Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Am i hijacked by a trojan worm??


  • Please log in to reply
11 replies to this topic

#1 robotkilla

robotkilla

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:07:34 PM

Posted 18 December 2013 - 07:28 PM

Hi Guys, 

 

My internet connection is near dead!

 

There is lots of activity to and from my wifi modem

A ping  to google takes for ever, 

 

a traceroute shows lots of hops,

 

 
Tracing route to www.google.com [74.125.24.105]
over a maximum of 30 hops:
 
  1     3 ms     1 ms     2 ms  3.home [192.168.1.1]
  2     *        *        *     Request timed out.
  3   571 ms   746 ms   240 ms  172.23.0.197
  4    77 ms    77 ms    48 ms  172.23.5.6
  5    65 ms    78 ms    59 ms  172.30.196.13
  6    55 ms    48 ms    69 ms  178.167.254.250.threembb.ie [178.167.254.250]
  7    57 ms    57 ms    49 ms  72.14.222.162
  8   214 ms   509 ms   500 ms  209.85.252.196
  9     *     1273 ms   100 ms  72.14.235.189
 10     *        *        *     Request timed out.
 11    69 ms    94 ms    43 ms  www.google.com [74.125.24.105]
 
Trace complete.
 
Microsoft security essentials found and deleted a tojan
AdwClweaner found 5 items, tracking cookies
Wouldn't let me connect to an online scanner.
 
but still running really slow
 
Is a fresh install on the cards, or can my os be rescued?

Edited by robotkilla, 18 December 2013 - 07:29 PM.


BC AdBot (Login to Remove)

 


#2 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:07:34 PM

Posted 18 December 2013 - 07:29 PM

Please download MiniToolBox, and save it to your desktop and run it, and checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

Please perform the following, so that we can get the exact specs of your computer. This will better assist us in helping you more.

Publish a Snapshot using Speccy

The below is for those who cannot get online

Please take caution when attaching a text file to your post if you cannot copy/paste the link to your post, you will need to edit it to make sure that your Windows Key is not present.

#3 robotkilla

robotkilla
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:07:34 PM

Posted 18 December 2013 - 07:43 PM

Hi Madman 

here goes .....

 

MiniToolBox by Farbar  Version: 13-07-2013
Ran by user (administrator) on 19-12-2013 at 00:41:06
Running from "C:\Users\user\Downloads"
Microsoft Windows 7 Professional  Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
127.0.0.1 localhost
127.0.0.1 localhost
 
========================= IP Configuration: ================================
 
Intel® Wireless WiFi Link 4965AGN = Wireless Network Connection (Connected)
Intel® 82566MM Gigabit Network Connection = Local Area Connection (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : user-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Wireless LAN adapter Wireless Network Connection:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Intel® Wireless WiFi Link 4965AGN
   Physical Address. . . . . . . . . : 00-1F-3B-99-7E-49
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::18d5:d046:81c5:6d32%11(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.102(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : 18 December 2013 23:30:13
   Lease Expires . . . . . . . . . . : 19 December 2013 23:30:12
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 218111803
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-96-59-41-00-1C-7E-41-56-A4
   DNS Servers . . . . . . . . . . . : 192.168.1.1
                                       192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Intel® 82566MM Gigabit Network Connection
   Physical Address. . . . . . . . . : 00-1C-7E-41-56-A4
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{A94AB17E-1478-4CF8-882B-F0233A7C5C09}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:3494:3514:4d58:1f4(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::3494:3514:4d58:1f4%12(Preferred) 
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
 
Tunnel adapter Local Area Connection* 9:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 12:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  3.home
Address:  192.168.1.1
 
Name:    google.com
Addresses:  2a00:1450:400b:c02::8b
 74.125.24.102
 74.125.24.113
 74.125.24.138
 74.125.24.139
 74.125.24.100
 74.125.24.101
 
 
Pinging google.com [74.125.24.102] with 32 bytes of data:
Reply from 74.125.24.102: bytes=32 time=165ms TTL=50
Reply from 74.125.24.102: bytes=32 time=2396ms TTL=50
 
Ping statistics for 74.125.24.102:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 165ms, Maximum = 2396ms, Average = 1280ms
Server:  3.home
Address:  192.168.1.1
 
Name:    yahoo.com
Addresses:  98.138.253.109
 98.139.183.24
 206.190.36.45
 
 
Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Request timed out.
Reply from 98.138.253.109: bytes=32 time=331ms TTL=45
 
Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 1, Lost = 1 (50% loss),
Approximate round trip times in milli-seconds:
    Minimum = 331ms, Maximum = 331ms, Average = 331ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 11...00 1f 3b 99 7e 49 ......Intel® Wireless WiFi Link 4965AGN
 10...00 1c 7e 41 56 a4 ......Intel® 82566MM Gigabit Network Connection
  1...........................Software Loopback Interface 1
 16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.102     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link     192.168.1.102    281
    192.168.1.102  255.255.255.255         On-link     192.168.1.102    281
    192.168.1.255  255.255.255.255         On-link     192.168.1.102    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.1.102    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.1.102    281
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 12     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 12     58 2001::/32                On-link
 12    306 2001:0:5ef5:79fd:3494:3514:4d58:1f4/128
                                    On-link
 11    281 fe80::/64                On-link
 12    306 fe80::/64                On-link
 11    281 fe80::18d5:d046:81c5:6d32/128
                                    On-link
 12    306 fe80::3494:3514:4d58:1f4/128
                                    On-link
  1    306 ff00::/8                 On-link
 12    306 ff00::/8                 On-link
 11    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (12/17/2013 04:43:17 PM) (Source: Application Error) (User: )
Description: Faulting application name: Tcpview.exe, version: 3.5.0.0, time stamp: 0x4dd3b18b
Faulting module name: Tcpview.exe, version: 3.5.0.0, time stamp: 0x4dd3b18b
Exception code: 0xc0000005
Fault offset: 0x0001431e
Faulting process id: 0x8d8
Faulting application start time: 0xTcpview.exe0
Faulting application path: Tcpview.exe1
Faulting module path: Tcpview.exe2
Report Id: Tcpview.exe3
 
Error: (12/14/2013 01:54:10 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary SASKUTIL.
 
System Error:
The system cannot find the file specified.
.
 
Error: (12/14/2013 06:09:50 AM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (12/14/2013 06:09:50 AM) (Source: Windows Search Service) (User: )
Description: The index cannot be initialized.
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (12/14/2013 06:09:50 AM) (Source: Windows Search Service) (User: )
Description: The application cannot be initialized.
 
Context: Windows Application
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (12/14/2013 06:09:50 AM) (Source: Windows Search Service) (User: )
Description: The gatherer object cannot be initialized.
 
Context: Windows Application, SystemIndex Catalog
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (12/14/2013 06:09:50 AM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.
 
Context: Windows Application, SystemIndex Catalog
 
 
Details:
Element not found.  (HRESULT : 0x80070490) (0x80070490)
 
Error: (12/14/2013 06:09:47 AM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.
 
Context: Windows Application, SystemIndex Catalog
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (12/14/2013 06:09:47 AM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service cannot load the property store information.
 
Context: Windows Application, SystemIndex Catalog
 
 
Details:
The content index server cannot update or access information because of a database error.  Stop and restart the search service.  If the problem persists, reset and recrawl the content index.  In some cases it may be necessary to delete and recreate the content index.  (HRESULT : 0x8004117f) (0x8004117f)
 
Error: (12/14/2013 06:09:47 AM) (Source: Windows Search Service) (User: )
Description: The search service has detected corrupted data files in the index {id=1100}. The service will attempt to automatically correct this problem by rebuilding the index.
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
 
System errors:
=============
Error: (12/18/2013 11:30:12 PM) (Source: Service Control Manager) (User: )
Description: The Internet Connection Sharing (ICS) service depends on the Remote Access Connection Manager service which failed to start because of the following error: 
%%1058
 
Error: (12/18/2013 11:06:22 PM) (Source: Service Control Manager) (User: )
Description: The Internet Connection Sharing (ICS) service depends on the Remote Access Connection Manager service which failed to start because of the following error: 
%%1058
 
Error: (12/18/2013 03:09:35 PM) (Source: Service Control Manager) (User: )
Description: The Internet Connection Sharing (ICS) service depends on the Remote Access Connection Manager service which failed to start because of the following error: 
%%1058
 
Error: (12/18/2013 07:07:09 AM) (Source: Service Control Manager) (User: )
Description: The Internet Connection Sharing (ICS) service depends on the Remote Access Connection Manager service which failed to start because of the following error: 
%%1058
 
Error: (12/18/2013 05:39:50 AM) (Source: Service Control Manager) (User: )
Description: The Internet Connection Sharing (ICS) service depends on the Remote Access Connection Manager service which failed to start because of the following error: 
%%1058
 
Error: (12/18/2013 02:55:45 AM) (Source: Service Control Manager) (User: )
Description: The Internet Connection Sharing (ICS) service depends on the Remote Access Connection Manager service which failed to start because of the following error: 
%%1058
 
Error: (12/18/2013 01:38:57 AM) (Source: Service Control Manager) (User: )
Description: The Internet Connection Sharing (ICS) service depends on the Remote Access Connection Manager service which failed to start because of the following error: 
%%1058
 
Error: (12/18/2013 01:23:56 AM) (Source: Service Control Manager) (User: )
Description: The Internet Connection Sharing (ICS) service depends on the Remote Access Connection Manager service which failed to start because of the following error: 
%%1058
 
Error: (12/18/2013 01:12:32 AM) (Source: Service Control Manager) (User: )
Description: The UPnP Device Host service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 100 milliseconds: Restart the service.
 
Error: (12/18/2013 01:12:32 AM) (Source: Service Control Manager) (User: )
Description: The SSDP Discovery service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 100 milliseconds: Restart the service.
 
 
Microsoft Office Sessions:
=========================
Error: (12/17/2013 04:43:17 PM) (Source: Application Error)(User: )
Description: Tcpview.exe3.5.0.04dd3b18bTcpview.exe3.5.0.04dd3b18bc00000050001431e8d801cefb467f67af6eC:\Users\user\Documents\TCPView\Tcpview.exeC:\Users\user\Documents\TCPView\Tcpview.exe541e49d0-673a-11e3-a643-001c7e4156a4
 
Error: (12/14/2013 01:54:10 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary SASKUTIL.
 
System Error:
The system cannot find the file specified.
 
Error: (12/14/2013 06:09:50 AM) (Source: Windows Search Service)(User: )
Description: 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
The catalog is corrupt
 
Error: (12/14/2013 06:09:50 AM) (Source: Windows Search Service)(User: )
Description: 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (12/14/2013 06:09:50 AM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (12/14/2013 06:09:50 AM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (12/14/2013 06:09:50 AM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog
 
 
Details:
Element not found.  (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer
 
Error: (12/14/2013 06:09:47 AM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore
 
Error: (12/14/2013 06:09:47 AM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog
 
 
Details:
The content index server cannot update or access information because of a database error.  Stop and restart the search service.  If the problem persists, reset and recrawl the content index.  In some cases it may be necessary to delete and recreate the content index.  (HRESULT : 0x8004117f) (0x8004117f)
 
Error: (12/14/2013 06:09:47 AM) (Source: Windows Search Service)(User: )
Description: 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
1100
 
 
=========================== Installed Programs ============================
 
µTorrent (Version: 3.3.0.29038)
Adobe Flash Player 11 ActiveX (Version: 11.9.900.152)
AuthenTec TrueSuite (Version: 2.0.0.57)
AVG PC TuneUp Language Pack (en-US) (Version: 12.0.4000.108)
Bluetooth Stack for Windows by Toshiba (Version: v8.00.12(T))
Boylepoker
CCleaner (Version: 3.26)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Google Chrome (Version: 31.0.1650.63)
Google Update Helper (Version: 1.3.22.3)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.1930)
Intel® PRO Network Connections Drivers
Intel® TV Wizard
Intel® Matrix Storage Manager
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Professional 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Single Image 2010 (Version: 14.0.7015.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Security Client (Version: 4.4.0304.0)
Microsoft Security Essentials (Version: 4.4.304.0)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
RICOH Media Driver ver.2.07.01.00 (Version: 2.07.01.00)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
Skype™ 6.9 (Version: 6.9.106)
Speccy (Version: 1.20)
Texas Instruments PCIxx21/x515/xx12 drivers. (Version: 2.00.0004)
TIPCI (Version: 2.00.0004)
Touch Driver
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition
WinPcap 4.1.2 (Version: 4.1.0.2001)
Wireshark 1.8.4 (32-bit) (Version: 1.8.4)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 46%
Total physical RAM: 2006.85 MB
Available physical RAM: 1082.93 MB
Total Pagefile: 4013.7 MB
Available Pagefile: 2851.48 MB
Total Virtual: 2047.88 MB
Available Virtual: 1934.92 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:55.79 GB) (Free:29.55 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\USER-PC
 
Administrator            Guest                    user                     
 
 
**** End of log ****


#4 robotkilla

robotkilla
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:07:34 PM

Posted 18 December 2013 - 07:46 PM

Speccy output ]

 

http://speccy.piriform.com/results/NiFgwATmy2UHywL6xxKsrue

 

 

sp_16.png
Generated by Piriform Speccy v1.20.446
19 Dec 2013 @ 00:45
249.pngSummary
 
Operating System
 
Microsoft Windows 7 Professional 32-bit SP1
 
CPU
Intel Mobile Core 2 Duo @ 2.10GHz: 
52 °C
Penryn 45nm Technology
 
 
RAM
 
2.00 GB Dual-Channel DDR2 @ 332MHz (5-5-5-15)
 
Motherboard
TOSHIBA Portable PC (uFC-PGA Socket): 
56 °C
 
Graphics
Generic PnP Monitor (1280x800@60Hz)
 
Mobile Intel 965 Express Chipset Family
 
Mobile Intel 965 Express Chipset Family
 
 
Hard Drives
56GB Seagate ST96812AS (SATA): 
41 °C
 
Optical Drives
MATbleepA DVD-RAM UJ-852S ATA Device
 
 
Audio
High Definition Audio Device
 
 
254.pngOperating System
 
Microsoft Windows 7 Professional 32-bit SP1
 
Computer type: Tablet
 
Installation Date : 17/07/2012 00:21:27
Windows Security Center
User Account Control (UAC): 
Enabled
Notify level: 
3 - Always Notify
Firewall: 
Enabled
 
Windows Update
AutoUpdate: 
Not configured
 
Windows Defender
Windows Defender: 
Disabled
 
Antivirus
Antivirus: 
Enabled
Company Name: 
Microsoft
Display Name: 
Microsoft Security Essentials
Product Version: 
4.4.304.0
Virus Signature Database: 
Up to date
 
.NET Frameworks installed
v4.5 Full
 
v4.5 Client
 
v3.5 SP1
 
v3.0 SP2
 
v2.0 SP2
 
 
Internet Explorer
Version: 
11.0.9600.16428
 
PowerShell
Version: 
2.0
 
Environment Variables
USERPROFILE: 
C:\Users\user
SystemRoot: 
C:\Windows
User Variables
TEMP: 
C:\Users\user\AppData\Local\Temp
TMP: 
C:\Users\user\AppData\Local\Temp
 
Machine Variables
ComSpec: 
C:\Windows\system32\cmd.exe
FP_NO_HOST_CHECK: 
NO
OS: 
Windows_NT
Path: 
C:\Windows\system32
 
C:\Windows
 
C:\Windows\system32\wbem
 
%SYSTEMROOT%\System32\WindowsPowerShell\v1.0
 
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\sys
PATHEXT: 
.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PROCESSOR_ARCHITECTURE: 
x86
TEMP: 
C:\Windows\TEMP
TMP: 
C:\Windows\TEMP
USERNAME: 
SYSTEM
windir: 
C:\Windows
PSModulePath: 
C:\Windows\system32\WindowsPowerShell\v1.0\Modules\
NUMBER_OF_PROCESSORS: 
2
PROCESSOR_LEVEL: 
6
PROCESSOR_IDENTIFIER: 
x86 Family 6 Model 23 Stepping 6, GenuineIntel
PROCESSOR_REVISION: 
1706
 
Battery
AC Line: 
Online
Battery Charge %: 
100 %
Battery State: 
High
Remaining Battery Time: 
Unknown
 
Power Profile
Active power scheme: 
Balanced
Hibernation: 
Enabled
Turn Off Monitor after: (On AC Power): 
10 min
Turn Off Monitor after: (On Battery Power): 
5 min
Turn Off Hard Disk after: (On AC Power): 
20 min
Turn Off Hard Disk after: (On Battery Power): 
10 min
Suspend after: (On AC Power): 
30 min
Suspend after: (On Battery Power): 
15 min
Screen saver: 
Disabled
 
Uptime
 
Current Session
Current Time: 
19/12/2013 00:45:21
Current Uptime: 
4,532 sec (0 d, 01 h, 15 m, 32 s)
Last Boot Time: 
18/12/2013 23:29:49
 
TimeZone
TimeZone: 
GMT
Language: 
English (Ireland)
Location: 
Ireland
Format: 
English (Ireland)
Currency: 
Date Format: 
dd/MM/yyyy
Time Format: 
HH:mm:ss
 
Scheduler
19/12/2013 01:00;: 
GoogleUpdateTaskMachineUA
19/12/2013 22:00;: 
GoogleUpdateTaskMachineCore
 
CCleanerSkipUAC
 
CreateChoiceProcessTask
 
SidebarExecute
 
Process List
 
audiodg.exe
Process ID: 
2172
 
chrome.exe
Process ID: 
3964
User: 
user
Domain: 
user-PC
Path: 
C:\Program Files\Google\Chrome\Application\chrome.exe
Memory Usage: 
33 MB
Peak Memory Usage: 
52 MB
 
chrome.exe
Process ID: 
3768
User: 
user
Domain: 
user-PC
Path: 
C:\Program Files\Google\Chrome\Application\chrome.exe
Memory Usage: 
70 MB
Peak Memory Usage: 
76 MB
 
chrome.exe
Process ID: 
3896
User: 
user
Domain: 
user-PC
Path: 
C:\Program Files\Google\Chrome\Application\chrome.exe
Memory Usage: 
45 MB
Peak Memory Usage: 
63 MB
 
chrome.exe
Process ID: 
3444
User: 
user
Domain: 
user-PC
Path: 
C:\Program Files\Google\Chrome\Application\chrome.exe
Memory Usage: 
90 MB
Peak Memory Usage: 
100 MB
 
cmd.exe
Process ID: 
1932
User: 
user
Domain: 
user-PC
Path: 
C:\Windows\system32\cmd.exe
Memory Usage: 
2.37 MB
Peak Memory Usage: 
2.37 MB
 
conhost.exe
Process ID: 
1436
User: 
user
Domain: 
user-PC
Path: 
C:\Windows\system32\conhost.exe
Memory Usage: 
4.89 MB
Peak Memory Usage: 
4.89 MB
 
csrss.exe
Process ID: 
484
User: 
SYSTEM
Domain: 
NT AUTHORITY
Path: 
C:\Windows\system32\csrss.exe
Memory Usage: 
31 MB
Peak Memory Usage: 
33 MB
 
csrss.exe
Process ID: 
420
User: 
SYSTEM
Domain: 
NT AUTHORITY
Path: 
C:\Windows\system32\csrss.exe
Memory Usage: 
2.87 MB
Peak Memory Usage: 
3.00 MB
 
dllhost.exe
Process ID: 
2756
User: 
SYSTEM
Domain: 
NT AUTHORITY
Path: 
C:\Windows\system32\DllHost.exe
Memory Usage: 
3.77 MB
Peak Memory Usage: 
3.77 MB
 
dllhost.exe
Process ID: 
252
User: 
user
Domain: 
user-PC
Memory Usage: 
80 KB
Peak Memory Usage: 
80 KB
 
dllhost.exe
Process ID: 
1404
User: 
SYSTEM
Domain: 
NT AUTHORITY
Path: 
C:\Windows\system32\DllHost.exe
Memory Usage: 
3.25 MB
Peak Memory Usage: 
3.25 MB
 
dwm.exe
Process ID: 
2120
User: 
user
Domain: 
user-PC
Path: 
C:\Windows\system32\Dwm.exe
Memory Usage: 
19 MB
Peak Memory Usage: 
30 MB
 
explorer.exe
Process ID: 
2144
User: 
user
Domain: 
user-PC
Path: 
C:\Windows\Explorer.EXE
Memory Usage: 
46 MB
Peak Memory Usage: 
51 MB
 
inputpersonalization.exe
Process ID: 
1040
User: 
user
Domain: 
user-PC
Path: 
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
Memory Usage: 
532KB
Peak Memory Usage: 
11 MB
 
lsass.exe
Process ID: 
544
User: 
SYSTEM
Domain: 
NT AUTHORITY
Path: 
C:\Windows\system32\lsass.exe
Memory Usage: 
6.59 MB
Peak Memory Usage: 
8.83 MB
 
lsm.exe
Process ID: 
552
User: 
SYSTEM
Domain: 
NT AUTHORITY
Path: 
C:\Windows\system32\lsm.exe
Memory Usage: 
2.57 MB
Peak Memory Usage: 
3.02 MB
 
msconfig.exe
Process ID: 
2744
User: 
user
Domain: 
user-PC
Path: 
C:\Windows\system32\msconfig.exe
Memory Usage: 
11 MB
Peak Memory Usage: 
11 MB
 
msmpeng.exe
Process ID: 
812
User: 
SYSTEM
Domain: 
NT AUTHORITY
Path: 
c:\Program Files\Microsoft Security Client\MsMpEng.exe
Memory Usage: 
48 MB
Peak Memory Usage: 
100MB
 
nissrv.exe
Process ID: 
2748
User: 
LOCAL SERVICE
Domain: 
NT AUTHORITY
Path: 
c:\Program Files\Microsoft Security Client\NisSrv.exe
Memory Usage: 
3.10 MB
Peak Memory Usage: 
8.27 MB
 
notepad.exe
Process ID: 
2264
User: 
user
Domain: 
user-PC
Path: 
C:\Windows\system32\notepad.exe
Memory Usage: 
6.05 MB
Peak Memory Usage: 
6.57 MB
 
perfmon.exe
Process ID: 
2204
User: 
user
Domain: 
user-PC
Path: 
C:\Windows\System32\perfmon.exe
Memory Usage: 
22 MB
Peak Memory Usage: 
22 MB
 
rundll32.exe
Process ID: 
2492
User: 
user
Domain: 
user-PC
Path: 
C:\Windows\System32\rundll32.exe
Memory Usage: 
4.47 MB
Peak Memory Usage: 
5.19 MB
 
searchfilterhost.exe
Process ID: 
796
User: 
SYSTEM
Domain: 
NT AUTHORITY
Path: 
C:\Windows\system32\SearchFilterHost.exe
Memory Usage: 
4.08 MB
Peak Memory Usage: 
4.08 MB
 
searchindexer.exe
Process ID: 
2996
User: 
SYSTEM
Domain: 
NT AUTHORITY
Path: 
C:\Windows\system32\SearchIndexer.exe
Memory Usage: 
13 MB
Peak Memory Usage: 
13 MB
 
searchprotocolhost.exe
Process ID: 
2820
User: 
SYSTEM
Domain: 
NT AUTHORITY
Path: 
C:\Windows\system32\SearchProtocolHost.exe
Memory Usage: 
6.17 MB
Peak Memory Usage: 
6.17 MB
 
services.exe
Process ID: 
528
User: 
SYSTEM
Domain: 
NT AUTHORITY
Path: 
C:\Windows\system32\services.exe
Memory Usage: 
5.54 MB
Peak Memory Usage: 
10 MB
 
smss.exe
Process ID: 
312
User: 
SYSTEM
Domain: 
NT AUTHORITY
Path: 
\SystemRoot\System32\smss.exe
Memory Usage: 
632KB
Peak Memory Usage: 
836KB
 
speccy.exe
Process ID: 
3384
User: 
user
Domain: 
user-PC
Path: 
C:\Program Files\Speccy\Speccy.exe
Memory Usage: 
20 MB
Peak Memory Usage: 
20 MB
 
spoolsv.exe
Process ID: 
1680
User: 
SYSTEM
Domain: 
NT AUTHORITY
Path: 
C:\Windows\System32\spoolsv.exe
Memory Usage: 
6.61 MB
Peak Memory Usage: 
10 MB
 
svchost.exe
Process ID: 
1748
User: 
LOCAL SERVICE
Domain: 
NT AUTHORITY
Path: 
C:\Windows\system32\svchost.exe
Memory Usage: 
9.71 MB
Peak Memory Usage: 
37 MB
 
svchost.exe
Process ID: 
1276
User: 
LOCAL SERVICE
Domain: 
NT AUTHORITY
Path: 
C:\Windows\system32\svchost.exe
Memory Usage: 
9.33 MB
Peak Memory Usage: 
13 MB
 
svchost.exe
Process ID: 
3428
User: 
LOCAL SERVICE
Domain: 
NT AUTHORITY
Path: 
C:\Windows\System32\svchost.exe
Memory Usage: 
9.51 MB
Peak Memory Usage: 
10 MB
 
svchost.exe
Process ID: 
1452
User: 
NETWORK SERVICE
Domain: 
NT AUTHORITY
Path: 
C:\Windows\system32\svchost.exe
Memory Usage: 
9.37 MB
Peak Memory Usage: 
10 MB
 
svchost.exe
Process ID: 
1148
User: 
SYSTEM
Domain: 
NT AUTHORITY
Path: 
C:\Windows\system32\svchost.exe
Memory Usage: 
24 MB
Peak Memory Usage: 
31 MB
 
svchost.exe
Process ID: 
1096
User: 
SYSTEM
Domain: 
NT AUTHORITY
Path: 
C:\Windows\System32\svchost.exe
Memory Usage: 
48 MB
Peak Memory Usage: 
58 MB
 
svchost.exe
Process ID: 
1056
User: 
LOCAL SERVICE
Domain: 
NT AUTHORITY
Path: 
C:\Windows\System32\svchost.exe
Memory Usage: 
19 MB
Peak Memory Usage: 
31 MB
 
svchost.exe
Process ID: 
752
User: 
NETWORK SERVICE
Domain: 
NT AUTHORITY
Path: 
C:\Windows\system32\svchost.exe
Memory Usage: 
4.73 MB
Peak Memory Usage: 
5.41 MB
 
svchost.exe
Process ID: 
660
User: 
SYSTEM
Domain: 
NT AUTHORITY
Path: 
C:\Windows\system32\svchost.exe
Memory Usage: 
5.89 MB
Peak Memory Usage: 
6.79 MB
 
svchost.exe
Process ID: 
1852
User: 
LOCAL SERVICE
Domain: 
NT AUTHORITY
Path: 
C:\Windows\system32\svchost.exe
Memory Usage: 
8.33 MB
Peak Memory Usage: 
10 MB
 
svchost.exe
Process ID: 
3948
User: 
SYSTEM
Domain: 
NT AUTHORITY
Memory Usage: 
84 KB
Peak Memory Usage: 
84 KB
 
svchost.exe
Process ID: 
1940
User: 
LOCAL SERVICE
Domain: 
NT AUTHORITY
Path: 
C:\Windows\system32\svchost.exe
Memory Usage: 
3.42 MB
Peak Memory Usage: 
4.04 MB
 
system
Process ID: 
4
 
system idle process
Process ID: 
0
 
tabtip.exe
Process ID: 
2192
User: 
user
Domain: 
user-PC
Path: 
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
Memory Usage: 
8.68 MB
Peak Memory Usage: 
9.63 MB
 
taskhost.exe
Process ID: 
1844
User: 
user
Domain: 
user-PC
Path: 
C:\Windows\system32\taskhost.exe
Memory Usage: 
9.83 MB
Peak Memory Usage: 
9.84 MB
 
taskmgr.exe
Process ID: 
3648
User: 
user
Domain: 
user-PC
Path: 
C:\Windows\system32\taskmgr.exe
Memory Usage: 
9.94 MB
Peak Memory Usage: 
9.96 MB
 
wininit.exe
Process ID: 
472
User: 
SYSTEM
Domain: 
NT AUTHORITY
Path: 
C:\Windows\system32\wininit.exe
Memory Usage: 
2.90 MB
Peak Memory Usage: 
3.39 MB
 
winlogon.exe
Process ID: 

Edited by robotkilla, 18 December 2013 - 07:52 PM.


#5 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:07:34 PM

Posted 18 December 2013 - 07:48 PM

Please download TDSSKiller exe version to your desktop.
Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
Vista/Windows 7 users right-click and select Run As Administrator.

Click on Change Parameters and click Detect TDLFS File System.
    Click the Start Scan button.
    Do not use the computer during the scan
    If the scan completes with nothing found, click Close to exit.
    If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
    Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not an option, Skip instead, do not choose Delete unless instructed.
    A TDSSKiller text file would be saved in Local Disk C.
    Copy and paste the contents of that file in your next reply.


ADW Cleaner


Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Clean.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
p22002970.gif Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


#6 robotkilla

robotkilla
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:07:34 PM

Posted 18 December 2013 - 08:04 PM

TDSKiller

 

01:00:19.0784 0x0e08  TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
01:00:35.0405 0x0e08  ============================================================
01:00:35.0405 0x0e08  Current date / time: 2013/12/19 01:00:35.0404
01:00:35.0405 0x0e08  SystemInfo:
01:00:35.0405 0x0e08  
01:00:35.0405 0x0e08  OS Version: 6.1.7601 ServicePack: 1.0
01:00:35.0405 0x0e08  Product type: Workstation
01:00:35.0405 0x0e08  ComputerName: USER-PC
01:00:35.0406 0x0e08  UserName: user
01:00:35.0406 0x0e08  Windows directory: C:\Windows
01:00:35.0406 0x0e08  System windows directory: C:\Windows
01:00:35.0406 0x0e08  Processor architecture: Intel x86
01:00:35.0406 0x0e08  Number of processors: 2
01:00:35.0406 0x0e08  Page size: 0x1000
01:00:35.0406 0x0e08  Boot type: Normal boot
01:00:35.0406 0x0e08  ============================================================
01:00:35.0957 0x0e08  KLMD registered as C:\Windows\system32\drivers\39904254.sys
01:00:36.0216 0x0e08  System UUID: {24BCA806-493E-D78D-5C04-75A28D6F67E7}
01:00:37.0256 0x0e08  Drive \Device\Harddisk0\DR0 - Size: 0xDF8F90000 (55.89 Gb), SectorSize: 0x200, Cylinders: 0x1C80, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
01:00:37.0258 0x0e08  ============================================================
01:00:37.0258 0x0e08  \Device\Harddisk0\DR0:
01:00:37.0258 0x0e08  MBR partitions:
01:00:37.0258 0x0e08  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
01:00:37.0258 0x0e08  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x6F94800
01:00:37.0258 0x0e08  ============================================================
01:00:37.0358 0x0e08  C: <-> \Device\Harddisk0\DR0\Partition2
01:00:37.0359 0x0e08  ============================================================
01:00:37.0359 0x0e08  Initialize success
01:00:37.0359 0x0e08  ============================================================
01:01:20.0384 0x0e44  ============================================================
01:01:20.0384 0x0e44  Scan started
01:01:20.0384 0x0e44  Mode: Manual; TDLFS; 
01:01:20.0384 0x0e44  ============================================================
01:01:20.0384 0x0e44  KSN ping started
01:01:23.0211 0x0e44  KSN ping finished: true
01:01:23.0468 0x0e44  ================ Scan system memory ========================
01:01:23.0469 0x0e44  System memory - ok
01:01:23.0469 0x0e44  ================ Scan services =============================
01:01:23.0683 0x0e44  [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
01:01:23.0691 0x0e44  1394ohci - ok
01:01:23.0782 0x0e44  [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI            C:\Windows\system32\drivers\ACPI.sys
01:01:23.0790 0x0e44  ACPI - ok
01:01:23.0839 0x0e44  [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
01:01:23.0841 0x0e44  AcpiPmi - ok
01:01:23.0930 0x0e44  [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
01:01:23.0955 0x0e44  adp94xx - ok
01:01:24.0002 0x0e44  [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
01:01:24.0017 0x0e44  adpahci - ok
01:01:24.0046 0x0e44  [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
01:01:24.0051 0x0e44  adpu320 - ok
01:01:24.0076 0x0e44  [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
01:01:24.0079 0x0e44  AeLookupSvc - ok
01:01:24.0166 0x0e44  [ F81BB7E487EDCEAB630A7EE66CF23913, 7D1638FD7E388EF670FA0A421762E0413351058A20DDF0F9988A383F05395A68 ] AFD             C:\Windows\system32\drivers\afd.sys
01:01:24.0182 0x0e44  AFD - ok
01:01:24.0299 0x0e44  [ 7E10E3BB9B258AD8A9300F91214D67B9, CE5FAD7BF78234B64EAADF64DB23F3C342AADB9C5E3B0168E57863F494F30318 ] AgereSoftModem  C:\Windows\system32\DRIVERS\AGRSM.sys
01:01:24.0382 0x0e44  AgereSoftModem - ok
01:01:24.0430 0x0e44  [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\Windows\system32\drivers\agp440.sys
01:01:24.0433 0x0e44  agp440 - ok
01:01:24.0494 0x0e44  [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys
01:01:24.0501 0x0e44  aic78xx - ok
01:01:24.0599 0x0e44  [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG             C:\Windows\System32\alg.exe
01:01:24.0603 0x0e44  ALG - ok
01:01:24.0665 0x0e44  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide          C:\Windows\system32\drivers\aliide.sys
01:01:24.0667 0x0e44  aliide - ok
01:01:24.0694 0x0e44  [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
01:01:24.0698 0x0e44  amdagp - ok
01:01:24.0749 0x0e44  [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide          C:\Windows\system32\drivers\amdide.sys
01:01:24.0751 0x0e44  amdide - ok
01:01:24.0799 0x0e44  [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
01:01:24.0802 0x0e44  AmdK8 - ok
01:01:24.0822 0x0e44  [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
01:01:24.0825 0x0e44  AmdPPM - ok
01:01:24.0860 0x0e44  [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
01:01:24.0863 0x0e44  amdsata - ok
01:01:24.0890 0x0e44  [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
01:01:24.0895 0x0e44  amdsbs - ok
01:01:24.0926 0x0e44  [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
01:01:24.0928 0x0e44  amdxata - ok
01:01:24.0967 0x0e44  [ AEA177F783E20150ACE5383EE368DA19, 8FA9EE27AA1F22E8B8FE33A21028CA1E0062BAA95CB132C20D55B98C03B4254F ] AppID           C:\Windows\system32\drivers\appid.sys
01:01:24.0970 0x0e44  AppID - ok
01:01:25.0021 0x0e44  [ 62A9C86CB6085E20DB4823E4E97826F5, E0F840B49710022C4FB437002AD06F64B0F6B5D628B32D00F2B66765E6B97E4B ] AppIDSvc        C:\Windows\System32\appidsvc.dll
01:01:25.0024 0x0e44  AppIDSvc - ok
01:01:25.0070 0x0e44  [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo         C:\Windows\System32\appinfo.dll
01:01:25.0077 0x0e44  Appinfo - ok
01:01:25.0184 0x0e44  [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt         C:\Windows\System32\appmgmts.dll
01:01:25.0196 0x0e44  AppMgmt - ok
01:01:25.0257 0x0e44  [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc             C:\Windows\system32\DRIVERS\arc.sys
01:01:25.0261 0x0e44  arc - ok
01:01:25.0278 0x0e44  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
01:01:25.0282 0x0e44  arcsas - ok
01:01:25.0414 0x0e44  [ 9D768C43FEF254DD50B1DBF8AD5C4C0B, A50854EA5C08605133B8BB4DFDC6090357C5665314AA72E0BFA1E07D4E451F09 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
01:01:25.0417 0x0e44  aspnet_state - ok
01:01:25.0448 0x0e44  [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
01:01:25.0450 0x0e44  AsyncMac - ok
01:01:25.0534 0x0e44  [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi           C:\Windows\system32\drivers\atapi.sys
01:01:25.0538 0x0e44  atapi - ok
01:01:25.0687 0x0e44  [ 6F718D6616E50FBCA64249755B7A1D2F, 0D243E50D9BEB23A1F894AAC4F97FB44E81C4377362AAB0394D066CAFA353742 ] ATSwpWDF        C:\Windows\system32\Drivers\ATSwpWDF.sys
01:01:25.0768 0x0e44  ATSwpWDF - ok
01:01:25.0835 0x0e44  [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
01:01:25.0849 0x0e44  AudioEndpointBuilder - ok
01:01:25.0869 0x0e44  [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] Audiosrv        C:\Windows\System32\Audiosrv.dll
01:01:25.0879 0x0e44  Audiosrv - ok
01:01:25.0963 0x0e44  [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV        C:\Windows\System32\AxInstSV.dll
01:01:25.0969 0x0e44  AxInstSV - ok
01:01:26.0060 0x0e44  [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
01:01:26.0081 0x0e44  b06bdrv - ok
01:01:26.0125 0x0e44  [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
01:01:26.0132 0x0e44  b57nd60x - ok
01:01:26.0203 0x0e44  [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC          C:\Windows\System32\bdesvc.dll
01:01:26.0211 0x0e44  BDESVC - ok
01:01:26.0230 0x0e44  [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep            C:\Windows\system32\drivers\Beep.sys
01:01:26.0232 0x0e44  Beep - ok
01:01:26.0313 0x0e44  [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE             C:\Windows\System32\bfe.dll
01:01:26.0361 0x0e44  BFE - ok
01:01:26.0436 0x0e44  [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS            C:\Windows\system32\qmgr.dll
01:01:26.0455 0x0e44  BITS - ok
01:01:26.0472 0x0e44  [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
01:01:26.0474 0x0e44  blbdrive - ok
01:01:26.0519 0x0e44  [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
01:01:26.0522 0x0e44  bowser - ok
01:01:26.0539 0x0e44  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
01:01:26.0540 0x0e44  BrFiltLo - ok
01:01:26.0563 0x0e44  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
01:01:26.0564 0x0e44  BrFiltUp - ok
01:01:26.0601 0x0e44  [ 77361D72A04F18809D0EFB6CCEB74D4B, 55E7DB65BB29FF421F138CDFF05E5ECFFC7C8862FAA68F6179A3BA9D6B69AE64 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
01:01:26.0604 0x0e44  BridgeMP - ok
01:01:26.0646 0x0e44  [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser         C:\Windows\System32\browser.dll
01:01:26.0650 0x0e44  Browser - ok
01:01:26.0698 0x0e44  [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
01:01:26.0707 0x0e44  Brserid - ok
01:01:26.0730 0x0e44  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
01:01:26.0733 0x0e44  BrSerWdm - ok
01:01:26.0750 0x0e44  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
01:01:26.0753 0x0e44  BrUsbMdm - ok
01:01:26.0763 0x0e44  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
01:01:26.0765 0x0e44  BrUsbSer - ok
01:01:26.0790 0x0e44  [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
01:01:26.0792 0x0e44  BTHMODEM - ok
01:01:26.0848 0x0e44  [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv         C:\Windows\system32\bthserv.dll
01:01:26.0851 0x0e44  bthserv - ok
01:01:26.0949 0x0e44  catchme - ok
01:01:26.0999 0x0e44  [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
01:01:27.0005 0x0e44  cdfs - ok
01:01:27.0096 0x0e44  [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom           C:\Windows\system32\drivers\cdrom.sys
01:01:27.0104 0x0e44  cdrom - ok
01:01:27.0168 0x0e44  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc     C:\Windows\System32\certprop.dll
01:01:27.0172 0x0e44  CertPropSvc - ok
01:01:27.0207 0x0e44  [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
01:01:27.0209 0x0e44  circlass - ok
01:01:27.0251 0x0e44  [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS            C:\Windows\system32\CLFS.sys
01:01:27.0261 0x0e44  CLFS - ok
01:01:27.0332 0x0e44  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
01:01:27.0338 0x0e44  clr_optimization_v2.0.50727_32 - ok
01:01:27.0441 0x0e44  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
01:01:27.0455 0x0e44  clr_optimization_v4.0.30319_32 - ok
01:01:27.0474 0x0e44  [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
01:01:27.0475 0x0e44  CmBatt - ok
01:01:27.0507 0x0e44  [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
01:01:27.0509 0x0e44  cmdide - ok
01:01:27.0551 0x0e44  [ 85449EEBE8F8EBD6481EFBF0F352B4EB, E6FF04970C5A5BFDE7297A86C1C7B9BFE2E0F976A1A1AFB874CEB488DC6151CC ] CNG             C:\Windows\system32\Drivers\cng.sys
01:01:27.0563 0x0e44  CNG - ok
01:01:27.0614 0x0e44  [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
01:01:27.0616 0x0e44  Compbatt - ok
01:01:27.0670 0x0e44  [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
01:01:27.0672 0x0e44  CompositeBus - ok
01:01:27.0695 0x0e44  COMSysApp - ok
01:01:27.0742 0x0e44  cpuz135 - ok
01:01:27.0759 0x0e44  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
01:01:27.0761 0x0e44  crcdisk - ok
01:01:27.0810 0x0e44  [ 7CA1BECEA5DE2643ADDAD32670E7A4C9, E3AB4CC52A97E3855D7EAB87363F807FDD2162ED8C76A036CD71549ED64E7797 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
01:01:27.0815 0x0e44  CryptSvc - ok
01:01:27.0882 0x0e44  [ 3C2177A897B4CA2788C6FB0C3FD81D4B, 98575CBD0664586E6211D02E71BDD52CBAA149A1658573550E29E74E5F7B1553 ] CSC             C:\Windows\system32\drivers\csc.sys
01:01:27.0894 0x0e44  CSC - ok
01:01:27.0997 0x0e44  [ 15F93B37F6801943360D9EB42485D5D3, DD6838C6496CB15F8BB57A6596F6A64ADD9C36B09F062295699131232712B558 ] CscService      C:\Windows\System32\cscsvc.dll
01:01:28.0015 0x0e44  CscService - ok
01:01:28.0045 0x0e44  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch      C:\Windows\system32\rpcss.dll
01:01:28.0055 0x0e44  DcomLaunch - ok
01:01:28.0099 0x0e44  [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc       C:\Windows\System32\defragsvc.dll
01:01:28.0115 0x0e44  defragsvc - ok
01:01:28.0166 0x0e44  [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
01:01:28.0169 0x0e44  DfsC - ok
01:01:28.0214 0x0e44  [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
01:01:28.0223 0x0e44  Dhcp - ok
01:01:28.0268 0x0e44  [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache        C:\Windows\system32\drivers\discache.sys
01:01:28.0269 0x0e44  discache - ok
01:01:28.0351 0x0e44  [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
01:01:28.0354 0x0e44  Disk - ok
01:01:28.0409 0x0e44  [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache        C:\Windows\System32\dnsrslvr.dll
01:01:28.0433 0x0e44  Dnscache - ok
01:01:28.0813 0x0e44  [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc         C:\Windows\System32\dot3svc.dll
01:01:28.0820 0x0e44  dot3svc - ok
01:01:28.0880 0x0e44  [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS             C:\Windows\system32\dps.dll
01:01:28.0885 0x0e44  DPS - ok
01:01:28.0929 0x0e44  [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
01:01:28.0942 0x0e44  drmkaud - ok
01:01:28.0998 0x0e44  [ 71BC35067CABC02C9453AEAA42B2E43E, 713B19F2C08EA5E4C087F7A74A8856932CF33E19D63384823DD4E02ED8798619 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
01:01:29.0098 0x0e44  DXGKrnl - ok
01:01:29.0156 0x0e44  [ 377AD53E4154477339290B4212E69D53, CFB201699CBB9416963973DB2E45810760BEBABAE684EC06E35495601A8A10AF ] e1express       C:\Windows\system32\DRIVERS\e1e6232.sys
01:01:29.0164 0x0e44  e1express - ok
01:01:29.0230 0x0e44  [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost         C:\Windows\System32\eapsvc.dll
01:01:29.0234 0x0e44  EapHost - ok
01:01:29.0437 0x0e44  [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
01:01:29.0605 0x0e44  ebdrv - ok
01:01:29.0679 0x0e44  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] EFS             C:\Windows\System32\lsass.exe
01:01:29.0681 0x0e44  EFS - ok
01:01:29.0830 0x0e44  [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
01:01:29.0868 0x0e44  ehRecvr - ok
01:01:29.0900 0x0e44  [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched         C:\Windows\ehome\ehsched.exe
01:01:29.0903 0x0e44  ehSched - ok
01:01:29.0984 0x0e44  [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
01:01:30.0000 0x0e44  elxstor - ok
01:01:30.0035 0x0e44  [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
01:01:30.0036 0x0e44  ErrDev - ok
01:01:30.0096 0x0e44  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem     C:\Windows\system32\es.dll
01:01:30.0105 0x0e44  EventSystem - ok
01:01:30.0126 0x0e44  [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat           C:\Windows\system32\drivers\exfat.sys
01:01:30.0132 0x0e44  exfat - ok
01:01:30.0162 0x0e44  [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
01:01:30.0167 0x0e44  fastfat - ok
01:01:30.0244 0x0e44  [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax             C:\Windows\system32\fxssvc.exe
01:01:30.0262 0x0e44  Fax - ok
01:01:30.0308 0x0e44  [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
01:01:30.0313 0x0e44  fdc - ok
01:01:30.0355 0x0e44  [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost         C:\Windows\system32\fdPHost.dll
01:01:30.0357 0x0e44  fdPHost - ok
01:01:30.0373 0x0e44  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub        C:\Windows\system32\fdrespub.dll
01:01:30.0376 0x0e44  FDResPub - ok
01:01:30.0407 0x0e44  [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
01:01:30.0410 0x0e44  FileInfo - ok
01:01:30.0423 0x0e44  [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
01:01:30.0425 0x0e44  Filetrace - ok
01:01:30.0451 0x0e44  [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
01:01:30.0453 0x0e44  flpydisk - ok
01:01:30.0505 0x0e44  [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
01:01:30.0511 0x0e44  FltMgr - ok
01:01:30.0643 0x0e44  [ E12C4928B32ACE04610259647F072635, B71B9C2DF45F33C4DAC88435129B08B0BCDBBE82E8C3AD0A95F00137CC8B619F ] FontCache       C:\Windows\system32\FntCache.dll
01:01:30.0743 0x0e44  FontCache - ok
01:01:30.0819 0x0e44  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
01:01:30.0822 0x0e44  FontCache3.0.0.0 - ok
01:01:30.0846 0x0e44  [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
01:01:30.0849 0x0e44  FsDepends - ok
01:01:30.0903 0x0e44  [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
01:01:30.0905 0x0e44  Fs_Rec - ok
01:01:30.0974 0x0e44  [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
01:01:30.0983 0x0e44  fvevol - ok
01:01:31.0032 0x0e44  [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
01:01:31.0035 0x0e44  gagp30kx - ok
01:01:31.0090 0x0e44  [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc           C:\Windows\System32\gpsvc.dll
01:01:31.0109 0x0e44  gpsvc - ok
01:01:31.0242 0x0e44  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
01:01:31.0246 0x0e44  gupdate - ok
01:01:31.0253 0x0e44  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
01:01:31.0256 0x0e44  gupdatem - ok
01:01:31.0276 0x0e44  [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
01:01:31.0278 0x0e44  hcw85cir - ok
01:01:31.0350 0x0e44  [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
01:01:31.0362 0x0e44  HdAudAddService - ok
01:01:31.0423 0x0e44  [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
01:01:31.0426 0x0e44  HDAudBus - ok
01:01:31.0477 0x0e44  [ 66FED3EEABDCE17829EDF4C68702ED22, 41521985A5FBC645A3D4E6B8D57F066FC87DC3FCE8096A8E6955F4A8DBF587F9 ] HECI            C:\Windows\system32\DRIVERS\HECI.sys
01:01:31.0479 0x0e44  HECI - ok
01:01:31.0502 0x0e44  [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
01:01:31.0503 0x0e44  HidBatt - ok
01:01:31.0531 0x0e44  [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
01:01:31.0535 0x0e44  HidBth - ok
01:01:31.0565 0x0e44  [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
01:01:31.0567 0x0e44  HidIr - ok
01:01:31.0602 0x0e44  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv         C:\Windows\System32\hidserv.dll
01:01:31.0608 0x0e44  hidserv - ok
01:01:31.0679 0x0e44  [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
01:01:32.0190 0x0e44  HidUsb - ok
01:01:32.0490 0x0e44  [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc          C:\Windows\system32\kmsvc.dll
01:01:32.0496 0x0e44  hkmsvc - ok
01:01:32.0530 0x0e44  [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
01:01:32.0538 0x0e44  HomeGroupListener - ok
01:01:32.0577 0x0e44  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
01:01:32.0584 0x0e44  HomeGroupProvider - ok
01:01:32.0648 0x0e44  [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
01:01:32.0651 0x0e44  HpSAMD - ok
01:01:32.0719 0x0e44  [ 871917B07A141BFF43D76D8844D48106, 30C702008D0EE57D63F74864967DD19A55A268E77E42B5B3CC73037AD51D2987 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
01:01:32.0734 0x0e44  HTTP - ok
01:01:32.0779 0x0e44  [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
01:01:32.0780 0x0e44  hwpolicy - ok
01:01:32.0839 0x0e44  [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
01:01:32.0842 0x0e44  i8042prt - ok
01:01:32.0911 0x0e44  [ D483687EACE0C065EE772481A96E05F5, A22200E90C78DFE73FE0FBEED5331AB43CD7133651FD125595C4DB604AD71B29 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
01:01:32.0918 0x0e44  iaStor - ok
01:01:32.0973 0x0e44  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
01:01:32.0983 0x0e44  iaStorV - ok
01:01:33.0106 0x0e44  [ C521D7EB6497BB1AF6AFA89E322FB43C, BDDCFCBB5B76A9295669B5AC9F732D6127199ED5C300770B554C4E4794F66BB7 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
01:01:33.0153 0x0e44  idsvc - ok
01:01:33.0211 0x0e44  IEEtwCollectorService - ok
01:01:33.0513 0x0e44  [ 9467514EA189475A6E7FDC5D7BDE9D3F, E6F5B99BF6B614832770F9310B06334A8174C7660DDEC7589433640527A14683 ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
01:01:33.0768 0x0e44  igfx - ok
01:01:34.0163 0x0e44  [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
01:01:34.0166 0x0e44  iirsp - ok
01:01:34.0248 0x0e44  [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT          C:\Windows\System32\ikeext.dll
01:01:34.0275 0x0e44  IKEEXT - ok
01:01:34.0326 0x0e44  [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide        C:\Windows\system32\drivers\intelide.sys
01:01:34.0328 0x0e44  intelide - ok
01:01:34.0372 0x0e44  [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
01:01:34.0376 0x0e44  intelppm - ok
01:01:34.0421 0x0e44  [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
01:01:34.0429 0x0e44  IPBusEnum - ok
01:01:34.0462 0x0e44  [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
01:01:34.0465 0x0e44  IpFilterDriver - ok
01:01:34.0530 0x0e44  [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
01:01:34.0575 0x0e44  iphlpsvc - ok
01:01:34.0603 0x0e44  [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
01:01:34.0606 0x0e44  IPMIDRV - ok
01:01:34.0649 0x0e44  [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
01:01:34.0653 0x0e44  IPNAT - ok
01:01:34.0684 0x0e44  [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
01:01:34.0686 0x0e44  IRENUM - ok
01:01:34.0734 0x0e44  [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
01:01:34.0737 0x0e44  isapnp - ok
01:01:34.0764 0x0e44  [ CB7A9ABB12B8415BCE5D74994C7BA3AE, 464BFF3F5EEE985BE075E23E1813F5CB82A9A0771A92C6D889B13B867BCDF647 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
01:01:34.0772 0x0e44  iScsiPrt - ok
01:01:34.0832 0x0e44  [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
01:01:34.0837 0x0e44  kbdclass - ok
01:01:34.0898 0x0e44  [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
01:01:34.0900 0x0e44  kbdhid - ok
01:01:34.0936 0x0e44  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] KeyIso          C:\Windows\system32\lsass.exe
01:01:34.0941 0x0e44  KeyIso - ok
01:01:34.0977 0x0e44  [ F286830298323272260332D6ABC905C1, FF4CD182A95CA53119B228690D682EE9214BE131A0DBCB09B6189FBEBBFF902C ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
01:01:34.0981 0x0e44  KSecDD - ok
01:01:34.0997 0x0e44  [ D7C760D57B1656DD748B9E4AB6CB5A51, F8AE4185A6A9F7005DEFF1FDC03F395C6189825B482B8C650637FD29DE93AB68 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
01:01:35.0002 0x0e44  KSecPkg - ok
01:01:35.0069 0x0e44  [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm           C:\Windows\system32\msdtckrm.dll
01:01:35.0086 0x0e44  KtmRm - ok
01:01:35.0142 0x0e44  [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer    C:\Windows\System32\srvsvc.dll
01:01:35.0149 0x0e44  LanmanServer - ok
01:01:35.0204 0x0e44  [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
01:01:35.0209 0x0e44  LanmanWorkstation - ok
01:01:35.0263 0x0e44  [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
01:01:35.0269 0x0e44  lltdio - ok
01:01:35.0334 0x0e44  [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
01:01:35.0351 0x0e44  lltdsvc - ok
01:01:35.0376 0x0e44  [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts         C:\Windows\System32\lmhsvc.dll
01:01:35.0378 0x0e44  lmhosts - ok
01:01:35.0421 0x0e44  [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
01:01:35.0425 0x0e44  LSI_FC - ok
01:01:35.0442 0x0e44  [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
01:01:35.0446 0x0e44  LSI_SAS - ok
01:01:35.0505 0x0e44  [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
01:01:35.0508 0x0e44  LSI_SAS2 - ok
01:01:35.0524 0x0e44  [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
01:01:35.0528 0x0e44  LSI_SCSI - ok
01:01:35.0548 0x0e44  [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv           C:\Windows\system32\drivers\luafv.sys
01:01:35.0551 0x0e44  luafv - ok
01:01:35.0596 0x0e44  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
01:01:35.0605 0x0e44  Mcx2Svc - ok
01:01:35.0626 0x0e44  [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
01:01:35.0636 0x0e44  megasas - ok
01:01:35.0676 0x0e44  [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
01:01:35.0684 0x0e44  MegaSR - ok
01:01:35.0726 0x0e44  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS           C:\Windows\system32\mmcss.dll
01:01:35.0729 0x0e44  MMCSS - ok
01:01:35.0749 0x0e44  [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem           C:\Windows\system32\drivers\modem.sys
01:01:35.0750 0x0e44  Modem - ok
01:01:35.0794 0x0e44  [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
01:01:35.0797 0x0e44  monitor - ok
01:01:35.0843 0x0e44  [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass        C:\Windows\system32\drivers\mouclass.sys
01:01:35.0846 0x0e44  mouclass - ok
01:01:35.0882 0x0e44  [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
01:01:35.0884 0x0e44  mouhid - ok
01:01:35.0930 0x0e44  [ FC8771F45ECCCFD89684E38842539B9B, 806DDF2B4830CA866582FE74A521BB7DF26CA0E19013DAF584D3677FB48CC77A ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
01:01:35.0936 0x0e44  mountmgr - ok
01:01:36.0024 0x0e44  [ E77DC03DD3C8E5A388BF9EED2A28F3D1, ED0DAA975D1EC35CE036F02596218E15CC6A054167628D12A0A5AD91B841F422 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
01:01:36.0032 0x0e44  MpFilter - ok
01:01:36.0138 0x0e44  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio            C:\Windows\system32\drivers\mpio.sys
01:01:36.0148 0x0e44  mpio - ok
01:01:36.0337 0x0e44  [ 06D4F934E09C359B0EFBFB3146F1D910, 484F57CD6F8757137F3B3491B8AC8ECF6C6385A666CD1671833DDD9E962AAB4A ] MpKslba1c344c   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C9953356-0F3F-4110-BDDD-07F956769468}\MpKslba1c344c.sys
01:01:36.0340 0x0e44  MpKslba1c344c - ok
01:01:36.0388 0x0e44  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
01:01:36.0392 0x0e44  mpsdrv - ok
01:01:36.0485 0x0e44  [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc          C:\Windows\system32\mpssvc.dll
01:01:36.0555 0x0e44  MpsSvc - ok
01:01:36.0593 0x0e44  [ 21F4B24ACFC79A483515BD986DD9043F, 22681907E02E0B723ABE2CEF0602D36C8EF862E7E2B62A9B40A5EF582E58D7BA ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
01:01:36.0598 0x0e44  MRxDAV - ok
01:01:36.0640 0x0e44  [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
01:01:36.0645 0x0e44  mrxsmb - ok
01:01:36.0663 0x0e44  [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
01:01:36.0671 0x0e44  mrxsmb10 - ok
01:01:36.0723 0x0e44  [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
01:01:36.0727 0x0e44  mrxsmb20 - ok
01:01:36.0776 0x0e44  [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci          C:\Windows\system32\drivers\msahci.sys
01:01:36.0781 0x0e44  msahci - ok
01:01:36.0818 0x0e44  [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
01:01:36.0824 0x0e44  msdsm - ok
01:01:36.0867 0x0e44  [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC           C:\Windows\System32\msdtc.exe
01:01:36.0872 0x0e44  MSDTC - ok
01:01:36.0949 0x0e44  [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs            C:\Windows\system32\drivers\Msfs.sys
01:01:36.0951 0x0e44  Msfs - ok
01:01:36.0981 0x0e44  [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
01:01:36.0982 0x0e44  mshidkmdf - ok
01:01:36.0994 0x0e44  [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
01:01:36.0995 0x0e44  msisadrv - ok
01:01:37.0050 0x0e44  [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
01:01:37.0055 0x0e44  MSiSCSI - ok
01:01:37.0061 0x0e44  msiserver - ok
01:01:37.0105 0x0e44  [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
01:01:37.0106 0x0e44  MSKSSRV - ok
01:01:37.0221 0x0e44  [ B0F49DA36F30922F5DDC3B623B778FCE, EE025AEFA4A2095AFEABFB3A49639DA77D78068A3F5EEDA6C15D34853AFD5609 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
01:01:37.0222 0x0e44  MsMpSvc - ok
01:01:37.0237 0x0e44  [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
01:01:37.0239 0x0e44  MSPCLOCK - ok
01:01:37.0252 0x0e44  [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
01:01:37.0253 0x0e44  MSPQM - ok
01:01:37.0280 0x0e44  [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
01:01:37.0286 0x0e44  MsRPC - ok
01:01:37.0362 0x0e44  [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
01:01:37.0365 0x0e44  mssmbios - ok
01:01:37.0398 0x0e44  [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
01:01:37.0399 0x0e44  MSTEE - ok
01:01:37.0427 0x0e44  [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
01:01:37.0429 0x0e44  MTConfig - ok
01:01:37.0446 0x0e44  [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup             C:\Windows\system32\Drivers\mup.sys
01:01:37.0449 0x0e44  Mup - ok
01:01:37.0510 0x0e44  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent        C:\Windows\system32\qagentRT.dll
01:01:37.0526 0x0e44  napagent - ok
01:01:37.0603 0x0e44  [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
01:01:37.0622 0x0e44  NativeWifiP - ok
01:01:37.0699 0x0e44  [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS            C:\Windows\system32\drivers\ndis.sys
01:01:37.0778 0x0e44  NDIS - ok
01:01:37.0805 0x0e44  [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
01:01:37.0806 0x0e44  NdisCap - ok
01:01:37.0834 0x0e44  [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
01:01:37.0836 0x0e44  NdisTapi - ok
01:01:37.0885 0x0e44  [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
01:01:37.0888 0x0e44  Ndisuio - ok
01:01:37.0940 0x0e44  [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
01:01:37.0945 0x0e44  NdisWan - ok
01:01:37.0993 0x0e44  [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
01:01:37.0996 0x0e44  NDProxy - ok
01:01:38.0035 0x0e44  [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
01:01:38.0037 0x0e44  NetBIOS - ok
01:01:38.0094 0x0e44  [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
01:01:38.0107 0x0e44  NetBT - ok
01:01:38.0128 0x0e44  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] Netlogon        C:\Windows\system32\lsass.exe
01:01:38.0130 0x0e44  Netlogon - ok
01:01:38.0173 0x0e44  [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman          C:\Windows\System32\netman.dll
01:01:38.0184 0x0e44  Netman - ok
01:01:38.0269 0x0e44  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
01:01:38.0276 0x0e44  NetMsmqActivator - ok
01:01:38.0321 0x0e44  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
01:01:38.0324 0x0e44  NetPipeActivator - ok
01:01:38.0368 0x0e44  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm        C:\Windows\System32\netprofm.dll
01:01:38.0381 0x0e44  netprofm - ok
01:01:38.0417 0x0e44  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
01:01:38.0421 0x0e44  NetTcpActivator - ok
01:01:38.0430 0x0e44  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
01:01:38.0434 0x0e44  NetTcpPortSharing - ok
01:01:38.0797 0x0e44  [ 58218EC6B61B1169CF54AAB0D00F5FE2, B76ABB2AD78CE68D30F0F08563B0593D658298CDCF1B138B6E9FB0D64CBCC3C2 ] netw5v32        C:\Windows\system32\DRIVERS\netw5v32.sys
01:01:39.0052 0x0e44  netw5v32 - ok
01:01:39.0475 0x0e44  [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
01:01:39.0480 0x0e44  nfrd960 - ok
01:01:39.0547 0x0e44  [ 32FF06EC6D946EF791D98D6C838A3090, 319BDD491CB22D0CCCCE76A2854CF469D7AF046289F9C56CD03AE3D3CBC0275E ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
01:01:39.0555 0x0e44  NisDrv - ok
01:01:39.0633 0x0e44  [ 42D33042371BFB1A7D40834590CAFD30, 53DA3618EC10293B2DF686E291A4EF6ACBBD41D116EC762D54106D201A784E87 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
01:01:39.0642 0x0e44  NisSrv - ok
01:01:39.0676 0x0e44  [ 374071043F9E4231EE43BE2BB48DD36D, C4FA3FC40CC49DBBB91901D14210A55D3831FAC9F9B3FF45FCA7F5CF242C9E92 ] NlaSvc          C:\Windows\System32\nlasvc.dll
01:01:39.0686 0x0e44  NlaSvc - ok
01:01:39.0753 0x0e44  [ B48DC6ABCD3AEFF8618350CCBDC6B09A, 824D8B03E061DDD0D33EF9F03C669B13E7B6E339684009BD44D69178C45E2DE1 ] NPF             C:\Windows\system32\drivers\npf.sys
01:01:39.0755 0x0e44  NPF - ok
01:01:39.0770 0x0e44  [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
01:01:39.0773 0x0e44  Npfs - ok
01:01:39.0803 0x0e44  [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi             C:\Windows\system32\nsisvc.dll
01:01:39.0806 0x0e44  nsi - ok
01:01:39.0815 0x0e44  [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
01:01:39.0816 0x0e44  nsiproxy - ok
01:01:39.0914 0x0e44  [ 5E43D2B0EE64123D4880DFA6626DEFDE, 164413A22DE58B19EA2B4120034B46D6BE1F424B80C3421E10BE5C81153D049F ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
01:01:39.0981 0x0e44  Ntfs - ok
01:01:40.0013 0x0e44  [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null            C:\Windows\system32\drivers\Null.sys
01:01:40.0015 0x0e44  Null - ok
01:01:40.0036 0x0e44  [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
01:01:40.0041 0x0e44  nvraid - ok
01:01:40.0073 0x0e44  [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
01:01:40.0080 0x0e44  nvstor - ok
01:01:40.0107 0x0e44  [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
01:01:40.0111 0x0e44  nv_agp - ok
01:01:40.0143 0x0e44  [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
01:01:40.0146 0x0e44  ohci1394 - ok
01:01:40.0234 0x0e44  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
01:01:40.0266 0x0e44  ose - ok
01:01:40.0608 0x0e44  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7, F342100E2E9001F11FDF93F856B50FA43F9B85D2C6B5706EC0433E77206498DA ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
01:01:40.0876 0x0e44  osppsvc - ok
01:01:40.0939 0x0e44  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
01:01:40.0949 0x0e44  p2pimsvc - ok
01:01:40.0995 0x0e44  [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc          C:\Windows\system32\p2psvc.dll
01:01:41.0007 0x0e44  p2psvc - ok
01:01:41.0037 0x0e44  [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport         C:\Windows\system32\DRIVERS\parport.sys
01:01:41.0040 0x0e44  Parport - ok
01:01:41.0081 0x0e44  [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
01:01:41.0083 0x0e44  partmgr - ok
01:01:41.0100 0x0e44  [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
01:01:41.0101 0x0e44  Parvdm - ok
01:01:41.0133 0x0e44  [ 358AB7956D3160000726574083DFC8A6, 6CAFD4D1B8AB8C1D167ADC018985DDAB5AC2CBFFB3434FE6390F14AF50C19025 ] PcaSvc          C:\Windows\System32\pcasvc.dll
01:01:41.0140 0x0e44  PcaSvc - ok
01:01:41.0159 0x0e44  [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci             C:\Windows\system32\drivers\pci.sys
01:01:41.0164 0x0e44  pci - ok
01:01:41.0217 0x0e44  [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide          C:\Windows\system32\drivers\pciide.sys
01:01:41.0221 0x0e44  pciide - ok
01:01:41.0259 0x0e44  [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
01:01:41.0269 0x0e44  pcmcia - ok
01:01:41.0291 0x0e44  [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw             C:\Windows\system32\drivers\pcw.sys
01:01:41.0293 0x0e44  pcw - ok
01:01:41.0360 0x0e44  [ 9E0104BA49F4E6973749A02BF41344ED, B32F39F38DB48D77FBA884DEE34112BAB81CCEF5DD2EAAA12D9589D73D2BB116 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
01:01:41.0378 0x0e44  PEAUTH - ok
01:01:41.0478 0x0e44  [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
01:01:41.0529 0x0e44  PeerDistSvc - ok
01:01:41.0646 0x0e44  [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla             C:\Windows\system32\pla.dll
01:01:41.0787 0x0e44  pla - ok
01:01:41.0859 0x0e44  [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
01:01:41.0870 0x0e44  PlugPlay - ok
01:01:41.0907 0x0e44  [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
01:01:41.0910 0x0e44  PNRPAutoReg - ok
01:01:41.0938 0x0e44  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
01:01:41.0945 0x0e44  PNRPsvc - ok
01:01:42.0013 0x0e44  [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
01:01:42.0025 0x0e44  PolicyAgent - ok
01:01:42.0071 0x0e44  [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power           C:\Windows\system32\umpo.dll
01:01:42.0077 0x0e44  Power - ok
01:01:42.0111 0x0e44  [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
01:01:42.0114 0x0e44  PptpMiniport - ok
01:01:42.0138 0x0e44  [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
01:01:42.0140 0x0e44  Processor - ok
01:01:42.0180 0x0e44  [ CADEFAC453040E370A1BDFF3973BE00D, 2E3DD8DA702468D8AB0F3CE27188B1991D4CB015FB36BAE4C6E7996B61CF49B8 ] ProfSvc         C:\Windows\system32\profsvc.dll
01:01:42.0187 0x0e44  ProfSvc - ok
01:01:42.0199 0x0e44  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] ProtectedStorage C:\Windows\system32\lsass.exe
01:01:42.0201 0x0e44  ProtectedStorage - ok
01:01:42.0246 0x0e44  [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
01:01:42.0250 0x0e44  Psched - ok
01:01:42.0331 0x0e44  [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
01:01:42.0445 0x0e44  ql2300 - ok
01:01:42.0624 0x0e44  [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
01:01:42.0842 0x0e44  ql40xx - ok
01:01:42.0885 0x0e44  [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE           C:\Windows\system32\qwave.dll
01:01:42.0899 0x0e44  QWAVE - ok
01:01:42.0911 0x0e44  [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
01:01:42.0913 0x0e44  QWAVEdrv - ok
01:01:42.0941 0x0e44  [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
01:01:42.0943 0x0e44  RasAcd - ok
01:01:42.0969 0x0e44  [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
01:01:42.0972 0x0e44  RasAgileVpn - ok
01:01:42.0988 0x0e44  [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto         C:\Windows\System32\rasauto.dll
01:01:42.0993 0x0e44  RasAuto - ok
01:01:43.0010 0x0e44  [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
01:01:43.0014 0x0e44  Rasl2tp - ok
01:01:43.0065 0x0e44  [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan          C:\Windows\System32\rasmans.dll
01:01:43.0076 0x0e44  RasMan - ok
01:01:43.0156 0x0e44  [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
01:01:43.0163 0x0e44  RasPppoe - ok
01:01:43.0191 0x0e44  [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
01:01:43.0195 0x0e44  RasSstp - ok
01:01:43.0256 0x0e44  [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
01:01:43.0272 0x0e44  rdbss - ok
01:01:43.0284 0x0e44  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
01:01:43.0286 0x0e44  rdpbus - ok
01:01:43.0323 0x0e44  [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
01:01:43.0324 0x0e44  RDPCDD - ok
01:01:43.0345 0x0e44  [ B973FCFC50DC1434E1970A146F7E3885, BE797E5F5AE34D37F8DA1134CE94DD14DBE36D2BC405B97E992E2257848B7CA9 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
01:01:43.0351 0x0e44  RDPDR - ok
01:01:43.0370 0x0e44  [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
01:01:43.0370 0x0e44  RDPENCDD - ok
01:01:43.0398 0x0e44  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
01:01:43.0399 0x0e44  RDPREFMP - ok
01:01:43.0433 0x0e44  [ F031683E6D1FEA157ABB2FF260B51E61, 83B552819A5964152882C527E1421DBCEAACC74DEB897E3C4B53F52F1467FED3 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
01:01:43.0439 0x0e44  RDPWD - ok
01:01:43.0495 0x0e44  [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
01:01:43.0507 0x0e44  rdyboost - ok
01:01:43.0551 0x0e44  [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess    C:\Windows\System32\mprdim.dll
01:01:43.0556 0x0e44  RemoteAccess - ok
01:01:43.0583 0x0e44  [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry  C:\Windows\system32\regsvc.dll
01:01:43.0589 0x0e44  RemoteRegistry - ok
01:01:43.0674 0x0e44  [ B60F58F175DE20A6739194E85B035178, 6E66D6041AF0B69896E4556F9FF3A3AA70CF4B09FFBE68E14E60313C5E3FFDDB ] rpcapd          C:\Program Files\WinPcap\rpcapd.exe
01:01:43.0678 0x0e44  rpcapd - ok
01:01:43.0703 0x0e44  [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
01:01:43.0707 0x0e44  RpcEptMapper - ok
01:01:43.0738 0x0e44  [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator      C:\Windows\system32\locator.exe
01:01:43.0740 0x0e44  RpcLocator - ok
01:01:43.0771 0x0e44  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs           C:\Windows\system32\rpcss.dll
01:01:43.0781 0x0e44  RpcSs - ok
01:01:43.0835 0x0e44  [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
01:01:43.0838 0x0e44  rspndr - ok
01:01:43.0865 0x0e44  [ 7FA7F2E249A5DCBB7970630E15E1F482, 9633B193F3FDA67BC551C6DCA4788AB83E9F45F77763EE579D02FE5D6B80DEDF ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
01:01:43.0866 0x0e44  s3cap - ok
01:01:43.0884 0x0e44  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] SamSs           C:\Windows\system32\lsass.exe
01:01:43.0886 0x0e44  SamSs - ok
01:01:43.0926 0x0e44  [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
01:01:43.0930 0x0e44  sbp2port - ok
01:01:43.0970 0x0e44  [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
01:01:43.0976 0x0e44  SCardSvr - ok
01:01:44.0011 0x0e44  [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
01:01:44.0013 0x0e44  scfilter - ok
01:01:44.0102 0x0e44  [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule        C:\Windows\system32\schedsvc.dll
01:01:44.0151 0x0e44  Schedule - ok
01:01:44.0167 0x0e44  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc     C:\Windows\System32\certprop.dll
01:01:44.0169 0x0e44  SCPolicySvc - ok
01:01:44.0205 0x0e44  [ 0328BE1C7F1CBA23848179F8762E391C, EA80853F04BAE6F46F658B3EFED34BFDDE20E6F2BDA349EBC17EC75DFF19855D ] sdbus           C:\Windows\system32\drivers\sdbus.sys
01:01:44.0209 0x0e44  sdbus - ok
01:01:44.0273 0x0e44  [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
01:01:44.0289 0x0e44  SDRSVC - ok
01:01:44.0356 0x0e44  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
01:01:44.0358 0x0e44  secdrv - ok
01:01:44.0385 0x0e44  [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon        C:\Windows\system32\seclogon.dll
01:01:44.0390 0x0e44  seclogon - ok
01:01:44.0404 0x0e44  [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS            C:\Windows\system32\sens.dll
01:01:44.0409 0x0e44  SENS - ok
01:01:44.0456 0x0e44  [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
01:01:44.0461 0x0e44  SensrSvc - ok
01:01:44.0486 0x0e44  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
01:01:44.0488 0x0e44  Serenum - ok
01:01:44.0509 0x0e44  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial          C:\Windows\system32\DRIVERS\serial.sys
01:01:44.0634 0x0e44  Serial - ok
01:01:44.0864 0x0e44  [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
01:01:44.0868 0x0e44  sermouse - ok
01:01:44.0979 0x0e44  [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv      C:\Windows\system32\sessenv.dll
01:01:44.0992 0x0e44  SessionEnv - ok
01:01:45.0031 0x0e44  [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
01:01:45.0033 0x0e44  sffdisk - ok
01:01:45.0048 0x0e44  [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
01:01:45.0050 0x0e44  sffp_mmc - ok
01:01:45.0067 0x0e44  [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
01:01:45.0069 0x0e44  sffp_sd - ok
01:01:45.0101 0x0e44  [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
01:01:45.0103 0x0e44  sfloppy - ok
01:01:45.0176 0x0e44  [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
01:01:45.0186 0x0e44  SharedAccess - ok
01:01:45.0235 0x0e44  [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
01:01:45.0248 0x0e44  ShellHWDetection - ok
01:01:45.0284 0x0e44  [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp          C:\Windows\system32\drivers\sisagp.sys
01:01:45.0287 0x0e44  sisagp - ok
01:01:45.0317 0x0e44  [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
01:01:45.0320 0x0e44  SiSRaid2 - ok
01:01:45.0340 0x0e44  [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
01:01:45.0344 0x0e44  SiSRaid4 - ok
01:01:45.0427 0x0e44  [ F5BBEDF602C310B00036EB2DBF4348A5, AC2712E639F0C54BCF00EB4E90E805335871EA27AE8A45DFC53EDF28822318C4 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
01:01:45.0439 0x0e44  SkypeUpdate - ok
01:01:45.0486 0x0e44  [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
01:01:45.0493 0x0e44  Smb - ok
01:01:45.0558 0x0e44  [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
01:01:45.0561 0x0e44  SNMPTRAP - ok
01:01:45.0577 0x0e44  [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr           C:\Windows\system32\drivers\spldr.sys
01:01:45.0579 0x0e44  spldr - ok
01:01:45.0636 0x0e44  [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler         C:\Windows\System32\spoolsv.exe
01:01:45.0648 0x0e44  Spooler - ok
01:01:45.0864 0x0e44  [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc          C:\Windows\system32\sppsvc.exe
01:01:46.0042 0x0e44  sppsvc - ok
01:01:46.0104 0x0e44  [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify     C:\Windows\system32\sppuinotify.dll
01:01:46.0114 0x0e44  sppuinotify - ok
01:01:46.0156 0x0e44  [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv             C:\Windows\system32\DRIVERS\srv.sys
01:01:46.0168 0x0e44  srv - ok
01:01:46.0195 0x0e44  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
01:01:46.0205 0x0e44  srv2 - ok
01:01:46.0223 0x0e44  [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
01:01:46.0233 0x0e44  srvnet - ok
01:01:46.0323 0x0e44  [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
01:01:46.0353 0x0e44  SSDPSRV - ok
01:01:46.0373 0x0e44  [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
01:01:46.0379 0x0e44  SstpSvc - ok
01:01:46.0409 0x0e44  [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
01:01:46.0411 0x0e44  stexstor - ok
01:01:46.0476 0x0e44  [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc          C:\Windows\System32\wiaservc.dll
01:01:46.0549 0x0e44  StiSvc - ok
01:01:46.0581 0x0e44  [ 472AF0311073DCECEAA8FA18BA2BDF89, 089414057EB2047E42C96C1ACE79D509967461DC5A4D2836F63C04268637A3FC ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
01:01:46.0583 0x0e44  storflt - ok
01:01:46.0609 0x0e44  [ 0BF669F0A910BEDA4A32258D363AF2A5, 83EEBACDE4F69A2866B69CAA633F5C8B3CB01D88CEDB01B6EA5988E0A25CEE47 ] StorSvc         C:\Windows\system32\storsvc.dll
01:01:46.0613 0x0e44  StorSvc - ok
01:01:46.0674 0x0e44  [ DCAFFD62259E0BDB433DD67B5BB37619, CBD12FF9BBF33D18B0F3D322B12EC62E7DF3BF45C6AD43D2E91FF4C4762E05D0 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
01:01:46.0676 0x0e44  storvsc - ok
01:01:46.0715 0x0e44  [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum          C:\Windows\system32\drivers\swenum.sys
01:01:46.0717 0x0e44  swenum - ok
01:01:46.0766 0x0e44  [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv           C:\Windows\System32\swprv.dll
01:01:46.0778 0x0e44  swprv - ok
01:01:46.0870 0x0e44  [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain         C:\Windows\system32\sysmain.dll
01:01:46.0971 0x0e44  SysMain - ok
01:01:47.0006 0x0e44  [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
01:01:47.0011 0x0e44  TabletInputService - ok
01:01:47.0049 0x0e44  [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv         C:\Windows\System32\tapisrv.dll
01:01:47.0059 0x0e44  TapiSrv - ok
01:01:47.0155 0x0e44  [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS             C:\Windows\System32\tbssvc.dll
01:01:47.0165 0x0e44  TBS - ok
01:01:47.0298 0x0e44  [ CA59F7C570AF70BC174F477CFE2D9EE3, F09E4E14207A2AC6957D2C0AC8707D0E356A9087FA6DC703373242D8EEB026BD ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
01:01:47.0356 0x0e44  Tcpip - ok
01:01:47.0481 0x0e44  [ CA59F7C570AF70BC174F477CFE2D9EE3, F09E4E14207A2AC6957D2C0AC8707D0E356A9087FA6DC703373242D8EEB026BD ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
01:01:47.0508 0x0e44  TCPIP6 - ok
01:01:47.0543 0x0e44  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
01:01:47.0545 0x0e44  tcpipreg - ok
01:01:47.0582 0x0e44  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
01:01:47.0584 0x0e44  TDPIPE - ok
01:01:47.0600 0x0e44  [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
01:01:47.0602 0x0e44  TDTCP - ok
01:01:47.0637 0x0e44  [ B459575348C20E8121D6039DA063C704, 1B4328A9EA39FF5A57F258E02254D04B73455F1DF7C997C13702A8B2F12D0347 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
01:01:47.0640 0x0e44  tdx - ok
01:01:47.0680 0x0e44  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD          C:\Windows\system32\drivers\termdd.sys
01:01:47.0683 0x0e44  TermDD - ok
01:01:47.0760 0x0e44  [ 382C804C92811BE57829D8E550A900E2, 5F52C2E7902024CF1C9CC0069F411C3F19CCA3DB209F437FA0F3932D4898EB50 ] TermService     C:\Windows\System32\termsrv.dll
01:01:47.0802 0x0e44  TermService - ok
01:01:47.0833 0x0e44  [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes          C:\Windows\system32\themeservice.dll
01:01:47.0837 0x0e44  Themes - ok
01:01:47.0878 0x0e44  [ E17DCDE74FF00CA802643B4A9A4A4A5C, 9692751155D822187F6A3D0AD666001E7A2A454661AE745748CD6DE59DBC38D0 ] Thpevm          C:\Windows\system32\DRIVERS\Thpevm.SYS
01:01:47.0880 0x0e44  Thpevm - ok
01:01:47.0891 0x0e44  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER     C:\Windows\system32\mmcss.dll
01:01:47.0894 0x0e44  THREADORDER - ok
01:01:47.0967 0x0e44  [ C424F991494E5674F2E9B3CF9F5F55D1, CC799C9154431763D052AB8B41EFAE71A039EDD6EAC5E6D892E22C8BEF1D2BB5 ] tifm21          C:\Windows\system32\drivers\tifm21.sys
01:01:47.0984 0x0e44  tifm21 - ok
01:01:48.0059 0x0e44  [ F95208D35A9667C58CF8122EE22805A6, 80A72F21EE1E96753E90DDD87FA9BEACDF11E1A92FCDF01AFB499E751DA0613B ] TOSHIBA Bluetooth Service C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
01:01:48.0065 0x0e44  TOSHIBA Bluetooth Service - ok
01:01:48.0116 0x0e44  [ 90AFA1A4451BBBEE87C9F18A665D8121, 592AE754F117018E8777C541437544E1BC7FD93F460F3EE5DDBBC150448BFBD7 ] tosporte        C:\Windows\system32\DRIVERS\tosporte.sys
01:01:48.0118 0x0e44  tosporte - ok
01:01:48.0149 0x0e44  [ 490A76AB428F34EA676A23E429DD6DA4, FC2473DAF5162FEAD3477133ADCE0898B4F30D0DF7EAB710A42D671543D09AE9 ] tosrfbd         C:\Windows\system32\DRIVERS\tosrfbd.sys
01:01:48.0157 0x0e44  tosrfbd - ok
01:01:48.0179 0x0e44  [ 75CD3C238A0FFC66C4581C3870C09314, 6D4690961ACEF48AEF630C6486A489D4CEB6BCF4ABCC81E70A30004B7569A270 ] tosrfbnp        C:\Windows\system32\Drivers\tosrfbnp.sys
01:01:48.0182 0x0e44  tosrfbnp - ok
01:01:48.0207 0x0e44  [ B551D3F266DDA311256F963E8CFD1E9B, 49724855BCC945F5DBFCD48282156DE9B1DD7B88FC6181710587156D655E1F24 ] Tosrfcom        C:\Windows\system32\Drivers\tosrfcom.sys
01:01:48.0210 0x0e44  Tosrfcom - ok
01:01:48.0260 0x0e44  [ 51BAA142744E236C3A886479CAD99A06, B033630835D9274B7C8223FBCA89FB6D10DB084E4778295F978E19EB2919961F ] tosrfec         C:\Windows\system32\DRIVERS\tosrfec.sys
01:01:48.0262 0x0e44  tosrfec - ok
01:01:48.0280 0x0e44  [ F3E8762163EE87F3AC95537584CF5B4F, C01B30E764F187022E48C6BE8BD648D53CB4065973B176B5EA03FD13BAA2C9CB ] Tosrfhid        C:\Windows\system32\DRIVERS\Tosrfhid.sys
01:01:48.0283 0x0e44  Tosrfhid - ok
01:01:48.0299 0x0e44  [ B2A1A6538245FD69578224BBF2FD4677, 0393ECF2541A269169BA23D007266750958CD35E05FA7FCBEE1CF9727E07D9C4 ] tosrfnds        C:\Windows\system32\DRIVERS\tosrfnds.sys
01:01:48.0301 0x0e44  tosrfnds - ok
01:01:48.0316 0x0e44  [ 3DE5CBB4F8EB64563CE08E8EC7458D03, C993E67C3C5CD0190CC4EA622641621BA9D163528C06F009B7F1A8C7CB1BC488 ] TosRfSnd        C:\Windows\system32\drivers\tosrfsnd.sys
01:01:48.0319 0x0e44  TosRfSnd - ok
01:01:48.0344 0x0e44  [ AF5126FB6E9ED41C99AB7A10E98729CD, A191CE117619C87AD98F2965EC4D01D890CE46ED7C0BCD0F719178BE1B7681FE ] Tosrfusb        C:\Windows\system32\DRIVERS\tosrfusb.sys
01:01:48.0347 0x0e44  Tosrfusb - ok
01:01:48.0391 0x0e44  [ 5AD05191DC8B444A7BA4D79B76C42A30, 6166E939A5A240388EBA5AF7FF335DC413F2BBCF74C2E1D310F4BE2A5454A610 ] TPM             C:\Windows\system32\drivers\tpm.sys
01:01:48.0393 0x0e44  TPM - ok
01:01:48.0426 0x0e44  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks          C:\Windows\System32\trkwks.dll
01:01:48.0431 0x0e44  TrkWks - ok
01:01:48.0504 0x0e44  [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
01:01:48.0510 0x0e44  TrustedInstaller - ok
01:01:48.0537 0x0e44  [ B37B08F2E5EEB1A37E448E09BACE1101, 32CC9E06B88BAB6FAB4696B744548DFCE9199A7FD2BA8B019F269CA75895852C ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
01:01:48.0539 0x0e44  tssecsrv - ok
01:01:48.0600 0x0e44  [ FD1D6C73E6333BE727CBCC6054247654, 6F7B9AE1A5986204DB3348D13B303F30FC17624939DA74D6BD114FAEED0FB30E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
01:01:48.0605 0x0e44  TsUsbFlt - ok
01:01:48.0676 0x0e44  [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
01:01:48.0682 0x0e44  tunnel - ok
01:01:48.0769 0x0e44  [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
01:01:48.0775 0x0e44  uagp35 - ok
01:01:48.0827 0x0e44  [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
01:01:48.0835 0x0e44  udfs - ok
01:01:48.0878 0x0e44  [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect       C:\Windows\system32\UI0Detect.exe
01:01:48.0884 0x0e44  UI0Detect - ok
01:01:48.0932 0x0e44  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
01:01:48.0939 0x0e44  uliagpkx - ok
01:01:48.0982 0x0e44  [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus           C:\Windows\system32\drivers\umbus.sys
01:01:48.0985 0x0e44  umbus - ok
01:01:49.0005 0x0e44  [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
01:01:49.0006 0x0e44  UmPass - ok
01:01:49.0055 0x0e44  [ 409994A8EACEEE4E328749C0353527A0, FFC57B647147DE2957A7DE4B330CC534DE7AC892A2FCE3BB164F7A516CAB1B56 ] UmRdpService    C:\Windows\System32\umrdp.dll
01:01:49.0064 0x0e44  UmRdpService - ok
01:01:49.0110 0x0e44  [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost        C:\Windows\System32\upnphost.dll
01:01:49.0121 0x0e44  upnphost - ok
01:01:49.0172 0x0e44  [ A1977C315BF5691DA99235AA4A6907AF, 34B52FBA83F0E1C6B001D0AD1808B00152F731D18AAECC3C53B9918AA89BACEC ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
01:01:49.0176 0x0e44  usbaudio - ok
01:01:49.0206 0x0e44  [ 71D97F1A3CC47A56728F7A400A3F8295, ED3FDB73D8A98D9BAF702C0F5C7AD79D525D19DCE1487D442536913BEA5C7F15 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
01:01:49.0209 0x0e44  usbccgp - ok
01:01:49.0250 0x0e44  [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir          C:\Windows\system32\drivers\usbcir.sys
01:01:49.0254 0x0e44  usbcir - ok
01:01:49.0273 0x0e44  [ C4FB8E7ADEA9B5CEEA885A1B504B7E40, 3E0AE5D236890452F2EA33504309A7E5FE49C567FF6F68A83A5987F05ED01BF0 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
01:01:49.0276 0x0e44  usbehci - ok
01:01:49.0322 0x0e44  [ 86AA95ACB611001E26CD2C0145F2225A, 584D26E8C9407A4E717DCBF2D3819DB441C2D455B5FDA6654FBA3794E19B4D51 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
01:01:49.0330 0x0e44  usbhub - ok
01:01:49.0363 0x0e44  [ DCDF9855145A14DFCA0AB32308871961, 9A21013AD032195D54CE655DE5363E78BB74CC55C40B889520B478892F4BA40A ] usbohci         C:\Windows\system32\drivers\usbohci.sys
01:01:49.0365 0x0e44  usbohci - ok
01:01:49.0389 0x0e44  [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
01:01:49.0391 0x0e44  usbprint - ok
01:01:49.0428 0x0e44  [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
01:01:49.0431 0x0e44  USBSTOR - ok
01:01:49.0448 0x0e44  [ 8E51D04175BAA14C4F79AA5F6D248770, 6CE2E45E272734A5D1D0C4CE2BD7B61C61C7538903E87203E376495D198EFBD0 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
01:01:49.0450 0x0e44  usbuhci - ok
01:01:49.0503 0x0e44  [ AF77716205C97E902E6C5B78DECE2CCA, ED99EABED1C7F323EE2A76413E2B260F8EE1D76FDF1E60EE35136D060E756735 ] usb_rndisx      C:\Windows\system32\drivers\usb8023x.sys
01:01:49.0505 0x0e44  usb_rndisx - ok
01:01:49.0537 0x0e44  [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms           C:\Windows\System32\uxsms.dll
01:01:49.0541 0x0e44  UxSms - ok
01:01:49.0561 0x0e44  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] VaultSvc        C:\Windows\system32\lsass.exe
01:01:49.0564 0x0e44  VaultSvc - ok
01:01:49.0605 0x0e44  [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
01:01:49.0609 0x0e44  vdrvroot - ok
01:01:49.0692 0x0e44  [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds             C:\Windows\System32\vds.exe
01:01:49.0713 0x0e44  vds - ok
01:01:49.0773 0x0e44  [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
01:01:49.0775 0x0e44  vga - ok
01:01:49.0790 0x0e44  [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave         C:\Windows\System32\drivers\vga.sys
01:01:49.0792 0x0e44  VgaSave - ok
01:01:49.0826 0x0e44  [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
01:01:49.0832 0x0e44  vhdmp - ok
01:01:49.0969 0x0e44  [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
01:01:50.0181 0x0e44  viaagp - ok
01:01:50.0210 0x0e44  [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys
01:01:50.0216 0x0e44  ViaC7 - ok
01:01:50.0263 0x0e44  [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide          C:\Windows\system32\drivers\viaide.sys
01:01:50.0265 0x0e44  viaide - ok
01:01:50.0313 0x0e44  [ C2F2911156FDC7817C52829C86DA494E, FE499F189B5016FCE0018AA3DE3970B72275B7B15F3D4D608117F6DDEC6B90DC ] vmbus           C:\Windows\system32\drivers\vmbus.sys
01:01:50.0321 0x0e44  vmbus - ok
01:01:50.0340 0x0e44  [ D4D77455211E204F370D08F4963063CE, 2018B2A84C73E0834200A594C02A9D28C74906F126DAD3CCDDFC9CD9A61669E2 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
01:01:50.0342 0x0e44  VMBusHID - ok
01:01:50.0357 0x0e44  [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
01:01:50.0359 0x0e44  volmgr - ok
01:01:50.0403 0x0e44  [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
01:01:50.0412 0x0e44  volmgrx - ok
01:01:50.0458 0x0e44  [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
01:01:50.0466 0x0e44  volsnap - ok
01:01:50.0516 0x0e44  [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
01:01:50.0521 0x0e44  vsmraid - ok
01:01:50.0611 0x0e44  [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS             C:\Windows\system32\vssvc.exe
01:01:50.0697 0x0e44  VSS - ok
01:01:50.0718 0x0e44  [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
01:01:50.0720 0x0e44  vwifibus - ok
01:01:50.0755 0x0e44  [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time         C:\Windows\system32\w32time.dll
01:01:50.0766 0x0e44  W32Time - ok
01:01:50.0783 0x0e44  [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
01:01:50.0785 0x0e44  WacomPen - ok
01:01:50.0826 0x0e44  [ D126F319F0631A5238E0C4861FB91860, FE22816AC874B445D2464153D3161AC06D1AD8E20A32089EDAEBDBFEE0C1B8C3 ] WacomVTHid      C:\Windows\system32\DRIVERS\WacomVTHid.sys
01:01:50.0828 0x0e44  WacomVTHid - ok
01:01:50.0879 0x0e44  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
01:01:50.0882 0x0e44  WANARP - ok
01:01:50.0887 0x0e44  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
01:01:50.0889 0x0e44  Wanarpv6 - ok
01:01:50.0998 0x0e44  [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
01:01:51.0077 0x0e44  WatAdminSvc - ok
01:01:51.0202 0x0e44  [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine        C:\Windows\system32\wbengine.exe
01:01:51.0273 0x0e44  wbengine - ok
01:01:51.0337 0x0e44  [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
01:01:51.0350 0x0e44  WbioSrvc - ok
01:01:51.0395 0x0e44  [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc         C:\Windows\System32\wcncsvc.dll
01:01:51.0405 0x0e44  wcncsvc - ok
01:01:51.0420 0x0e44  [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
01:01:51.0426 0x0e44  WcsPlugInService - ok
01:01:51.0455 0x0e44  [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
01:01:51.0457 0x0e44  Wd - ok
01:01:51.0505 0x0e44  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
01:01:51.0541 0x0e44  Wdf01000 - ok
01:01:51.0561 0x0e44  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost  C:\Windows\system32\wdi.dll
01:01:51.0566 0x0e44  WdiServiceHost - ok
01:01:51.0573 0x0e44  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost   C:\Windows\system32\wdi.dll
01:01:51.0577 0x0e44  WdiSystemHost - ok
01:01:51.0625 0x0e44  [ 75E8EBD7040CE238684333F97014762A, 2CA0B267FBAEB303D1F8B639D733DC0DE17BA1276CC9096035B4F2BBBED3EF7F ] WebClient       C:\Windows\System32\webclnt.dll
01:01:51.0646 0x0e44  WebClient - ok
01:01:51.0741 0x0e44  [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc          C:\Windows\system32\wecsvc.dll
01:01:51.0752 0x0e44  Wecsvc - ok
01:01:51.0777 0x0e44  [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
01:01:51.0782 0x0e44  wercplsupport - ok
01:01:51.0832 0x0e44  [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc          C:\Windows\System32\WerSvc.dll
01:01:51.0836 0x0e44  WerSvc - ok
01:01:51.0848 0x0e44  [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
01:01:51.0849 0x0e44  WfpLwf - ok
01:01:51.0872 0x0e44  [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
01:01:51.0874 0x0e44  WIMMount - ok
01:01:51.0966 0x0e44  [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
01:01:51.0987 0x0e44  WinDefend - ok
01:01:52.0008 0x0e44  WinHttpAutoProxySvc - ok
01:01:52.0075 0x0e44  [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
01:01:52.0080 0x0e44  Winmgmt - ok
01:01:52.0191 0x0e44  [ 1B91CD34EA3A90AB6A4EF0550174F4CC, 5B6618615EBFBA594C945AD35F5C68DA8C6053892B6D12D626BB6120910D80DC ] WinRM           C:\Windows\system32\WsmSvc.dll
01:01:52.0251 0x0e44  WinRM - ok
01:01:52.0309 0x0e44  [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
01:01:52.0312 0x0e44  WinUsb - ok
01:01:52.0364 0x0e44  [ FF17B6A01A9FEB2A8D322BF369D36C96, 814ABAF8295D927AAABB6805EC53A9803ECD5288A8AF12F6C8AAEDC507A8B8B8 ] wisdpen         C:\Windows\system32\DRIVERS\wisdpen.sys
01:01:52.0369 0x0e44  wisdpen - ok
01:01:52.0441 0x0e44  [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc         C:\Windows\System32\wlansvc.dll
01:01:52.0484 0x0e44  Wlansvc - ok
01:01:52.0519 0x0e44  [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
01:01:52.0520 0x0e44  WmiAcpi - ok
01:01:52.0569 0x0e44  [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
01:01:52.0579 0x0e44  wmiApSrv - ok
01:01:52.0733 0x0e44  [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
01:01:52.0796 0x0e44  WMPNetworkSvc - ok
01:01:52.0831 0x0e44  [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
01:01:53.0054 0x0e44  WPCSvc - ok
01:01:53.0292 0x0e44  [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
01:01:53.0305 0x0e44  WPDBusEnum - ok
01:01:53.0339 0x0e44  [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
01:01:53.0340 0x0e44  ws2ifsl - ok
01:01:53.0435 0x0e44  [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc          C:\Windows\system32\wscsvc.dll
01:01:53.0442 0x0e44  wscsvc - ok
01:01:53.0447 0x0e44  WSearch - ok
01:01:53.0531 0x0e44  [ AB6179E2FBCEFA2F6B6543800A45E5F5, F60A4B3695E243E971374FBBE3887A919174E98E178E2D7E8C8A671E10343BB9 ] WTouchService   C:\Program Files\WTouch\WTouchService.exe
01:01:53.0535 0x0e44  WTouchService - ok
01:01:53.0671 0x0e44  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll
01:01:53.0812 0x0e44  wuauserv - ok
01:01:53.0854 0x0e44  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
01:01:53.0857 0x0e44  WudfPf - ok
01:01:53.0904 0x0e44  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
01:01:53.0911 0x0e44  WUDFRd - ok
01:01:53.0953 0x0e44  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
01:01:53.0958 0x0e44  wudfsvc - ok
01:01:53.0989 0x0e44  [ 3C5E51C05BE9B56EAFF4E388C3AB25E4, 10D9FDEDAB1FB2E76D54661AFA5C1A6B1B0980525F38F5D061537077841C6AEE ] WwanSvc         C:\Windows\System32\wwansvc.dll
01:01:53.0998 0x0e44  WwanSvc - ok
01:01:54.0044 0x0e44  ================ Scan global ===============================
01:01:54.0073 0x0e44  [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll
01:01:54.0104 0x0e44  [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
01:01:54.0120 0x0e44  [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
01:01:54.0164 0x0e44  [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
01:01:54.0228 0x0e44  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\Windows\system32\services.exe
01:01:54.0247 0x0e44  [ Global ] - ok
01:01:54.0248 0x0e44  ================ Scan MBR ==================================
01:01:54.0265 0x0e44  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
01:01:54.0908 0x0e44  \Device\Harddisk0\DR0 - ok
01:01:54.0908 0x0e44  ================ Scan VBR ==================================
01:01:54.0912 0x0e44  [ 123BCA66B5027AC8331BBFFDB9CD16BD ] \Device\Harddisk0\DR0\Partition1
01:01:54.0913 0x0e44  \Device\Harddisk0\DR0\Partition1 - ok
01:01:54.0945 0x0e44  [ BAD7B90155A661539B1194D82E81A0D9 ] \Device\Harddisk0\DR0\Partition2
01:01:54.0947 0x0e44  \Device\Harddisk0\DR0\Partition2 - ok
01:01:54.0947 0x0e44  Waiting for KSN requests completion. In queue: 367
01:01:55.0947 0x0e44  Waiting for KSN requests completion. In queue: 56
01:01:56.0948 0x0e44  Waiting for KSN requests completion. In queue: 56
01:01:57.0974 0x0e44  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.4.304.0 ), 0x61000 ( enabled : updated )
01:01:57.0980 0x0e44  Win FW state via NFP2: enabled
01:02:00.0731 0x0e44  ============================================================
01:02:00.0731 0x0e44  Scan finished
01:02:00.0731 0x0e44  ============================================================
01:02:00.0753 0x0d24  Detected object count: 0
01:02:00.0753 0x0d24  Actual detected object count: 0


#7 robotkilla

robotkilla
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:07:34 PM

Posted 18 December 2013 - 08:17 PM

adwcleaner log 

 

# AdwCleaner v3.015 - Report created 19/12/2013 at 01:07:34
# Updated 10/12/2013 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (32 bits)
# Username : user - USER-PC
# Running from : C:\Users\user\Downloads\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16428
 
 
-\\ Google Chrome v31.0.1650.63
 
[ File : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [1437 octets] - [18/12/2013 04:58:51]
AdwCleaner[R1].txt - [878 octets] - [18/12/2013 07:13:22]
AdwCleaner[R2].txt - [937 octets] - [18/12/2013 23:28:06]
AdwCleaner[R3].txt - [798 octets] - [19/12/2013 01:07:34]
AdwCleaner[S0].txt - [1522 octets] - [18/12/2013 05:37:32]
AdwCleaner[S1].txt - [997 octets] - [18/12/2013 23:29:10]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R3].txt - [976 octets] ##########


#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,040 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:34 PM

Posted 18 December 2013 - 08:20 PM

Moved topic to the Am I Infected forum.. Malware should not be worked in WIN7


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 robotkilla

robotkilla
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:07:34 PM

Posted 18 December 2013 - 08:35 PM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Professional x86
Ran by user on 19/12/2013 at  1:30:27.93
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 19/12/2013 at  1:32:28.74
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


#10 robotkilla

robotkilla
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:07:34 PM

Posted 18 December 2013 - 08:39 PM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Professional x86
Ran by user on 19/12/2013 at  1:30:27.93
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 19/12/2013 at  1:32:28.74
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


#11 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:07:34 PM

Posted 18 December 2013 - 08:47 PM

We can rule out malware being the cause, but here is the reason why your ping times too google are so bad:
 
9 * 1273 ms 100 ms 72.14.235.189
10 * * * Request timed out.
11 69 ms 94 ms 43 ms www.google.com [74.125.24.105]
Hop 9 is the issue, and i am getting slow responses to that google IP as well.

Edited by cryptodan, 18 December 2013 - 08:48 PM.


#12 robotkilla

robotkilla
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:07:34 PM

Posted 18 December 2013 - 08:59 PM

sample of pings below.
 
this batch seem ok
 
but there is a 20 second hang when opening a new browser window in chrome, and longer in ie11 .
 
definitely not right:(
 
**********************************************************************************************************************************
 
 
Microsoft Windows [Version 6.1.7601]
Copyright © 2009 Microsoft Corporation.  All rights reserved.
 
C:\Users\user>ping www.dailymail.co.uk
 
Pinging a1613.g.akamai.net [193.120.121.147] with 32 bytes of data:
Reply from 193.120.121.147: bytes=32 time=708ms TTL=57
Reply from 193.120.121.147: bytes=32 time=415ms TTL=57
Request timed out.
Reply from 193.120.121.147: bytes=32 time=334ms TTL=57
 
Ping statistics for 193.120.121.147:
    Packets: Sent = 4, Received = 3, Lost = 1 (25% loss),
Approximate round trip times in milli-seconds:
    Minimum = 334ms, Maximum = 708ms, Average = 485ms
 
C:\Users\user>ping www.irishtimes.ie
 
Pinging www.irishtimes.ie [195.7.33.36] with 32 bytes of data:
Reply from 195.7.33.36: bytes=32 time=451ms TTL=244
Reply from 195.7.33.36: bytes=32 time=287ms TTL=244
Reply from 195.7.33.36: bytes=32 time=284ms TTL=244
Reply from 195.7.33.36: bytes=32 time=505ms TTL=244
 
Ping statistics for 195.7.33.36:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 284ms, Maximum = 505ms, Average = 381ms
 
C:\Users\user>ping www.herald.ie
 
Pinging www.herald.ie [77.245.91.249] with 32 bytes of data:
Reply from 77.245.91.249: bytes=32 time=332ms TTL=50
Reply from 77.245.91.249: bytes=32 time=107ms TTL=50
Reply from 77.245.91.249: bytes=32 time=185ms TTL=50
Reply from 77.245.91.249: bytes=32 time=145ms TTL=50
 
Ping statistics for 77.245.91.249:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 107ms, Maximum = 332ms, Average = 192ms
 
C:\Users\user>ping www.yahoo.com
 
Pinging ds-eu-fp3.wa1.b.yahoo.com [87.248.122.122] with 32 bytes of data:
Reply from 87.248.122.122: bytes=32 time=402ms TTL=54
Reply from 87.248.122.122: bytes=32 time=339ms TTL=55
Reply from 87.248.122.122: bytes=32 time=316ms TTL=55
Reply from 87.248.122.122: bytes=32 time=313ms TTL=54
 
Ping statistics for 87.248.122.122:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 313ms, Maximum = 402ms, Average = 342ms
 
C:\Users\user>





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users