Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Possible Infection


  • Please log in to reply
9 replies to this topic

#1 Cas34

Cas34

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:02:23 PM

Posted 30 October 2013 - 03:01 PM

Hi,
 
I think I have a possible infection as my computer is exhibiting unusual behaviour.
 
It is freezing often, sometimes it won't open my browser and I am no longer able to delete Sandbox [using Sandboxie]. I have checked my memory usage which is fine and I regularly maintain my PC. Therefore, I was hoping someone could take a look at my logs and help.
 
Thanks so much :)
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Professional 
Boot Device: \Device\HarddiskVolume1
Install Date: 27/07/2010 22:37:29
System Uptime: 30/10/2013 19:50:49 (0 hours ago)
.
Motherboard: ASUSTeK Computer INC. |  | M4A87TD EVO
Processor: AMD Phenom™ II X4 955 Processor | AM3 | 3200/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 78 GiB total, 21.18 GiB free.
D: is FIXED (NTFS) - 39 GiB total, 33.729 GiB free.
E: is FIXED (NTFS) - 814 GiB total, 696.468 GiB free.
F: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: 
Description: 
Device ID: ROOT\LEGACY_A2INJECTIONDRIVER\0000
Manufacturer: 
Name: 
PNP Device ID: ROOT\LEGACY_A2INJECTIONDRIVER\0000
Service: 
.
Class GUID: 
Description: Universal Serial Bus (USB) Controller
Device ID: PCI\VEN_1033&DEV_0194&SUBSYS_84131043&REV_03\FFFFFFFFFFFFFFFF00
Manufacturer: 
Name: Universal Serial Bus (USB) Controller
PNP Device ID: PCI\VEN_1033&DEV_0194&SUBSYS_84131043&REV_03\FFFFFFFFFFFFFFFF00
Service: 
.
Class GUID: 
Description: 
Device ID: ROOT\LEGACY_A2ACC\0000
Manufacturer: 
Name: 
PNP Device ID: ROOT\LEGACY_A2ACC\0000
Service: 
.
==== System Restore Points ===================
.
RP744: 22/10/2013 19:42:05 - Windows Update
RP745: 26/10/2013 16:41:27 - Windows Update
RP746: 30/10/2013 16:27:54 - Windows Update
.
==== Installed Programs ======================
.
 Update for Microsoft Office 2007 (KB2508958)
7-Zip 4.65 (x64 edition)
Adobe Flash Player 11 Plugin
Adobe Photoshop Elements 6.0
ATI AVIVO64 Codecs
ATI Catalyst Install Manager
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center HydraVision Full
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
ccc-utility64
CCC Help English
CDDRV_Installer
CyberGhost VPN
D3DX10
Dev-C++
EPD_free-7.3-2
EPU
erLT
ERUNT 1.1j
ESET Online Scanner v3
Exact Audio Copy 0.99pb5
Express Gate
foobar2000 v1.0.3
Football Manager 2009
Google Chrome
Google Update Helper
HydraVision
KhalInstallWrapper
Logitech SetPoint
Malwarebytes Anti-Malware version 1.62.0.1300
Microsoft .NET Framework 4 Multi-Targeting Pack
Microsoft .NET Framework 4.5 Beta
Microsoft Age of Empires II
Microsoft Application Error Reporting
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Office 64-bit Components 2007
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Standard 2007
Microsoft Office Word MUI (English) 2007
Microsoft Security Client
Microsoft Security Essentials
Microsoft SQL Server Compact 4.0 SP1 x64 ENU CTP1
Microsoft System CLR Types for SQL Server 2012 RC0 (x64)
Microsoft Team Foundation Server 2010 Object Model - ENU
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319
Microsoft Visual C++ 2010  x86 Runtime - 10.0.30319
Microsoft Visual F# 2.0 Runtime
Microsoft Visual Studio 11 SharePoint Developer Tools Beta enu Language Pack
Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
Microsoft Web Deploy 3.0
Microsoft Web Platform Installer 4.0
Mozilla Firefox 22.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB2721691)
MSXML 4.0 SP3 Parser (KB2758694)
MSXML4 Parser
Mumble 1.2.3
Notepad++
Philips Songbird
Platform
PrimoPDF -- brought to you by Nitro PDF Software
Python 2.7.3
Realtek Ethernet Controller Driver For Windows 7
Revo Uninstaller 1.89
Sandboxie 3.72 (64-bit)
Secunia PSI (3.0.0.2004)
Secure Download Manager
Security Update for Microsoft .NET Framework 4.5 Beta (KB2686838)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition 
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition 
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition 
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition 
Spybot - Search & Destroy
STDU Viewer version 1.5.427.0
Steam
The Elder Scrolls V: Skyrim
TurboV EVO
Ubuntu
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817327) 32-Bit Edition
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VC80CRTRedist - 8.0.50727.4053
Ventrilo Client for Windows x64
VIA Platform Device Manager
Visual Studio 2010 Prerequisites - English
VLC media player 2.0.2
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
.
==== Event Viewer Messages From Past Week ========
.
30/10/2013 19:51:12, Error: Microsoft Antimalware [2004]  - Microsoft Antimalware has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.   Signatures Attempted: Current   Error Code: 0x80096010   Error description: The digital signature of the object did not verify.   Signature version: 1.161.1086.0;1.161.1086.0   Engine version: 1.1.10003.0
30/10/2013 19:50:57, Error: Application Popup [1060]  - \SystemRoot\SysWow64\Drivers\GEARAspiWDM.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
30/10/2013 19:39:15, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.161.1094.0).
30/10/2013 19:38:44, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:   Previous Signature Version: 1.161.1086.0   Update Source: Microsoft Update Server   Update Stage: Install   Source Path: http://www.microsoft.com   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\SYSTEM   Current Engine Version:   Previous Engine Version: 1.1.10003.0   Error code: 0x80070643   Error description: Fatal error during installation. 
30/10/2013 19:38:19, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:   Previous Signature Version: 1.161.1086.0   Update Source: User   Update Stage: Install   Source Path:   Signature Type: AntiSpyware   Update Type: Delta   User: NT AUTHORITY\SYSTEM   Current Engine Version:   Previous Engine Version: 1.1.10003.0   Error code: 0x80070017   Error description: Data error (cyclic redundancy check). 
30/10/2013 19:38:17, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:   Previous Signature Version: 1.161.1086.0   Update Source: User   Update Stage: Install   Source Path:   Signature Type: AntiVirus   Update Type: Delta   User: NT AUTHORITY\SYSTEM   Current Engine Version:   Previous Engine Version: 1.1.10003.0   Error code: 0x80070017   Error description: Data error (cyclic redundancy check). 
28/10/2013 10:20:10, Error: Disk [11]  - The driver detected a controller error on \Device\Harddisk1\DR3.
27/10/2013 22:45:44, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:   Previous Signature Version: 1.161.838.0   Update Source: Microsoft Update Server   Update Stage: Search   Source Path: http://www.microsoft.com   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\SYSTEM   Current Engine Version:   Previous Engine Version: 1.1.10003.0   Error code: 0x8024402f   Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 
24/10/2013 22:38:01, Error: Disk [11]  - The driver detected a controller error on \Device\Harddisk1\DR2.
24/10/2013 22:37:25, Error: Disk [11]  - The driver detected a controller error on \Device\Harddisk1\DR1.
.
==== End Of File ===========================
 
 
DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 10.0.9200.16720
Run by Computa at 19:56:48 on 2013-10-30
Microsoft Windows 7 Professional   6.1.7601.1.1252.44.1033.18.4094.2345 [GMT 0:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\AUDIODG.EXE
C:\Program Files\Sandboxie\SbieSvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
C:\ASUS.SYS\config\DVMExportService.exe
C:\Program Files (x86)\Secunia\PSI\PSIA.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\ASUS\TurboV EVO\TurboVHELP.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\DAODx.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Sandboxie\SbieCtrl.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files (x86)\Secunia\PSI\sua.exe
C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
C:\Program Files (x86)\ASUS\TurboV EVO\TurboV_EVO.exe
C:\Program Files (x86)\ASUS\EPU\EPU.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\apdproxy.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Sandboxie\SandboxieRpcSs.exe
C:\Program Files\Sandboxie\SandboxieDcomLaunch.exe
C:\Sandbox\Computa\DefaultBox\drive\C\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Sandbox\Computa\DefaultBox\drive\C\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Sandbox\Computa\DefaultBox\drive\C\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Sandboxie\SandboxieCrypto.exe
E:\Key Pass\KeePass.exe
C:\Sandbox\Computa\DefaultBox\drive\C\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\Sandboxie\32\SbieSvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
uRun: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
mRun: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
mRun: [TurboV EVO] "C:\Program Files (x86)\ASUS\TurboV EVO\TurboV_EVO.exe" -b
mRun: [Six Engine] "C:\Program Files (x86)\ASUS\EPU\EPU.exe" -b
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [Adobe Photo Downloader] "C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\apdproxy.exe"
mRun: [Philips Device Listener] "C:\Program Files (x86)\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\LOGITE~1.LNK - C:\Program Files\Logitech\SetPoint\SetPoint.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SECUNI~1.LNK - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 192.168.1.1 192.168.1.1
TCP: Interfaces\{A3E7D795-95FF-418A-B054-7B8AB5451598} : DHCPNameServer = 192.168.1.1 192.168.1.1
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
.
INFO: x64-HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Computa\AppData\Roaming\Mozilla\Firefox\Profiles\1z1c9n8u.default\
FF - prefs.js: browser.startup.homepage - www.google.com
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Program Files\Microsoft\Web Platform Installer\NPWPIDetector.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-6-18 247216]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2012-9-1 52856]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2009-9-19 203776]
R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2010-7-27 96896]
R2 DvmMDES;DeviceVM Meta Data Export Service;C:\ASUS.SYS\config\DVMExportService.exe [2009-10-16 319488]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2011-4-27 139616]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2010-7-27 1153368]
R2 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2012-6-27 1326176]
R2 Secunia Update Agent;Secunia Update Agent;C:\Program Files (x86)\Secunia\PSI\sua.exe [2012-6-27 681056]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-8-12 366600]
R3 PSI;PSI;C:\Windows\System32\drivers\psi_mf.sys [2011-12-16 17976]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]
R3 SbieDrv;SbieDrv;C:\Program Files\Sandboxie\SbieDrv.sys [2012-6-17 166576]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\System32\drivers\viahduaa.sys [2010-7-27 1301504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-1-30 103992]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-1-30 123960]
S3 CGVPNCliSrvc;CyberGhost VPN Client;C:\Program Files\CyberGhost VPN\CGVPNCliService.exe [2012-8-15 2438696]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-5-6 59392]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-7-29 1255736]
.
=============== File Associations ===============
.
FileExt: .reg: Applications\notepad.exe=C:\Windows\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2013-10-30 19:51:12 10280728 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C05DDF70-2430-42BB-9C33-A9F9B01FD4AF}\mpengine.dll
2013-10-29 12:56:00 10280728 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-10-20 11:16:47 965000 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E0BA6FFA-B151-4237-8B00-8C4B3CC355A7}\gapaengine.dll
2013-10-10 08:00:25 -------- d-----w- C:\Windows\System32\MRT
2013-10-02 18:51:47 -------- d-----w- C:\Windows\System32\1033
2013-10-02 18:51:46 -------- d-----w- C:\Program Files\Microsoft Visual Studio 10.0
2013-10-02 18:51:46 -------- d-----w- C:\Program Files\Microsoft Help Viewer
2013-10-02 17:30:18 -------- d-----w- C:\Users\Computa\AppData\Roaming\e-academy Inc
2013-10-02 17:30:18 -------- d-----w- C:\Users\Computa\AppData\Local\e-academy Inc
.
==================== Find3M  ====================
.
2013-09-22 23:28:06 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-09-22 23:27:49 2876928 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-09-22 23:27:48 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-09-22 23:27:48 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-09-22 22:55:10 2241024 ----a-w- C:\Windows\System32\wininet.dll
2013-09-22 22:54:51 3959296 ----a-w- C:\Windows\System32\jscript9.dll
2013-09-22 22:54:50 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-09-22 22:54:50 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-09-21 03:38:39 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-09-21 03:30:24 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-09-21 02:48:36 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-09-21 02:39:47 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-09-04 12:12:11 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2013-09-04 12:11:51 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
2013-09-04 12:11:49 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2013-09-04 12:11:43 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2013-09-04 12:11:42 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2013-09-04 12:11:40 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys
2013-08-28 01:21:06 3155968 ----a-w- C:\Windows\System32\win32k.sys
2013-08-02 02:23:53 5550528 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-08-02 02:15:44 1732032 ----a-w- C:\Windows\System32\ntdll.dll
2013-08-02 02:15:03 362496 ----a-w- C:\Windows\System32\wow64win.dll
2013-08-02 02:15:03 243712 ----a-w- C:\Windows\System32\wow64.dll
2013-08-02 02:15:03 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2013-08-02 02:14:57 215040 ----a-w- C:\Windows\System32\winsrv.dll
2013-08-02 02:14:11 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2013-08-02 02:13:34 424448 ----a-w- C:\Windows\System32\KernelBase.dll
2013-08-02 01:59:30 3968960 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-08-02 01:59:30 3913664 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-08-02 01:51:23 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll
2013-08-02 01:50:42 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2013-08-02 01:50:42 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2013-08-02 01:09:17 338432 ----a-w- C:\Windows\System32\conhost.exe
2013-08-02 00:59:09 112640 ----a-w- C:\Windows\System32\smss.exe
2013-08-02 00:45:37 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2013-08-02 00:45:36 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2013-08-02 00:45:35 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2013-08-02 00:45:34 2048 ----a-w- C:\Windows\SysWow64\user.exe
2013-08-02 00:43:05 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2013-08-02 00:43:05 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-02 00:43:05 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2013-08-02 00:43:05 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
.
============= FINISH: 19:57:31.95 ===============
 

 



BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 39,243 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:23 AM

Posted 02 November 2013 - 08:35 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.
===

Read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • Double-click on TDSSKiller.exe to run the application.
    tdss1.png
  • Click Change parameters
    settings20121003115955.png
  • Check the boxes next to Verify Driver Digital Signature and Detect TDLFS file system, then click OK
    tdss3.png
  • Click on the Start Scan button to begin the scan and wait for it to finish.
    NOTE: Do not use the computer during the scan!
  • During the scan it will look similar to the image below:
    tdss4.jpg
  • When it finishes, you will either see a report that no threats were found like below:
    tdss5.jpg
    If no threats are found at this point, just click the Report selection on the top right of the form to generate a log. A log file report will pop which you can just close since the report file is already saved.
  • If any infection or suspected items are found, you will see a window similar to below:
    tdss7.jpg
    • If you have files that are shown to fail signature check do not take any action on these. Make sure you select Skip. I will tell you what to do with these later. They may not be issues at all.
    • If Suspicious objects are detected, the default action will be Skip. Leave the default set to Skip.
    • If Malicious objects are detected, they will show in the Scan results. TDSSKiller automatically selects an action (Cure or Delete) for malicious objects
    • Make sure that Cure is selected. Important! - If Cure is not available, please choose Skip instead. Do not choose Delete unless instructed to do so.
  • Click Continue to apply selected actions.
  • A reboot may be required to complete disinfection. A window like the below will appear:
    tdss6.jpg
    Reboot immediately if TDSSKiller states that one is needed.
  • Whether an infection is found or not, a log file should have already been created on your C: drive (or whatever drive you boot from) in the root folder named something like TDSSKiller.2.1.1_27.12.2009_14.17.04_log.txt which is based on the program version # and date and time run.
  • Paste the log to your next reply, DO NOT ATTACH IT.
===

Download http://public.avast.com/~gmerek/aswMBR.exe (aswMBR.exe) to your desktop. Double click the aswMBR.exe to run it.
  • Click the "Scan" button to start scan.
  • Upon completion of the scan, click Save log, and save it to your desktop. (Note - do not select any Fix at this time) <- IMPORTANT
  • Please paste the contents of that log in your next reply.
There shall also be a file on your desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) folder. Please attach that zipped file in your next reply.
===

--RogueKiller--
  • Download & SAVE to your Desktop RogueKiller for 32bit or Roguekiller for 64bit
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller+


#3 Cas34

Cas34
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:02:23 PM

Posted 03 November 2013 - 03:57 AM

08:23:28.0918 0x1910  TDSS rootkit removing tool 3.0.0.16 Nov  1 2013 15:53:38
08:23:33.0864 0x1910  ============================================================
08:23:33.0865 0x1910  Current date / time: 2013/11/03 08:23:33.0864
08:23:33.0865 0x1910  SystemInfo:
08:23:33.0865 0x1910  
08:23:33.0865 0x1910  OS Version: 6.1.7601 ServicePack: 1.0
08:23:33.0865 0x1910  Product type: Workstation
08:23:33.0865 0x1910  ComputerName: COMPUTA-PC
08:23:33.0865 0x1910  UserName: Computa
08:23:33.0865 0x1910  Windows directory: C:\Windows
08:23:33.0865 0x1910  System windows directory: C:\Windows
08:23:33.0865 0x1910  Running under WOW64
08:23:33.0865 0x1910  Processor architecture: Intel x64
08:23:33.0865 0x1910  Number of processors: 4
08:23:33.0865 0x1910  Page size: 0x1000
08:23:33.0865 0x1910  Boot type: Normal boot
08:23:33.0865 0x1910  ============================================================
08:23:37.0442 0x1910  System UUID: {F1F7F558-B677-3444-3E49-AF7B1A434D3E}
08:23:38.0149 0x1910  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:23:38.0155 0x1910  ============================================================
08:23:38.0155 0x1910  \Device\Harddisk0\DR0:
08:23:38.0155 0x1910  MBR partitions:
08:23:38.0155 0x1910  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x9C41AD8
08:23:38.0165 0x1910  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x9C41B56, BlocksNum 0x4E1EDEC
08:23:38.0171 0x1910  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xEA60981, BlocksNum 0x65CA117F
08:23:38.0171 0x1910  ============================================================
08:23:38.0292 0x1910  C: <-> \Device\Harddisk0\DR0\Partition1
08:23:38.0323 0x1910  D: <-> \Device\Harddisk0\DR0\Partition2
08:23:38.0442 0x1910  E: <-> \Device\Harddisk0\DR0\Partition3
08:23:38.0465 0x1910  ============================================================
08:23:38.0465 0x1910  Initialize success
08:23:38.0465 0x1910  ============================================================
08:24:23.0988 0x1660  ============================================================
08:24:23.0988 0x1660  Scan started
08:24:23.0988 0x1660  Mode: Manual; SigCheck; TDLFS; 
08:24:23.0988 0x1660  ============================================================
08:24:23.0988 0x1660  KSN ping started
08:24:26.0819 0x1660  KSN ping finished: true
08:24:29.0018 0x1660  ================ Scan system memory ========================
08:24:29.0018 0x1660  System memory - ok
08:24:29.0018 0x1660  ================ Scan services =============================
08:24:29.0103 0x1660  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
08:24:29.0258 0x1660  1394ohci - ok
08:24:29.0294 0x1660  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
08:24:29.0310 0x1660  ACPI - ok
08:24:29.0319 0x1660  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
08:24:29.0355 0x1660  AcpiPmi - ok
08:24:29.0395 0x1660  [ E8FE4FCE23D2809BD88BCC1D0F8408CE, D744A1052BF104490A8D9BDE2B331F2C0157FCF58B54867E192B62CEE85F697E ] AdobeActiveFileMonitor6.0 C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
08:24:29.0405 0x1660  AdobeActiveFileMonitor6.0 - ok
08:24:29.0435 0x1660  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
08:24:29.0455 0x1660  adp94xx - ok
08:24:29.0484 0x1660  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
08:24:29.0500 0x1660  adpahci - ok
08:24:29.0519 0x1660  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
08:24:29.0531 0x1660  adpu320 - ok
08:24:29.0556 0x1660  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
08:24:29.0625 0x1660  AeLookupSvc - ok
08:24:29.0655 0x1660  [ 1C7857B62DE5994A75B054A9FD4C3825, 83F963D7E636532B1AD30B1E727EC429317CA540F6EB3BB268FCC0B163B67767 ] AFD             C:\Windows\system32\drivers\afd.sys
08:24:29.0688 0x1660  AFD - ok
08:24:29.0765 0x1660  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
08:24:29.0788 0x1660  agp440 - ok
08:24:29.0803 0x1660  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
08:24:29.0831 0x1660  ALG - ok
08:24:29.0848 0x1660  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
08:24:29.0859 0x1660  aliide - ok
08:24:29.0933 0x1660  [ A359974EAAC83A435497C52F62A2E590, 7A7AFFE1CCE8732C478AE3EA630AA46C94DE0DBFE19EE63E3FB99B0D3338F038 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
08:24:29.0975 0x1660  AMD External Events Utility - ok
08:24:29.0980 0x1660  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
08:24:29.0992 0x1660  amdide - ok
08:24:30.0003 0x1660  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
08:24:30.0024 0x1660  AmdK8 - ok
08:24:30.0286 0x1660  [ 60216B0E704584DE6D5A9F59E9C34C47, CC3E9F09FB28E50FDFCC5E6A996E28CB4E721DDDD50E23710DC74C5B0F7CE3E3 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
08:24:30.0549 0x1660  amdkmdag - ok
08:24:30.0588 0x1660  [ 6B4E9261B613B047A9A145F328889968, E5C6611E88381A9D40AD1CE80BFDDBDA733F4A8D3602AAE25A155D2C39B3B7FD ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
08:24:30.0605 0x1660  amdkmdap - ok
08:24:30.0627 0x1660  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
08:24:30.0637 0x1660  AmdPPM - ok
08:24:30.0660 0x1660  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
08:24:30.0670 0x1660  amdsata - ok
08:24:30.0688 0x1660  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
08:24:30.0701 0x1660  amdsbs - ok
08:24:30.0722 0x1660  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
08:24:30.0730 0x1660  amdxata - ok
08:24:30.0762 0x1660  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
08:24:30.0993 0x1660  AppID - ok
08:24:31.0008 0x1660  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
08:24:31.0043 0x1660  AppIDSvc - ok
08:24:31.0108 0x1660  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
08:24:31.0152 0x1660  Appinfo - ok
08:24:31.0194 0x1660  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
08:24:31.0223 0x1660  AppMgmt - ok
08:24:31.0238 0x1660  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
08:24:31.0252 0x1660  arc - ok
08:24:31.0279 0x1660  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
08:24:31.0290 0x1660  arcsas - ok
08:24:31.0415 0x1660  [ A82C01606DC27D05D9D3BFB6BB807E32, CE231637422709D927FB6FA0C4F2215B9C0E3EBBD951FB2FA97B8E64DA479B96 ] AsIO            C:\Windows\syswow64\drivers\AsIO.sys
08:24:31.0436 0x1660  AsIO - ok
08:24:31.0582 0x1660  [ FA558B04F900EF9801534D20F24FF2BF, 6849962B6E861821ABBE9739BC602CB54C8665AC698D9FEC9E8FD6153D064D10 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
08:24:31.0614 0x1660  aspnet_state - ok
08:24:31.0642 0x1660  [ 954FFBFF05B0B60EB63B52AF561436C4, 40228A2B688E827815B5A567584FCF99BF661696DB8CC8BB455393B3CEE35094 ] AsSysCtrlService C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
08:24:31.0654 0x1660  AsSysCtrlService - ok
08:24:31.0676 0x1660  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
08:24:31.0708 0x1660  AsyncMac - ok
08:24:31.0725 0x1660  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
08:24:31.0733 0x1660  atapi - ok
08:24:31.0766 0x1660  [ 506934DF94E3197F4A1BBE8FBEAB0CCD, 678E16DED6767565DFA03397AA49061029351863904712DAED1862F4A606B41B ] AtiHdmiService  C:\Windows\system32\drivers\AtiHdmi.sys
08:24:31.0776 0x1660  AtiHdmiService - ok
08:24:32.0025 0x1660  [ 60216B0E704584DE6D5A9F59E9C34C47, CC3E9F09FB28E50FDFCC5E6A996E28CB4E721DDDD50E23710DC74C5B0F7CE3E3 ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
08:24:32.0247 0x1660  atikmdag - ok
08:24:32.0298 0x1660  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
08:24:32.0339 0x1660  AudioEndpointBuilder - ok
08:24:32.0356 0x1660  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
08:24:32.0395 0x1660  AudioSrv - ok
08:24:32.0482 0x1660  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
08:24:32.0518 0x1660  AxInstSV - ok
08:24:32.0561 0x1660  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
08:24:32.0590 0x1660  b06bdrv - ok
08:24:32.0622 0x1660  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
08:24:32.0637 0x1660  b57nd60a - ok
08:24:32.0664 0x1660  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
08:24:32.0724 0x1660  BDESVC - ok
08:24:32.0743 0x1660  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
08:24:32.0768 0x1660  Beep - ok
08:24:32.0822 0x1660  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
08:24:32.0890 0x1660  BFE - ok
08:24:32.0927 0x1660  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\system32\qmgr.dll
08:24:32.0975 0x1660  BITS - ok
08:24:32.0994 0x1660  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
08:24:33.0004 0x1660  blbdrive - ok
08:24:33.0027 0x1660  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
08:24:33.0048 0x1660  bowser - ok
08:24:33.0055 0x1660  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
08:24:33.0148 0x1660  BrFiltLo - ok
08:24:33.0162 0x1660  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
08:24:33.0171 0x1660  BrFiltUp - ok
08:24:33.0195 0x1660  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
08:24:33.0231 0x1660  BridgeMP - ok
08:24:33.0250 0x1660  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
08:24:33.0264 0x1660  Browser - ok
08:24:33.0280 0x1660  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
08:24:33.0301 0x1660  Brserid - ok
08:24:33.0312 0x1660  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
08:24:33.0323 0x1660  BrSerWdm - ok
08:24:33.0327 0x1660  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
08:24:33.0337 0x1660  BrUsbMdm - ok
08:24:33.0347 0x1660  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
08:24:33.0355 0x1660  BrUsbSer - ok
08:24:33.0366 0x1660  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
08:24:33.0378 0x1660  BTHMODEM - ok
08:24:33.0404 0x1660  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
08:24:33.0431 0x1660  bthserv - ok
08:24:33.0442 0x1660  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
08:24:33.0469 0x1660  cdfs - ok
08:24:33.0491 0x1660  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
08:24:33.0503 0x1660  cdrom - ok
08:24:33.0526 0x1660  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
08:24:33.0551 0x1660  CertPropSvc - ok
08:24:33.0719 0x1660  [ 1EDBC1DBDEAAB7B185B4491BF6129701, A033B6F0BC976FB3B5DA41CA315C9649EE19874CD5544639DB49F78FEB3C799B ] CGVPNCliSrvc    C:\Program Files\CyberGhost VPN\CGVPNCliService.exe
08:24:33.0773 0x1660  CGVPNCliSrvc - ok
08:24:33.0799 0x1660  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
08:24:33.0811 0x1660  circlass - ok
08:24:33.0836 0x1660  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
08:24:33.0852 0x1660  CLFS - ok
08:24:33.0984 0x1660  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:24:33.0997 0x1660  clr_optimization_v2.0.50727_32 - ok
08:24:34.0027 0x1660  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
08:24:34.0040 0x1660  clr_optimization_v2.0.50727_64 - ok
08:24:34.0083 0x1660  [ F53E15A89675B7489FABE74F2091568E, C77CB15E37991EEA8746CE918EB9818686F1F2BC60DE8F4AECC8826F9FD8171B ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:24:34.0140 0x1660  clr_optimization_v4.0.30319_32 - ok
08:24:34.0163 0x1660  [ 101D397632B9007DF13E9A957EA68E04, 430AF9A7F0EC950F01799F3926C5E5888DD9EB8C02A3A830ACF97E64F20926F6 ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
08:24:34.0179 0x1660  clr_optimization_v4.0.30319_64 - ok
08:24:34.0238 0x1660  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
08:24:34.0259 0x1660  CmBatt - ok
08:24:34.0277 0x1660  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
08:24:34.0289 0x1660  cmdide - ok
08:24:34.0317 0x1660  [ 9AC4F97C2D3E93367E2148EA940CD2CD, 530E089E5CF868AECDB2B5548EBE76E0CA98FC74A72897292AB2485734402E3B ] CNG             C:\Windows\system32\Drivers\cng.sys
08:24:34.0355 0x1660  CNG - ok
08:24:34.0360 0x1660  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
08:24:34.0368 0x1660  Compbatt - ok
08:24:34.0389 0x1660  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
08:24:34.0400 0x1660  CompositeBus - ok
08:24:34.0412 0x1660  COMSysApp - ok
08:24:34.0417 0x1660  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
08:24:34.0457 0x1660  crcdisk - ok
08:24:34.0499 0x1660  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
08:24:34.0518 0x1660  CryptSvc - ok
08:24:34.0545 0x1660  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
08:24:34.0579 0x1660  CSC - ok
08:24:34.0677 0x1660  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
08:24:34.0710 0x1660  CscService - ok
08:24:34.0740 0x1660  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
08:24:34.0804 0x1660  DcomLaunch - ok
08:24:34.0832 0x1660  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
08:24:34.0864 0x1660  defragsvc - ok
08:24:34.0946 0x1660  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
08:24:34.0999 0x1660  DfsC - ok
08:24:35.0016 0x1660  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
08:24:35.0038 0x1660  Dhcp - ok
08:24:35.0046 0x1660  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
08:24:35.0070 0x1660  discache - ok
08:24:35.0090 0x1660  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
08:24:35.0099 0x1660  Disk - ok
08:24:35.0123 0x1660  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
08:24:35.0141 0x1660  Dnscache - ok
08:24:35.0161 0x1660  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
08:24:35.0192 0x1660  dot3svc - ok
08:24:35.0228 0x1660  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
08:24:35.0256 0x1660  DPS - ok
08:24:35.0270 0x1660  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
08:24:35.0280 0x1660  drmkaud - ok
08:24:35.0329 0x1660  [ E5B95C75557120881076C45CD146D72C, C4107822D70057C0A1EC41208D88550DDFAAA741395DF38A7E20E47316C6A1B5 ] DvmMDES         C:\ASUS.SYS\config\DVMExportService.exe
08:24:35.0339 0x1660  DvmMDES - detected UnsignedFile.Multi.Generic ( 1 )
08:24:38.0037 0x1660  Detect skipped due to KSN trusted
08:24:38.0038 0x1660  DvmMDES - ok
08:24:38.0091 0x1660  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
08:24:38.0123 0x1660  DXGKrnl - ok
08:24:38.0136 0x1660  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
08:24:38.0163 0x1660  EapHost - ok
08:24:38.0257 0x1660  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
08:24:38.0352 0x1660  ebdrv - ok
08:24:38.0383 0x1660  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] EFS             C:\Windows\System32\lsass.exe
08:24:38.0407 0x1660  EFS - ok
08:24:38.0540 0x1660  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
08:24:38.0588 0x1660  ehRecvr - ok
08:24:38.0657 0x1660  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
08:24:38.0681 0x1660  ehSched - ok
08:24:38.0723 0x1660  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
08:24:38.0743 0x1660  elxstor - ok
08:24:38.0764 0x1660  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
08:24:38.0773 0x1660  ErrDev - ok
08:24:38.0808 0x1660  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
08:24:38.0843 0x1660  EventSystem - ok
08:24:38.0863 0x1660  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
08:24:38.0892 0x1660  exfat - ok
08:24:38.0908 0x1660  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
08:24:38.0937 0x1660  fastfat - ok
08:24:38.0983 0x1660  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
08:24:39.0017 0x1660  Fax - ok
08:24:39.0034 0x1660  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
08:24:39.0042 0x1660  fdc - ok
08:24:39.0104 0x1660  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
08:24:39.0129 0x1660  fdPHost - ok
08:24:39.0142 0x1660  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
08:24:39.0168 0x1660  FDResPub - ok
08:24:39.0182 0x1660  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
08:24:39.0191 0x1660  FileInfo - ok
08:24:39.0252 0x1660  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
08:24:39.0276 0x1660  Filetrace - ok
08:24:39.0307 0x1660  [ 227846995AFEEFA70D328BF5334A86A5, B8EF22DE552B44E7DC352742C775BB6B4992B653AF4B66B231A60182CE7A7201 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
08:24:39.0329 0x1660  FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic ( 1 )
08:24:42.0038 0x1660  Detect skipped due to KSN trusted
08:24:42.0038 0x1660  FLEXnet Licensing Service - ok
08:24:42.0052 0x1660  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
08:24:42.0064 0x1660  flpydisk - ok
08:24:42.0087 0x1660  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
08:24:42.0107 0x1660  FltMgr - ok
08:24:42.0155 0x1660  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
08:24:42.0203 0x1660  FontCache - ok
08:24:42.0243 0x1660  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:24:42.0251 0x1660  FontCache3.0.0.0 - ok
08:24:42.0267 0x1660  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
08:24:42.0276 0x1660  FsDepends - ok
08:24:42.0351 0x1660  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
08:24:42.0363 0x1660  Fs_Rec - ok
08:24:42.0383 0x1660  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
08:24:42.0397 0x1660  fvevol - ok
08:24:42.0430 0x1660  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
08:24:42.0439 0x1660  gagp30kx - ok
08:24:42.0449 0x1660  GEARAspiWDM - ok
08:24:42.0493 0x1660  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
08:24:42.0537 0x1660  gpsvc - ok
08:24:42.0581 0x1660  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:24:42.0590 0x1660  gupdate - ok
08:24:42.0599 0x1660  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:24:42.0606 0x1660  gupdatem - ok
08:24:42.0620 0x1660  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
08:24:42.0637 0x1660  hcw85cir - ok
08:24:42.0684 0x1660  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
08:24:42.0703 0x1660  HdAudAddService - ok
08:24:42.0722 0x1660  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
08:24:42.0735 0x1660  HDAudBus - ok
08:24:42.0739 0x1660  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
08:24:42.0748 0x1660  HidBatt - ok
08:24:42.0763 0x1660  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
08:24:42.0775 0x1660  HidBth - ok
08:24:42.0780 0x1660  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
08:24:42.0791 0x1660  HidIr - ok
08:24:42.0806 0x1660  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
08:24:42.0832 0x1660  hidserv - ok
08:24:42.0914 0x1660  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
08:24:42.0935 0x1660  HidUsb - ok
08:24:42.0952 0x1660  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
08:24:42.0978 0x1660  hkmsvc - ok
08:24:42.0994 0x1660  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
08:24:43.0061 0x1660  HomeGroupListener - ok
08:24:43.0080 0x1660  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
08:24:43.0094 0x1660  HomeGroupProvider - ok
08:24:43.0116 0x1660  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
08:24:43.0126 0x1660  HpSAMD - ok
08:24:43.0161 0x1660  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
08:24:43.0204 0x1660  HTTP - ok
08:24:43.0211 0x1660  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
08:24:43.0219 0x1660  hwpolicy - ok
08:24:43.0242 0x1660  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
08:24:43.0253 0x1660  i8042prt - ok
08:24:43.0297 0x1660  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
08:24:43.0315 0x1660  iaStorV - ok
08:24:43.0353 0x1660  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
08:24:43.0380 0x1660  idsvc - ok
08:24:43.0398 0x1660  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
08:24:43.0407 0x1660  iirsp - ok
08:24:43.0434 0x1660  [ FCD84C381E0140AF901E58D48882D26B, 76955FFC230C801E8ED890E32076075F04CD6E5EC79E594FDE6D23797A36B406 ] IKEEXT          C:\Windows\System32\ikeext.dll
08:24:43.0480 0x1660  IKEEXT - ok
08:24:43.0493 0x1660  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
08:24:43.0501 0x1660  intelide - ok
08:24:43.0527 0x1660  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
08:24:43.0537 0x1660  intelppm - ok
08:24:43.0603 0x1660  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
08:24:43.0631 0x1660  IPBusEnum - ok
08:24:43.0655 0x1660  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:24:43.0680 0x1660  IpFilterDriver - ok
08:24:43.0793 0x1660  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
08:24:43.0832 0x1660  iphlpsvc - ok
08:24:43.0849 0x1660  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
08:24:43.0859 0x1660  IPMIDRV - ok
08:24:43.0903 0x1660  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
08:24:43.0931 0x1660  IPNAT - ok
08:24:43.0952 0x1660  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
08:24:44.0007 0x1660  IRENUM - ok
08:24:44.0019 0x1660  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
08:24:44.0030 0x1660  isapnp - ok
08:24:44.0044 0x1660  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
08:24:44.0059 0x1660  iScsiPrt - ok
08:24:44.0071 0x1660  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
08:24:44.0080 0x1660  kbdclass - ok
08:24:44.0092 0x1660  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
08:24:44.0101 0x1660  kbdhid - ok
08:24:44.0153 0x1660  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] KeyIso          C:\Windows\system32\lsass.exe
08:24:44.0162 0x1660  KeyIso - ok
08:24:44.0181 0x1660  [ 97A7070AEA4C058B6418519E869A63B4, 15345C2D6CA159BD498002974A0BD21CAB611124D85E3320248B47652AEF23C8 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
08:24:44.0190 0x1660  KSecDD - ok
08:24:44.0205 0x1660  [ 26C43A7C2862447EC59DEDA188D1DA07, 5363BF87E650FE2010ACA9417D6920FF4ED752256FF47732882E9B2BA1ED154B ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
08:24:44.0216 0x1660  KSecPkg - ok
08:24:44.0226 0x1660  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
08:24:44.0251 0x1660  ksthunk - ok
08:24:44.0280 0x1660  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
08:24:44.0314 0x1660  KtmRm - ok
08:24:44.0354 0x1660  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
08:24:44.0427 0x1660  LanmanServer - ok
08:24:44.0448 0x1660  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
08:24:44.0475 0x1660  LanmanWorkstation - ok
08:24:44.0593 0x1660  [ 88E52495B47C67126B510AF53FDB0BC7, 75027CE5F578592BBA29F4FB8D820AC5D4E5C8F3095CAF9441818B14128BB4E4 ] LBTServ         C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
08:24:44.0613 0x1660  LBTServ - ok
08:24:44.0644 0x1660  [ B6552D382FF070B4ED34CBD6737277C0, 7C2C24454037170311B0267DEFB797E8DF8D157D62157D271BF7F5F74B2A12F3 ] LHidFilt        C:\Windows\system32\DRIVERS\LHidFilt.Sys
08:24:44.0655 0x1660  LHidFilt - ok
08:24:44.0672 0x1660  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
08:24:44.0710 0x1660  lltdio - ok
08:24:44.0741 0x1660  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
08:24:44.0774 0x1660  lltdsvc - ok
08:24:44.0784 0x1660  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
08:24:44.0809 0x1660  lmhosts - ok
08:24:44.0822 0x1660  [ 73C1F563AB73D459DFFE682D66476558, 9B8BEE384C968DC6C37DD54B9128D9C2BA92EDBF7BDF49D753AA7DB165F18D00 ] LMouFilt        C:\Windows\system32\DRIVERS\LMouFilt.Sys
08:24:44.0830 0x1660  LMouFilt - ok
08:24:44.0849 0x1660  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
08:24:44.0859 0x1660  LSI_FC - ok
08:24:44.0907 0x1660  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
08:24:44.0917 0x1660  LSI_SAS - ok
08:24:44.0928 0x1660  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
08:24:44.0937 0x1660  LSI_SAS2 - ok
08:24:44.0957 0x1660  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
08:24:44.0968 0x1660  LSI_SCSI - ok
08:24:44.0992 0x1660  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
08:24:45.0019 0x1660  luafv - ok
08:24:45.0038 0x1660  [ 9D9714E78EAC9E5368208649489C920E, 56DF5DBDF4963758A1E6BAD6210F8682A846DA9E5924CFA5879AC89CA7223C93 ] LUsbFilt        C:\Windows\system32\Drivers\LUsbFilt.Sys
08:24:45.0046 0x1660  LUsbFilt - ok
08:24:45.0069 0x1660  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
08:24:45.0080 0x1660  Mcx2Svc - ok
08:24:45.0095 0x1660  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
08:24:45.0104 0x1660  megasas - ok
08:24:45.0118 0x1660  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
08:24:45.0132 0x1660  MegaSR - ok
08:24:45.0145 0x1660  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
08:24:45.0172 0x1660  MMCSS - ok
08:24:45.0176 0x1660  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
08:24:45.0201 0x1660  Modem - ok
08:24:45.0221 0x1660  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
08:24:45.0232 0x1660  monitor - ok
08:24:45.0245 0x1660  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
08:24:45.0254 0x1660  mouclass - ok
08:24:45.0279 0x1660  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
08:24:45.0288 0x1660  mouhid - ok
08:24:45.0371 0x1660  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
08:24:45.0391 0x1660  mountmgr - ok
08:24:45.0438 0x1660  [ 528A5C2570F468155A1B3CF0A2FF5EBD, 473EEE97A4690A919DE05C525F0858DA9A5BD30072383D81F096F82DDFC93BAB ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
08:24:45.0453 0x1660  MozillaMaintenance - ok
08:24:45.0486 0x1660  [ FC1D590039EF06A381768710E6C07E75, 2F8B4D5232C4848A423A4E647102F3EDFD9B3D55D0D14AC04FD6D60D9212106F ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
08:24:45.0510 0x1660  MpFilter - ok
08:24:45.0530 0x1660  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
08:24:45.0546 0x1660  mpio - ok
08:24:45.0567 0x1660  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
08:24:45.0600 0x1660  mpsdrv - ok
08:24:45.0631 0x1660  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
08:24:45.0677 0x1660  MpsSvc - ok
08:24:45.0701 0x1660  [ DC722758B8261E1ABAFD31A3C0A66380, 88BBE073E2CCD1DAB4656DDC53D5161E8A91D035ADAC1465D0CEBA86F1BB6D9A ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
08:24:45.0716 0x1660  MRxDAV - ok
08:24:45.0740 0x1660  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
08:24:45.0759 0x1660  mrxsmb - ok
08:24:45.0791 0x1660  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
08:24:45.0805 0x1660  mrxsmb10 - ok
08:24:45.0819 0x1660  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
08:24:45.0830 0x1660  mrxsmb20 - ok
08:24:45.0845 0x1660  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
08:24:45.0853 0x1660  msahci - ok
08:24:45.0889 0x1660  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
08:24:45.0923 0x1660  msdsm - ok
08:24:45.0941 0x1660  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
08:24:45.0956 0x1660  MSDTC - ok
08:24:45.0978 0x1660  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
08:24:46.0003 0x1660  Msfs - ok
08:24:46.0015 0x1660  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
08:24:46.0039 0x1660  mshidkmdf - ok
08:24:46.0112 0x1660  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
08:24:46.0141 0x1660  msisadrv - ok
08:24:46.0179 0x1660  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
08:24:46.0226 0x1660  MSiSCSI - ok
08:24:46.0230 0x1660  msiserver - ok
08:24:46.0299 0x1660  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
08:24:46.0364 0x1660  MSKSSRV - ok
08:24:46.0444 0x1660  [ 52D60E642263719B37F1E4A785E676EB, 1ECCB557FC26F120852E02142EDE60A91F1E53EBD6BF3A15676AF2A286B986E6 ] MsMpSvc         C:\Program Files\Microsoft Security Client\MsMpEng.exe
08:24:46.0467 0x1660  MsMpSvc - ok
08:24:46.0482 0x1660  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
08:24:46.0518 0x1660  MSPCLOCK - ok
08:24:46.0533 0x1660  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
08:24:46.0557 0x1660  MSPQM - ok
08:24:46.0582 0x1660  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
08:24:46.0598 0x1660  MsRPC - ok
08:24:46.0610 0x1660  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
08:24:46.0618 0x1660  mssmbios - ok
08:24:46.0666 0x1660  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
08:24:46.0690 0x1660  MSTEE - ok
08:24:46.0694 0x1660  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
08:24:46.0703 0x1660  MTConfig - ok
08:24:46.0724 0x1660  [ 19B006B181E3875FD254F7B67ACF1E7C, 1D68D19522E71F16B8B50F8CCFBC9D884CF2DAC40CC409BD5A40A4D4223ABC61 ] MTsensor        C:\Windows\system32\DRIVERS\ASACPI.sys
08:24:46.0732 0x1660  MTsensor - ok
08:24:46.0739 0x1660  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
08:24:46.0748 0x1660  Mup - ok
08:24:46.0852 0x1660  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
08:24:46.0897 0x1660  napagent - ok
08:24:46.0922 0x1660  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
08:24:46.0990 0x1660  NativeWifiP - ok
08:24:47.0029 0x1660  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
08:24:47.0059 0x1660  NDIS - ok
08:24:47.0126 0x1660  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
08:24:47.0151 0x1660  NdisCap - ok
08:24:47.0170 0x1660  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
08:24:47.0194 0x1660  NdisTapi - ok
08:24:47.0212 0x1660  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
08:24:47.0237 0x1660  Ndisuio - ok
08:24:47.0264 0x1660  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
08:24:47.0292 0x1660  NdisWan - ok
08:24:47.0306 0x1660  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
08:24:47.0332 0x1660  NDProxy - ok
08:24:47.0345 0x1660  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
08:24:47.0371 0x1660  NetBIOS - ok
08:24:47.0383 0x1660  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
08:24:47.0413 0x1660  NetBT - ok
08:24:47.0424 0x1660  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] Netlogon        C:\Windows\system32\lsass.exe
08:24:47.0433 0x1660  Netlogon - ok
08:24:47.0520 0x1660  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
08:24:47.0578 0x1660  Netman - ok
08:24:47.0640 0x1660  [ 7E9228C814C0D0B551AF9A114B7E0B16, D0426B8F25EFD9B187AB3066F3F13DDB60D16355661B76F8C666BDE36B2B8872 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:24:47.0670 0x1660  NetMsmqActivator - ok
08:24:47.0678 0x1660  [ 7E9228C814C0D0B551AF9A114B7E0B16, D0426B8F25EFD9B187AB3066F3F13DDB60D16355661B76F8C666BDE36B2B8872 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:24:47.0694 0x1660  NetPipeActivator - ok
08:24:47.0714 0x1660  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
08:24:47.0751 0x1660  netprofm - ok
08:24:47.0757 0x1660  [ 7E9228C814C0D0B551AF9A114B7E0B16, D0426B8F25EFD9B187AB3066F3F13DDB60D16355661B76F8C666BDE36B2B8872 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:24:47.0769 0x1660  NetTcpActivator - ok
08:24:47.0775 0x1660  [ 7E9228C814C0D0B551AF9A114B7E0B16, D0426B8F25EFD9B187AB3066F3F13DDB60D16355661B76F8C666BDE36B2B8872 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:24:47.0787 0x1660  NetTcpPortSharing - ok
08:24:47.0802 0x1660  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
08:24:47.0811 0x1660  nfrd960 - ok
08:24:47.0855 0x1660  [ 8FB3C853E886E1E4D57271672486111C, 2D2954740BF2046FC4C0F1C00FBA9627C356792C0636A51078116876E4886FC6 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
08:24:47.0868 0x1660  NisDrv - ok
08:24:47.0957 0x1660  [ 506BAA292F60C2AB637B9AEA3325D7D0, 5535FA9DD208CDBE70999866FAD422F2D9B6F59C33617675867F2B8C923F108E ] NisSrv          C:\Program Files\Microsoft Security Client\NisSrv.exe
08:24:47.0984 0x1660  NisSrv - ok
08:24:48.0018 0x1660  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
08:24:48.0034 0x1660  NlaSvc - ok
08:24:48.0042 0x1660  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
08:24:48.0067 0x1660  Npfs - ok
08:24:48.0086 0x1660  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
08:24:48.0112 0x1660  nsi - ok
08:24:48.0120 0x1660  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
08:24:48.0145 0x1660  nsiproxy - ok
08:24:48.0212 0x1660  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
08:24:48.0259 0x1660  Ntfs - ok
08:24:48.0274 0x1660  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
08:24:48.0299 0x1660  Null - ok
08:24:48.0319 0x1660  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
08:24:48.0331 0x1660  nvraid - ok
08:24:48.0350 0x1660  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
08:24:48.0361 0x1660  nvstor - ok
08:24:48.0378 0x1660  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
08:24:48.0389 0x1660  nv_agp - ok
08:24:48.0520 0x1660  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
08:24:48.0550 0x1660  odserv - ok
08:24:48.0569 0x1660  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
08:24:48.0579 0x1660  ohci1394 - ok
08:24:48.0608 0x1660  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:24:48.0618 0x1660  ose - ok
08:24:48.0643 0x1660  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
08:24:48.0666 0x1660  p2pimsvc - ok
08:24:48.0684 0x1660  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
08:24:48.0704 0x1660  p2psvc - ok
08:24:48.0722 0x1660  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
08:24:48.0733 0x1660  Parport - ok
08:24:48.0756 0x1660  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
08:24:48.0765 0x1660  partmgr - ok
08:24:48.0776 0x1660  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
08:24:48.0792 0x1660  PcaSvc - ok
08:24:48.0804 0x1660  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
08:24:48.0816 0x1660  pci - ok
08:24:48.0825 0x1660  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
08:24:48.0833 0x1660  pciide - ok
08:24:48.0856 0x1660  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
08:24:48.0870 0x1660  pcmcia - ok
08:24:48.0885 0x1660  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
08:24:48.0893 0x1660  pcw - ok
08:24:48.0985 0x1660  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
08:24:49.0034 0x1660  PEAUTH - ok
08:24:49.0082 0x1660  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
08:24:49.0139 0x1660  PeerDistSvc - ok
08:24:49.0180 0x1660  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
08:24:49.0190 0x1660  PerfHost - ok
08:24:49.0242 0x1660  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
08:24:49.0304 0x1660  pla - ok
08:24:49.0334 0x1660  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
08:24:49.0423 0x1660  PlugPlay - ok
08:24:49.0435 0x1660  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
08:24:49.0447 0x1660  PNRPAutoReg - ok
08:24:49.0461 0x1660  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
08:24:49.0476 0x1660  PNRPsvc - ok
08:24:49.0490 0x1660  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
08:24:49.0527 0x1660  PolicyAgent - ok
08:24:49.0547 0x1660  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
08:24:49.0576 0x1660  Power - ok
08:24:49.0649 0x1660  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
08:24:49.0677 0x1660  PptpMiniport - ok
08:24:49.0689 0x1660  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
08:24:49.0699 0x1660  Processor - ok
08:24:49.0729 0x1660  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
08:24:49.0750 0x1660  ProfSvc - ok
08:24:49.0754 0x1660  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] ProtectedStorage C:\Windows\system32\lsass.exe
08:24:49.0763 0x1660  ProtectedStorage - ok
08:24:49.0798 0x1660  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
08:24:49.0825 0x1660  Psched - ok
08:24:49.0903 0x1660  [ FB46E9A827A8799EBD7BFA9128C91F37, 7C40E9C1720522D76AF45A588DFF47BDF0E2A99AF3A396854A00F1273EA13193 ] PSI             C:\Windows\system32\DRIVERS\psi_mf.sys
08:24:49.0910 0x1660  PSI - ok
08:24:49.0935 0x1660  [ A6BF0A9B5A30D743623CA0D3BE35DF05, 0AA2DAE7ADC38F4197548DE174D551A0CF9281D2680B07E6C84914CA199C0661 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
08:24:49.0942 0x1660  PxHlpa64 - ok
08:24:49.0991 0x1660  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
08:24:50.0036 0x1660  ql2300 - ok
08:24:50.0052 0x1660  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
08:24:50.0063 0x1660  ql40xx - ok
08:24:50.0090 0x1660  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
08:24:50.0109 0x1660  QWAVE - ok
08:24:50.0117 0x1660  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
08:24:50.0129 0x1660  QWAVEdrv - ok
08:24:50.0140 0x1660  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
08:24:50.0165 0x1660  RasAcd - ok
08:24:50.0193 0x1660  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
08:24:50.0219 0x1660  RasAgileVpn - ok
08:24:50.0232 0x1660  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
08:24:50.0260 0x1660  RasAuto - ok
08:24:50.0272 0x1660  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
08:24:50.0298 0x1660  Rasl2tp - ok
08:24:50.0325 0x1660  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
08:24:50.0358 0x1660  RasMan - ok
08:24:50.0379 0x1660  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
08:24:50.0406 0x1660  RasPppoe - ok
08:24:50.0470 0x1660  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
08:24:50.0514 0x1660  RasSstp - ok
08:24:50.0536 0x1660  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
08:24:50.0566 0x1660  rdbss - ok
08:24:50.0576 0x1660  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
08:24:50.0587 0x1660  rdpbus - ok
08:24:50.0593 0x1660  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
08:24:50.0618 0x1660  RDPCDD - ok
08:24:50.0648 0x1660  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
08:24:50.0668 0x1660  RDPDR - ok
08:24:50.0691 0x1660  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
08:24:50.0716 0x1660  RDPENCDD - ok
08:24:50.0721 0x1660  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
08:24:50.0745 0x1660  RDPREFMP - ok
08:24:50.0761 0x1660  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
08:24:50.0785 0x1660  RDPWD - ok
08:24:50.0806 0x1660  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
08:24:50.0818 0x1660  rdyboost - ok
08:24:50.0836 0x1660  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
08:24:50.0863 0x1660  RemoteAccess - ok
08:24:50.0875 0x1660  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
08:24:50.0904 0x1660  RemoteRegistry - ok
08:24:50.0919 0x1660  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
08:24:50.0945 0x1660  RpcEptMapper - ok
08:24:50.0949 0x1660  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
08:24:50.0958 0x1660  RpcLocator - ok
08:24:50.0985 0x1660  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\System32\rpcss.dll
08:24:51.0020 0x1660  RpcSs - ok
08:24:51.0032 0x1660  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
08:24:51.0059 0x1660  rspndr - ok
08:24:51.0091 0x1660  [ EE082E06A82FF630351D1E0EBBD3D8D0, 537F1A4108BDA72E8DD271466E7B7FCF39D4D55E4129AB35A409AB7AF2E7D219 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
08:24:51.0111 0x1660  RTL8167 - ok
08:24:51.0130 0x1660  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
08:24:51.0148 0x1660  s3cap - ok
08:24:51.0152 0x1660  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] SamSs           C:\Windows\system32\lsass.exe
08:24:51.0161 0x1660  SamSs - ok
08:24:51.0242 0x1660  [ 495588414F5C62C333F1A69E17E5FB9F, F16FA9EE19BA1B519EBC371282F913FE0E42AEED226D149C6F37976466D61CA8 ] SbieDrv         C:\Program Files\Sandboxie\SbieDrv.sys
08:24:51.0272 0x1660  SbieDrv - ok
08:24:51.0285 0x1660  [ 099007B7A80E1917FFA110CE7785A3C9, 04B877099A151F226C378FB000185FA4B3CB96FF858ED2801A9440D7625F0E52 ] SbieSvc         C:\Program Files\Sandboxie\SbieSvc.exe
08:24:51.0298 0x1660  SbieSvc - ok
08:24:51.0313 0x1660  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
08:24:51.0326 0x1660  sbp2port - ok
08:24:51.0372 0x1660  [ 794D4B48DFB6E999537C7C3947863463, 93DA8AA20D6B02A3360E7F56150F126E75266E9372E6409D42B89DA588EF49C3 ] SBSDWSCService  C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
08:24:51.0407 0x1660  SBSDWSCService - ok
08:24:51.0421 0x1660  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
08:24:51.0452 0x1660  SCardSvr - ok
08:24:51.0494 0x1660  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
08:24:51.0532 0x1660  scfilter - ok
08:24:51.0634 0x1660  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
08:24:51.0702 0x1660  Schedule - ok
08:24:51.0724 0x1660  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
08:24:51.0749 0x1660  SCPolicySvc - ok
08:24:51.0762 0x1660  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
08:24:51.0780 0x1660  SDRSVC - ok
08:24:51.0793 0x1660  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
08:24:51.0818 0x1660  secdrv - ok
08:24:51.0836 0x1660  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
08:24:51.0861 0x1660  seclogon - ok
08:24:51.0934 0x1660  [ F70A51EB03EE7046784EF62EFCE9528E, 5D948ADFD75A74028FFC907874F83785BC5B5664FFAEC24894D5F95656D481C0 ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
08:24:52.0137 0x1660  Secunia PSI Agent - ok
08:24:52.0182 0x1660  [ AD56CEB08EEB517332355FDE9E5939C8, 738B27062EEE85BD562EEB142C409F4F7A2F84F3073F6E4AE426610AAD08B5B1 ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
08:24:52.0321 0x1660  Secunia Update Agent - ok
08:24:52.0345 0x1660  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
08:24:52.0371 0x1660  SENS - ok
08:24:52.0384 0x1660  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
08:24:52.0396 0x1660  SensrSvc - ok
08:24:52.0420 0x1660  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
08:24:52.0429 0x1660  Serenum - ok
08:24:52.0446 0x1660  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
08:24:52.0456 0x1660  Serial - ok
08:24:52.0482 0x1660  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
08:24:52.0492 0x1660  sermouse - ok
08:24:52.0522 0x1660  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
08:24:52.0606 0x1660  SessionEnv - ok
08:24:52.0625 0x1660  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
08:24:52.0635 0x1660  sffdisk - ok
08:24:52.0641 0x1660  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
08:24:52.0651 0x1660  sffp_mmc - ok
08:24:52.0660 0x1660  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
08:24:52.0670 0x1660  sffp_sd - ok
08:24:52.0682 0x1660  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
08:24:52.0690 0x1660  sfloppy - ok
08:24:52.0716 0x1660  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
08:24:52.0751 0x1660  SharedAccess - ok
08:24:52.0774 0x1660  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
08:24:52.0808 0x1660  ShellHWDetection - ok
08:24:52.0832 0x1660  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
08:24:52.0841 0x1660  SiSRaid2 - ok
08:24:52.0853 0x1660  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
08:24:52.0863 0x1660  SiSRaid4 - ok
08:24:52.0876 0x1660  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
08:24:52.0903 0x1660  Smb - ok
08:24:52.0919 0x1660  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
08:24:52.0929 0x1660  SNMPTRAP - ok
08:24:52.0936 0x1660  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
08:24:52.0944 0x1660  spldr - ok
08:24:52.0977 0x1660  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
08:24:53.0002 0x1660  Spooler - ok
08:24:53.0104 0x1660  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
08:24:53.0224 0x1660  sppsvc - ok
08:24:53.0248 0x1660  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
08:24:53.0275 0x1660  sppuinotify - ok
08:24:53.0301 0x1660  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
08:24:53.0330 0x1660  srv - ok
08:24:53.0351 0x1660  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
08:24:53.0369 0x1660  srv2 - ok
08:24:53.0386 0x1660  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
08:24:53.0397 0x1660  srvnet - ok
08:24:53.0416 0x1660  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
08:24:53.0446 0x1660  SSDPSRV - ok
08:24:53.0456 0x1660  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
08:24:53.0482 0x1660  SstpSvc - ok
08:24:53.0500 0x1660  Steam Client Service - ok
08:24:53.0513 0x1660  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
08:24:53.0521 0x1660  stexstor - ok
08:24:53.0555 0x1660  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
08:24:53.0583 0x1660  stisvc - ok
08:24:53.0615 0x1660  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
08:24:53.0623 0x1660  storflt - ok
08:24:53.0639 0x1660  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
08:24:53.0656 0x1660  StorSvc - ok
08:24:53.0667 0x1660  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
08:24:53.0676 0x1660  storvsc - ok
08:24:53.0692 0x1660  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
08:24:53.0700 0x1660  swenum - ok
08:24:53.0725 0x1660  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
08:24:53.0765 0x1660  swprv - ok
08:24:53.0828 0x1660  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
08:24:53.0887 0x1660  SysMain - ok
08:24:53.0904 0x1660  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
08:24:53.0919 0x1660  TabletInputService - ok
08:24:53.0939 0x1660  [ F9BE29D5E097F03F81D3CD12B794CB66, 5EC208DEAF7C721F4C36512E7DAD4AC66578AB935B9502A5E1E213BC91BE508C ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
08:24:53.0961 0x1660  tap0901 - ok
08:24:53.0979 0x1660  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
08:24:54.0011 0x1660  TapiSrv - ok
08:24:54.0034 0x1660  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
08:24:54.0061 0x1660  TBS - ok
08:24:54.0124 0x1660  [ DB74544B75566C974815E79A62433F29, 035EBF70FDA28CF2B6C1FD7EE0ED703DB4B647064B5DBA6E258878A19B1BCCA4 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
08:24:54.0178 0x1660  Tcpip - ok
08:24:54.0229 0x1660  [ DB74544B75566C974815E79A62433F29, 035EBF70FDA28CF2B6C1FD7EE0ED703DB4B647064B5DBA6E258878A19B1BCCA4 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
08:24:54.0275 0x1660  TCPIP6 - ok
08:24:54.0302 0x1660  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
08:24:54.0312 0x1660  tcpipreg - ok
08:24:54.0322 0x1660  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
08:24:54.0336 0x1660  TDPIPE - ok
08:24:54.0357 0x1660  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
08:24:54.0366 0x1660  TDTCP - ok
08:24:54.0394 0x1660  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
08:24:54.0421 0x1660  tdx - ok
08:24:54.0432 0x1660  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
08:24:54.0442 0x1660  TermDD - ok
08:24:54.0473 0x1660  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
08:24:54.0515 0x1660  TermService - ok
08:24:54.0526 0x1660  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
08:24:54.0539 0x1660  Themes - ok
08:24:54.0560 0x1660  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
08:24:54.0585 0x1660  THREADORDER - ok
08:24:54.0607 0x1660  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
08:24:54.0635 0x1660  TrkWks - ok
08:24:54.0665 0x1660  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
08:24:54.0693 0x1660  TrustedInstaller - ok
08:24:54.0702 0x1660  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
08:24:54.0717 0x1660  tssecsrv - ok
08:24:54.0734 0x1660  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
08:24:54.0750 0x1660  TsUsbFlt - ok
08:24:54.0777 0x1660  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
08:24:54.0803 0x1660  tunnel - ok
08:24:54.0826 0x1660  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
08:24:54.0836 0x1660  uagp35 - ok
08:24:54.0863 0x1660  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
08:24:54.0895 0x1660  udfs - ok
08:24:54.0912 0x1660  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
08:24:54.0922 0x1660  UI0Detect - ok
08:24:54.0939 0x1660  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
08:24:54.0948 0x1660  uliagpkx - ok
08:24:54.0966 0x1660  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys
08:24:54.0976 0x1660  umbus - ok
08:24:54.0990 0x1660  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
08:24:54.0998 0x1660  UmPass - ok
08:24:55.0013 0x1660  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
08:24:55.0027 0x1660  UmRdpService - ok
08:24:55.0048 0x1660  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
08:24:55.0082 0x1660  upnphost - ok
08:24:55.0100 0x1660  [ ACCEA6BC68D0C9A78EB97EE159028B4E, 132F7A543C1DA9456FBABA50552B37E3162ACA612A8567BB3FF0F7DA84231419 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
08:24:55.0117 0x1660  usbccgp - ok
08:24:55.0139 0x1660  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
08:24:55.0155 0x1660  usbcir - ok
08:24:55.0170 0x1660  [ 311C1DD1088E55BEAE15954D17F50646, A663344ABD1414D570617F59CC00020640F31DB34265142EFCA8817328DB842A ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
08:24:55.0180 0x1660  usbehci - ok
08:24:55.0205 0x1660  [ 280E90CBF4B2DDD169F0728CB44D726F, 2B39666C022A4F7338BDDB4CB0D7B4D0CC6B398298D29E38826F27FADF4C29DD ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
08:24:55.0221 0x1660  usbhub - ok
08:24:55.0258 0x1660  [ 9406D801042FAF859CF81B2C886413DC, D16536EC05260D7A2902314E1AA5E5F73533483B9967739C381FD41B6192B92F ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
08:24:55.0267 0x1660  usbohci - ok
08:24:55.0281 0x1660  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
08:24:55.0292 0x1660  usbprint - ok
08:24:55.0316 0x1660  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
08:24:55.0333 0x1660  USBSTOR - ok
08:24:55.0336 0x1660  usbuhci - ok
08:24:55.0350 0x1660  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
08:24:55.0376 0x1660  UxSms - ok
08:24:55.0389 0x1660  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] VaultSvc        C:\Windows\system32\lsass.exe
08:24:55.0398 0x1660  VaultSvc - ok
08:24:55.0402 0x1660  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
08:24:55.0411 0x1660  vdrvroot - ok
08:24:55.0441 0x1660  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
08:24:55.0480 0x1660  vds - ok
08:24:55.0489 0x1660  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
08:24:55.0500 0x1660  vga - ok
08:24:55.0511 0x1660  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
08:24:55.0536 0x1660  VgaSave - ok
08:24:55.0553 0x1660  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
08:24:55.0566 0x1660  vhdmp - ok
08:24:55.0631 0x1660  [ DFDF7F9CAA50EE72A633EA4BBD65A557, DF25D6F5E599A801D712E5AA69D31B949BACF6C274987F8E8CE8272564D59271 ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
08:24:55.0683 0x1660  VIAHdAudAddService - ok
08:24:55.0697 0x1660  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
08:24:55.0705 0x1660  viaide - ok
08:24:55.0722 0x1660  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
08:24:55.0734 0x1660  vmbus - ok
08:24:55.0743 0x1660  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
08:24:55.0751 0x1660  VMBusHID - ok
08:24:55.0783 0x1660  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
08:24:55.0792 0x1660  volmgr - ok
08:24:55.0817 0x1660  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
08:24:55.0833 0x1660  volmgrx - ok
08:24:55.0850 0x1660  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
08:24:55.0864 0x1660  volsnap - ok
08:24:55.0898 0x1660  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
08:24:55.0909 0x1660  vsmraid - ok
08:24:55.0971 0x1660  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
08:24:56.0039 0x1660  VSS - ok
08:24:56.0050 0x1660  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
08:24:56.0061 0x1660  vwifibus - ok
08:24:56.0083 0x1660  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
08:24:56.0117 0x1660  W32Time - ok
08:24:56.0134 0x1660  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
08:24:56.0143 0x1660  WacomPen - ok
08:24:56.0166 0x1660  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
08:24:56.0192 0x1660  WANARP - ok
08:24:56.0196 0x1660  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
08:24:56.0220 0x1660  Wanarpv6 - ok
08:24:56.0281 0x1660  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
08:24:56.0319 0x1660  WatAdminSvc - ok
08:24:56.0373 0x1660  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
08:24:56.0430 0x1660  wbengine - ok
08:24:56.0454 0x1660  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
08:24:56.0471 0x1660  WbioSrvc - ok
08:24:56.0488 0x1660  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
08:24:56.0511 0x1660  wcncsvc - ok
08:24:56.0523 0x1660  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
08:24:56.0542 0x1660  WcsPlugInService - ok
08:24:56.0554 0x1660  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
08:24:56.0562 0x1660  Wd - ok
08:24:56.0601 0x1660  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
08:24:56.0634 0x1660  Wdf01000 - ok
08:24:56.0661 0x1660  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
08:24:56.0703 0x1660  WdiServiceHost - ok
08:24:56.0708 0x1660  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
08:24:56.0721 0x1660  WdiSystemHost - ok
08:24:56.0751 0x1660  [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient       C:\Windows\System32\webclnt.dll
08:24:56.0771 0x1660  WebClient - ok
08:24:56.0788 0x1660  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
08:24:56.0820 0x1660  Wecsvc - ok
08:24:56.0826 0x1660  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
08:24:56.0853 0x1660  wercplsupport - ok
08:24:56.0872 0x1660  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
08:24:56.0899 0x1660  WerSvc - ok
08:24:56.0908 0x1660  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
08:24:56.0934 0x1660  WfpLwf - ok
08:24:56.0937 0x1660  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
08:24:56.0945 0x1660  WIMMount - ok
08:24:56.0968 0x1660  WinDefend - ok
08:24:56.0973 0x1660  WinHttpAutoProxySvc - ok
08:24:57.0011 0x1660  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
08:24:57.0042 0x1660  Winmgmt - ok
08:24:57.0099 0x1660  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
08:24:57.0178 0x1660  WinRM - ok
08:24:57.0226 0x1660  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
08:24:57.0263 0x1660  Wlansvc - ok
08:24:57.0415 0x1660  [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
08:24:57.0478 0x1660  wlidsvc - ok
08:24:57.0503 0x1660  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
08:24:57.0512 0x1660  WmiAcpi - ok
08:24:57.0528 0x1660  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
08:24:57.0542 0x1660  wmiApSrv - ok
08:24:57.0551 0x1660  WMPNetworkSvc - ok
08:24:57.0560 0x1660  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
08:24:57.0577 0x1660  WPCSvc - ok
08:24:57.0595 0x1660  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
08:24:57.0616 0x1660  WPDBusEnum - ok
08:24:57.0624 0x1660  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
08:24:57.0649 0x1660  ws2ifsl - ok
08:24:57.0655 0x1660  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
08:24:57.0669 0x1660  wscsvc - ok
08:24:57.0672 0x1660  WSearch - ok
08:24:57.0748 0x1660  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
08:24:57.0817 0x1660  wuauserv - ok
08:24:57.0839 0x1660  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
08:24:57.0852 0x1660  WudfPf - ok
08:24:57.0879 0x1660  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
08:24:57.0892 0x1660  WUDFRd - ok
08:24:57.0902 0x1660  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
08:24:57.0914 0x1660  wudfsvc - ok
08:24:57.0932 0x1660  [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc         C:\Windows\System32\wwansvc.dll
08:24:57.0950 0x1660  WwanSvc - ok
08:24:57.0965 0x1660  ================ Scan global ===============================
08:24:57.0988 0x1660  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
08:24:58.0017 0x1660  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
08:24:58.0029 0x1660  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
08:24:58.0053 0x1660  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
08:24:58.0080 0x1660  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
08:24:58.0088 0x1660  [ Global ] - ok
08:24:58.0088 0x1660  ================ Scan MBR ==================================
08:24:58.0097 0x1660  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
08:24:58.0323 0x1660  \Device\Harddisk0\DR0 - ok
08:24:58.0324 0x1660  ================ Scan VBR ==================================
08:24:58.0330 0x1660  [ 8652AC0D9E5C7529BC4FBCD7D0F5888A ] \Device\Harddisk0\DR0\Partition1
08:24:58.0333 0x1660  \Device\Harddisk0\DR0\Partition1 - ok
08:24:58.0341 0x1660  [ E32C2652F0793175E9A8EF3F85D94E62 ] \Device\Harddisk0\DR0\Partition2
08:24:58.0342 0x1660  \Device\Harddisk0\DR0\Partition2 - ok
08:24:58.0367 0x1660  [ 8837F4B6DBA37A697ED921B3121F7504 ] \Device\Harddisk0\DR0\Partition3
08:24:58.0369 0x1660  \Device\Harddisk0\DR0\Partition3 - ok
08:24:58.0371 0x1660  Waiting for KSN requests completion. In queue: 328
08:24:59.0371 0x1660  Waiting for KSN requests completion. In queue: 45
08:25:00.0371 0x1660  Waiting for KSN requests completion. In queue: 45
08:25:01.0409 0x1660  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.3.219.0 ), 0x61000 ( enabled : updated )
08:25:01.0444 0x1660  Win FW state via NFP2: enabled
08:25:04.0198 0x1660  ============================================================
08:25:04.0198 0x1660  Scan finished
08:25:04.0198 0x1660  ============================================================
08:25:04.0222 0x0538  Detected object count: 0
08:25:04.0222 0x0538  Actual detected object count: 0
08:27:53.0055 0x1a04  Deinitialize success
 
 
-------------------------------------------------------------------------------------------------------------------------------------
*************************************************************************************************************************************
 
aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-11-03 08:28:13
-----------------------------
08:28:13.295    OS Version: Windows x64 6.1.7601 Service Pack 1
08:28:13.295    Number of processors: 4 586 0x403
08:28:13.296    ComputerName: COMPUTA-PC  UserName: Computa
08:28:13.876    Initialize success
08:29:43.196    AVAST engine defs: 13110201
08:29:49.567    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2
08:29:49.569    Disk 0 Vendor: SAMSUNG_HD103SJ 1AJ10001 Size: 953869MB BusType: 3
08:29:49.663    Disk 0 MBR read successfully
08:29:49.669    Disk 0 MBR scan
08:29:49.740    Disk 0 Windows 7 default MBR code
08:29:49.742    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS        80003 MB offset 63
08:29:49.766    Disk 0 Partition - 00     0F Extended LBA            873855 MB offset 163846935
08:29:49.777    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS        39997 MB offset 163846998
08:29:49.801    Disk 0 Partition - 00     05     Extended            833858 MB offset 245762370
08:29:49.816    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       833858 MB offset 245762433
08:29:49.877    Disk 0 scanning C:\Windows\system32\drivers
08:29:59.022    Service scanning
08:30:22.328    Modules scanning
08:30:22.665    Disk 0 trace - called modules:
08:30:22.681    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys 
08:30:22.685    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004be2060]
08:30:22.691    3 CLASSPNP.SYS[fffff880018ce43f] -> nt!IofCallDriver -> [0xfffffa800459e520]
08:30:22.696    5 ACPI.sys[fffff88000fac7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-2[0xfffffa80045d6060]
08:30:23.032    AVAST engine scan C:\Windows
08:30:25.249    AVAST engine scan C:\Windows\system32
08:34:44.853    AVAST engine scan C:\Windows\system32\drivers
08:34:56.938    AVAST engine scan C:\Users\Computa
08:36:49.924    AVAST engine scan C:\ProgramData
08:38:47.160    Scan finished successfully
08:40:12.842    Disk 0 MBR has been saved successfully to "C:\Users\Computa\Desktop\MBR.dat"
08:40:12.879    The log file has been saved successfully to "C:\Users\Computa\Desktop\aswMBR.txt"
 
 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 
RogueKiller V8.7.6 _x64_ [Oct 28 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
 
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Computa [Admin rights]
Mode : Scan -- Date : 11/03/2013 08:46:17
| ARK || FAK || MBR |
 
¤¤¤ Bad processes : 1 ¤¤¤
[SUSP PATH] aswMBR.exe -- C:\Users\Computa\Desktop\aswMBR.exe [x] -> KILLED [TermProc]
 
¤¤¤ Registry Entries : 6 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
 
¤¤¤ Scheduled tasks : 1 ¤¤¤
[V2][SUSP PATH] RunDAOD : C:\Windows\DAODx.exe [-] -> FOUND
 
¤¤¤ Startup Entries : 0 ¤¤¤
 
¤¤¤ Web browsers : 0 ¤¤¤
 
¤¤¤ Particular Files / Folders: ¤¤¤
 
¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
 
¤¤¤ External Hives: ¤¤¤
 
¤¤¤ Infection :  ¤¤¤
 
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
 
 
127.0.0.1       localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
[...]
 
 
¤¤¤ MBR Check: ¤¤¤
 
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) SAMSUNG HD103SJ ATA Device +++++
--- User ---
[MBR] e871e52bc8b520ef002ff6ea0356523e
[BSP] bd6bb6051ba4717acfc22451fc7fac47 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 80003 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 163846935 | Size: 873856 Mo
User = LL1 ... OK!
User = LL2 ... OK!
 
Finished : << RKreport[0]_S_11032013_084617.txt >>
 
 
 
==============================================================================
I have posted the 3 logs you requested above and also attached the text file. Thank you for taking the time to look at my logs as I really appreciate it.

 

Attached Files

  • Attached File  MBR.zip   567bytes   0 downloads


#4 nasdaq

nasdaq

  • Malware Response Team
  • 39,243 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:23 AM

Posted 03 November 2013 - 08:26 AM

Following steps involve registry editing. Please create new restore point before proceeding!!!
How to:
XP - http://support.microsoft.com/kb/948247
Vista and Seven - http://windows.microsoft.com/en-gb/windows7/create-a-restore-point
Windows 8 - http://www.eightforums.com/tutorials/4690-restore-point-create-windows-8-a.html

Download this program to your desktop.
Tweaking.com - Windows Repair 1.9.16
http://www.bleepingcomputer.com/download/windows-repair-all-in-one-portable/


Extract and launch the Repair_Windows.exe file

Click on Start repairs tab-click on Start

check mark following options alone

Reset Registry Permissions
Reset File Permissions
Register System Files
Repair WMI
Repair Windows Firewall
Repair Internet Explorer
Remove Policies Set By Infections
Repair Winsock & DNS Cache
Remove Temp Files
Repair Proxy Settings
Unhide Non System Files
Repair Windows Updates
  • Checkmark Restart System When Finished option
  • click the Start button
  • System should restart after repair
Please let me know what problem persists.

#5 Cas34

Cas34
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:02:23 PM

Posted 03 November 2013 - 04:04 PM

Hi,

 

I have ran that program and restarted my PC. Still not able to update windows, have 1 update to go but it keeps failing.



#6 nasdaq

nasdaq

  • Malware Response Team
  • 39,243 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:23 AM

Posted 04 November 2013 - 07:55 AM

Please scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer.
      Save it to your Desktop.
    • Double click on the esetsmartinstaller_enu.png to download the ESET Smart Installer. icon on your Desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
===

If still having problem downloading the Windows update please run this tool.

Please download MiniToolBox to Desktop and run it.

Check mark the following boxes:

  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List IP Configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • Click Go and copy/paste the log (Result.txt) into your next post.
  • [b]Note: When using "Reset FF Proxy Settings" option Firefox should be closed.


#7 Cas34

Cas34
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:02:23 PM

Posted 05 November 2013 - 04:03 AM

MiniToolBox by Farbar  Version: 13-07-2013
Ran by Computa (administrator) on 05-11-2013 at 08:56:45
Running from "C:\Users\Computa\Downloads"
Microsoft Windows 7 Professional  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= IP Configuration: ================================
 
Realtek PCIe GBE Family Controller = Local Area Connection (Connected)
TAP-Win32 Adapter V9 = Local Area Connection 2 (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Computa-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Ethernet adapter Local Area Connection 2:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : TAP-Win32 Adapter V9
   Physical Address. . . . . . . . . : 00-FF-D5-75-73-58
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter Local Area Connection:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : 48-5B-39-C9-68-04
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::3d7a:6a01:d7d6:762c%10(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.2(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : 05 November 2013 08:16:39
   Lease Expires . . . . . . . . . . : 06 November 2013 08:16:38
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 239622969
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-E1-0C-85-48-5B-39-C9-68-04
   DNS Servers . . . . . . . . . . . : 192.168.1.1
                                       192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter isatap.{A3E7D795-95FF-418A-B054-7B8AB5451598}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:18c6:1383:3f57:fefd(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::18c6:1383:3f57:fefd%11(Preferred) 
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
 
Tunnel adapter isatap.{D5757358-AAC0-45A1-BE44-E99FB2AEFF4E}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  UnKnown
Address:  192.168.1.1
 
Name:    google.com
Addresses:  2a00:1450:4009:809::1006
 173.194.41.162
 173.194.41.167
 173.194.41.160
 173.194.41.166
 173.194.41.161
 173.194.41.163
 173.194.41.164
 173.194.41.169
 173.194.41.165
 173.194.41.168
 173.194.41.174
 
 
Pinging google.com [173.194.41.162] with 32 bytes of data:
Reply from 173.194.41.162: bytes=32 time=31ms TTL=55
Reply from 173.194.41.162: bytes=32 time=31ms TTL=55
 
Ping statistics for 173.194.41.162:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 31ms, Maximum = 31ms, Average = 31ms
Server:  UnKnown
Address:  192.168.1.1
 
Name:    yahoo.com
Addresses:  98.138.253.109
 206.190.36.45
 98.139.183.24
 
 
Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=167ms TTL=48
Reply from 98.138.253.109: bytes=32 time=165ms TTL=48
 
Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 165ms, Maximum = 167ms, Average = 166ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 14...00 ff d5 75 73 58 ......TAP-Win32 Adapter V9
 10...48 5b 39 c9 68 04 ......Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
 15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 11...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1      192.168.1.2     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link       192.168.1.2    276
      192.168.1.2  255.255.255.255         On-link       192.168.1.2    276
    192.168.1.255  255.255.255.255         On-link       192.168.1.2    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.1.2    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.1.2    276
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 11     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 11     58 2001::/32                On-link
 11    306 2001:0:9d38:6ab8:18c6:1383:3f57:fefd/128
                                    On-link
 10    276 fe80::/64                On-link
 11    306 fe80::/64                On-link
 11    306 fe80::18c6:1383:3f57:fefd/128
                                    On-link
 10    276 fe80::3d7a:6a01:d7d6:762c/128
                                    On-link
  1    306 ff00::/8                 On-link
 11    306 ff00::/8                 On-link
 10    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (11/05/2013 07:19:05 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (11/05/2013 07:19:00 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (11/05/2013 07:18:37 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (11/05/2013 07:18:25 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (11/05/2013 07:16:35 AM) (Source: Application Error) (User: )
Description: Windows cannot access the file C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-EEAD838E074CFEB5AEC1F7195C7BD2DD111FA95E.bin.VE0 for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program Antimalware Service Executable because of this error.
 
Program: Antimalware Service Executable
File: C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-EEAD838E074CFEB5AEC1F7195C7BD2DD111FA95E.bin.VE0
 
The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.
 
Additional Data
Error value: C000009C
Disk type: 3
 
Error: (11/05/2013 07:16:35 AM) (Source: Application Error) (User: )
Description: Faulting application name: MsMpEng.exe, version: 4.3.219.0, time stamp: 0x52094dc8
Faulting module name: mpengine.dll, version: 1.1.10003.0, time stamp: 0x525b98e4
Exception code: 0xc0000006
Fault offset: 0x00000000000e7a32
Faulting process id: 0x1674
Faulting application start time: 0xMsMpEng.exe0
Faulting application path: MsMpEng.exe1
Faulting module path: MsMpEng.exe2
Report Id: MsMpEng.exe3
 
Error: (11/05/2013 07:15:34 AM) (Source: Application Error) (User: )
Description: Windows cannot access the file C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-EEAD838E074CFEB5AEC1F7195C7BD2DD111FA95E.bin.VE0 for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program Antimalware Service Executable because of this error.
 
Program: Antimalware Service Executable
File: C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-EEAD838E074CFEB5AEC1F7195C7BD2DD111FA95E.bin.VE0
 
The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.
 
Additional Data
Error value: C000009C
Disk type: 3
 
Error: (11/05/2013 07:15:34 AM) (Source: Application Error) (User: )
Description: Faulting application name: MsMpEng.exe, version: 4.3.219.0, time stamp: 0x52094dc8
Faulting module name: mpengine.dll, version: 1.1.10003.0, time stamp: 0x525b98e4
Exception code: 0xc0000006
Fault offset: 0x00000000000e7a32
Faulting process id: 0x300
Faulting application start time: 0xMsMpEng.exe0
Faulting application path: MsMpEng.exe1
Faulting module path: MsMpEng.exe2
Report Id: MsMpEng.exe3
 
Error: (11/05/2013 07:14:24 AM) (Source: Application Error) (User: )
Description: Windows cannot access the file C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-EEAD838E074CFEB5AEC1F7195C7BD2DD111FA95E.bin.VE0 for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program Antimalware Service Executable because of this error.
 
Program: Antimalware Service Executable
File: C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-EEAD838E074CFEB5AEC1F7195C7BD2DD111FA95E.bin.VE0
 
The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.
 
Additional Data
Error value: C000009C
Disk type: 3
 
Error: (11/05/2013 07:14:24 AM) (Source: Application Error) (User: )
Description: Faulting application name: MsMpEng.exe, version: 4.3.219.0, time stamp: 0x52094dc8
Faulting module name: mpengine.dll, version: 1.1.10003.0, time stamp: 0x525b98e4
Exception code: 0xc0000006
Fault offset: 0x00000000000e7a32
Faulting process id: 0xe50
Faulting application start time: 0xMsMpEng.exe0
Faulting application path: MsMpEng.exe1
Faulting module path: MsMpEng.exe2
Report Id: MsMpEng.exe3
 
 
System errors:
=============
Error: (11/05/2013 08:05:33 AM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (11/05/2013 08:05:32 AM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (11/05/2013 08:05:31 AM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (11/05/2013 08:05:29 AM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (11/05/2013 08:05:28 AM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (11/05/2013 08:05:27 AM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (11/05/2013 08:05:26 AM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (11/05/2013 08:05:24 AM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (11/05/2013 08:05:23 AM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (11/05/2013 08:05:22 AM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
 
Microsoft Office Sessions:
=========================
 
CodeIntegrity Errors:
===================================
  Date: 2012-07-21 06:51:47.299
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2012-07-21 06:51:47.268
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
**** End of log ****
============================================================================================================================
Below is the log from ESET Scan
 
 
E:\Gill's Hard Drive\Alex\Alex - Memory Stick\Software\SDFix\SDFix.exe Win32/PrcView application deleted - quarantined
 
=============================================================================================================================
 
The things I am experiencing at the moment:
 
1. Windows Update still failing to install update.
2. Google Chrome Icon not displaying in task bar when running
3. Microsoft Security Essentials has disabled and won't go back on.


#8 nasdaq

nasdaq

  • Malware Response Team
  • 39,243 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:23 AM

Posted 05 November 2013 - 08:12 AM

This error must be corrected.

Error: (11/05/2013 08:05:33 AM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.


Follow the instructions found in this reply.
Gerry C J Cornell replied on July 7, 2013
http://answers.microsoft.com/en-us/windows/forum/windows_7-performance/windows-7-freeze-at-welcome-screen-for-20-min-even/52821e71-0ee0-4b44-8078-11812431a803

You may want ot check with the experts in the Internal hardware forum http://www.bleepingcomputer.com/forums/forum7.html
before proceeding. As this is not my domain.

#9 Cas34

Cas34
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:02:23 PM

Posted 05 November 2013 - 02:02 PM

I am running check disk on my D and E drive just now but can't run on C until I log off tonight as I have an assignment to complete. Will post back soon.

 

Thanks



#10 Cas34

Cas34
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:02:23 PM

Posted 07 November 2013 - 03:49 PM

Sorry for the delay in posting back. I have ran check disk and as far as I can tell it did not fix the errors. I am currently at a stage where I don't know what to do next, so like you suggested I will post on the hardware forum for help.

 

Thanks for your help so far and for being patient.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users