp_mmc - ok
16:25:48.0422 0x0e48  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
16:25:48.0422 0x0e48  sffp_sd - ok
16:25:48.0422 0x0e48  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
16:25:48.0422 0x0e48  sfloppy - ok
16:25:48.0452 0x0e48  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
16:25:48.0452 0x0e48  SharedAccess - ok
16:25:48.0482 0x0e48  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:25:48.0492 0x0e48  ShellHWDetection - ok
16:25:48.0502 0x0e48  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
16:25:48.0512 0x0e48  SiSRaid2 - ok
16:25:48.0522 0x0e48  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
16:25:48.0522 0x0e48  SiSRaid4 - ok
16:25:48.0532 0x0e48  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
16:25:48.0542 0x0e48  Smb - ok
16:25:48.0552 0x0e48  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
16:25:48.0562 0x0e48  SNMPTRAP - ok
16:25:48.0572 0x0e48  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
16:25:48.0572 0x0e48  spldr - ok
16:25:48.0602 0x0e48  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
16:25:48.0622 0x0e48  Spooler - ok
16:25:48.0702 0x0e48  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
16:25:48.0772 0x0e48  sppsvc - ok
16:25:48.0782 0x0e48  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
16:25:48.0782 0x0e48  sppuinotify - ok
16:25:48.0802 0x0e48  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
16:25:48.0822 0x0e48  srv - ok
16:25:48.0842 0x0e48  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
16:25:48.0852 0x0e48  srv2 - ok
16:25:48.0872 0x0e48  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
16:25:48.0872 0x0e48  srvnet - ok
16:25:48.0902 0x0e48  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
16:25:48.0902 0x0e48  SSDPSRV - ok
16:25:48.0912 0x0e48  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
16:25:48.0922 0x0e48  SstpSvc - ok
16:25:48.0922 0x0e48  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
16:25:48.0922 0x0e48  stexstor - ok
16:25:48.0962 0x0e48  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
16:25:48.0982 0x0e48  stisvc - ok
16:25:48.0992 0x0e48  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
16:25:49.0002 0x0e48  swenum - ok
16:25:49.0022 0x0e48  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
16:25:49.0032 0x0e48  swprv - ok
16:25:49.0072 0x0e48  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
16:25:49.0102 0x0e48  SysMain - ok
16:25:49.0132 0x0e48  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:25:49.0132 0x0e48  TabletInputService - ok
16:25:49.0152 0x0e48  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
16:25:49.0162 0x0e48  TapiSrv - ok
16:25:49.0172 0x0e48  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
16:25:49.0172 0x0e48  TBS - ok
16:25:49.0232 0x0e48  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
16:25:49.0272 0x0e48  Tcpip - ok
16:25:49.0322 0x0e48  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
16:25:49.0332 0x0e48  TCPIP6 - ok
16:25:49.0352 0x0e48  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
16:25:49.0352 0x0e48  tcpipreg - ok
16:25:49.0372 0x0e48  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
16:25:49.0372 0x0e48  TDPIPE - ok
16:25:49.0382 0x0e48  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
16:25:49.0382 0x0e48  TDTCP - ok
16:25:49.0392 0x0e48  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
16:25:49.0402 0x0e48  tdx - ok
16:25:49.0412 0x0e48  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
16:25:49.0412 0x0e48  TermDD - ok
16:25:49.0432 0x0e48  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
16:25:49.0452 0x0e48  TermService - ok
16:25:49.0462 0x0e48  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
16:25:49.0472 0x0e48  Themes - ok
16:25:49.0472 0x0e48  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
16:25:49.0472 0x0e48  THREADORDER - ok
16:25:49.0492 0x0e48  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
16:25:49.0502 0x0e48  TrkWks - ok
16:25:49.0532 0x0e48  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:25:49.0532 0x0e48  TrustedInstaller - ok
16:25:49.0552 0x0e48  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
16:25:49.0552 0x0e48  tssecsrv - ok
16:25:49.0572 0x0e48  [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
16:25:49.0572 0x0e48  TsUsbFlt - ok
16:25:49.0602 0x0e48  [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
16:25:49.0602 0x0e48  TsUsbGD - ok
16:25:49.0622 0x0e48  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
16:25:49.0632 0x0e48  tunnel - ok
16:25:49.0642 0x0e48  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
16:25:49.0642 0x0e48  uagp35 - ok
16:25:49.0652 0x0e48  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
16:25:49.0662 0x0e48  udfs - ok
16:25:49.0672 0x0e48  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
16:25:49.0682 0x0e48  UI0Detect - ok
16:25:49.0692 0x0e48  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
16:25:49.0692 0x0e48  uliagpkx - ok
16:25:49.0712 0x0e48  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
16:25:49.0712 0x0e48  umbus - ok
16:25:49.0732 0x0e48  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
16:25:49.0732 0x0e48  UmPass - ok
16:25:49.0752 0x0e48  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
16:25:49.0762 0x0e48  upnphost - ok
16:25:49.0772 0x0e48  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
16:25:49.0802 0x0e48  usbccgp - ok
16:25:49.0812 0x0e48  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
16:25:49.0822 0x0e48  usbcir - ok
16:25:49.0832 0x0e48  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
16:25:49.0832 0x0e48  usbehci - ok
16:25:49.0842 0x0e48  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
16:25:49.0852 0x0e48  usbhub - ok
16:25:49.0862 0x0e48  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
16:25:49.0862 0x0e48  usbohci - ok
16:25:49.0872 0x0e48  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\drivers\usbprint.sys
16:25:49.0872 0x0e48  usbprint - ok
16:25:49.0882 0x0e48  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:25:49.0902 0x0e48  USBSTOR - ok
16:25:49.0912 0x0e48  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
16:25:49.0912 0x0e48  usbuhci - ok
16:25:49.0932 0x0e48  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
16:25:49.0932 0x0e48  UxSms - ok
16:25:49.0942 0x0e48  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
16:25:49.0942 0x0e48  VaultSvc - ok
16:25:49.0962 0x0e48  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
16:25:49.0962 0x0e48  vdrvroot - ok
16:25:49.0982 0x0e48  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
16:25:50.0002 0x0e48  vds - ok
16:25:50.0012 0x0e48  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
16:25:50.0012 0x0e48  vga - ok
16:25:50.0022 0x0e48  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
16:25:50.0022 0x0e48  VgaSave - ok
16:25:50.0042 0x0e48  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
16:25:50.0042 0x0e48  vhdmp - ok
16:25:50.0052 0x0e48  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
16:25:50.0062 0x0e48  viaide - ok
16:25:50.0072 0x0e48  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
16:25:50.0082 0x0e48  volmgr - ok
16:25:50.0092 0x0e48  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
16:25:50.0102 0x0e48  volmgrx - ok
16:25:50.0142 0x0e48  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
16:25:50.0142 0x0e48  volsnap - ok
16:25:50.0162 0x0e48  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
16:25:50.0172 0x0e48  vsmraid - ok
16:25:50.0222 0x0e48  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
16:25:50.0252 0x0e48  VSS - ok
16:25:50.0272 0x0e48  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
16:25:50.0272 0x0e48  vwifibus - ok
16:25:50.0307 0x0e48  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
16:25:50.0310 0x0e48  vwififlt - ok
16:25:50.0334 0x0e48  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
16:25:50.0344 0x0e48  W32Time - ok
16:25:50.0354 0x0e48  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
16:25:50.0354 0x0e48  WacomPen - ok
16:25:50.0384 0x0e48  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
16:25:50.0384 0x0e48  WANARP - ok
16:25:50.0394 0x0e48  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
16:25:50.0394 0x0e48  Wanarpv6 - ok
16:25:50.0434 0x0e48  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
16:25:50.0454 0x0e48  WatAdminSvc - ok
16:25:50.0494 0x0e48  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
16:25:50.0534 0x0e48  wbengine - ok
16:25:50.0554 0x0e48  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
16:25:50.0554 0x0e48  WbioSrvc - ok
16:25:50.0574 0x0e48  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
16:25:50.0594 0x0e48  wcncsvc - ok
16:25:50.0604 0x0e48  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:25:50.0604 0x0e48  WcsPlugInService - ok
16:25:50.0614 0x0e48  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
16:25:50.0614 0x0e48  Wd - ok
16:25:50.0674 0x0e48  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
16:25:50.0694 0x0e48  Wdf01000 - ok
16:25:50.0714 0x0e48  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
16:25:50.0714 0x0e48  WdiServiceHost - ok
16:25:50.0724 0x0e48  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
16:25:50.0724 0x0e48  WdiSystemHost - ok
16:25:50.0744 0x0e48  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
16:25:50.0744 0x0e48  WebClient - ok
16:25:50.0754 0x0e48  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
16:25:50.0764 0x0e48  Wecsvc - ok
16:25:50.0774 0x0e48  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
16:25:50.0774 0x0e48  wercplsupport - ok
16:25:50.0794 0x0e48  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
16:25:50.0804 0x0e48  WerSvc - ok
16:25:50.0824 0x0e48  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
16:25:50.0824 0x0e48  WfpLwf - ok
16:25:50.0824 0x0e48  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
16:25:50.0834 0x0e48  WIMMount - ok
16:25:50.0854 0x0e48  WinDefend - ok
16:25:50.0864 0x0e48  WinHttpAutoProxySvc - ok
16:25:50.0924 0x0e48  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
16:25:50.0934 0x0e48  Winmgmt - ok
16:25:50.0994 0x0e48  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
16:25:51.0054 0x0e48  WinRM - ok
16:25:51.0094 0x0e48  [ FE88B288356E7B47B74B13372ADD906D ] WinUSB          C:\Windows\system32\DRIVERS\WinUSB.sys
16:25:51.0104 0x0e48  WinUSB - ok
16:25:51.0134 0x0e48  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
16:25:51.0154 0x0e48  Wlansvc - ok
16:25:51.0174 0x0e48  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
16:25:51.0174 0x0e48  WmiAcpi - ok
16:25:51.0194 0x0e48  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
16:25:51.0194 0x0e48  wmiApSrv - ok
16:25:51.0214 0x0e48  WMPNetworkSvc - ok
16:25:51.0224 0x0e48  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
16:25:51.0234 0x0e48  WPCSvc - ok
16:25:51.0244 0x0e48  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
16:25:51.0254 0x0e48  WPDBusEnum - ok
16:25:51.0264 0x0e48  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
16:25:51.0264 0x0e48  ws2ifsl - ok
16:25:51.0284 0x0e48  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
16:25:51.0284 0x0e48  wscsvc - ok
16:25:51.0294 0x0e48  WSearch - ok
16:25:51.0374 0x0e48  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
16:25:51.0434 0x0e48  wuauserv - ok
16:25:51.0454 0x0e48  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
16:25:51.0464 0x0e48  WudfPf - ok
16:25:51.0484 0x0e48  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
16:25:51.0484 0x0e48  WUDFRd - ok
16:25:51.0514 0x0e48  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
16:25:51.0514 0x0e48  wudfsvc - ok
16:25:51.0544 0x0e48  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
16:25:51.0544 0x0e48  WwanSvc - ok
16:25:51.0554 0x0e48  ================ Scan global ===============================
16:25:51.0584 0x0e48  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
16:25:51.0604 0x0e48  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
16:25:51.0624 0x0e48  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
16:25:51.0634 0x0e48  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
16:25:51.0664 0x0e48  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
16:25:51.0664 0x0e48  [Global] - ok
16:25:51.0664 0x0e48  ================ Scan MBR ==================================
16:25:51.0674 0x0e48  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:25:52.0286 0x0e48  \Device\Harddisk0\DR0 - ok
16:25:52.0286 0x0e48  ================ Scan VBR ==================================
16:25:52.0296 0x0e48  [ 1BE8A36ABCF10B383F81F3E4F5CD9EBC ] \Device\Harddisk0\DR0\Partition1
16:25:52.0296 0x0e48  \Device\Harddisk0\DR0\Partition1 - ok
16:25:52.0306 0x0e48  [ AF18E0ED3E0864AAB4DF12FABB7EED66 ] \Device\Harddisk0\DR0\Partition2
16:25:52.0306 0x0e48  \Device\Harddisk0\DR0\Partition2 - ok
16:25:52.0306 0x0e48  ============================================================
16:25:52.0306 0x0e48  Scan finished
16:25:52.0306 0x0e48  ============================================================
16:25:52.0326 0x0da8  Detected object count: 0
16:25:52.0326 0x0da8  Actual detected object count: 0
16:26:32.0636 0x06a8  Deinitialize success
 

ADW CLEANER (There was not a "Search" option, just "scan". I scanned it then it wouldn't print a report without "cleaning".  So below is the report when it was done)

 

16:25:18.0296 0x060c  TDSS rootkit removing tool 2.9.2.0 Aug 15 2013 16:44:29
16:25:19.0286 0x060c  ============================================================
16:25:19.0286 0x060c  Current date / time: 2013/08/24 16:25:19.0286
16:25:19.0286 0x060c  SystemInfo:
16:25:19.0286 0x060c  
16:25:19.0286 0x060c  OS Version: 6.1.7601 ServicePack: 1.0
16:25:19.0286 0x060c  Product type: Workstation
16:25:19.0286 0x060c  ComputerName: BEA-PC
16:25:19.0286 0x060c  UserName: Bea
16:25:19.0286 0x060c  Windows directory: C:\Windows
16:25:19.0286 0x060c  System windows directory: C:\Windows
16:25:19.0286 0x060c  Running under WOW64
16:25:19.0286 0x060c  Processor architecture: Intel x64
16:25:19.0286 0x060c  Number of processors: 2
16:25:19.0286 0x060c  Page size: 0x1000
16:25:19.0286 0x060c  Boot type: Normal boot
16:25:19.0286 0x060c  ============================================================
16:25:21.0298 0x060c  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xFC59, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
16:25:21.0408 0x060c  ============================================================
16:25:21.0408 0x060c  \Device\Harddisk0\DR0:
16:25:21.0408 0x060c  MBR partitions:
16:25:21.0408 0x060c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
16:25:21.0408 0x060c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
16:25:21.0408 0x060c  ============================================================
16:25:21.0438 0x060c  C: <-> \Device\Harddisk0\DR0\Partition2
16:25:21.0438 0x060c  ============================================================
16:25:21.0438 0x060c  Initialize success
16:25:21.0438 0x060c  ============================================================
16:25:39.0392 0x0e48  ============================================================
16:25:39.0392 0x0e48  Scan started
16:25:39.0392 0x0e48  Mode: Manual;
16:25:39.0392 0x0e48  ============================================================
16:25:40.0092 0x0e48  ================ Scan system memory ========================
16:25:40.0092 0x0e48  System memory - ok
16:25:40.0092 0x0e48  ================ Scan services =============================
16:25:40.0132 0x0e48  [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
16:25:40.0132 0x0e48  !SASCORE - ok
16:25:40.0282 0x0e48  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
16:25:40.0292 0x0e48  1394ohci - ok
16:25:40.0312 0x0e48  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
16:25:40.0322 0x0e48  ACPI - ok
16:25:40.0332 0x0e48  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
16:25:40.0332 0x0e48  AcpiPmi - ok
16:25:40.0362 0x0e48  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:25:40.0372 0x0e48  AdobeARMservice - ok
16:25:40.0472 0x0e48  [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:25:40.0572 0x0e48  AdobeFlashPlayerUpdateSvc - ok
16:25:40.0612 0x0e48  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
16:25:40.0622 0x0e48  adp94xx - ok
16:25:40.0642 0x0e48  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
16:25:40.0652 0x0e48  adpahci - ok
16:25:40.0672 0x0e48  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
16:25:40.0672 0x0e48  adpu320 - ok
16:25:40.0702 0x0e48  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
16:25:40.0702 0x0e48  AeLookupSvc - ok
16:25:40.0742 0x0e48  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
16:25:40.0752 0x0e48  AFD - ok
16:25:40.0772 0x0e48  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
16:25:40.0772 0x0e48  agp440 - ok
16:25:40.0792 0x0e48  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
16:25:40.0792 0x0e48  ALG - ok
16:25:40.0812 0x0e48  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
16:25:40.0812 0x0e48  aliide - ok
16:25:40.0822 0x0e48  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
16:25:40.0822 0x0e48  amdide - ok
16:25:40.0832 0x0e48  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
16:25:40.0832 0x0e48  AmdK8 - ok
16:25:40.0842 0x0e48  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
16:25:40.0842 0x0e48  AmdPPM - ok
16:25:40.0862 0x0e48  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
16:25:40.0862 0x0e48  amdsata - ok
16:25:40.0872 0x0e48  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
16:25:40.0882 0x0e48  amdsbs - ok
16:25:40.0892 0x0e48  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
16:25:40.0892 0x0e48  amdxata - ok
16:25:40.0902 0x0e48  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
16:25:40.0902 0x0e48  AppID - ok
16:25:40.0922 0x0e48  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
16:25:40.0922 0x0e48  AppIDSvc - ok
16:25:40.0942 0x0e48  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
16:25:40.0942 0x0e48  Appinfo - ok
16:25:40.0952 0x0e48  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
16:25:40.0962 0x0e48  arc - ok
16:25:40.0972 0x0e48  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
16:25:40.0972 0x0e48  arcsas - ok
16:25:41.0032 0x0e48  [ 108FB6DDB69E537A2EA53F425363FAE5 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:25:41.0042 0x0e48  aspnet_state - ok
16:25:41.0062 0x0e48  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
16:25:41.0062 0x0e48  AsyncMac - ok
16:25:41.0082 0x0e48  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
16:25:41.0082 0x0e48  atapi - ok
16:25:41.0102 0x0e48  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:25:41.0122 0x0e48  AudioEndpointBuilder - ok
16:25:41.0142 0x0e48  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
16:25:41.0142 0x0e48  AudioSrv - ok
16:25:41.0162 0x0e48  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
16:25:41.0172 0x0e48  AxInstSV - ok
16:25:41.0202 0x0e48  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
16:25:41.0212 0x0e48  b06bdrv - ok
16:25:41.0242 0x0e48  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
16:25:41.0242 0x0e48  b57nd60a - ok
16:25:41.0272 0x0e48  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
16:25:41.0272 0x0e48  BDESVC - ok
16:25:41.0282 0x0e48  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
16:25:41.0282 0x0e48  Beep - ok
16:25:41.0322 0x0e48  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
16:25:41.0342 0x0e48  BFE - ok
16:25:41.0372 0x0e48  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
16:25:41.0392 0x0e48  BITS - ok
16:25:41.0412 0x0e48  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
16:25:41.0412 0x0e48  blbdrive - ok
16:25:41.0422 0x0e48  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
16:25:41.0422 0x0e48  bowser - ok
16:25:41.0432 0x0e48  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
16:25:41.0432 0x0e48  BrFiltLo - ok
16:25:41.0442 0x0e48  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
16:25:41.0442 0x0e48  BrFiltUp - ok
16:25:41.0462 0x0e48  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
16:25:41.0462 0x0e48  Browser - ok
16:25:41.0472 0x0e48  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
16:25:41.0482 0x0e48  Brserid - ok
16:25:41.0492 0x0e48  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
16:25:41.0492 0x0e48  BrSerWdm - ok
16:25:41.0502 0x0e48  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
16:25:41.0502 0x0e48  BrUsbMdm - ok
16:25:41.0512 0x0e48  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
16:25:41.0522 0x0e48  BrUsbSer - ok
16:25:41.0532 0x0e48  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
16:25:41.0532 0x0e48  BTHMODEM - ok
16:25:41.0552 0x0e48  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
16:25:41.0562 0x0e48  bthserv - ok
16:25:41.0582 0x0e48  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
16:25:41.0582 0x0e48  cdfs - ok
16:25:41.0612 0x0e48  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
16:25:41.0632 0x0e48  cdrom - ok
16:25:41.0652 0x0e48  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
16:25:41.0652 0x0e48  CertPropSvc - ok
16:25:41.0672 0x0e48  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
16:25:41.0672 0x0e48  circlass - ok
16:25:41.0682 0x0e48  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
16:25:41.0692 0x0e48  CLFS - ok
16:25:41.0732 0x0e48  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:25:41.0742 0x0e48  clr_optimization_v2.0.50727_32 - ok
16:25:41.0752 0x0e48  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:25:41.0762 0x0e48  clr_optimization_v2.0.50727_64 - ok
16:25:41.0802 0x0e48  [ 6D7C8A951AF6AD6835C029B3CB88D333 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:25:41.0832 0x0e48  clr_optimization_v4.0.30319_32 - ok
16:25:41.0852 0x0e48  [ 86329C35FF23CFEF0FB6C0023BA06BCE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:25:41.0852 0x0e48  clr_optimization_v4.0.30319_64 - ok
16:25:41.0872 0x0e48  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
16:25:41.0872 0x0e48  CmBatt - ok
16:25:41.0872 0x0e48  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
16:25:41.0882 0x0e48  cmdide - ok
16:25:41.0912 0x0e48  [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG             C:\Windows\system32\Drivers\cng.sys
16:25:41.0932 0x0e48  CNG - ok
16:25:41.0932 0x0e48  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
16:25:41.0932 0x0e48  Compbatt - ok
16:25:41.0952 0x0e48  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
16:25:41.0952 0x0e48  CompositeBus - ok
16:25:41.0962 0x0e48  COMSysApp - ok
16:25:41.0972 0x0e48  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
16:25:41.0972 0x0e48  crcdisk - ok
16:25:42.0012 0x0e48  [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc        C:\Windows\system32\cryptsvc.dll
16:25:42.0012 0x0e48  CryptSvc - ok
16:25:42.0042 0x0e48  [ C6E1C081C0849E08FECEC18DF73B10C4 ] dc3d            C:\Windows\system32\DRIVERS\dc3d.sys
16:25:42.0042 0x0e48  dc3d - ok
16:25:42.0072 0x0e48  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
16:25:42.0082 0x0e48  DcomLaunch - ok
16:25:42.0122 0x0e48  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
16:25:42.0122 0x0e48  defragsvc - ok
16:25:42.0152 0x0e48  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
16:25:42.0152 0x0e48  DfsC - ok
16:25:42.0172 0x0e48  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
16:25:42.0182 0x0e48  Dhcp - ok
16:25:42.0202 0x0e48  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
16:25:42.0202 0x0e48  discache - ok
16:25:42.0222 0x0e48  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
16:25:42.0222 0x0e48  Disk - ok
16:25:42.0232 0x0e48  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
16:25:42.0242 0x0e48  Dnscache - ok
16:25:42.0262 0x0e48  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
16:25:42.0272 0x0e48  dot3svc - ok
16:25:42.0302 0x0e48  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
16:25:42.0302 0x0e48  DPS - ok
16:25:42.0332 0x0e48  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
16:25:42.0332 0x0e48  drmkaud - ok
16:25:42.0372 0x0e48  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
16:25:42.0392 0x0e48  DXGKrnl - ok
16:25:42.0432 0x0e48  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
16:25:42.0432 0x0e48  EapHost - ok
16:25:42.0502 0x0e48  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
16:25:42.0562 0x0e48  ebdrv - ok
16:25:42.0582 0x0e48  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
16:25:42.0592 0x0e48  EFS - ok
16:25:42.0642 0x0e48  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
16:25:42.0662 0x0e48  ehRecvr - ok
16:25:42.0682 0x0e48  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
16:25:42.0692 0x0e48  ehSched - ok
16:25:42.0712 0x0e48  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
16:25:42.0732 0x0e48  elxstor - ok
16:25:42.0742 0x0e48  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
16:25:42.0742 0x0e48  ErrDev - ok
16:25:42.0762 0x0e48  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
16:25:42.0772 0x0e48  EventSystem - ok
16:25:42.0782 0x0e48  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
16:25:42.0782 0x0e48  exfat - ok
16:25:42.0802 0x0e48  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
16:25:42.0802 0x0e48  fastfat - ok
16:25:42.0832 0x0e48  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
16:25:42.0852 0x0e48  Fax - ok
16:25:42.0872 0x0e48  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
16:25:42.0872 0x0e48  fdc - ok
16:25:42.0882 0x0e48  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
16:25:42.0882 0x0e48  fdPHost - ok
16:25:42.0892 0x0e48  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
16:25:42.0892 0x0e48  FDResPub - ok
16:25:42.0902 0x0e48  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
16:25:42.0902 0x0e48  FileInfo - ok
16:25:42.0912 0x0e48  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
16:25:42.0922 0x0e48  Filetrace - ok
16:25:42.0922 0x0e48  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
16:25:42.0932 0x0e48  flpydisk - ok
16:25:42.0942 0x0e48  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
16:25:42.0952 0x0e48  FltMgr - ok
16:25:42.0992 0x0e48  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
16:25:43.0022 0x0e48  FontCache - ok
16:25:43.0052 0x0e48  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:25:43.0052 0x0e48  FontCache3.0.0.0 - ok
16:25:43.0062 0x0e48  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
16:25:43.0072 0x0e48  FsDepends - ok
16:25:43.0082 0x0e48  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
16:25:43.0082 0x0e48  Fs_Rec - ok
16:25:43.0102 0x0e48  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
16:25:43.0102 0x0e48  fvevol - ok
16:25:43.0122 0x0e48  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
16:25:43.0122 0x0e48  gagp30kx - ok
16:25:43.0142 0x0e48  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
16:25:43.0162 0x0e48  gpsvc - ok
16:25:43.0202 0x0e48  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:25:43.0202 0x0e48  gupdate - ok
16:25:43.0212 0x0e48  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:25:43.0212 0x0e48  gupdatem - ok
16:25:43.0222 0x0e48  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
16:25:43.0232 0x0e48  hcw85cir - ok
16:25:43.0252 0x0e48  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:25:43.0262 0x0e48  HdAudAddService - ok
16:25:43.0282 0x0e48  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
16:25:43.0282 0x0e48  HDAudBus - ok
16:25:43.0282 0x0e48  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
16:25:43.0292 0x0e48  HidBatt - ok
16:25:43.0302 0x0e48  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
16:25:43.0312 0x0e48  HidBth - ok
16:25:43.0322 0x0e48  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
16:25:43.0322 0x0e48  HidIr - ok
16:25:43.0332 0x0e48  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
16:25:43.0332 0x0e48  hidserv - ok
16:25:43.0352 0x0e48  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
16:25:43.0352 0x0e48  HidUsb - ok
16:25:43.0372 0x0e48  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
16:25:43.0372 0x0e48  hkmsvc - ok
16:25:43.0392 0x0e48  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:25:43.0402 0x0e48  HomeGroupListener - ok
16:25:43.0422 0x0e48  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:25:43.0432 0x0e48  HomeGroupProvider - ok
16:25:43.0452 0x0e48  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
16:25:43.0452 0x0e48  HpSAMD - ok
16:25:43.0482 0x0e48  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
16:25:43.0492 0x0e48  HTTP - ok
16:25:43.0512 0x0e48  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
16:25:43.0512 0x0e48  hwpolicy - ok
16:25:43.0522 0x0e48  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
16:25:43.0522 0x0e48  i8042prt - ok
16:25:43.0542 0x0e48  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
16:25:43.0562 0x0e48  iaStorV - ok
16:25:43.0602 0x0e48  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:25:43.0632 0x0e48  idsvc - ok
16:25:43.0642 0x0e48  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
16:25:43.0642 0x0e48  iirsp - ok
16:25:43.0672 0x0e48  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
16:25:43.0692 0x0e48  IKEEXT - ok
16:25:43.0762 0x0e48  [ 59B0BBA422F04467E8C89B7CE6AE95E1 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
16:25:43.0802 0x0e48  IntcAzAudAddService - ok
16:25:43.0812 0x0e48  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
16:25:43.0812 0x0e48  intelide - ok
16:25:43.0832 0x0e48  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
16:25:43.0832 0x0e48  intelppm - ok
16:25:43.0842 0x0e48  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
16:25:43.0852 0x0e48  IPBusEnum - ok
16:25:43.0862 0x0e48  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:25:43.0872 0x0e48  IpFilterDriver - ok
16:25:43.0892 0x0e48  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
16:25:43.0912 0x0e48  iphlpsvc - ok
16:25:43.0922 0x0e48  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
16:25:43.0932 0x0e48  IPMIDRV - ok
16:25:43.0932 0x0e48  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
16:25:43.0942 0x0e48  IPNAT - ok
16:25:43.0952 0x0e48  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
16:25:43.0952 0x0e48  IRENUM - ok
16:25:43.0962 0x0e48  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
16:25:43.0962 0x0e48  isapnp - ok
16:25:43.0982 0x0e48  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
16:25:43.0982 0x0e48  iScsiPrt - ok
16:25:44.0002 0x0e48  [ 7A4D015FF432645C55C162DADAEA143E ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
16:25:44.0002 0x0e48  iusb3hcs - ok
16:25:44.0012 0x0e48  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
16:25:44.0022 0x0e48  kbdclass - ok
16:25:44.0032 0x0e48  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
16:25:44.0032 0x0e48  kbdhid - ok
16:25:44.0042 0x0e48  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
16:25:44.0042 0x0e48  KeyIso - ok
16:25:44.0062 0x0e48  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
16:25:44.0062 0x0e48  KSecDD - ok
16:25:44.0092 0x0e48  [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
16:25:44.0092 0x0e48  KSecPkg - ok
16:25:44.0102 0x0e48  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
16:25:44.0112 0x0e48  ksthunk - ok
16:25:44.0152 0x0e48  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
16:25:44.0162 0x0e48  KtmRm - ok
16:25:44.0192 0x0e48  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
16:25:44.0192 0x0e48  LanmanServer - ok
16:25:44.0212 0x0e48  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:25:44.0212 0x0e48  LanmanWorkstation - ok
16:25:44.0232 0x0e48  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
16:25:44.0232 0x0e48  lltdio - ok
16:25:44.0252 0x0e48  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
16:25:44.0262 0x0e48  lltdsvc - ok
16:25:44.0272 0x0e48  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
16:25:44.0272 0x0e48  lmhosts - ok
16:25:44.0292 0x0e48  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
16:25:44.0302 0x0e48  LSI_FC - ok
16:25:44.0302 0x0e48  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
16:25:44.0312 0x0e48  LSI_SAS - ok
16:25:44.0322 0x0e48  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
16:25:44.0322 0x0e48  LSI_SAS2 - ok
16:25:44.0332 0x0e48  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
16:25:44.0332 0x0e48  LSI_SCSI - ok
16:25:44.0352 0x0e48  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
16:25:44.0362 0x0e48  luafv - ok
16:25:44.0392 0x0e48  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
16:25:44.0392 0x0e48  Mcx2Svc - ok
16:25:44.0402 0x0e48  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
16:25:44.0402 0x0e48  megasas - ok
16:25:44.0422 0x0e48  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
16:25:44.0422 0x0e48  MegaSR - ok
16:25:44.0442 0x0e48  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
16:25:44.0442 0x0e48  MMCSS - ok
16:25:44.0462 0x0e48  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
16:25:44.0462 0x0e48  Modem - ok
16:25:44.0472 0x0e48  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
16:25:44.0472 0x0e48  monitor - ok
16:25:44.0482 0x0e48  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
16:25:44.0482 0x0e48  mouclass - ok
16:25:44.0502 0x0e48  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
16:25:44.0502 0x0e48  mouhid - ok
16:25:44.0512 0x0e48  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
16:25:44.0512 0x0e48  mountmgr - ok
16:25:44.0532 0x0e48  [ 528A5C2570F468155A1B3CF0A2FF5EBD ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:25:44.0542 0x0e48  MozillaMaintenance - ok
16:25:44.0582 0x0e48  [ FC1D590039EF06A381768710E6C07E75 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
16:25:44.0592 0x0e48  MpFilter - ok
16:25:44.0602 0x0e48  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
16:25:44.0602 0x0e48  mpio - ok
16:25:44.0622 0x0e48  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
16:25:44.0622 0x0e48  mpsdrv - ok
16:25:44.0652 0x0e48  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
16:25:44.0672 0x0e48  MpsSvc - ok
16:25:44.0682 0x0e48  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
16:25:44.0682 0x0e48  MRxDAV - ok
16:25:44.0692 0x0e48  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
16:25:44.0692 0x0e48  mrxsmb - ok
16:25:44.0712 0x0e48  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:25:44.0712 0x0e48  mrxsmb10 - ok
16:25:44.0732 0x0e48  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:25:44.0732 0x0e48  mrxsmb20 - ok
16:25:44.0752 0x0e48  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
16:25:44.0752 0x0e48  msahci - ok
16:25:44.0762 0x0e48  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
16:25:44.0762 0x0e48  msdsm - ok
16:25:44.0782 0x0e48  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
16:25:44.0782 0x0e48  MSDTC - ok
16:25:44.0802 0x0e48  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
16:25:44.0802 0x0e48  Msfs - ok
16:25:44.0822 0x0e48  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
16:25:44.0822 0x0e48  mshidkmdf - ok
16:25:44.0842 0x0e48  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
16:25:44.0842 0x0e48  msisadrv - ok
16:25:44.0872 0x0e48  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
16:25:44.0872 0x0e48  MSiSCSI - ok
16:25:44.0882 0x0e48  msiserver - ok
16:25:44.0902 0x0e48  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
16:25:44.0902 0x0e48  MSKSSRV - ok
16:25:44.0952 0x0e48  [ 66238063B53E51ADDA16764BAB9A3F7C ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
16:25:44.0952 0x0e48  MsMpSvc - ok
16:25:44.0952 0x0e48  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
16:25:44.0962 0x0e48  MSPCLOCK - ok
16:25:44.0972 0x0e48  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
16:25:44.0972 0x0e48  MSPQM - ok
16:25:44.0992 0x0e48  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
16:25:45.0002 0x0e48  MsRPC - ok
16:25:45.0012 0x0e48  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
16:25:45.0012 0x0e48  mssmbios - ok
16:25:45.0022 0x0e48  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
16:25:45.0022 0x0e48  MSTEE - ok
16:25:45.0042 0x0e48  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
16:25:45.0042 0x0e48  MTConfig - ok
16:25:45.0052 0x0e48  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
16:25:45.0052 0x0e48  Mup - ok
16:25:45.0082 0x0e48  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
16:25:45.0102 0x0e48  napagent - ok
16:25:45.0122 0x0e48  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
16:25:45.0142 0x0e48  NativeWifiP - ok
16:25:45.0172 0x0e48  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
16:25:45.0202 0x0e48  NDIS - ok
16:25:45.0212 0x0e48  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
16:25:45.0222 0x0e48  NdisCap - ok
16:25:45.0232 0x0e48  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
16:25:45.0232 0x0e48  NdisTapi - ok
16:25:45.0242 0x0e48  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
16:25:45.0242 0x0e48  Ndisuio - ok
16:25:45.0262 0x0e48  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
16:25:45.0262 0x0e48  NdisWan - ok
16:25:45.0272 0x0e48  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
16:25:45.0282 0x0e48  NDProxy - ok
16:25:45.0292 0x0e48  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
16:25:45.0292 0x0e48  NetBIOS - ok
16:25:45.0312 0x0e48  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
16:25:45.0312 0x0e48  NetBT - ok
16:25:45.0332 0x0e48  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
16:25:45.0332 0x0e48  Netlogon - ok
16:25:45.0352 0x0e48  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
16:25:45.0362 0x0e48  Netman - ok
16:25:45.0392 0x0e48  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:25:45.0402 0x0e48  NetMsmqActivator - ok
16:25:45.0412 0x0e48  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:25:45.0412 0x0e48  NetPipeActivator - ok
16:25:45.0432 0x0e48  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
16:25:45.0452 0x0e48  netprofm - ok
16:25:45.0452 0x0e48  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:25:45.0452 0x0e48  NetTcpActivator - ok
16:25:45.0462 0x0e48  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:25:45.0462 0x0e48  NetTcpPortSharing - ok
16:25:45.0482 0x0e48  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
16:25:45.0482 0x0e48  nfrd960 - ok
16:25:45.0522 0x0e48  [ 8FB3C853E886E1E4D57271672486111C ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
16:25:45.0522 0x0e48  NisDrv - ok
16:25:45.0542 0x0e48  [ 869A808253726EA11939EC4FE76346A4 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
16:25:45.0542 0x0e48  NisSrv - ok
16:25:45.0562 0x0e48  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
16:25:45.0572 0x0e48  NlaSvc - ok
16:25:45.0582 0x0e48  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
16:25:45.0582 0x0e48  Npfs - ok
16:25:45.0592 0x0e48  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
16:25:45.0592 0x0e48  nsi - ok
16:25:45.0602 0x0e48  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
16:25:45.0602 0x0e48  nsiproxy - ok
16:25:45.0652 0x0e48  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
16:25:45.0692 0x0e48  Ntfs - ok
16:25:45.0702 0x0e48  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
16:25:45.0712 0x0e48  Null - ok
16:25:45.0742 0x0e48  [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD        C:\Windows\system32\DRIVERS\nvm62x64.sys
16:25:45.0752 0x0e48  NVENETFD - ok
16:25:46.0012 0x0e48  [ 8E6247F418B4C8AE9EEB0B532CABCC21 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:25:46.0242 0x0e48  nvlddmkm - ok
16:25:46.0292 0x0e48  [ 909EEDCBD365BB81027D8E742E6B3416 ] NVNET           C:\Windows\system32\DRIVERS\nvmf6264.sys
16:25:46.0292 0x0e48  NVNET - ok
16:25:46.0322 0x0e48  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
16:25:46.0322 0x0e48  nvraid - ok
16:25:46.0332 0x0e48  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
16:25:46.0332 0x0e48  nvstor - ok
16:25:46.0372 0x0e48  [ 4D9ABA962D7ECE81866F96D5F69FB2B8 ] nvstor64        C:\Windows\system32\DRIVERS\nvstor64.sys
16:25:46.0372 0x0e48  nvstor64 - ok
16:25:46.0412 0x0e48  [ 41B97DCE2B2D113B831EB197F02A7398 ] nvsvc           C:\Windows\system32\nvvsvc.exe
16:25:46.0432 0x0e48  nvsvc - ok
16:25:46.0482 0x0e48  [ A3A25E0509F67473B960DAF214828BE3 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
16:25:46.0502 0x0e48  nvUpdatusService - ok
16:25:46.0512 0x0e48  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
16:25:46.0522 0x0e48  nv_agp - ok
16:25:46.0532 0x0e48  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
16:25:46.0532 0x0e48  ohci1394 - ok
16:25:46.0572 0x0e48  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:25:46.0572 0x0e48  ose - ok
16:25:46.0692 0x0e48  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:25:46.0782 0x0e48  osppsvc - ok
16:25:46.0822 0x0e48  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
16:25:46.0822 0x0e48  p2pimsvc - ok
16:25:46.0852 0x0e48  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
16:25:46.0862 0x0e48  p2psvc - ok
16:25:46.0872 0x0e48  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
16:25:46.0872 0x0e48  Parport - ok
16:25:46.0882 0x0e48  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
16:25:46.0892 0x0e48  partmgr - ok
16:25:46.0902 0x0e48  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
16:25:46.0902 0x0e48  PcaSvc - ok
16:25:46.0922 0x0e48  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
16:25:46.0922 0x0e48  pci - ok
16:25:46.0932 0x0e48  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
16:25:46.0942 0x0e48  pciide - ok
16:25:46.0952 0x0e48  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
16:25:46.0952 0x0e48  pcmcia - ok
16:25:46.0972 0x0e48  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
16:25:46.0972 0x0e48  pcw - ok
16:25:46.0992 0x0e48  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
16:25:47.0012 0x0e48  PEAUTH - ok
16:25:47.0062 0x0e48  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
16:25:47.0062 0x0e48  PerfHost - ok
16:25:47.0112 0x0e48  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
16:25:47.0142 0x0e48  pla - ok
16:25:47.0172 0x0e48  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
16:25:47.0182 0x0e48  PlugPlay - ok
16:25:47.0192 0x0e48  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
16:25:47.0202 0x0e48  PNRPAutoReg - ok
16:25:47.0222 0x0e48  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
16:25:47.0222 0x0e48  PNRPsvc - ok
16:25:47.0252 0x0e48  [ 520D48ECB54A33821C95EE496A4235AF ] Point64         C:\Windows\system32\DRIVERS\point64.sys
16:25:47.0252 0x0e48  Point64 - ok
16:25:47.0292 0x0e48  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
16:25:47.0302 0x0e48  PolicyAgent - ok
16:25:47.0322 0x0e48  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
16:25:47.0322 0x0e48  Power - ok
16:25:47.0342 0x0e48  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
16:25:47.0352 0x0e48  PptpMiniport - ok
16:25:47.0362 0x0e48  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
16:25:47.0372 0x0e48  Processor - ok
16:25:47.0382 0x0e48  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
16:25:47.0392 0x0e48  ProfSvc - ok
16:25:47.0402 0x0e48  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:25:47.0402 0x0e48  ProtectedStorage - ok
16:25:47.0432 0x0e48  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
16:25:47.0432 0x0e48  Psched - ok
16:25:47.0462 0x0e48  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
16:25:47.0502 0x0e48  ql2300 - ok
16:25:47.0512 0x0e48  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
16:25:47.0512 0x0e48  ql40xx - ok
16:25:47.0522 0x0e48  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
16:25:47.0532 0x0e48  QWAVE - ok
16:25:47.0542 0x0e48  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
16:25:47.0552 0x0e48  QWAVEdrv - ok
16:25:47.0562 0x0e48  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
16:25:47.0562 0x0e48  RasAcd - ok
16:25:47.0572 0x0e48  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
16:25:47.0582 0x0e48  RasAgileVpn - ok
16:25:47.0592 0x0e48  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
16:25:47.0602 0x0e48  RasAuto - ok
16:25:47.0622 0x0e48  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
16:25:47.0622 0x0e48  Rasl2tp - ok
16:25:47.0642 0x0e48  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
16:25:47.0652 0x0e48  RasMan - ok
16:25:47.0662 0x0e48  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
16:25:47.0662 0x0e48  RasPppoe - ok
16:25:47.0682 0x0e48  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
16:25:47.0682 0x0e48  RasSstp - ok
16:25:47.0702 0x0e48  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
16:25:47.0702 0x0e48  rdbss - ok
16:25:47.0712 0x0e48  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
16:25:47.0712 0x0e48  rdpbus - ok
16:25:47.0722 0x0e48  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
16:25:47.0722 0x0e48  RDPCDD - ok
16:25:47.0732 0x0e48  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
16:25:47.0732 0x0e48  RDPENCDD - ok
16:25:47.0742 0x0e48  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
16:25:47.0752 0x0e48  RDPREFMP - ok
16:25:47.0792 0x0e48  [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
16:25:47.0792 0x0e48  RdpVideoMiniport - ok
16:25:47.0802 0x0e48  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
16:25:47.0812 0x0e48  RDPWD - ok
16:25:47.0822 0x0e48  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
16:25:47.0832 0x0e48  rdyboost - ok
16:25:47.0852 0x0e48  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
16:25:47.0852 0x0e48  RemoteAccess - ok
16:25:47.0872 0x0e48  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
16:25:47.0882 0x0e48  RemoteRegistry - ok
16:25:47.0892 0x0e48  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
16:25:47.0892 0x0e48  RpcEptMapper - ok
16:25:47.0922 0x0e48  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
16:25:47.0922 0x0e48  RpcLocator - ok
16:25:47.0942 0x0e48  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
16:25:47.0952 0x0e48  RpcSs - ok
16:25:47.0962 0x0e48  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
16:25:47.0962 0x0e48  rspndr - ok
16:25:48.0002 0x0e48  [ A4F7F9BB5576BF1D3A57F785C5DBEDB7 ] RTL8192cu       C:\Windows\system32\DRIVERS\RTL8192cu.sys
16:25:48.0022 0x0e48  RTL8192cu - ok
16:25:48.0032 0x0e48  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
16:25:48.0032 0x0e48  SamSs - ok
16:25:48.0062 0x0e48  [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
16:25:48.0062 0x0e48  SASDIFSV - ok
16:25:48.0072 0x0e48  [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
16:25:48.0072 0x0e48  SASKUTIL - ok
16:25:48.0072 0x0e48  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
16:25:48.0082 0x0e48  sbp2port - ok
16:25:48.0102 0x0e48  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
16:25:48.0102 0x0e48  SCardSvr - ok
16:25:48.0132 0x0e48  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
16:25:48.0132 0x0e48  scfilter - ok
16:25:48.0162 0x0e48  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
16:25:48.0192 0x0e48  Schedule - ok
16:25:48.0212 0x0e48  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
16:25:48.0212 0x0e48  SCPolicySvc - ok
16:25:48.0222 0x0e48  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
16:25:48.0232 0x0e48  SDRSVC - ok
16:25:48.0252 0x0e48  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
16:25:48.0262 0x0e48  secdrv - ok
16:25:48.0272 0x0e48  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
16:25:48.0272 0x0e48  seclogon - ok
16:25:48.0282 0x0e48  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
16:25:48.0282 0x0e48  SENS - ok
16:25:48.0312 0x0e48  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
16:25:48.0312 0x0e48  SensrSvc - ok
16:25:48.0322 0x0e48  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\drivers\serenum.sys
16:25:48.0332 0x0e48  Serenum - ok
16:25:48.0342 0x0e48  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\drivers\serial.sys
16:25:48.0342 0x0e48  Serial - ok
16:25:48.0352 0x0e48  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
16:25:48.0352 0x0e48  sermouse - ok
16:25:48.0382 0x0e48  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
16:25:48.0382 0x0e48  SessionEnv - ok
16:25:48.0392 0x0e48  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
16:25:48.0402 0x0e48  sffdisk - ok
16:25:48.0402 0x0e48  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
16:25:48.0412 0x0e48  sffp_mmc - ok
16:25:48.0422 0x0e48  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
16:25:48.0422 0x0e48  sffp_sd - ok
16:25:48.0422 0x0e48  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
16:25:48.0422 0x0e48  sfloppy - ok
16:25:48.0452 0x0e48  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
16:25:48.0452 0x0e48  SharedAccess - ok
16:25:48.0482 0x0e48  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:25:48.0492 0x0e48  ShellHWDetection - ok
16:25:48.0502 0x0e48  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
16:25:48.0512 0x0e48  SiSRaid2 - ok
16:25:48.0522 0x0e48  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
16:25:48.0522 0x0e48  SiSRaid4 - ok
16:25:48.0532 0x0e48  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
16:25:48.0542 0x0e48  Smb - ok
16:25:48.0552 0x0e48  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
16:25:48.0562 0x0e48  SNMPTRAP - ok
16:25:48.0572 0x0e48  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
16:25:48.0572 0x0e48  spldr - ok
16:25:48.0602 0x0e48  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
16:25:48.0622 0x0e48  Spooler - ok
16:25:48.0702 0x0e48  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
16:25:48.0772 0x0e48  sppsvc - ok
16:25:48.0782 0x0e48  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
16:25:48.0782 0x0e48  sppuinotify - ok
16:25:48.0802 0x0e48  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
16:25:48.0822 0x0e48  srv - ok
16:25:48.0842 0x0e48  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
16:25:48.0852 0x0e48  srv2 - ok
16:25:48.0872 0x0e48  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
16:25:48.0872 0x0e48  srvnet - ok
16:25:48.0902 0x0e48  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
16:25:48.0902 0x0e48  SSDPSRV - ok
16:25:48.0912 0x0e48  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
16:25:48.0922 0x0e48  SstpSvc - ok
16:25:48.0922 0x0e48  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
16:25:48.0922 0x0e48  stexstor - ok
16:25:48.0962 0x0e48  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
16:25:48.0982 0x0e48  stisvc - ok
16:25:48.0992 0x0e48  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
16:25:49.0002 0x0e48  swenum - ok
16:25:49.0022 0x0e48  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
16:25:49.0032 0x0e48  swprv - ok
16:25:49.0072 0x0e48  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
16:25:49.0102 0x0e48  SysMain - ok
16:25:49.0132 0x0e48  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:25:49.0132 0x0e48  TabletInputService - ok
16:25:49.0152 0x0e48  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
16:25:49.0162 0x0e48  TapiSrv - ok
16:25:49.0172 0x0e48  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
16:25:49.0172 0x0e48  TBS - ok
16:25:49.0232 0x0e48  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
16:25:49.0272 0x0e48  Tcpip - ok
16:25:49.0322 0x0e48  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
16:25:49.0332 0x0e48  TCPIP6 - ok
16:25:49.0352 0x0e48  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
16:25:49.0352 0x0e48  tcpipreg - ok
16:25:49.0372 0x0e48  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
16:25:49.0372 0x0e48  TDPIPE - ok
16:25:49.0382 0x0e48  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
16:25:49.0382 0x0e48  TDTCP - ok
16:25:49.0392 0x0e48  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
16:25:49.0402 0x0e48  tdx - ok
16:25:49.0412 0x0e48  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
16:25:49.0412 0x0e48  TermDD - ok
16:25:49.0432 0x0e48  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
16:25:49.0452 0x0e48  TermService - ok
16:25:49.0462 0x0e48  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
16:25:49.0472 0x0e48  Themes - ok
16:25:49.0472 0x0e48  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
16:25:49.0472 0x0e48  THREADORDER - ok
16:25:49.0492 0x0e48  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
16:25:49.0502 0x0e48  TrkWks - ok
16:25:49.0532 0x0e48  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:25:49.0532 0x0e48  TrustedInstaller - ok
16:25:49.0552 0x0e48  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
16:25:49.0552 0x0e48  tssecsrv - ok
16:25:49.0572 0x0e48  [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
16:25:49.0572 0x0e48  TsUsbFlt - ok
16:25:49.0602 0x0e48  [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
16:25:49.0602 0x0e48  TsUsbGD - ok
16:25:49.0622 0x0e48  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
16:25:49.0632 0x0e48  tunnel - ok
16:25:49.0642 0x0e48  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
16:25:49.0642 0x0e48  uagp35 - ok
16:25:49.0652 0x0e48  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
16:25:49.0662 0x0e48  udfs - ok
16:25:49.0672 0x0e48  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
16:25:49.0682 0x0e48  UI0Detect - ok
16:25:49.0692 0x0e48  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
16:25:49.0692 0x0e48  uliagpkx - ok
16:25:49.0712 0x0e48  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
16:25:49.0712 0x0e48  umbus - ok
16:25:49.0732 0x0e48  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
16:25:49.0732 0x0e48  UmPass - ok
16:25:49.0752 0x0e48  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
16:25:49.0762 0x0e48  upnphost - ok
16:25:49.0772 0x0e48  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
16:25:49.0802 0x0e48  usbccgp - ok
16:25:49.0812 0x0e48  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
16:25:49.0822 0x0e48  usbcir - ok
16:25:49.0832 0x0e48  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
16:25:49.0832 0x0e48  usbehci - ok
16:25:49.0842 0x0e48  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
16:25:49.0852 0x0e48  usbhub - ok
16:25:49.0862 0x0e48  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
16:25:49.0862 0x0e48  usbohci - ok
16:25:49.0872 0x0e48  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\drivers\usbprint.sys
16:25:49.0872 0x0e48  usbprint - ok
16:25:49.0882 0x0e48  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:25:49.0902 0x0e48  USBSTOR - ok
16:25:49.0912 0x0e48  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
16:25:49.0912 0x0e48  usbuhci - ok
16:25:49.0932 0x0e48  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
16:25:49.0932 0x0e48  UxSms - ok
16:25:49.0942 0x0e48  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
16:25:49.0942 0x0e48  VaultSvc - ok
16:25:49.0962 0x0e48  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
16:25:49.0962 0x0e48  vdrvroot - ok
16:25:49.0982 0x0e48  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
16:25:50.0002 0x0e48  vds - ok
16:25:50.0012 0x0e48  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
16:25:50.0012 0x0e48  vga - ok
16:25:50.0022 0x0e48  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
16:25:50.0022 0x0e48  VgaSave - ok
16:25:50.0042 0x0e48  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
16:25:50.0042 0x0e48  vhdmp - ok
16:25:50.0052 0x0e48  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
16:25:50.0062 0x0e48  viaide - ok
16:25:50.0072 0x0e48  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
16:25:50.0082 0x0e48  volmgr - ok
16:25:50.0092 0x0e48  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
16:25:50.0102 0x0e48  volmgrx - ok
16:25:50.0142 0x0e48  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
16:25:50.0142 0x0e48  volsnap - ok
16:25:50.0162 0x0e48  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
16:25:50.0172 0x0e48  vsmraid - ok
16:25:50.0222 0x0e48  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
16:25:50.0252 0x0e48  VSS - ok
16:25:50.0272 0x0e48  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
16:25:50.0272 0x0e48  vwifibus - ok
16:25:50.0307 0x0e48  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
16:25:50.0310 0x0e48  vwififlt - ok
16:25:50.0334 0x0e48  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
16:25:50.0344 0x0e48  W32Time - ok
16:25:50.0354 0x0e48  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
16:25:50.0354 0x0e48  WacomPen - ok
16:25:50.0384 0x0e48  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
16:25:50.0384 0x0e48  WANARP - ok
16:25:50.0394 0x0e48  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
16:25:50.0394 0x0e48  Wanarpv6 - ok
16:25:50.0434 0x0e48  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
16:25:50.0454 0x0e48  WatAdminSvc - ok
16:25:50.0494 0x0e48  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
16:25:50.0534 0x0e48  wbengine - ok
16:25:50.0554 0x0e48  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
16:25:50.0554 0x0e48  WbioSrvc - ok
16:25:50.0574 0x0e48  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
16:25:50.0594 0x0e48  wcncsvc - ok
16:25:50.0604 0x0e48  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:25:50.0604 0x0e48  WcsPlugInService - ok
16:25:50.0614 0x0e48  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
16:25:50.0614 0x0e48  Wd - ok
16:25:50.0674 0x0e48  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
16:25:50.0694 0x0e48  Wdf01000 - ok
16:25:50.0714 0x0e48  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
16:25:50.0714 0x0e48  WdiServiceHost - ok
16:25:50.0724 0x0e48  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
16:25:50.0724 0x0e48  WdiSystemHost - ok
16:25:50.0744 0x0e48  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
16:25:50.0744 0x0e48  WebClient - ok
16:25:50.0754 0x0e48  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
16:25:50.0764 0x0e48  Wecsvc - ok
16:25:50.0774 0x0e48  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
16:25:50.0774 0x0e48  wercplsupport - ok
16:25:50.0794 0x0e48  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
16:25:50.0804 0x0e48  WerSvc - ok
16:25:50.0824 0x0e48  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
16:25:50.0824 0x0e48  WfpLwf - ok
16:25:50.0824 0x0e48  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
16:25:50.0834 0x0e48  WIMMount - ok
16:25:50.0854 0x0e48  WinDefend - ok
16:25:50.0864 0x0e48  WinHttpAutoProxySvc - ok
16:25:50.0924 0x0e48  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
16:25:50.0934 0x0e48  Winmgmt - ok
16:25:50.0994 0x0e48  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
16:25:51.0054 0x0e48  WinRM - ok
16:25:51.0094 0x0e48  [ FE88B288356E7B47B74B13372ADD906D ] WinUSB          C:\Windows\system32\DRIVERS\WinUSB.sys
16:25:51.0104 0x0e48  WinUSB - ok
16:25:51.0134 0x0e48  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
16:25:51.0154 0x0e48  Wlansvc - ok
16:25:51.0174 0x0e48  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
16:25:51.0174 0x0e48  WmiAcpi - ok
16:25:51.0194 0x0e48  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
16:25:51.0194 0x0e48  wmiApSrv - ok
16:25:51.0214 0x0e48  WMPNetworkSvc - ok
16:25:51.0224 0x0e48  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
16:25:51.0234 0x0e48  WPCSvc - ok
16:25:51.0244 0x0e48  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
16:25:51.0254 0x0e48  WPDBusEnum - ok
16:25:51.0264 0x0e48  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
16:25:51.0264 0x0e48  ws2ifsl - ok
16:25:51.0284 0x0e48  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
16:25:51.0284 0x0e48  wscsvc - ok
16:25:51.0294 0x0e48  WSearch - ok
16:25:51.0374 0x0e48  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
16:25:51.0434 0x0e48  wuauserv - ok
16:25:51.0454 0x0e48  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
16:25:51.0464 0x0e48  WudfPf - ok
16:25:51.0484 0x0e48  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
16:25:51.0484 0x0e48  WUDFRd - ok
16:25:51.0514 0x0e48  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
16:25:51.0514 0x0e48  wudfsvc - ok
16:25:51.0544 0x0e48  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
16:25:51.0544 0x0e48  WwanSvc - ok
16:25:51.0554 0x0e48  ================ Scan global ===============================
16:25:51.0584 0x0e48  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
16:25:51.0604 0x0e48  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
16:25:51.0624 0x0e48  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
16:25:51.0634 0x0e48  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
16:25:51.0664 0x0e48  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
16:25:51.0664 0x0e48  [Global] - ok
16:25:51.0664 0x0e48  ================ Scan MBR ==================================
16:25:51.0674 0x0e48  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:25:52.0286 0x0e48  \Device\Harddisk0\DR0 - ok
16:25:52.0286 0x0e48  ================ Scan VBR ==================================
16:25:52.0296 0x0e48  [ 1BE8A36ABCF10B383F81F3E4F5CD9EBC ] \Device\Harddisk0\DR0\Partition1
16:25:52.0296 0x0e48  \Device\Harddisk0\DR0\Partition1 - ok
16:25:52.0306 0x0e48  [ AF18E0ED3E0864AAB4DF12FABB7EED66 ] \Device\Harddisk0\DR0\Partition2
16:25:52.0306 0x0e48  \Device\Harddisk0\DR0\Partition2 - ok
16:25:52.0306 0x0e48  ============================================================
16:25:52.0306 0x0e48  Scan finished
16:25:52.0306 0x0e48  ============================================================
16:25:52.0326 0x0da8  Detected object count: 0
16:25:52.0326 0x0da8  Actual detected object count: 0
16:26:32.0636 0x06a8  Deinitialize success
# AdwCleaner v3.001 - Report created 24/08/2013 at 16:44:08
# Updated 24/08/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Bea - BEA-PC
# Running from : C:\Users\Bea\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\ProgramData\InstallMate
Folder Deleted : C:\ProgramData\StarApp
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\ProgramData\safe saavvee
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\SafeSaver
Folder Deleted : C:\Users\Bea\AppData\Local\Conduit
Folder Deleted : C:\Users\Bea\AppData\Local\cre
Folder Deleted : C:\Users\Bea\AppData\Local\Ilivid
Folder Deleted : C:\Users\Bea\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\Bea\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Bea\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Bea\AppData\LocalLow\safe saavvee
Folder Deleted : C:\Users\Bea\AppData\Roaming\Common\LuaRT
Folder Deleted : C:\Users\Bea\AppData\Roaming\DataMgr
Folder Deleted : C:\Users\Bea\AppData\Roaming\DefaultTab
Folder Deleted : C:\Users\Bea\AppData\Roaming\Intermediate
Folder Deleted : C:\Users\Bea\AppData\Roaming\PerformerSoft
Folder Deleted : C:\Users\Bea\AppData\Roaming\SCheck
Folder Deleted : C:\Users\Bea\AppData\Roaming\SSync
File Deleted : C:\Users\Bea\AppData\Roaming\Mozilla\Firefox\Profiles\x5iei7wj.default\Extensions\om@offermosquito.com.xpi
File Deleted : C:\END
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\Bea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk
File Deleted : C:\Users\Bea\Desktop\iLivid.lnk
File Deleted : C:\Users\Bea\AppData\Roaming\Mozilla\Firefox\Profiles\x5iei7wj.default\searchplugins\Conduit.xml
File Deleted : C:\Users\Bea\AppData\Roaming\Mozilla\Firefox\Profiles\x5iei7wj.default\user.js
File Deleted : C:\Users\Bea\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_apps.conduit.com_0.localstorage-journal
File Deleted : C:\Users\Bea\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage-journal

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [DataMgr]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Intermediate]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [ssync]
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\AppDataLow\SProtector
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\SP Global
Key Deleted : HKLM\Software\SProtector
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ilivid
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16635


-\\ Mozilla Firefox v22.0 (en-US)

[ File : C:\Users\Bea\AppData\Roaming\Mozilla\Firefox\Profiles\x5iei7wj.default\prefs.js ]

Line Deleted : user_pref("CT3227981.FF19Solved", "true");
Line Deleted : user_pref("CT3227981.UserID", "UN37732296901684615");
Line Deleted : user_pref("CT3227981.browser.search.defaultthis.engineName", "true");
Line Deleted : user_pref("CT3227981.fullUserID", "UN37732296901684615.IN.2013070335607");
Line Deleted : user_pref("CT3227981.installDate", "03/07/2013 3:56:08");
Line Deleted : user_pref("CT3227981.installSessionId", "{5789DEBF-A1A6-4999-B48D-28944E47C235}");
Line Deleted : user_pref("CT3227981.installSp", "TRUE");
Line Deleted : user_pref("CT3227981.installerVersion", "1.5.4.4");
Line Deleted : user_pref("CT3227981.keyword", "true");
Line Deleted : user_pref("CT3227981.originalHomepage", "hxxp://www.yahoo.com/");
Line Deleted : user_pref("CT3227981.originalSearchAddressUrl", "");
Line Deleted : user_pref("CT3227981.originalSearchEngine", "Google");
Line Deleted : user_pref("CT3227981.originalSearchEngineName", "");
Line Deleted : user_pref("CT3227981.searchRevert", "false");
Line Deleted : user_pref("CT3227981.searchUserMode", "2");
Line Deleted : user_pref("CT3227981.smartbar.homepage", "true");
Line Deleted : user_pref("CT3227981.versionFromInstaller", "10.16.70.5");
Line Deleted : user_pref("CT3227981.xpeMode", "0");
Line Deleted : user_pref("CT3289663.FF19Solved", "true");
Line Deleted : user_pref("CT3289663.UserID", "UN94333386910077116");
Line Deleted : user_pref("CT3289663.addressUrlXPETakeover", "true");
Line Deleted : user_pref("CT3289663.autoDisableScopes", -1);
Line Deleted : user_pref("CT3289663.browser.search.defaultthis.engineName", "true");
Line Deleted : user_pref("CT3289663.defaultSearchXPETakeover", "true");
Line Deleted : user_pref("CT3289663.fullUserID", "UN94333386910077116.IN.20130712213447");
Line Deleted : user_pref("CT3289663.installDate", "12/07/2013 21:34:47");
Line Deleted : user_pref("CT3289663.installSessionId", "{04D7C47A-35BD-4AB1-B529-7897171C90E1}");
Line Deleted : user_pref("CT3289663.installSp", "TRUE");
Line Deleted : user_pref("CT3289663.installerVersion", "1.5.4.1");
Line Deleted : user_pref("CT3289663.keyword", "true");
Line Deleted : user_pref("CT3289663.originalHomepage", "hxxp://search.conduit.com/?ctid=CT3289847&CUI=UN34562137327507843&UM=2&SearchSource=13");
Line Deleted : user_pref("CT3289663.originalSearchAddressUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3289847&SearchSource=2&CUI=UN34562137327507843&UM=2&q=");
Line Deleted : user_pref("CT3289663.originalSearchEngine", "WhiteSmoke New Customized Web Search");
Line Deleted : user_pref("CT3289663.searchRevert", "false");
Line Deleted : user_pref("CT3289663.searchUserMode", "2");
Line Deleted : user_pref("CT3289663.smartbar.homepage", "true");
Line Deleted : user_pref("CT3289663.startPageXPETakeover", "true");
Line Deleted : user_pref("CT3289663.versionFromInstaller", "10.16.4.19");
Line Deleted : user_pref("CT3289847.FF19Solved", "true");
Line Deleted : user_pref("CT3289847.UserID", "UN34562137327507843");
Line Deleted : user_pref("CT3289847.browser.search.defaultthis.engineName", "true");
Line Deleted : user_pref("CT3289847.fullUserID", "UN34562137327507843.IN.20130712212655");
Line Deleted : user_pref("CT3289847.installDate", "12/07/2013 21:26:55");
Line Deleted : user_pref("CT3289847.installSessionId", "{21F68B34-B445-4ECB-B727-15F1527B3316}");
Line Deleted : user_pref("CT3289847.installSp", "false");
Line Deleted : user_pref("CT3289847.keyword", "true");
Line Deleted : user_pref("CT3289847.originalHomepage", "about:home");
Line Deleted : user_pref("CT3289847.originalSearchAddressUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3227981&SearchSource=2&CUI=UN37732296901684615&UM=2&q=");
Line Deleted : user_pref("CT3289847.originalSearchEngine", "appbario7 Customized Web Search");
Line Deleted : user_pref("CT3289847.searchRevert", "true");
Line Deleted : user_pref("CT3289847.searchUserMode", "2");
Line Deleted : user_pref("CT3289847.smartbar.homepage", "true");
Line Deleted : user_pref("CT3298570.FF19Solved", "true");
Line Deleted : user_pref("CT3298570.UserID", "UN38338235961765196");
Line Deleted : user_pref("CT3298570.browser.search.defaultthis.engineName", "true");
Line Deleted : user_pref("CT3298570.fullUserID", "UN38338235961765196.IN.20130712215213");
Line Deleted : user_pref("CT3298570.installDate", "12/07/2013 21:52:12");
Line Deleted : user_pref("CT3298570.installSessionId", "{5FC172EE-486C-4648-9754-28B9C3F94CB3}");
Line Deleted : user_pref("CT3298570.installSp", "TRUE");
Line Deleted : user_pref("CT3298570.installerVersion", "1.5.4.4");
Line Deleted : user_pref("CT3298570.keyword", "true");
Line Deleted : user_pref("CT3298570.originalHomepage", "hxxp://search.conduit.com/?ctid=CT3289663&octid=CT3289663&SearchSource=61&CUI=UN94333386910077116&UM=2&UP=SP888CE77A-CB3B-4268-9ABB-2B28A963E58D");
Line Deleted : user_pref("CT3298570.originalSearchAddressUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3289663&SearchSource=2&CUI=UN94333386910077116&UM=2&q=");
Line Deleted : user_pref("CT3298570.originalSearchEngine", "InternetHelper3.1 Customized Web Search");
Line Deleted : user_pref("CT3298570.originalSearchEngineName", "");
Line Deleted : user_pref("CT3298570.searchRevert", "false");
Line Deleted : user_pref("CT3298570.searchUserMode", "2");
Line Deleted : user_pref("CT3298570.smartbar.homepage", "true");
Line Deleted : user_pref("CT3298570.versionFromInstaller", "10.16.4.19");
Line Deleted : user_pref("CT3298570.xpeMode", "0");
Line Deleted : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3227981&octid=CT3227981&SearchSource=61&CUI=UN37732296901684615&UM=2&UP=SP44ED6FF8-9F74-4727-877F-1FA48768F96E");
Line Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");
Line Deleted : user_pref("aol_toolbar.default.homepage.check", false);
Line Deleted : user_pref("aol_toolbar.default.search.check", false);
Line Deleted : user_pref("browser.search.defaultenginename", "appbario7 Customized Web Search");
Line Deleted : user_pref("browser.search.defaultthis.engineName", "appbario7 Customized Web Search");
Line Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3227981&CUI=UN37732296901684615&UM=2&SearchSource=3&q={searchTerms}");
Line Deleted : user_pref("browser.search.selectedEngine", "appbario7 Customized Web Search");
Line Deleted : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Line Deleted : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Line Deleted : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3227981&SearchSource=2&CUI=UN37732296901684615&UM=2&q=");
Line Deleted : user_pref("om.config", "{\"active\":true,\"name\":\"us\",\"id\":30,\"dispId\":\"CH-30\",\"aboutLink\":\"\",\"trackingGeneral\":true,\"gaAccount\":\"UA-39484183-1\",\"gaDomain\":\"offermosquito.com\",\[...]
Line Deleted : user_pref("smartbar.addressBarOwnerCTID", "CT3227981");
Line Deleted : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3227981&CUI=UN37732296901684615&UM=2&SearchSource=13,hxxp://search.conduit.com/?ctid=CT3227981&octid=CT3227981&SearchSource[...]
Line Deleted : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3227981&SearchSource=2&CUI=UN37732296901684615&UM=2&q=,hxxp://search.conduit.com/ResultsExt.aspx?cti[...]
Line Deleted : user_pref("smartbar.defaultSearchOwnerCTID", "CT3227981");
Line Deleted : user_pref("smartbar.homePageOwnerCTID", "CT3227981");
Line Deleted : user_pref("smartbar.machineId", "1OXJGXG3W6VW5OYKB5X2VT83Q84KOMZFICTOJRJ7KXM93KXENINZN/P0CKGP+8YD8+C7C+T77SZ76LZ18XIIQG");
Line Deleted : user_pref("smartbar.originalHomepage", "hxxp://search.conduit.com/?ctid=CT3227981&CUI=UN37732296901684615&UM=2&SearchSource=13");
Line Deleted : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Line Deleted : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Line Deleted : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Line Deleted : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Line Deleted : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Line Deleted : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Line Deleted : user_pref("sweetim.toolbar.searchguard.enable", "");

-\\ Google Chrome v29.0.1547.57

[ File : C:\Users\Bea\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [13166 octets] - [24/08/2013 16:29:09]
AdwCleaner[S0].txt - [13222 octets] - [24/08/2013 16:44:08]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [13283 octets] ##########

 

BSOD

 

==================================================
Dump File         : 082413-12214-01.dmp
Crash Time        : 8/24/2013 6:18:09 AM
Bug Check String  : PAGE_FAULT_IN_NONPAGED_AREA
Bug Check Code    : 0x00000050
Parameter 1       : fffff696`13b932b0
Parameter 2       : 00000000`00000000
Parameter 3       : fffff800`02aeb401
Parameter 4       : 00000000`00000005
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+75c00
File Description  : NT Kernel & System
Product Name      : Microsoft® Windows® Operating System
Company           : Microsoft Corporation
File Version      : 6.1.7601.18113 (win7sp1_gdr.130318-1533)
Processor         : x64
Crash Address     : ntoskrnl.exe+75c00
Stack Address 1   :
Stack Address 2   :
Stack Address 3   :
Computer Name     :
Full Path         : C:\Windows\Minidump\082413-12214-01.dmp
Processors Count  : 2
Major Version     : 15
Minor Version     : 7601
Dump File Size    : 283,832
Dump File Time    : 8/24/2013 4:18:22 PM
==================================================

==================================================
Dump File         : 082213-13540-01.dmp
Crash Time        : 8/12/2013 3:05:05 AM
Bug Check String  : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code    : 0x0000000a
Parameter 1       : 00000000`00000000
Parameter 2       : 00000000`00000002
Parameter 3       : 00000000`00000001
Parameter 4       : fffff800`02acb162
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+75c00
File Description  : NT Kernel & System
Product Name      : Microsoft® Windows® Operating System
Company           : Microsoft Corporation
File Version      : 6.1.7601.18113 (win7sp1_gdr.130318-1533)
Processor         : x64
Crash Address     : ntoskrnl.exe+75c00
Stack Address 1   :
Stack Address 2   :
Stack Address 3   :
Computer Name     :
Full Path         : C:\Windows\Minidump\082213-13540-01.dmp
Processors Count  : 2
Major Version     : 15
Minor Version     : 7601
Dump File Size    : 283,752
Dump File Time    : 8/22/2013 8:02:58 PM
==================================================

==================================================
Dump File         : 080913-15584-01.dmp
Crash Time        : 8/9/2013 6:14:58 AM
Bug Check String  : KMODE_EXCEPTION_NOT_HANDLED
Bug Check Code    : 0x0000001e
Parameter 1       : 00000000`00000000
Parameter 2       : 00000000`00000000
Parameter 3       : 00000000`00000000
Parameter 4       : 00000000`00000000
Caused By Driver  : ataport.SYS
Caused By Address : ataport.SYS+15594
File Description  :
Product Name      :
Company           :
File Version      :
Processor         : x64
Crash Address     : ntoskrnl.exe+75bd0
Stack Address 1   :
Stack Address 2   :
Stack Address 3   :
Computer Name     :
Full Path         : C:\Windows\Minidump\080913-15584-01.dmp
Processors Count  : 2
Major Version     : 15
Minor Version     : 7601
Dump File Size    : 283,016
Dump File Time    : 8/9/2013 6:16:21 AM
==================================================
 

 

 



#9 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:07:55 AM

Posted 25 August 2013 - 04:41 AM

Hi

 

Please do the following next:

 

:step1:

 

We need to run the SFC /SCANNOW Command

The sfc /scannow command (System File Checker) scans the integrity of all protected Windows system files and replaces incorrect corrupted, changed/modified, or damaged versions with the correct versions if possible.

Note: Be aware that if you have modified your system files as in theming explorer/system files, running sfc /scannow will revert the system files such as explorer.exe back to it's default state.

Note: Make the appropriate backups of your system files that you have modified for theming if you wish to save them before running sfc /scannow.
 

  • Click the Windows "Orb" button.
  • Type cmd.
  • Right click on the search result cmd.exe and click Run as Administrator.
  • Copy the following line of text and paste it into the black box.
    (right-click in the black box and choose paste)

    sfc /scannow
  • Press Enter to run the command.
    Note: This may take a while to finish.
  • If SFC could not fix something, then run the command again to see if it may be able to the next time. Sometimes it may take running the sfc /scannow command 3 or more times to completely fix everything that it's able to.

Retrieving SFC /scannow log


  • Click the Windows "Orb" button.
  • Type cmd.
  • Right click on the search result cmd.exe and click Run as Administrator.
  • Copy the following line of text and paste it into the black box.
    (right-click in the black box and choose paste)

    findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >> "%userprofile%\desktop\sfcdetails.txt"
  • Press Enter to run the command.
  • A text file sfcdetails.txt should appear on your desktop. Post the content of the file in your next reply.

 

:step2:

 

How is the computer running now?

Do you still get Blue screens?


Edited by dev00790, 25 August 2013 - 04:42 AM.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#10 HippieBea

HippieBea
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:03:55 AM

Posted 25 August 2013 - 08:33 AM

am I able to do this in Safe Mode? Here's why - upon booting my computer it just kept restarting without loading.  I'd get the screen that says it was not shut down properly and two options - one to fix the problem (recommended) and another to start normally.  This happened about 4x's.  Finally it started and fully loaded but would freeze but it restarted in a continuous loop. When it shut down, I had the blue screen with writing before shutting down just briefly.  When it starts up, it goes to the "Windows did not shut down properly" and there are 3 options- all for Safe Mode or normally. When I click normally or let the seconds run out, it just shuts down.  It shut down like this in about 6 times. When it finally rebooted and was fully functional, I had no internet connection.  So I restarted but this did not solve the issue. Upon booting up, it again shut down with a blue screen. It rebooted, but still no internet connection.  I thought it was wireless connection, but everything else wireless is working fine.

 

I'll wait for further instruction. Thanks!



#11 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:07:55 AM

Posted 25 August 2013 - 01:53 PM

Please do the following in Safe mode:
 
Use the Windows Error Checking utility (Check Disk), with the options to fix file system errors and scan the disk surface for errors, attempt recovery of data and repair the disk:

  • Click the "Windows Orb" Start button, then click Computer.
  • Right-click on the drive that you wish to check > Properties > Tools tab
  • In the "Error checking" section, click on Check now.
  • Place a checkmark in both boxes > Start.
  • If the disk you have chosen is the Windows system disk:
  • A message will notify you that a restart is necessary ask "Do you want to check for hard disk errors the next time you start your computer?".
  • Click Schedule disk check > OK and close all windows.
  • Re-start the computer. The disk will be checked when the system boots.
  • This will take some time to run and at times may appear stalled but just let it run.
  • When the disk check is complete, the system will re-start automatically and load Windows.

A log of the disk check is recorded only if the scheduled re-start is used, and only for drives on the same HDD as the Operating System.
To open the log:

  • Click the "Windows Orb" Start button ->  type "eventvwr" without the quotes -> press the <ENTER> key.
  • The Event Viewer window will open.
  • In the left pane, expand "Windows Logs" and then click on Application.
  • In the right pane, at the top, click on the column heading Source to sort the list alphabetically.
  • Look in the Source column for "Wininit", with an entry corresponding to the date and time of the disk check.
  • Click on that Wininit entry to select it.
  • On the top main menu, click Action > Copy > Copy Details as Text.
  • Paste the contents into your next reply.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#12 HippieBea

HippieBea
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:03:55 AM

Posted 25 August 2013 - 09:57 PM

NOTE: After we did this run in Safe Mode my computer booted up normally, did not shut down, and had an internet connection. 

 

Log Name:      Application
Source:        Microsoft-Windows-Wininit
Date:          8/25/2013 9:25:54 PM
Event ID:      1001
Task Category: None
Level:         Information
Keywords:      Classic
User:          N/A
Computer:      Bea-PC
Description:


Checking file system on C:
The type of the file system is NTFS.

A disk check has been scheduled.
Windows will now check the disk.                         

CHKDSK is verifying files (stage 1 of 5)...
Cleaning up instance tags for file 0x1b808.
  116480 file records processed.                                         

File verification completed.
  192 large file records processed.                                   

  0 bad file records processed.                                     

  0 EA records processed.                                           

  60 reparse records processed.                                      

CHKDSK is verifying indexes (stage 2 of 5)...
  161086 index entries processed.                                        

Index verification completed.
  0 unindexed files scanned.                                        

  0 unindexed files recovered.                                      

CHKDSK is verifying security descriptors (stage 3 of 5)...
  116480 file SDs/SIDs processed.                                        

Cleaning up 529 unused index entries from index $SII of file 0x9.
Cleaning up 529 unused index entries from index $SDH of file 0x9.
Cleaning up 529 unused security descriptors.
Security descriptor verification completed.
  22304 data files processed.                                           

CHKDSK is verifying Usn Journal...
  37694864 USN bytes processed.                                            

Usn Journal verification completed.
CHKDSK is verifying file data (stage 4 of 5)...
  116464 files processed.                                                

File data verification completed.
CHKDSK is verifying free space (stage 5 of 5)...
  113102598 free clusters processed.                                        

Free space verification is complete.
CHKDSK discovered free space marked as allocated in the
master file table (MFT) bitmap.
CHKDSK discovered free space marked as allocated in the volume bitmap.
Windows has made corrections to the file system.

 488282111 KB total disk space.
  35580012 KB in 80848 files.
     56568 KB in 22305 indexes.
         0 KB in bad sectors.
    235135 KB in use by the system.
     65536 KB occupied by the log file.
 452410396 KB available on disk.

      4096 bytes in each allocation unit.
 122070527 total allocation units on disk.
 113102599 allocation units available on disk.

Internal Info:
00 c7 01 00 fc 92 01 00 b3 0c 03 00 00 00 00 00  ................
d4 00 00 00 3c 00 00 00 00 00 00 00 00 00 00 00  ....<...........
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................

Windows has finished checking your disk.
Please wait while your computer restarts.

Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Microsoft-Windows-Wininit" Guid="{206f6dea-d3c5-4d10-bc72-989f03c8b84b}" EventSourceName="Wininit" />
    <EventID Qualifiers="16384">1001</EventID>
    <Version>0</Version>
    <Level>4</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2013-08-26T01:25:54.000000000Z" />
    <EventRecordID>6731</EventRecordID>
    <Correlation />
    <Execution ProcessID="0" ThreadID="0" />
    <Channel>Application</Channel>
    <Computer>Bea-PC</Computer>
    <Security />
  </System>
  <EventData>
    <Data>

Checking file system on C:
The type of the file system is NTFS.

A disk check has been scheduled.
Windows will now check the disk.                         

CHKDSK is verifying files (stage 1 of 5)...
Cleaning up instance tags for file 0x1b808.
  116480 file records processed.                                         

File verification completed.
  192 large file records processed.                                   

  0 bad file records processed.                                     

  0 EA records processed.                                           

  60 reparse records processed.                                      

CHKDSK is verifying indexes (stage 2 of 5)...
  161086 index entries processed.                                        

Index verification completed.
  0 unindexed files scanned.                                        

  0 unindexed files recovered.                                      

CHKDSK is verifying security descriptors (stage 3 of 5)...
  116480 file SDs/SIDs processed.                                        

Cleaning up 529 unused index entries from index $SII of file 0x9.
Cleaning up 529 unused index entries from index $SDH of file 0x9.
Cleaning up 529 unused security descriptors.
Security descriptor verification completed.
  22304 data files processed.                                           

CHKDSK is verifying Usn Journal...
  37694864 USN bytes processed.                                            

Usn Journal verification completed.
CHKDSK is verifying file data (stage 4 of 5)...
  116464 files processed.                                                

File data verification completed.
CHKDSK is verifying free space (stage 5 of 5)...
  113102598 free clusters processed.                                        

Free space verification is complete.
CHKDSK discovered free space marked as allocated in the
master file table (MFT) bitmap.
CHKDSK discovered free space marked as allocated in the volume bitmap.
Windows has made corrections to the file system.

 488282111 KB total disk space.
  35580012 KB in 80848 files.
     56568 KB in 22305 indexes.
         0 KB in bad sectors.
    235135 KB in use by the system.
     65536 KB occupied by the log file.
 452410396 KB available on disk.

      4096 bytes in each allocation unit.
 122070527 total allocation units on disk.
 113102599 allocation units available on disk.

Internal Info:
00 c7 01 00 fc 92 01 00 b3 0c 03 00 00 00 00 00  ................
d4 00 00 00 3c 00 00 00 00 00 00 00 00 00 00 00  ....&lt;...........
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................

Windows has finished checking your disk.
Please wait while your computer restarts.
</Data>
  </EventData>
</Event>



#13 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:07:55 AM

Posted 26 August 2013 - 06:01 AM

Hi
 
Please do the following next:
 
:step1:

Download Malwarebytes' Anti-Malware (aka MBAM): http://www.malwarebytes.org/mbam-download.php to your desktop.

  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform full scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad.
  • Post the log in your next reply.

If requested by MBAM, restart the computer.

The log can also be found here:
C:\Users\<Username>\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt


:step2:

I'd like us to scan your machine with ESET Online Scanner:

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.

Note: Vista/Windows 7 users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png  button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the esetsmartinstaller_enu.png
       icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • On ESET: Click the Back button, then the Finish button.

Note: Do not forget to re-enable your Anti-Virus application after running the above scan!
 
 
:step3:
 
How is the computer running now?


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#14 HippieBea

HippieBea
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:03:55 AM

Posted 28 August 2013 - 06:14 AM

I just wanted to check in. I ended up having to run these scans in safe mode. The computer was shutting down again with the blue screen. ESET is running now. Just when I thought I may be in the clear. I should be able to post these logs tonight.

#15 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:07:55 AM

Posted 28 August 2013 - 07:35 AM

Ok thanks for letting us know


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users