Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Slow Start up & cannot run a Malwarebytes Anti-Malware Scan


  • Please log in to reply
36 replies to this topic

#1 novice4

novice4

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Local time:06:18 AM

Posted 11 January 2014 - 03:37 PM

Hi Guys i wonder if you would be good enough to help me out please.

Noticed today,that for some reason when opening computer,start up was slow,videos were also slow in trying to play.

Ran Avast virus scan and found nothing,then opened Malwarebytes Anti-Malware and tried to run scan and  it does open after doing updates,but after approx 7-8 seconds after hitting the SCAN button it does not respond then asks to shut down.
 
Running :
Windows 7 ultimate 32 bit operating system

Maybe i am infected with something ?...thanks for your help much appreciated :)


Edited by novice4, 11 January 2014 - 03:42 PM.


BC AdBot (Login to Remove)

 


#2 HashX

HashX

  • Members
  • 106 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:United Kingdom
  • Local time:06:18 AM

Posted 11 January 2014 - 03:57 PM

Have you tried Malwarebytes Chameleon?

https://www.malwarebytes.org/chameleon/


I don't always use Internet Explorer, but when I do, it's to download a different browser.

 


#3 novice4

novice4
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Local time:06:18 AM

Posted 11 January 2014 - 05:22 PM

Hi,

Thanks for the super quick reply,

Ran Malwarebytes Chameleon just updates and tries to start scnning and then the same thing.......crashes and will not scan (see image below)how do i uplaod an image here please as when i copy and paste says it will not allow that here>

 

Any other ideas please thanks again for your help,and that was super quick reply. :thumbup2:

any other ideas please?

 


Edited by novice4, 11 January 2014 - 05:24 PM.


#4 Condobloke

Condobloke

    Outback Aussie @ 54.2101 N, 0.2906 W


  • Members
  • 5,860 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:18 PM

Posted 14 January 2014 - 06:23 PM

 
 

G'day novice4, run these for me and we will attempt to clear things up a little.....

 

You can post the results back one at a time or all at once....your choice !

 

Download TDSSKiller and save it to your desktop.
* Extract (unzip) its contents to your desktop.
* Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
* If an infected file is detected, the default action will be Cure, click on Continue.
* If a suspicious file is detected, the default action will be Skip, click on Continue.
* It may ask you to reboot the computer to complete the process. Click on Reboot Now.
* If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
* If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.

 

 

Please Download  AdwCleaner
* Close all open programs and internet browsers.
* Double click on adwcleaner.exe to run the tool.
* Click on the Scan button.
* When the scan has finished click on the
Clean button.
* NOTE : Your computer will be
rebooted automatically. A text file will open after the restart.
* Please post the contents of that logfile with your next reply.
* You can find the logfile at C:\AdwCleaner.txt as well.
Once I OK the log, please click the Uninstall button to fully remove all items

 

 

Please download Junkware Removal Tool to your desktop.

Shut down your protection software now to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

 

 

This next scan can take quite some time.....2 hours + is not unusual....

 

Please scan your computer with ESET Online Scanner
Disable active Antivirus and Antimalware programs How To Temporarily Disable Your Anti-virusHow To Temporarily Disable Your Anti-virus
This scan is best performed with Internet Explorer, as it uses ActiveX
If you will not use Internet Explorer, then please read item 3 in this post
1 - Open Internet Explorer and hold down Control (Ctrl) key and click on This Link  to open ESET OnlineScan in a new window.
2 - Click the ESET Online Scanner button.
3 - For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
a - Click on eset.exe  to download the ESET Smart Installer. Save it to your desktop.
b - Double click on the  icon on your desktop.
4 - Check "YES, I accept the Terms of Use."
5 - Click the Start button.
6 - Accept any security warnings from your browser.
7 - Under scan settings, check "Scan Archives" and "Remove found threats"
8 - Click Advanced settings and select the following:
* Scan potentially unwanted applications
* Scan for potentially unsafe applications
* Enable Anti-Stealth technology
9 - ESET will then download updates for itself, install itself, and begin scanning your computer.
10 - Please be patient as this will take some time (first time scans are always longer).
11 - When the scan completes, click List Threats
12 - Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
13 - Click the Back button and then Click the Finish button.
NOTE:Sometimes if ESET finds no infections it will not create a log.
If you lose the log it can be found at C:\Program Files\ESET\EsetOnlineScanner\log.txt
If no infections are found then please tell me -
You can ignore any ESET detection of AdwCleaner...it is a false positive detection.

 

 

 

 

 

 

Condobloke ...Outback Australian  

 

fed up with Windows antics...??....LINUX IS THE ANSWER....I USE LINUX MINT 18.3  EXCLUSIVELY.

“A man travels the world in search of what he needs and returns home to find it."

It has been said that time heals all wounds. I don't agree. The wounds remain. Time - the mind, protecting its sanity - covers them with some scar tissue and the pain lessens, but it is never gone. Rose Kennedy


#5 novice4

novice4
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Local time:06:18 AM

Posted 15 January 2014 - 09:12 AM

Hi,

Thanks for the reply.
 
Here are the results,and thank you for your help :thumbup2: 

1.TDSSkiller : nothing found no log results

2..Adcleaner:

# AdwCleaner v3.017 - Report created 15/01/2014 at 11:06:24
# Updated 12/01/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (32 bits)
# Username : A - CF19-TOUGHBOOK
# Running from : C:\Users\A\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

-\\ Mozilla Firefox v25.0.1 (en-US)

[ File : C:\Users\A\AppDAtA\RoAming\MozillA\Firefox\Profiles\b8i0rjcb.default-1384697576215\prefs.js ]

Line Deleted : user_pref("extensions.integratedinbox.CloudSettings.IsGmailAccount.ddbeautyproducts@gmail.com", true);
Line Deleted : user_pref("extensions.integratedinbox.CloudSettings.IsGmailAccount.ddbeautyproducts@gmail.com.modified", "1389700687468");
Line Deleted : user_pref("extensions.integratedinbox.CloudSettings.last_connect.ddbeautyproducts@gmail.com", "1389700684620");
Line Deleted : user_pref("extensions.integratedinbox.CloudSettings.last_connect.ddbeautyproducts@gmail.com.modified", "1389700687460");
Line Deleted : user_pref("extensions.integratedinbox.TrialActivationNotifier.free_version_chosen.ddbeautyproducts@gmail.com", true);
Line Deleted : user_pref("extensions.integratedinbox.TrialActivationNotifier.free_version_chosen.ddbeautyproducts@gmail.com.modified", "1389700709484");
Line Deleted : user_pref("extensions.integratedinbox.TrialActivationNotifier.free_version_next_date.ddbeautyproducts@gmail.com", "");
Line Deleted : user_pref("extensions.integratedinbox.TrialActivationNotifier.free_version_next_date.ddbeautyproducts@gmail.com.modified", "1389700709787");
Line Deleted : user_pref("extensions.integratedinbox.cache.state.calendar.ddbeautyproducts@gmail.com", "collapsed");
Line Deleted : user_pref("extensions.integratedinbox.cache.state.calendar.ddbeautyproducts@gmail.com.modified", "1389700712045");
Line Deleted : user_pref("extensions.integratedinbox.cache.state.mail.ddbeautyproducts@gmail.com", "expanded");
Line Deleted : user_pref("extensions.integratedinbox.cache.state.mail.ddbeautyproducts@gmail.com.modified", "1389701206374");
Line Deleted : user_pref("extensions.integratedinbox.elements.order1.ddbeautyproducts@gmail.com", "[\"mail\",\"calendar\"]");
Line Deleted : user_pref("extensions.integratedinbox.elements.order1.ddbeautyproducts@gmail.com.modified", "1389700711016");
Line Deleted : user_pref("extensions.integratedinbox.startupTime", "1389468693313");

*************************

AdwCleaner[R0].txt - [11348 octets] - [11/01/2014 19:21:31]
AdwCleaner[R1].txt - [2804 octets] - [15/01/2014 11:02:52]
AdwCleaner[S0].txt - [11680 octets] - [11/01/2014 19:26:08]
AdwCleaner[S1].txt - [2755 octets] - [15/01/2014 11:06:24]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2815 octets] ##########



3.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Ultimate x86
Ran by A on 15/01/2014 at 11:12:53.91
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Registry Values

 

~~~ Registry Keys

 

~~~ Files

 

~~~ Folders

 

~~~ FireFox

Successfully deleted: [File] C:\Users\A\AppData\Roaming\mozilla\firefox\profiles\b8i0rjcb.default-1384697576215\extensions\firefox1@myibay.com.xpi
Emptied folder: C:\Users\A\AppData\Roaming\mozilla\firefox\profiles\b8i0rjcb.default-1384697576215\minidumps [2 files]

 

~~~ Event Viewer Logs were cleared

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 15/01/2014 at 11:18:26.54
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


4.ESETonline scan

C:\Users\A\Pictures\ADIE'S\FOR TOUGHBOOK\Windows Loader v2.1.7.zip Win32/HackTool.WinActivator.I application deleted - quarantined
C:\Users\A\Pictures\ADIE'S\FOR TOUGHBOOK\Cracks for x64 + x86\ALL WORKING ACTIVATORS\7Loader by Hazar 1.5 (Old one, but still works)\7Loader v1.5.exe a variant of MSIL/HackTool.WinActivator.A application deleted - quarantined
C:\Users\A\Pictures\ADIE'S\FOR TOUGHBOOK\Cracks for x64 + x86\ALL WORKING ACTIVATORS\7Loader by Hazar 1.6\Loader.exe MSIL/HackTool.WinActivator.A application cleaned by deleting - quarantined
C:\Users\A\Pictures\ADIE'S\FOR TOUGHBOOK\Cracks for x64 + x86\ALL WORKING ACTIVATORS\Windows 7 Loader 1.6.9 by Daz\Windows 7 Loader.exe Win32/HackTool.WinActivator.I application cleaned by deleting - quarantined

 

 



#6 Condobloke

Condobloke

    Outback Aussie @ 54.2101 N, 0.2906 W


  • Members
  • 5,860 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:18 PM

Posted 15 January 2014 - 05:55 PM

ReRun TDSS for me, following these instructions :

('borrowed' from Oh My, with thanks !)
--------------------
  • Please download Kaspersky's TDSSKiller and save it to your Desktop. <-Important!!!
  • If you desire you may print out and follow the instructions for performing a scan.
  • Right-click on TDSSKiller.exe and select Run As Administrator.
  • When the program opens, click the Start Scan button.

  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • Any objects found will show in the Scan results - Select action for found objects and offer three options.
  • If an infected file is detected, the default action will be Cure...do not change it.

  • Click Continue > Reboot now to finish the cleaning process.<- Important!!

  • If 'Suspicious' objects are detected, you will be given the option to Skip or Quarantine. Skip will be the default selection. Leave it as such for now.
  • A log file named TDSSKiller_version_date_time_log.txt will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.
  • -- If TDSSKiller does not run, try renaming it. To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to these instructions. In some cases it may be necessary to redownload TDSSKiller and randomly rename it before downloading and saving to the computer or to perform the scan in "safe mode".
     
     
     
    Please download Rkill (courtesy of BleepingComputer.com) to your desktop.
    There are 2 different versions. If one of them won't run then download and try to run the other one.
    You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool,  If you get a message that RKill is an infection, do not be concerned. This message is just a fake warning given by the infection when it terminates programs that may potentially remove it. If you run into these infections warnings that close RKill, a trick is to leave the warning on the screen and then run RKill again. By not closing the warning, this typically will allow you to bypass the malware trying to protect itself so that RKill can terminate the Infection that we are attempting to get rid of. So, please try running RKill until the malware is no longer running. You will then be able to proceed with the rest of the guide. Do not reboot your computer after running RKill as the malware programs will start again.


    rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/http://www.bleepingcomputer.com/download/rkill/dl/10/
    iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

    * Double-click on the Rkill desktop icon to run the tool.
    * A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
    * If not, delete the file, then download and use the one provided in Link 2.
    * Do not reboot until instructed.
    * If the tool does not run from any of the links provided, please let me know.
     
    THEN......follow this with MBAM (MalwareBytes), which you already have on your PC.
    Be sure to Update it first.
    • Once the program has loaded, select "Perform Quick Scan", then click Scan.
    • The scan may take some time to finish,so please be patient.
    • When the scan is complete, click OK, then Show Results to view the results.
    • Make sure that everything is checked, and click Remove Selected.
    • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
    • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
    • Copy&Paste the entire report in your next reply.
  • If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.
     
    I have my fingers crossed for you !

Edited by boopme, 15 January 2014 - 11:05 PM.

Condobloke ...Outback Australian  

 

fed up with Windows antics...??....LINUX IS THE ANSWER....I USE LINUX MINT 18.3  EXCLUSIVELY.

“A man travels the world in search of what he needs and returns home to find it."

It has been said that time heals all wounds. I don't agree. The wounds remain. Time - the mind, protecting its sanity - covers them with some scar tissue and the pain lessens, but it is never gone. Rose Kennedy


#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,213 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:18 AM

Posted 15 January 2014 - 11:01 PM

These infections are the result of cracked and/or illegal software. That is why it's free

The practice of using keygens, hacking tools, cracking tools, warez, torrents or any pirated software is not only considered illegal activity but it is a serious security risk.

 

Cracking applications are used for illegally breaking (cracking) various copy-protection and registration techniques used in commercial software. These programs may be distributed via Web sites, Usenet, and P2P networks.

TrendMicro Warning



...warez and crack web pages are being used by cybercriminals as download sites for malware related to VIRUT and VIRUX. Searches for serial numbers, cracks, and even antivirus products like Trend Micro yield malcodes that come in the form of executables or self-extracting files...quick links in these sites also lead to malicious files. Ads and banners are also infection vectors...

Keygen and Crack Sites Distribute VIRUX and FakeAV



...warez/piracy sites ranked the highest in downloading spyware...just opening the web page usually sets off an exploit, never mind actually downloading anything. And by the time the malware is finished downloading, often the machine is trashed and rendered useless.

University of Washington spyware study



...One of the most aggressive and intrusive of all bad websites on the Internet are serial, warez, software cracking type sites...they sneak malware onto your system...Where do trojan viruses originate? One of the biggest malware distributors on the Internet are serial/warez/code cracking sites.

Bad Web Sites: Malware



...a staggering 59% of the key generators and crack tools downloaded from P2P networks represent a security liability since they contain malicious and unwanted code. "25% of the Web sites we accessed offering counterfeit product keys, pirated software, key generators or crack tools attempted to install either malicious software or potentially unwanted software. A significant number of these Web sites attempted to install malicious or unwanted code...In addition to the peer-to-peer networks, 11% of the key generators and crack tools downloaded from Web sites were also plagued by malicious and unwanted software.

Microsoft Reveals the Risks of Using Pirated XP and Office
Whatever You Do, Do Not Download Windows 7 Via Torrent Sites

When you use these kind of programs, be forewarned that some of the worst types of malware infections can be contracted and spread by visiting crack, keygen, warez and other pirated software sites. In many cases, those sites are infested with a smörgåsbord of malware and an increasing source of system infection. Those who attempt to get software for free can end up with a computer system so badly damaged that recovery is not possible and it cannot be repaired. When that happens there is nothing you can do besides reformatting and reinstalling the OS.

I strongly recommend that you remove all cracks and keygens immediately to reduce the risk of infection/reinfection. If not, then we are just wasting time trying to clean your system. Further, other tools used during the disinfection process may detect crack and keygens so they need to be removed.

Using these types of programs or the websites visited to get them is almost a guaranteed way to get yourself infected!!


Also

Please download Rkill by Grinler and save it to your desktop.
  • Link 1
  • Link 2
    • Double-click on the Rkill desktop icon to run the tool.
    • If using Vista, right-click on it and Run As Administrator.
    • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
    • If not, delete the file, then download and use the one provided in Link 2.
    • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
    • If the tool does not run from any of the links provided, please let me know.
  • Do not reboot the computer, you will need to run the application again.

Edited by boopme, 15 January 2014 - 11:08 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 novice4

novice4
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Local time:06:18 AM

Posted 16 January 2014 - 06:03 AM

Hi again,

Thanks for your patience and tenacity.Hope this helps you.
p.s would love to know where you are in Oz..i spent a year living out of a VW Kombi and travelled completely around Australia and then back down through the outback.Those were the days. :wink:

Ok here goes.

1.Re-ran TDSSKiller: (results below)
If the scan completes with nothing found, click Close to exit. (which i did) without reboot

2 this link here does not exist:.http://www.bleepingcomputer.com/download/rkill/dl/10/http://www.bleepingcomputer.com/download/rkill/dl/10/

so i download the other iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/  Ran this tool but it never asked for reboot (Results Below)

3.Updated and the ran (MalwareBytes)Perform Quick Scan .......again malwareBytes started to try to scan after approx 7-8 seconds after hitting the SCAN button it does not respond then asks to shut down.

4.Removed all these from computer:

C:\Users\A\Pictures\ADIE'S\FOR TOUGHBOOK\Windows Loader v2.1.7.zip    Win32/HackTool.WinActivator.I application    deleted - quarantined
C:\Users\A\Pictures\ADIE'S\FOR TOUGHBOOK\Cracks for x64 + x86\ALL WORKING ACTIVATORS\7Loader by Hazar 1.5 (Old one, but still works)\7Loader v1.5.exe    a variant of MSIL/HackTool.WinActivator.A application    deleted - quarantined
C:\Users\A\Pictures\ADIE'S\FOR TOUGHBOOK\Cracks for x64 + x86\ALL WORKING ACTIVATORS\7Loader by Hazar 1.6\Loader.exe    MSIL/HackTool.WinActivator.A application    cleaned by deleting - quarantined
C:\Users\A\Pictures\ADIE'S\FOR TOUGHBOOK\Cracks for x64 + x86\ALL WORKING ACTIVATORS\Windows 7 Loader 1.6.9 by Daz\Windows 7 Loader.exe    Win32/HackTool.WinActivator.I application    cleaned by deleting - quarantined


results from :TDSSKiller:

09:50:54.0395 0x0cf0  TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
09:50:58.0611 0x0cf0  ============================================================
09:50:58.0611 0x0cf0  Current date / time: 2014/01/16 09:50:58.0611
09:50:58.0611 0x0cf0  SystemInfo:
09:50:58.0611 0x0cf0  
09:50:58.0612 0x0cf0  OS Version: 6.1.7601 ServicePack: 1.0
09:50:58.0612 0x0cf0  Product type: Workstation
09:50:58.0612 0x0cf0  ComputerName: CF19-TOUGHBOOK
09:50:58.0612 0x0cf0  UserName: A
09:50:58.0612 0x0cf0  Windows directory: C:\Windows
09:50:58.0612 0x0cf0  System windows directory: C:\Windows
09:50:58.0612 0x0cf0  Processor architecture: Intel x86
09:50:58.0613 0x0cf0  Number of processors: 2
09:50:58.0613 0x0cf0  Page size: 0x1000
09:50:58.0613 0x0cf0  Boot type: Normal boot
09:50:58.0613 0x0cf0  ============================================================
09:51:01.0068 0x0cf0  KLMD registered as C:\Windows\system32\drivers\08520895.sys
09:51:01.0286 0x0cf0  System UUID: {08C9B384-C842-A300-16E0-A0E777153C6E}
09:51:02.0591 0x0cf0  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
09:51:02.0598 0x0cf0  ============================================================
09:51:02.0598 0x0cf0  \Device\Harddisk0\DR0:
09:51:02.0599 0x0cf0  MBR partitions:
09:51:02.0599 0x0cf0  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C0681
09:51:02.0599 0x0cf0  ============================================================
09:51:02.0625 0x0cf0  C: <-> \Device\Harddisk0\DR0\Partition1
09:51:02.0626 0x0cf0  ============================================================
09:51:02.0626 0x0cf0  Initialize success
09:51:02.0626 0x0cf0  ============================================================
09:51:16.0228 0x1064  ============================================================
09:51:16.0228 0x1064  Scan started
09:51:16.0228 0x1064  Mode: Manual;
09:51:16.0228 0x1064  ============================================================
09:51:16.0228 0x1064  KSN ping started
09:51:23.0657 0x1064  KSN ping finished: true
09:51:24.0114 0x1064  ================ Scan system memory ========================
09:51:24.0115 0x1064  System memory - ok
09:51:24.0116 0x1064  ================ Scan services =============================
09:51:24.0333 0x1064  [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
09:51:24.0353 0x1064  1394ohci - ok
09:51:24.0422 0x1064  [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI            C:\Windows\system32\drivers\ACPI.sys
09:51:24.0453 0x1064  ACPI - ok
09:51:24.0484 0x1064  [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
09:51:24.0488 0x1064  AcpiPmi - ok
09:51:24.0570 0x1064  [ 1BA1AB4141A92EB34DA99F1249CA2D4D, 43ADF35146E61E0DE58D2ACC2994538F6025135ECEB30073BEF05A804BB38107 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
09:51:24.0601 0x1064  AdobeFlashPlayerUpdateSvc - ok
09:51:24.0666 0x1064  [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
09:51:24.0707 0x1064  adp94xx - ok
09:51:24.0743 0x1064  [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci         C:\Windows\system32\drivers\adpahci.sys
09:51:24.0765 0x1064  adpahci - ok
09:51:24.0792 0x1064  [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320         C:\Windows\system32\drivers\adpu320.sys
09:51:24.0804 0x1064  adpu320 - ok
09:51:24.0847 0x1064  [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
09:51:24.0854 0x1064  AeLookupSvc - ok
09:51:24.0917 0x1064  [ F81BB7E487EDCEAB630A7EE66CF23913, 7D1638FD7E388EF670FA0A421762E0413351058A20DDF0F9988A383F05395A68 ] AFD             C:\Windows\system32\drivers\afd.sys
09:51:24.0950 0x1064  AFD - ok
09:51:24.0968 0x1064  [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\Windows\system32\drivers\agp440.sys
09:51:24.0973 0x1064  agp440 - ok
09:51:25.0014 0x1064  [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
09:51:25.0022 0x1064  aic78xx - ok
09:51:25.0055 0x1064  [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG             C:\Windows\System32\alg.exe
09:51:25.0062 0x1064  ALG - ok
09:51:25.0098 0x1064  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide          C:\Windows\system32\drivers\aliide.sys
09:51:25.0102 0x1064  aliide - ok
09:51:25.0122 0x1064  [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
09:51:25.0128 0x1064  amdagp - ok
09:51:25.0159 0x1064  [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide          C:\Windows\system32\drivers\amdide.sys
09:51:25.0161 0x1064  amdide - ok
09:51:25.0188 0x1064  [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
09:51:25.0196 0x1064  AmdK8 - ok
09:51:25.0213 0x1064  [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
09:51:25.0218 0x1064  AmdPPM - ok
09:51:25.0258 0x1064  [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
09:51:25.0269 0x1064  amdsata - ok
09:51:25.0301 0x1064  [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
09:51:25.0314 0x1064  amdsbs - ok
09:51:25.0344 0x1064  [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
09:51:25.0348 0x1064  amdxata - ok
09:51:25.0403 0x1064  [ BFBC089F347B3935350D37053483AA64, D29BD69A32667782DA52711DF53AD4AC4E5EF292FC87F88FABE15958823BF8C1 ] AMPPAL          C:\Windows\system32\DRIVERS\AMPPAL.sys
09:51:25.0439 0x1064  AMPPAL - ok
09:51:25.0467 0x1064  [ BFBC089F347B3935350D37053483AA64, D29BD69A32667782DA52711DF53AD4AC4E5EF292FC87F88FABE15958823BF8C1 ] AMPPALP         C:\Windows\system32\DRIVERS\amppal.sys
09:51:25.0476 0x1064  AMPPALP - ok
09:51:25.0603 0x1064  [ 7C98E014AAE992088F7C22B2024191DD, 563A9B7809E7FE11C18D139C91811BA686566D6960F78E9D19690191CFDE5795 ] AMPPALR3        C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
09:51:25.0634 0x1064  AMPPALR3 - ok
09:51:25.0661 0x1064  [ AEA177F783E20150ACE5383EE368DA19, 8FA9EE27AA1F22E8B8FE33A21028CA1E0062BAA95CB132C20D55B98C03B4254F ] AppID           C:\Windows\system32\drivers\appid.sys
09:51:25.0666 0x1064  AppID - ok
09:51:25.0703 0x1064  [ 62A9C86CB6085E20DB4823E4E97826F5, E0F840B49710022C4FB437002AD06F64B0F6B5D628B32D00F2B66765E6B97E4B ] AppIDSvc        C:\Windows\System32\appidsvc.dll
09:51:25.0707 0x1064  AppIDSvc - ok
09:51:25.0751 0x1064  [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo         C:\Windows\System32\appinfo.dll
09:51:25.0757 0x1064  Appinfo - ok
09:51:25.0798 0x1064  [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt         C:\Windows\System32\appmgmts.dll
09:51:25.0819 0x1064  AppMgmt - ok
09:51:25.0870 0x1064  [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc             C:\Windows\system32\drivers\arc.sys
09:51:25.0876 0x1064  arc - ok
09:51:25.0905 0x1064  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas          C:\Windows\system32\drivers\arcsas.sys
09:51:25.0913 0x1064  arcsas - ok
09:51:26.0055 0x1064  [ 9D768C43FEF254DD50B1DBF8AD5C4C0B, A50854EA5C08605133B8BB4DFDC6090357C5665314AA72E0BFA1E07D4E451F09 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
09:51:26.0061 0x1064  aspnet_state - ok
09:51:26.0110 0x1064  [ 6F1505608202BBD179095A6A150D103F, 0102548296B89A7036B55D13BE54A44F11C4C98E9B8F8E02C58138D47AF5951E ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
09:51:26.0116 0x1064  aswMonFlt - ok
09:51:26.0143 0x1064  [ 2206985EF126AB90F3D7F1A020589DC9, F9BAA1E5B087977A113B9F46C3F6C9E41D36D87DBCF5BA4632FE1BD6099E6424 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
09:51:26.0150 0x1064  aswRdr - ok
09:51:26.0170 0x1064  [ F385467DF95D0A73775CB3B076B8B969, D427A5F4FB4D1DAB04AFC29E7EC510844F907ABBA053538995E65747BAD37422 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
09:51:26.0176 0x1064  aswRvrt - ok
09:51:26.0255 0x1064  [ 0F639D0526820BA7872C963813E0EB8D, 2F0B04F09531AF34AF9B9C9746494D963EA58DEF96AB9FDDD86CF31EDB9E19CD ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
09:51:26.0332 0x1064  aswSnx - ok
09:51:26.0392 0x1064  [ 7BA7543EA7936A7ADA615F6DE7C95494, E28EF95A2C05A8303AF8464CCD664821B4B0441D9E30A98BACB53D4C3EE771CE ] aswSP           C:\Windows\system32\drivers\aswSP.sys
09:51:26.0426 0x1064  aswSP - ok
09:51:26.0484 0x1064  [ 37A6A39C1792BA961EE6172A0F3CA236, FA6CF264FC9FD9468EF3E3C4D6A743784D6379E9F285C4859E56C2E899D0DD82 ] aswStm          C:\Windows\system32\drivers\aswStm.sys
09:51:26.0492 0x1064  aswStm - ok
09:51:26.0519 0x1064  [ 1B0662514A68C3A42E60D240C5ABEF28, 71301759C135895C72CAED297A669BA58B3F73E0B7E46DB981F6559D5D5E2B89 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
09:51:26.0537 0x1064  aswVmm - ok
09:51:26.0569 0x1064  [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
09:51:26.0573 0x1064  AsyncMac - ok
09:51:26.0617 0x1064  [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi           C:\Windows\system32\drivers\atapi.sys
09:51:26.0620 0x1064  atapi - ok
09:51:26.0717 0x1064  [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:51:26.0772 0x1064  AudioEndpointBuilder - ok
09:51:26.0830 0x1064  [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] Audiosrv        C:\Windows\System32\Audiosrv.dll
09:51:26.0859 0x1064  Audiosrv - ok
09:51:26.0939 0x1064  [ D74884939D53612FD84AC82C59CCFE27, 07BFB34A3748E018C0A674A6253A03FFA522B31AE1942E84B3CC4DDDED9C16A9 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
09:51:26.0947 0x1064  avast! Antivirus - ok
09:51:26.0973 0x1064  [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV        C:\Windows\System32\AxInstSV.dll
09:51:26.0983 0x1064  AxInstSV - ok
09:51:27.0038 0x1064  [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv         C:\Windows\system32\drivers\bxvbdx.sys
09:51:27.0084 0x1064  b06bdrv - ok
09:51:27.0127 0x1064  [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
09:51:27.0149 0x1064  b57nd60x - ok
09:51:27.0187 0x1064  [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC          C:\Windows\System32\bdesvc.dll
09:51:27.0195 0x1064  BDESVC - ok
09:51:27.0215 0x1064  [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep            C:\Windows\system32\drivers\Beep.sys
09:51:27.0218 0x1064  Beep - ok
09:51:27.0269 0x1064  [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE             C:\Windows\System32\bfe.dll
09:51:27.0307 0x1064  BFE - ok
09:51:27.0395 0x1064  [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS            C:\Windows\System32\qmgr.dll
09:51:27.0471 0x1064  BITS - ok
09:51:27.0527 0x1064  [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
09:51:27.0532 0x1064  blbdrive - ok
09:51:27.0577 0x1064  [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
09:51:27.0584 0x1064  bowser - ok
09:51:27.0612 0x1064  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
09:51:27.0616 0x1064  BrFiltLo - ok
09:51:27.0627 0x1064  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
09:51:27.0630 0x1064  BrFiltUp - ok
09:51:27.0650 0x1064  [ 77361D72A04F18809D0EFB6CCEB74D4B, 55E7DB65BB29FF421F138CDFF05E5ECFFC7C8862FAA68F6179A3BA9D6B69AE64 ] Bridge          C:\Windows\system32\DRIVERS\bridge.sys
09:51:27.0657 0x1064  Bridge - ok
09:51:27.0678 0x1064  [ 77361D72A04F18809D0EFB6CCEB74D4B, 55E7DB65BB29FF421F138CDFF05E5ECFFC7C8862FAA68F6179A3BA9D6B69AE64 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
09:51:27.0683 0x1064  BridgeMP - ok
09:51:27.0730 0x1064  [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser         C:\Windows\System32\browser.dll
09:51:27.0740 0x1064  Browser - ok
09:51:27.0785 0x1064  [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
09:51:27.0819 0x1064  Brserid - ok
09:51:27.0835 0x1064  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
09:51:27.0843 0x1064  BrSerWdm - ok
09:51:27.0864 0x1064  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
09:51:27.0867 0x1064  BrUsbMdm - ok
09:51:27.0884 0x1064  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
09:51:27.0890 0x1064  BrUsbSer - ok
09:51:27.0938 0x1064  [ DB99076533FFB38CBEC8AC88E4535850, 632C21EF7A587A6FA27A3604B1F5D4A01F47B46007F7FD4A2A464534288FBE8A ] BthAvrcp        C:\Windows\system32\DRIVERS\BthAvrcp.sys
09:51:27.0941 0x1064  BthAvrcp - ok
09:51:27.0988 0x1064  [ 2865A5C8E98C70C605F417908CEBB3A4, B1C5AC228BD7072AF8668C009C6CDC13EE9FCB9481F57524300F37C40BF1E935 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
09:51:27.0993 0x1064  BthEnum - ok
09:51:28.0017 0x1064  [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
09:51:28.0023 0x1064  BTHMODEM - ok
09:51:28.0077 0x1064  [ AD1872E5829E8A2C3B5B4B641C3EAB0E, 8C2DBCAC08DDB41E2B44E257C55FA2D0272959B308EFF9EAF5FF9AE1E4A0AA39 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
09:51:28.0085 0x1064  BthPan - ok
09:51:28.0150 0x1064  [ 1153DE2E4F5941E10C399CB5592F78A1, 2B88AF246D62F72FA9F5B921B0375AE59A0F263672472D5EC9FDB5CA5EF51C31 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
09:51:28.0184 0x1064  BTHPORT - ok
09:51:28.0226 0x1064  [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv         C:\Windows\system32\bthserv.dll
09:51:28.0234 0x1064  bthserv - ok
09:51:28.0274 0x1064  [ 79EBA8852D377115E725D241545F3576, CC0489AD40A92530A94286EA66B69B01FD02A52FBC33A3E5EEE9C1862057C2F8 ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
09:51:28.0281 0x1064  BTHSSecurityMgr - ok
09:51:28.0309 0x1064  [ C81E9413A25A439F436B1D4B6A0CF9E9, A4C290163207AED22C70C7F90B28F6FC24892889643D60D915059405AC5A4A72 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
09:51:28.0316 0x1064  BTHUSB - ok
09:51:28.0392 0x1064  [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
09:51:28.0409 0x1064  cdfs - ok
09:51:28.0462 0x1064  [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
09:51:28.0474 0x1064  cdrom - ok
09:51:28.0519 0x1064  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc     C:\Windows\System32\certprop.dll
09:51:28.0529 0x1064  CertPropSvc - ok
09:51:28.0561 0x1064  [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass        C:\Windows\system32\drivers\circlass.sys
09:51:28.0567 0x1064  circlass - ok
09:51:28.0621 0x1064  [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS            C:\Windows\system32\CLFS.sys
09:51:28.0653 0x1064  CLFS - ok
09:51:28.0724 0x1064  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:51:28.0734 0x1064  clr_optimization_v2.0.50727_32 - ok
09:51:28.0769 0x1064  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:51:28.0802 0x1064  clr_optimization_v4.0.30319_32 - ok
09:51:28.0831 0x1064  [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
09:51:28.0834 0x1064  CmBatt - ok
09:51:28.0881 0x1064  [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
09:51:28.0885 0x1064  cmdide - ok
09:51:28.0943 0x1064  [ 85449EEBE8F8EBD6481EFBF0F352B4EB, E6FF04970C5A5BFDE7297A86C1C7B9BFE2E0F976A1A1AFB874CEB488DC6151CC ] CNG             C:\Windows\system32\Drivers\cng.sys
09:51:28.0980 0x1064  CNG - ok
09:51:29.0002 0x1064  [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
09:51:29.0010 0x1064  Compbatt - ok
09:51:29.0034 0x1064  [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
09:51:29.0043 0x1064  CompositeBus - ok
09:51:29.0062 0x1064  COMSysApp - ok
09:51:29.0096 0x1064  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
09:51:29.0100 0x1064  crcdisk - ok
09:51:29.0163 0x1064  [ 7CA1BECEA5DE2643ADDAD32670E7A4C9, E3AB4CC52A97E3855D7EAB87363F807FDD2162ED8C76A036CD71549ED64E7797 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
09:51:29.0185 0x1064  CryptSvc - ok
09:51:29.0233 0x1064  [ 3C2177A897B4CA2788C6FB0C3FD81D4B, 98575CBD0664586E6211D02E71BDD52CBAA149A1658573550E29E74E5F7B1553 ] CSC             C:\Windows\system32\drivers\csc.sys
09:51:29.0273 0x1064  CSC - ok
09:51:29.0359 0x1064  [ 15F93B37F6801943360D9EB42485D5D3, DD6838C6496CB15F8BB57A6596F6A64ADD9C36B09F062295699131232712B558 ] CscService      C:\Windows\System32\cscsvc.dll
09:51:29.0421 0x1064  CscService - ok
09:51:29.0505 0x1064  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch      C:\Windows\system32\rpcss.dll
09:51:29.0550 0x1064  DcomLaunch - ok
09:51:29.0584 0x1064  [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc       C:\Windows\System32\defragsvc.dll
09:51:29.0617 0x1064  defragsvc - ok
09:51:29.0649 0x1064  [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
09:51:29.0656 0x1064  DfsC - ok
09:51:29.0715 0x1064  [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
09:51:29.0747 0x1064  Dhcp - ok
09:51:29.0791 0x1064  [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache        C:\Windows\system32\drivers\discache.sys
09:51:29.0795 0x1064  discache - ok
09:51:29.0841 0x1064  [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk            C:\Windows\system32\drivers\disk.sys
09:51:29.0848 0x1064  Disk - ok
09:51:29.0901 0x1064  [ 2A958EF85DB1B61FFCA65044FA4BCE9E, C83511685EE1CE85A5ADF9B5BE96C375A521601F66024BDC3EE044C0B6E85D69 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
09:51:29.0910 0x1064  dmvsc - ok
09:51:29.0965 0x1064  [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache        C:\Windows\System32\dnsrslvr.dll
09:51:29.0987 0x1064  Dnscache - ok
09:51:30.0045 0x1064  [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc         C:\Windows\System32\dot3svc.dll
09:51:30.0076 0x1064  dot3svc - ok
09:51:30.0104 0x1064  [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS             C:\Windows\system32\dps.dll
09:51:30.0119 0x1064  DPS - ok
09:51:30.0142 0x1064  [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
09:51:30.0144 0x1064  drmkaud - ok
09:51:30.0231 0x1064  [ 71BC35067CABC02C9453AEAA42B2E43E, 713B19F2C08EA5E4C087F7A74A8856932CF33E19D63384823DD4E02ED8798619 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
09:51:30.0309 0x1064  DXGKrnl - ok
09:51:30.0368 0x1064  [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost         C:\Windows\System32\eapsvc.dll
09:51:30.0379 0x1064  EapHost - ok
09:51:30.0651 0x1064  [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv           C:\Windows\system32\drivers\evbdx.sys
09:51:30.0882 0x1064  ebdrv - ok
09:51:30.0933 0x1064  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] EFS             C:\Windows\System32\lsass.exe
09:51:30.0942 0x1064  EFS - ok
09:51:31.0050 0x1064  [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
09:51:31.0104 0x1064  ehRecvr - ok
09:51:31.0130 0x1064  [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched         C:\Windows\ehome\ehsched.exe
09:51:31.0138 0x1064  ehSched - ok
09:51:31.0204 0x1064  [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
09:51:31.0249 0x1064  elxstor - ok
09:51:31.0263 0x1064  [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
09:51:31.0267 0x1064  ErrDev - ok
09:51:31.0361 0x1064  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem     C:\Windows\system32\es.dll
09:51:31.0394 0x1064  EventSystem - ok
09:51:31.0502 0x1064  [ BA0438030506CD093286A5DF7D1385A5, C03F10C581C2C6237D58E8B47ED138942A2F4472B14F80FE040F0FFCBE372395 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
09:51:31.0544 0x1064  EvtEng - ok
09:51:31.0593 0x1064  [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat           C:\Windows\system32\drivers\exfat.sys
09:51:31.0605 0x1064  exfat - ok
09:51:31.0632 0x1064  [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
09:51:31.0645 0x1064  fastfat - ok
09:51:31.0707 0x1064  [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax             C:\Windows\system32\fxssvc.exe
09:51:31.0760 0x1064  Fax - ok
09:51:31.0793 0x1064  [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc             C:\Windows\system32\drivers\fdc.sys
09:51:31.0797 0x1064  fdc - ok
09:51:31.0835 0x1064  [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost         C:\Windows\system32\fdPHost.dll
09:51:31.0841 0x1064  fdPHost - ok
09:51:31.0866 0x1064  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub        C:\Windows\system32\fdrespub.dll
09:51:31.0878 0x1064  FDResPub - ok
09:51:31.0924 0x1064  [ 7981EE1848CBD35CC3B8C421BBB2E2DC, 151C42966DEB1161757010273401E6273407764546C5F9D145048F391097F7E0 ] FIDMOU          C:\Windows\system32\DRIVERS\Fidmou.sys
09:51:31.0929 0x1064  FIDMOU - ok
09:51:31.0954 0x1064  [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
09:51:31.0963 0x1064  FileInfo - ok
09:51:32.0010 0x1064  [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
09:51:32.0015 0x1064  Filetrace - ok
09:51:32.0050 0x1064  [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
09:51:32.0054 0x1064  flpydisk - ok
09:51:32.0098 0x1064  [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
09:51:32.0120 0x1064  FltMgr - ok
09:51:32.0217 0x1064  [ E12C4928B32ACE04610259647F072635, B71B9C2DF45F33C4DAC88435129B08B0BCDBBE82E8C3AD0A95F00137CC8B619F ] FontCache       C:\Windows\system32\FntCache.dll
09:51:32.0307 0x1064  FontCache - ok
09:51:32.0390 0x1064  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
09:51:32.0399 0x1064  FontCache3.0.0.0 - ok
09:51:32.0448 0x1064  [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
09:51:32.0454 0x1064  FsDepends - ok
09:51:32.0489 0x1064  [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
09:51:32.0493 0x1064  Fs_Rec - ok
09:51:32.0546 0x1064  [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
09:51:32.0568 0x1064  fvevol - ok
09:51:32.0605 0x1064  [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
09:51:32.0612 0x1064  gagp30kx - ok
09:51:32.0693 0x1064  [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc           C:\Windows\System32\gpsvc.dll
09:51:32.0761 0x1064  gpsvc - ok
09:51:32.0844 0x1064  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
09:51:32.0857 0x1064  gupdate - ok
09:51:32.0881 0x1064  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
09:51:32.0896 0x1064  gupdatem - ok
09:51:32.0949 0x1064  [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
09:51:32.0954 0x1064  hcw85cir - ok
09:51:32.0995 0x1064  [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:51:33.0017 0x1064  HdAudAddService - ok
09:51:33.0054 0x1064  [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
09:51:33.0062 0x1064  HDAudBus - ok
09:51:33.0085 0x1064  [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
09:51:33.0090 0x1064  HidBatt - ok
09:51:33.0114 0x1064  [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth          C:\Windows\system32\drivers\hidbth.sys
09:51:33.0123 0x1064  HidBth - ok
09:51:33.0143 0x1064  [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr           C:\Windows\system32\drivers\hidir.sys
09:51:33.0149 0x1064  HidIr - ok
09:51:33.0192 0x1064  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv         C:\Windows\system32\hidserv.dll
09:51:33.0201 0x1064  hidserv - ok
09:51:33.0242 0x1064  [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
09:51:33.0247 0x1064  HidUsb - ok
09:51:33.0302 0x1064  [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc          C:\Windows\system32\kmsvc.dll
09:51:33.0313 0x1064  hkmsvc - ok
09:51:33.0343 0x1064  [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:51:33.0376 0x1064  HomeGroupListener - ok
09:51:33.0432 0x1064  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:51:33.0464 0x1064  HomeGroupProvider - ok
09:51:33.0510 0x1064  [ 6B4AB2E6911DCC1FC7813889C1377D77, 1B1FCA221B9A2C072448CBFFFC8F2047F58CFF60A5099DB63A7CCC132B344A8C ] HOTKEY          C:\Windows\system32\DRIVERS\hotkey.sys
09:51:33.0514 0x1064  HOTKEY - ok
09:51:33.0553 0x1064  [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
09:51:33.0561 0x1064  HpSAMD - ok
09:51:33.0630 0x1064  [ 871917B07A141BFF43D76D8844D48106, 30C702008D0EE57D63F74864967DD19A55A268E77E42B5B3CC73037AD51D2987 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
09:51:33.0677 0x1064  HTTP - ok
09:51:33.0699 0x1064  [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
09:51:33.0702 0x1064  hwpolicy - ok
09:51:33.0735 0x1064  [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
09:51:33.0743 0x1064  i8042prt - ok
09:51:33.0817 0x1064  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
09:51:33.0852 0x1064  iaStorV - ok
09:51:33.0959 0x1064  [ 6F95324909B502E2651442C1548AB12F, FF1B104990FE186C6100ED229A45345FF695323AC778688EC11AA8F5A87B141E ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
09:51:33.0972 0x1064  IDriverT - ok
09:51:34.0104 0x1064  [ C521D7EB6497BB1AF6AFA89E322FB43C, BDDCFCBB5B76A9295669B5AC9F732D6127199ED5C300770B554C4E4794F66BB7 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:51:34.0180 0x1064  idsvc - ok
09:51:34.0196 0x1064  IEEtwCollectorService - ok
09:51:34.0586 0x1064  [ 9467514EA189475A6E7FDC5D7BDE9D3F, E6F5B99BF6B614832770F9310B06334A8174C7660DDEC7589433640527A14683 ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
09:51:34.0932 0x1064  igfx - ok
09:51:34.0992 0x1064  [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp           C:\Windows\system32\drivers\iirsp.sys
09:51:34.0998 0x1064  iirsp - ok
09:51:35.0080 0x1064  [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT          C:\Windows\System32\ikeext.dll
09:51:35.0142 0x1064  IKEEXT - ok
09:51:35.0201 0x1064  [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide        C:\Windows\system32\drivers\intelide.sys
09:51:35.0206 0x1064  intelide - ok
09:51:35.0226 0x1064  [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
09:51:35.0231 0x1064  intelppm - ok
09:51:35.0285 0x1064  [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
09:51:35.0296 0x1064  IPBusEnum - ok
09:51:35.0326 0x1064  [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:51:35.0333 0x1064  IpFilterDriver - ok
09:51:35.0402 0x1064  [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
09:51:35.0448 0x1064  iphlpsvc - ok
09:51:35.0466 0x1064  [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
09:51:35.0473 0x1064  IPMIDRV - ok
09:51:35.0512 0x1064  [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
09:51:35.0522 0x1064  IPNAT - ok
09:51:35.0551 0x1064  [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
09:51:35.0555 0x1064  IRENUM - ok
09:51:35.0575 0x1064  [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
09:51:35.0581 0x1064  isapnp - ok
09:51:35.0633 0x1064  [ CB7A9ABB12B8415BCE5D74994C7BA3AE, 464BFF3F5EEE985BE075E23E1813F5CB82A9A0771A92C6D889B13B867BCDF647 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
09:51:35.0663 0x1064  iScsiPrt - ok
09:51:35.0696 0x1064  [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
09:51:35.0763 0x1064  kbdclass - ok
09:51:35.0791 0x1064  [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
09:51:35.0795 0x1064  kbdhid - ok
09:51:35.0819 0x1064  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] KeyIso          C:\Windows\system32\lsass.exe
09:51:35.0827 0x1064  KeyIso - ok
09:51:35.0911 0x1064  [ 797D15171AFA4D5AE0F6829A39081A20, 9C04248F7B973AD1398FCAB012B641A4E6EB448C32E70C988215FC09676614E6 ] KinoniRemoteDesktop C:\Program Files\Kinoni\Remote Desktop\service.exe
09:51:35.0917 0x1064  KinoniRemoteDesktop - ok
09:51:35.0953 0x1064  [ F286830298323272260332D6ABC905C1, FF4CD182A95CA53119B228690D682EE9214BE131A0DBCB09B6189FBEBBFF902C ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
09:51:35.0960 0x1064  KSecDD - ok
09:51:36.0006 0x1064  [ D7C760D57B1656DD748B9E4AB6CB5A51, F8AE4185A6A9F7005DEFF1FDC03F395C6189825B482B8C650637FD29DE93AB68 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
09:51:36.0018 0x1064  KSecPkg - ok
09:51:36.0075 0x1064  [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm           C:\Windows\system32\msdtckrm.dll
09:51:36.0109 0x1064  KtmRm - ok
09:51:36.0161 0x1064  [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer    C:\Windows\system32\srvsvc.dll
09:51:36.0194 0x1064  LanmanServer - ok
09:51:36.0226 0x1064  [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:51:36.0259 0x1064  LanmanWorkstation - ok
09:51:36.0605 0x1064  [ 67E0F2AFA2B1009D16B751A7DA854F88, 8966D314ACB4C1E61775852F2F7A810228FA72BDB6C6FA5E9DAC7DDDA2D26075 ] LavasoftProxy   C:\Program Files\Lavasoft\Ad-Aware AdBlocker (Alpha)\LavasoftProxy.exe
09:51:36.0918 0x1064  LavasoftProxy - ok
09:51:37.0000 0x1064  [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
09:51:37.0006 0x1064  lltdio - ok
09:51:37.0053 0x1064  [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
09:51:37.0086 0x1064  lltdsvc - ok
09:51:37.0111 0x1064  [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts         C:\Windows\System32\lmhsvc.dll
09:51:37.0124 0x1064  lmhosts - ok
09:51:37.0172 0x1064  [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
09:51:37.0181 0x1064  LSI_FC - ok
09:51:37.0199 0x1064  [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
09:51:37.0208 0x1064  LSI_SAS - ok
09:51:37.0230 0x1064  [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
09:51:37.0236 0x1064  LSI_SAS2 - ok
09:51:37.0264 0x1064  [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
09:51:37.0277 0x1064  LSI_SCSI - ok
09:51:37.0313 0x1064  [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv           C:\Windows\system32\drivers\luafv.sys
09:51:37.0322 0x1064  luafv - ok
09:51:37.0348 0x1064  [ 59045011F52B81CD411419B558DD50FF, BA25AFDD7AB188940D99E01216389ABE854C7C3A70B25B948D662AB2CC041C76 ] LxrSII1d        C:\Windows\System32\Drivers\LxrSII1d.sys
09:51:37.0355 0x1064  LxrSII1d - ok
09:51:37.0396 0x1064  [ E66286727FBF58EB323625AF3EFDA53E, 14D509411FF3E416B9EC3FA36FE0FF82F0133936EC3795EF9FEAE9F25D55B890 ] LxrSII1s        C:\Windows\system32\LxrSII1s.exe
09:51:37.0408 0x1064  LxrSII1s - ok
09:51:37.0459 0x1064  [ 0DB7527DB188C7D967A37BB51BBF3963, 3812E26626EC49BE61B0B8DA5FE6E838C0FEF8A08363C239F64E6CCA0BA949D5 ] MBAMSwissArmy   C:\Windows\system32\drivers\mbamswissarmy.sys
09:51:37.0466 0x1064  MBAMSwissArmy - ok
09:51:37.0509 0x1064  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
09:51:37.0525 0x1064  Mcx2Svc - ok
09:51:37.0561 0x1064  [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas         C:\Windows\system32\drivers\megasas.sys
09:51:37.0566 0x1064  megasas - ok
09:51:37.0606 0x1064  [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
09:51:37.0637 0x1064  MegaSR - ok
09:51:37.0675 0x1064  [ F0D5D9162F165624F00991BDF4B9AD43, E258549DEEEB747720224575ED72209BF9478F08106C6F3A9B2A5DCE9A2D01B0 ] MEITBLCD        C:\Windows\system32\DRIVERS\MeiTBLCD.sys
09:51:37.0679 0x1064  MEITBLCD - ok
09:51:37.0696 0x1064  [ 6CCC35A178BFB911FDB82B1673AAE63E, EC4605101E63946ACABB298F5F01A905635FDCB8ED9E026CBE86AC0321F2B421 ] MEITBTN         C:\Windows\system32\DRIVERS\MeiTBtn.sys
09:51:37.0700 0x1064  MEITBTN - ok
09:51:37.0721 0x1064  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS           C:\Windows\system32\mmcss.dll
09:51:37.0732 0x1064  MMCSS - ok
09:51:37.0755 0x1064  [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem           C:\Windows\system32\drivers\modem.sys
09:51:37.0760 0x1064  Modem - ok
09:51:37.0795 0x1064  [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
09:51:37.0798 0x1064  monitor - ok
09:51:37.0863 0x1064  [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
09:51:37.0868 0x1064  mouclass - ok
09:51:37.0893 0x1064  [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
09:51:37.0898 0x1064  mouhid - ok
09:51:37.0927 0x1064  [ FC8771F45ECCCFD89684E38842539B9B, 806DDF2B4830CA866582FE74A521BB7DF26CA0E19013DAF584D3677FB48CC77A ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
09:51:37.0935 0x1064  mountmgr - ok
09:51:38.0022 0x1064  [ 3B9398E0146855B1DC0E3D9769C80F01, DF69DB5CA30A5577648635C27DD468AF98515D07DF379B3FFDCC6B40744EDE66 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
09:51:38.0033 0x1064  MozillaMaintenance - ok
09:51:38.0068 0x1064  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio            C:\Windows\system32\drivers\mpio.sys
09:51:38.0080 0x1064  mpio - ok
09:51:38.0114 0x1064  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
09:51:38.0121 0x1064  mpsdrv - ok
09:51:38.0197 0x1064  [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc          C:\Windows\system32\mpssvc.dll
09:51:38.0254 0x1064  MpsSvc - ok
09:51:38.0293 0x1064  [ 21F4B24ACFC79A483515BD986DD9043F, 22681907E02E0B723ABE2CEF0602D36C8EF862E7E2B62A9B40A5EF582E58D7BA ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
09:51:38.0303 0x1064  MRxDAV - ok
09:51:38.0341 0x1064  [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
09:51:38.0353 0x1064  mrxsmb - ok
09:51:38.0400 0x1064  [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:51:38.0423 0x1064  mrxsmb10 - ok
09:51:38.0462 0x1064  [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:51:38.0472 0x1064  mrxsmb20 - ok
09:51:38.0526 0x1064  [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci          C:\Windows\system32\drivers\msahci.sys
09:51:38.0531 0x1064  msahci - ok
09:51:38.0573 0x1064  [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
09:51:38.0583 0x1064  msdsm - ok
09:51:38.0616 0x1064  [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC           C:\Windows\System32\msdtc.exe
09:51:38.0638 0x1064  MSDTC - ok
09:51:38.0691 0x1064  [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs            C:\Windows\system32\drivers\Msfs.sys
09:51:38.0695 0x1064  Msfs - ok
09:51:38.0721 0x1064  [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
09:51:38.0727 0x1064  mshidkmdf - ok
09:51:38.0758 0x1064  [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
09:51:38.0763 0x1064  msisadrv - ok
09:51:38.0815 0x1064  [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
09:51:38.0837 0x1064  MSiSCSI - ok
09:51:38.0850 0x1064  msiserver - ok
09:51:38.0877 0x1064  [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
09:51:38.0881 0x1064  MSKSSRV - ok
09:51:38.0908 0x1064  [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
09:51:38.0912 0x1064  MSPCLOCK - ok
09:51:38.0931 0x1064  [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
09:51:38.0936 0x1064  MSPQM - ok
09:51:38.0984 0x1064  [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
09:51:39.0010 0x1064  MsRPC - ok
09:51:39.0055 0x1064  [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
09:51:39.0059 0x1064  mssmbios - ok
09:51:39.0080 0x1064  [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
09:51:39.0083 0x1064  MSTEE - ok
09:51:39.0123 0x1064  [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
09:51:39.0128 0x1064  MTConfig - ok
09:51:39.0164 0x1064  [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup             C:\Windows\system32\Drivers\mup.sys
09:51:39.0171 0x1064  Mup - ok
09:51:39.0238 0x1064  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent        C:\Windows\system32\qagentRT.dll
09:51:39.0281 0x1064  napagent - ok
09:51:39.0337 0x1064  [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
09:51:39.0369 0x1064  NativeWifiP - ok
09:51:39.0468 0x1064  [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS            C:\Windows\system32\drivers\ndis.sys
09:51:39.0533 0x1064  NDIS - ok
09:51:39.0574 0x1064  [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
09:51:39.0580 0x1064  NdisCap - ok
09:51:39.0609 0x1064  [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
09:51:39.0613 0x1064  NdisTapi - ok
09:51:39.0638 0x1064  [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
09:51:39.0644 0x1064  Ndisuio - ok
09:51:39.0679 0x1064  [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
09:51:39.0689 0x1064  NdisWan - ok
09:51:39.0726 0x1064  [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
09:51:39.0732 0x1064  NDProxy - ok
09:51:39.0764 0x1064  [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
09:51:39.0770 0x1064  NetBIOS - ok
09:51:39.0815 0x1064  [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
09:51:39.0836 0x1064  NetBT - ok
09:51:39.0859 0x1064  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] Netlogon        C:\Windows\system32\lsass.exe
09:51:39.0868 0x1064  Netlogon - ok
09:51:39.0949 0x1064  [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman          C:\Windows\System32\netman.dll
09:51:39.0995 0x1064  Netman - ok
09:51:40.0047 0x1064  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:51:40.0086 0x1064  NetMsmqActivator - ok
09:51:40.0116 0x1064  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:51:40.0126 0x1064  NetPipeActivator - ok
09:51:40.0183 0x1064  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm        C:\Windows\System32\netprofm.dll
09:51:40.0232 0x1064  netprofm - ok
09:51:40.0259 0x1064  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:51:40.0269 0x1064  NetTcpActivator - ok
09:51:40.0298 0x1064  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:51:40.0308 0x1064  NetTcpPortSharing - ok
09:51:40.0649 0x1064  [ 58218EC6B61B1169CF54AAB0D00F5FE2, B76ABB2AD78CE68D30F0F08563B0593D658298CDCF1B138B6E9FB0D64CBCC3C2 ] netw5v32        C:\Windows\system32\DRIVERS\netw5v32.sys
09:51:40.0986 0x1064  netw5v32 - ok
09:51:41.0519 0x1064  [ D4EF7A9767C05905500EC312CB29EF46, 464DE67D1BE3A3A684206B2D494FEE723FB5B6559F3783EF929352F22B0A9492 ] NETwLv32        C:\Windows\system32\DRIVERS\NETwLv32.sys
09:51:42.0143 0x1064  NETwLv32 - ok
09:51:42.0314 0x1064  [ 65B505200FF982EA8ECF1F6758BAA647, F0F7C1500308990BBBDAF8A99386A21FE5BF7241EC522DBEAF96A6F75835EB0F ] NewMisc         C:\Windows\system32\DRIVERS\newmisc.sys
09:51:42.0321 0x1064  NewMisc - ok
09:51:42.0358 0x1064  [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
09:51:42.0364 0x1064  nfrd960 - ok
09:51:42.0413 0x1064  [ 374071043F9E4231EE43BE2BB48DD36D, C4FA3FC40CC49DBBB91901D14210A55D3831FAC9F9B3FF45FCA7F5CF242C9E92 ] NlaSvc          C:\Windows\System32\nlasvc.dll
09:51:42.0445 0x1064  NlaSvc - ok
09:51:42.0491 0x1064  [ A00877C05933FBA8AFB3390DD72D4679, 684D9642173C4BF4B752F259D5E89F16BC8B4B1608F1E6E176AA692A9775CE38 ] nmwcd           C:\Windows\system32\drivers\ccdcmb.sys
09:51:42.0495 0x1064  nmwcd - ok
09:51:42.0529 0x1064  [ 9FF15F18E4E8758AC57BDB910D0238B3, F27C40BDD3818C54E1099AD525C7C19B424E0C4676DB366DE0E905CA3F82A310 ] nmwcdc          C:\Windows\system32\drivers\ccdcmbo.sys
09:51:42.0533 0x1064  nmwcdc - ok
09:51:42.0563 0x1064  [ B0575681498D75E0C0432200702B4A0A, EE6037B038265562A4F59E92A9F665C7A8AA8E8C5DEB3481F1F7B6D39A4E4954 ] nmwcdnsu        C:\Windows\system32\drivers\nmwcdnsu.sys
09:51:42.0574 0x1064  nmwcdnsu - ok
09:51:42.0594 0x1064  [ 9699486E10F89163979FCD48A40FE805, 04D05666920C91106FFF60F1DCE7D8B89F6F1419D0035A5BF7AB5F0BA5C39B31 ] nmwcdnsuc       C:\Windows\system32\drivers\nmwcdnsuc.sys
09:51:42.0638 0x1064  nmwcdnsuc - ok
09:51:42.0739 0x1064  [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
09:51:42.0765 0x1064  Npfs - ok
09:51:42.0813 0x1064  [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi             C:\Windows\system32\nsisvc.dll
09:51:42.0824 0x1064  nsi - ok
09:51:42.0849 0x1064  [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
09:51:42.0852 0x1064  nsiproxy - ok
09:51:43.0001 0x1064  [ 5E43D2B0EE64123D4880DFA6626DEFDE, 164413A22DE58B19EA2B4120034B46D6BE1F424B80C3421E10BE5C81153D049F ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
09:51:43.0098 0x1064  Ntfs - ok
09:51:43.0152 0x1064  [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null            C:\Windows\system32\drivers\Null.sys
09:51:43.0156 0x1064  Null - ok
09:51:43.0187 0x1064  [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
09:51:43.0198 0x1064  nvraid - ok
09:51:43.0252 0x1064  [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
09:51:43.0276 0x1064  nvstor - ok
09:51:43.0312 0x1064  [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
09:51:43.0322 0x1064  nv_agp - ok
09:51:43.0350 0x1064  [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
09:51:43.0375 0x1064  ohci1394 - ok
09:51:43.0453 0x1064  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
09:51:43.0493 0x1064  p2pimsvc - ok
09:51:43.0557 0x1064  [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc          C:\Windows\system32\p2psvc.dll
09:51:43.0600 0x1064  p2psvc - ok
09:51:43.0647 0x1064  [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport         C:\Windows\system32\drivers\parport.sys
09:51:43.0655 0x1064  Parport - ok
09:51:43.0700 0x1064  [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
09:51:43.0707 0x1064  partmgr - ok
09:51:43.0741 0x1064  [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
09:51:43.0745 0x1064  Parvdm - ok
09:51:43.0783 0x1064  [ 358AB7956D3160000726574083DFC8A6, 6CAFD4D1B8AB8C1D167ADC018985DDAB5AC2CBFFB3434FE6390F14AF50C19025 ] PcaSvc          C:\Windows\System32\pcasvc.dll
09:51:43.0816 0x1064  PcaSvc - ok
09:51:43.0863 0x1064  [ F451DCACBAA67F3307305EBD4A39EA07, C4435BF4C2D16F3DC0B35732BE3602FFA28DB0A5BC5576F45E0D32E5F4CD2DEA ] pccsmcfd        C:\Windows\system32\DRIVERS\pccsmcfd.sys
09:51:43.0868 0x1064  pccsmcfd - ok
09:51:43.0900 0x1064  [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci             C:\Windows\system32\drivers\pci.sys
09:51:43.0923 0x1064  pci - ok
09:51:43.0968 0x1064  [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide          C:\Windows\system32\drivers\pciide.sys
09:51:43.0973 0x1064  pciide - ok
09:51:44.0066 0x1064  [ 9BBA6CDDD4378DC74015AA0D5770FDEE, 702F2E7BD05C22D8347BE429085D3DF52DD90FC276639596BA5E465D6FF0918C ] PcInfoPi        C:\Program Files\Panasonic\pcinfo\PCInfoPi.exe
09:51:44.0072 0x1064  PcInfoPi - ok
09:51:44.0111 0x1064  [ C857CF6F738CD2480460EA75C1F63605, 8CEE5F1E9E6A136699ACFE87916D20B71C7A1D73BE264A309D110E99007BE41F ] PcInfoSV        C:\Program Files\Panasonic\pcinfo\PCInfoSV.exe
09:51:44.0133 0x1064  PcInfoSV - ok
09:51:44.0186 0x1064  [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
09:51:44.0209 0x1064  pcmcia - ok
09:51:44.0232 0x1064  [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw             C:\Windows\system32\drivers\pcw.sys
09:51:44.0238 0x1064  pcw - ok
09:51:44.0315 0x1064  [ 9E0104BA49F4E6973749A02BF41344ED, B32F39F38DB48D77FBA884DEE34112BAB81CCEF5DD2EAAA12D9589D73D2BB116 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
09:51:44.0371 0x1064  PEAUTH - ok
09:51:44.0492 0x1064  [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
09:51:44.0581 0x1064  PeerDistSvc - ok
09:51:44.0775 0x1064  [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla             C:\Windows\system32\pla.dll
09:51:44.0900 0x1064  pla - ok
09:51:44.0997 0x1064  [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
09:51:45.0047 0x1064  PlugPlay - ok
09:51:45.0102 0x1064  [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
09:51:45.0113 0x1064  PNRPAutoReg - ok
09:51:45.0155 0x1064  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
09:51:45.0187 0x1064  PNRPsvc - ok
09:51:45.0257 0x1064  [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
09:51:45.0295 0x1064  PolicyAgent - ok
09:51:45.0365 0x1064  [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power           C:\Windows\system32\umpo.dll
09:51:45.0397 0x1064  Power - ok
09:51:45.0448 0x1064  [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
09:51:45.0456 0x1064  PptpMiniport - ok
09:51:45.0490 0x1064  [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor       C:\Windows\system32\drivers\processr.sys
09:51:45.0497 0x1064  Processor - ok
09:51:45.0558 0x1064  [ CADEFAC453040E370A1BDFF3973BE00D, 2E3DD8DA702468D8AB0F3CE27188B1991D4CB015FB36BAE4C6E7996B61CF49B8 ] ProfSvc         C:\Windows\system32\profsvc.dll
09:51:45.0591 0x1064  ProfSvc - ok
09:51:45.0647 0x1064  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] ProtectedStorage C:\Windows\system32\lsass.exe
09:51:45.0657 0x1064  ProtectedStorage - ok
09:51:45.0693 0x1064  [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
09:51:45.0701 0x1064  Psched - ok
09:51:45.0850 0x1064  [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300          C:\Windows\system32\drivers\ql2300.sys
09:51:45.0956 0x1064  ql2300 - ok
09:51:46.0040 0x1064  [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
09:51:46.0050 0x1064  ql40xx - ok
09:51:46.0117 0x1064  [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE           C:\Windows\system32\qwave.dll
09:51:46.0151 0x1064  QWAVE - ok
09:51:46.0175 0x1064  [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
09:51:46.0182 0x1064  QWAVEdrv - ok
09:51:46.0239 0x1064  RapportIaso - ok
09:51:46.0265 0x1064  [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
09:51:46.0273 0x1064  RasAcd - ok
09:51:46.0340 0x1064  [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
09:51:46.0345 0x1064  RasAgileVpn - ok
09:51:46.0390 0x1064  [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto         C:\Windows\System32\rasauto.dll
09:51:46.0421 0x1064  RasAuto - ok
09:51:46.0460 0x1064  [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
09:51:46.0467 0x1064  Rasl2tp - ok
09:51:46.0522 0x1064  [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan          C:\Windows\System32\rasmans.dll
09:51:46.0566 0x1064  RasMan - ok
09:51:46.0630 0x1064  [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
09:51:46.0645 0x1064  RasPppoe - ok
09:51:46.0685 0x1064  [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
09:51:46.0693 0x1064  RasSstp - ok
09:51:46.0768 0x1064  [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
09:51:46.0799 0x1064  rdbss - ok
09:51:46.0843 0x1064  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
09:51:46.0847 0x1064  rdpbus - ok
09:51:46.0872 0x1064  [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
09:51:46.0875 0x1064  RDPCDD - ok
09:51:46.0931 0x1064  [ B973FCFC50DC1434E1970A146F7E3885, BE797E5F5AE34D37F8DA1134CE94DD14DBE36D2BC405B97E992E2257848B7CA9 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
09:51:46.0952 0x1064  RDPDR - ok
09:51:46.0984 0x1064  [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
09:51:46.0988 0x1064  RDPENCDD - ok
09:51:47.0032 0x1064  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
09:51:47.0039 0x1064  RDPREFMP - ok
09:51:47.0091 0x1064  [ 65375DF758CA1872AB7EBBBA457FD5E6, 8AC7681F51277E799C22FF95FA0B833E9E260D37C0416319FF05B66FB3948005 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
09:51:47.0095 0x1064  RdpVideoMiniport - ok
09:51:47.0138 0x1064  [ F031683E6D1FEA157ABB2FF260B51E61, 83B552819A5964152882C527E1421DBCEAACC74DEB897E3C4B53F52F1467FED3 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
09:51:47.0154 0x1064  RDPWD - ok
09:51:47.0200 0x1064  [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
09:51:47.0223 0x1064  rdyboost - ok
09:51:47.0319 0x1064  [ A0FF419B61AE47E26ADF3BB15DB4F2FE, 974FF9751D123E212BD3CE8DAE70D4BCCC988A01431A1BD91A532849E492BBD8 ] RealNetworks Downloader Resolver Service C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
09:51:47.0323 0x1064  RealNetworks Downloader Resolver Service - ok
09:51:47.0414 0x1064  [ 64CA2D28CA1AAFE1DCAEFD96A6D5174B, D508E6317CDC489CF080C302259CDA3F7D9906A85CE9EDBB21983760F7ADD6EF ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
09:51:47.0422 0x1064  RegSrvc - ok
09:51:47.0478 0x1064  [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess    C:\Windows\System32\mprdim.dll
09:51:47.0500 0x1064  RemoteAccess - ok
09:51:47.0560 0x1064  [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry  C:\Windows\system32\regsvc.dll
09:51:47.0591 0x1064  RemoteRegistry - ok
09:51:47.0642 0x1064  [ CB928D9E6DAF51879DD6BA8D02F01321, DFD263B67DDF98AE09AF6D6986CBC7BE3206BCE8403AAC51BCF9459E78233D12 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
09:51:47.0653 0x1064  RFCOMM - ok
09:51:47.0692 0x1064  [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
09:51:47.0734 0x1064  RpcEptMapper - ok
09:51:47.0774 0x1064  [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator      C:\Windows\system32\locator.exe
09:51:47.0782 0x1064  RpcLocator - ok
09:51:47.0834 0x1064  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs           C:\Windows\system32\rpcss.dll
09:51:47.0871 0x1064  RpcSs - ok
09:51:47.0923 0x1064  [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
09:51:47.0930 0x1064  rspndr - ok
09:51:47.0976 0x1064  [ 166911EADA13CD34DD8F8C667707BE94, D586FFDDDA7EA152B868EC4D556022AC48395569FEB1ECBB9C436D425EC7A5B0 ] RTL8023xp       C:\Windows\system32\DRIVERS\Rtnicxp.sys
09:51:47.0983 0x1064  RTL8023xp - ok
09:51:48.0014 0x1064  [ 7FA7F2E249A5DCBB7970630E15E1F482, 9633B193F3FDA67BC551C6DCA4788AB83E9F45F77763EE579D02FE5D6B80DEDF ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
09:51:48.0018 0x1064  s3cap - ok
09:51:48.0079 0x1064  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] SamSs           C:\Windows\system32\lsass.exe
09:51:48.0086 0x1064  SamSs - ok
09:51:48.0128 0x1064  sar - ok
09:51:48.0160 0x1064  [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
09:51:48.0168 0x1064  sbp2port - ok
09:51:48.0222 0x1064  [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
09:51:48.0253 0x1064  SCardSvr - ok
09:51:48.0283 0x1064  [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
09:51:48.0289 0x1064  scfilter - ok
09:51:48.0395 0x1064  [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule        C:\Windows\system32\schedsvc.dll
09:51:48.0464 0x1064  Schedule - ok
09:51:48.0513 0x1064  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc     C:\Windows\System32\certprop.dll
09:51:48.0519 0x1064  SCPolicySvc - ok
09:51:48.0561 0x1064  [ 0328BE1C7F1CBA23848179F8762E391C, EA80853F04BAE6F46F658B3EFED34BFDDE20E6F2BDA349EBC17EC75DFF19855D ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
09:51:48.0570 0x1064  sdbus - ok
09:51:48.0610 0x1064  [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
09:51:48.0639 0x1064  SDRSVC - ok
09:51:48.0689 0x1064  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
09:51:48.0694 0x1064  secdrv - ok
09:51:48.0727 0x1064  [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon        C:\Windows\system32\seclogon.dll
09:51:48.0750 0x1064  seclogon - ok
09:51:48.0787 0x1064  [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS            C:\Windows\System32\sens.dll
09:51:48.0809 0x1064  SENS - ok
09:51:48.0841 0x1064  [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
09:51:48.0854 0x1064  SensrSvc - ok
09:51:48.0888 0x1064  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
09:51:48.0893 0x1064  Serenum - ok
09:51:48.0943 0x1064  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial          C:\Windows\system32\DRIVERS\serial.sys
09:51:48.0951 0x1064  Serial - ok
09:51:48.0988 0x1064  [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse        C:\Windows\system32\drivers\sermouse.sys
09:51:48.0993 0x1064  sermouse - ok
09:51:49.0110 0x1064  [ 78F7BB9F4924BE164294C59B8C3FC096, 75051A6A8B0DBB16CD70855A408134270EEAF0C127BAAE5B592DB53BB87C085B ] ServiceLayer    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
09:51:49.0169 0x1064  ServiceLayer - ok
09:51:49.0275 0x1064  [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv      C:\Windows\system32\sessenv.dll
09:51:49.0306 0x1064  SessionEnv - ok
09:51:49.0336 0x1064  [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
09:51:49.0341 0x1064  sffdisk - ok
09:51:49.0363 0x1064  [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
09:51:49.0371 0x1064  sffp_mmc - ok
09:51:49.0395 0x1064  [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
09:51:49.0400 0x1064  sffp_sd - ok
09:51:49.0431 0x1064  [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
09:51:49.0439 0x1064  sfloppy - ok
09:51:49.0535 0x1064  [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
09:51:49.0576 0x1064  SharedAccess - ok
09:51:49.0648 0x1064  [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:51:49.0694 0x1064  ShellHWDetection - ok
09:51:49.0750 0x1064  [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp          C:\Windows\system32\drivers\sisagp.sys
09:51:49.0757 0x1064  sisagp - ok
09:51:49.0784 0x1064  [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
09:51:49.0790 0x1064  SiSRaid2 - ok
09:51:49.0818 0x1064  [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
09:51:49.0827 0x1064  SiSRaid4 - ok
09:51:49.0925 0x1064  [ F5BBEDF602C310B00036EB2DBF4348A5, AC2712E639F0C54BCF00EB4E90E805335871EA27AE8A45DFC53EDF28822318C4 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
09:51:49.0936 0x1064  SkypeUpdate - ok
09:51:49.0964 0x1064  [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
09:51:49.0977 0x1064  Smb - ok
09:51:50.0052 0x1064  [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
09:51:50.0064 0x1064  SNMPTRAP - ok
09:51:50.0112 0x1064  [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr           C:\Windows\system32\drivers\spldr.sys
09:51:50.0117 0x1064  spldr - ok
09:51:50.0182 0x1064  [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler         C:\Windows\System32\spoolsv.exe
09:51:50.0226 0x1064  Spooler - ok
09:51:50.0509 0x1064  [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc          C:\Windows\system32\sppsvc.exe
09:51:50.0764 0x1064  sppsvc - ok
09:51:50.0820 0x1064  [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify     C:\Windows\system32\sppuinotify.dll
09:51:50.0842 0x1064  sppuinotify - ok
09:51:50.0916 0x1064  [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv             C:\Windows\system32\DRIVERS\srv.sys
09:51:50.0951 0x1064  srv - ok
09:51:51.0006 0x1064  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
09:51:51.0040 0x1064  srv2 - ok
09:51:51.0081 0x1064  [ E00FDFAFF025E94F9821153750C35A6D, 6ECDC5F314A29B859B0DCB7FF114CACE0718612556299B16412C21F9539DC9B5 ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL3.SYS
09:51:51.0102 0x1064  SrvHsfHDA - ok
09:51:51.0233 0x1064  [ CEB4E3B6890E1E42DCA6694D9E59E1A0, 00D841690A88F1051A238F67AACCE905E8A59C86070F215A8D31FA3E68C6BF35 ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV3.SYS
09:51:51.0319 0x1064  SrvHsfV92 - ok
09:51:51.0392 0x1064  [ BC0C7EA89194C299F051C24119000E17, F5FB21F7AD7370F3D5DF7C23F33118ECF19865B995AF12E9A8A8D893E7E6264F ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
09:51:51.0449 0x1064  SrvHsfWinac - ok
09:51:51.0507 0x1064  [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
09:51:51.0518 0x1064  srvnet - ok
09:51:51.0593 0x1064  [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
09:51:51.0626 0x1064  SSDPSRV - ok
09:51:51.0668 0x1064  [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
09:51:51.0713 0x1064  SstpSvc - ok
09:51:51.0758 0x1064  [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor        C:\Windows\system32\drivers\stexstor.sys
09:51:51.0763 0x1064  stexstor - ok
09:51:51.0836 0x1064  [ 3CFEA727795243364BB6A7F9A091FAA3, 9F897F4AAA67C7331A26418B2483C8D48E9A9F1125A05DCC65CDE2D14FCFCF6C ] STHDA           C:\Windows\system32\drivers\stwrt.sys
09:51:51.0871 0x1064  STHDA - ok
09:51:51.0950 0x1064  [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc          C:\Windows\System32\wiaservc.dll
09:51:52.0035 0x1064  StiSvc - ok
09:51:52.0091 0x1064  [ 472AF0311073DCECEAA8FA18BA2BDF89, 089414057EB2047E42C96C1ACE79D509967461DC5A4D2836F63C04268637A3FC ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
09:51:52.0097 0x1064  storflt - ok
09:51:52.0136 0x1064  [ DCAFFD62259E0BDB433DD67B5BB37619, CBD12FF9BBF33D18B0F3D322B12EC62E7DF3BF45C6AD43D2E91FF4C4762E05D0 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
09:51:52.0141 0x1064  storvsc - ok
09:51:52.0171 0x1064  [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
09:51:52.0175 0x1064  swenum - ok
09:51:52.0244 0x1064  [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv           C:\Windows\System32\swprv.dll
09:51:52.0289 0x1064  swprv - ok
09:51:52.0315 0x1064  [ F2AD8960812FD111E20E84659EF19D43, FAC91E940D3735738908447E58792C32E6F86427612114A624041B7213831105 ] Synth3dVsc      C:\Windows\system32\drivers\synth3dvsc.sys
09:51:52.0323 0x1064  Synth3dVsc - ok
09:51:52.0435 0x1064  [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain         C:\Windows\system32\sysmain.dll
09:51:52.0537 0x1064  SysMain - ok
09:51:52.0579 0x1064  [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
09:51:52.0602 0x1064  TabletInputService - ok
09:51:52.0651 0x1064  [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv         C:\Windows\System32\tapisrv.dll
09:51:52.0690 0x1064  TapiSrv - ok
09:51:52.0729 0x1064  [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS             C:\Windows\System32\tbssvc.dll
09:51:52.0743 0x1064  TBS - ok
09:51:52.0888 0x1064  [ CA59F7C570AF70BC174F477CFE2D9EE3, F09E4E14207A2AC6957D2C0AC8707D0E356A9087FA6DC703373242D8EEB026BD ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
09:51:52.0982 0x1064  Tcpip - ok
09:51:53.0112 0x1064  [ CA59F7C570AF70BC174F477CFE2D9EE3, F09E4E14207A2AC6957D2C0AC8707D0E356A9087FA6DC703373242D8EEB026BD ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
09:51:53.0187 0x1064  TCPIP6 - ok
09:51:53.0269 0x1064  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
09:51:53.0275 0x1064  tcpipreg - ok
09:51:53.0322 0x1064  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
09:51:53.0326 0x1064  TDPIPE - ok
09:51:53.0353 0x1064  [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
09:51:53.0359 0x1064  TDTCP - ok
09:51:53.0399 0x1064  [ B459575348C20E8121D6039DA063C704, 1B4328A9EA39FF5A57F258E02254D04B73455F1DF7C997C13702A8B2F12D0347 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
09:51:53.0407 0x1064  tdx - ok
09:51:53.0857 0x1064  [ F67C21CC4195F6AFC447418FE163E156, 01D245952C1AF2B365DBA6C36AFE0FFB2332480B6A1D7D4B43A0DE4FB7535B0B ] TeamViewer8     C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
09:51:54.0240 0x1064  TeamViewer8 - ok
09:51:54.0379 0x1064  [ 9101FFFCFCCD1A30E870A5B8A9091B10, 58AAB0F6FF78FD0ECDD8D9DA1B6852E9E57E3DAA39489ABDDBA106ECE0B3BCA7 ] teamviewervpn   C:\Windows\system32\DRIVERS\teamviewervpn.sys
09:51:54.0386 0x1064  teamviewervpn - ok
09:51:54.0425 0x1064  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
09:51:54.0431 0x1064  TermDD - ok
09:51:54.0483 0x1064  [ E951866BAC5A23403F62A349EDBB6EEB, BE6FB3C09D1CF8952B4D041F45B4DEE53D78EE7D27A5135012BC92B2F7CFBEA3 ] terminpt        C:\Windows\system32\drivers\terminpt.sys
09:51:54.0489 0x1064  terminpt - ok
09:51:54.0572 0x1064  [ 382C804C92811BE57829D8E550A900E2, 5F52C2E7902024CF1C9CC0069F411C3F19CCA3DB209F437FA0F3932D4898EB50 ] TermService     C:\Windows\System32\termsrv.dll
09:51:54.0628 0x1064  TermService - ok
09:51:54.0672 0x1064  [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes          C:\Windows\system32\themeservice.dll
09:51:54.0694 0x1064  Themes - ok
09:51:54.0724 0x1064  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER     C:\Windows\system32\mmcss.dll
09:51:54.0734 0x1064  THREADORDER - ok
09:51:54.0773 0x1064  [ 5AD05191DC8B444A7BA4D79B76C42A30, 6166E939A5A240388EBA5AF7FF335DC413F2BBCF74C2E1D310F4BE2A5454A610 ] TPM             C:\Windows\system32\drivers\tpm.sys
09:51:54.0778 0x1064  TPM - ok
09:51:54.0815 0x1064  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks          C:\Windows\System32\trkwks.dll
09:51:54.0837 0x1064  TrkWks - ok
09:51:54.0935 0x1064  [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:51:54.0962 0x1064  TrustedInstaller - ok
09:51:55.0028 0x1064  [ B37B08F2E5EEB1A37E448E09BACE1101, 32CC9E06B88BAB6FAB4696B744548DFCE9199A7FD2BA8B019F269CA75895852C ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
09:51:55.0034 0x1064  tssecsrv - ok
09:51:55.0089 0x1064  [ 9CE253214ACAA5A7D323327D2055EFAA, 15E7DB578EDF36DD2FD5BA960C3941B2353037323B6B96702CDCDC07588EA724 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
09:51:55.0096 0x1064  TsUsbFlt - ok
09:51:55.0145 0x1064  [ 57C527AF84748B5C2F5178C499C0B81F, 2FF1F25BA16F8984E9F2CE4DE663F261BAF267EDF10D466A52BB211C567F763C ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
09:51:55.0151 0x1064  TsUsbGD - ok
09:51:55.0203 0x1064  [ 045ACB987C650D8186C6B4A692223860, C1CDDF7DABAE531C53290C7C70F35DD65751B399D269711865AD65F9E4E43B0B ] tsusbhub        C:\Windows\system32\drivers\tsusbhub.sys
09:51:55.0214 0x1064  tsusbhub - ok
09:51:55.0248 0x1064  [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
09:51:55.0260 0x1064  tunnel - ok
09:51:55.0282 0x1064  [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
09:51:55.0292 0x1064  uagp35 - ok
09:51:55.0340 0x1064  [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
09:51:55.0370 0x1064  udfs - ok
09:51:55.0456 0x1064  [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect       C:\Windows\system32\UI0Detect.exe
09:51:55.0479 0x1064  UI0Detect - ok
09:51:55.0505 0x1064  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
09:51:55.0512 0x1064  uliagpkx - ok
09:51:55.0548 0x1064  [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
09:51:55.0554 0x1064  umbus - ok
09:51:55.0578 0x1064  [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass          C:\Windows\system32\drivers\umpass.sys
09:51:55.0582 0x1064  UmPass - ok
09:51:55.0633 0x1064  [ 409994A8EACEEE4E328749C0353527A0, FFC57B647147DE2957A7DE4B330CC534DE7AC892A2FCE3BB164F7A516CAB1B56 ] UmRdpService    C:\Windows\System32\umrdp.dll
09:51:55.0665 0x1064  UmRdpService - ok
09:51:55.0720 0x1064  [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost        C:\Windows\System32\upnphost.dll
09:51:55.0749 0x1064  upnphost - ok
09:51:55.0782 0x1064  [ 8721F55D8BC9F89E3A63CEBDF5EF4FA3, C0C82480014B646709869A6A6FA2B71B993F9FCD8E2DB9E8F7D341C21EE169CF ] upperdev        C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
09:51:55.0788 0x1064  upperdev - ok
09:51:55.0826 0x1064  [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp         C:\Windows\system32\drivers\usbccgp.sys
09:51:55.0835 0x1064  usbccgp - ok
09:51:55.0871 0x1064  [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir          C:\Windows\system32\drivers\usbcir.sys
09:51:55.0880 0x1064  usbcir - ok
09:51:55.0952 0x1064  [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci         C:\Windows\system32\drivers\usbehci.sys
09:51:55.0958 0x1064  usbehci - ok
09:51:56.0008 0x1064  [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
09:51:56.0044 0x1064  usbhub - ok
09:51:56.0089 0x1064  [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
09:51:56.0095 0x1064  usbohci - ok
09:51:56.0143 0x1064  [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint        C:\Windows\system32\drivers\usbprint.sys
09:51:56.0149 0x1064  usbprint - ok
09:51:56.0194 0x1064  [ 007C0C8D5B01D82ACEB70431D15083F6, 7EAF68CD3C38D3CD2CDFEE9ECE1DFB38E274F1F9E6F70B73BCE1336E87D5496C ] usbser          C:\Windows\system32\drivers\usbser.sys
09:51:56.0200 0x1064  usbser - ok
09:51:56.0223 0x1064  [ 4E66C71D8D010BFB0DF1042D25E9CB0F, E581ED3557A06FEE7F35DF1C18C7D74FEFD1FC5E6CDAD6692F66F4A033830F1C ] UsbserFilt      C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
09:51:56.0227 0x1064  UsbserFilt - ok
09:51:56.0261 0x1064  [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:51:56.0269 0x1064  USBSTOR - ok
09:51:56.0314 0x1064  [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
09:51:56.0319 0x1064  usbuhci - ok
09:51:56.0376 0x1064  [ DE014425522610BEDCA3821BB8C0F1D5, D6FEA0DF07F89834AEEE8C02CC7FD41068D758B6CCECE2EEE5CF4B9DB646FA1E ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
09:51:56.0389 0x1064  usbvideo - ok
09:51:56.0436 0x1064  [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms           C:\Windows\System32\uxsms.dll
09:51:56.0458 0x1064  UxSms - ok
09:51:56.0486 0x1064  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] VaultSvc        C:\Windows\system32\lsass.exe
09:51:56.0494 0x1064  VaultSvc - ok
09:51:56.0555 0x1064  [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
09:51:56.0561 0x1064  vdrvroot - ok
09:51:56.0617 0x1064  [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds             C:\Windows\System32\vds.exe
09:51:56.0673 0x1064  vds - ok
09:51:56.0711 0x1064  [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
09:51:56.0716 0x1064  vga - ok
09:51:56.0756 0x1064  [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave         C:\Windows\System32\drivers\vga.sys
09:51:56.0761 0x1064  VgaSave - ok
09:51:56.0779 0x1064  VGPU - ok
09:51:56.0822 0x1064  [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
09:51:56.0836 0x1064  vhdmp - ok
09:51:56.0868 0x1064  [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
09:51:56.0875 0x1064  viaagp - ok
09:51:56.0903 0x1064  [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
09:51:56.0910 0x1064  ViaC7 - ok
09:51:56.0951 0x1064  [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide          C:\Windows\system32\drivers\viaide.sys
09:51:56.0956 0x1064  viaide - ok
09:51:57.0013 0x1064  [ C2F2911156FDC7817C52829C86DA494E, FE499F189B5016FCE0018AA3DE3970B72275B7B15F3D4D608117F6DDEC6B90DC ] vmbus           C:\Windows\system32\drivers\vmbus.sys
09:51:57.0035 0x1064  vmbus - ok
09:51:57.0063 0x1064  [ D4D77455211E204F370D08F4963063CE, 2018B2A84C73E0834200A594C02A9D28C74906F126DAD3CCDDFC9CD9A61669E2 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
09:51:57.0069 0x1064  VMBusHID - ok
09:51:57.0106 0x1064  [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
09:51:57.0113 0x1064  volmgr - ok
09:51:57.0166 0x1064  [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
09:51:57.0199 0x1064  volmgrx - ok
09:51:57.0238 0x1064  [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
09:51:57.0259 0x1064  volsnap - ok
09:51:57.0289 0x1064  [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
09:51:57.0307 0x1064  vsmraid - ok
09:51:57.0437 0x1064  [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS             C:\Windows\system32\vssvc.exe
09:51:57.0542 0x1064  VSS - ok
09:51:57.0583 0x1064  [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
09:51:57.0588 0x1064  vwifibus - ok
09:51:57.0651 0x1064  [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time         C:\Windows\system32\w32time.dll
09:51:57.0684 0x1064  W32Time - ok
09:51:57.0753 0x1064  [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
09:51:57.0758 0x1064  WacomPen - ok
09:51:57.0801 0x1064  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
09:51:57.0808 0x1064  WANARP - ok
09:51:57.0833 0x1064  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
09:51:57.0840 0x1064  Wanarpv6 - ok
09:51:58.0014 0x1064  [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
09:51:58.0015 0x1064  Suspicious file ( NoAccess ): C:\Windows\system32\Wat\WatAdminSvc.exe. md5: 353A04C273EC58475D8633E75CCD5604, sha256: FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0
09:51:58.0030 0x1064  WatAdminSvc - detected LockedFile.Multi.Generic ( 1 )
09:52:05.0272 0x1064  Detect skipped due to KSN trusted
09:52:05.0272 0x1064  WatAdminSvc - ok
09:52:05.0484 0x1064  [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine        C:\Windows\system32\wbengine.exe
09:52:05.0589 0x1064  wbengine - ok
09:52:05.0652 0x1064  [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
09:52:05.0677 0x1064  WbioSrvc - ok
09:52:05.0719 0x1064  [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc         C:\Windows\System32\wcncsvc.dll
09:52:05.0750 0x1064  wcncsvc - ok
09:52:05.0781 0x1064  [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:52:05.0803 0x1064  WcsPlugInService - ok
09:52:05.0846 0x1064  [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd              C:\Windows\system32\drivers\wd.sys
09:52:05.0851 0x1064  Wd - ok
09:52:05.0945 0x1064  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
09:52:05.0995 0x1064  Wdf01000 - ok
09:52:06.0034 0x1064  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost  C:\Windows\system32\wdi.dll
09:52:06.0057 0x1064  WdiServiceHost - ok
09:52:06.0090 0x1064  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost   C:\Windows\system32\wdi.dll
09:52:06.0107 0x1064  WdiSystemHost - ok
09:52:06.0171 0x1064  [ 75E8EBD7040CE238684333F97014762A, 2CA0B267FBAEB303D1F8B639D733DC0DE17BA1276CC9096035B4F2BBBED3EF7F ] WebClient       C:\Windows\System32\webclnt.dll
09:52:06.0204 0x1064  WebClient - ok
09:52:06.0259 0x1064  [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc          C:\Windows\system32\wecsvc.dll
09:52:06.0292 0x1064  Wecsvc - ok
09:52:06.0341 0x1064  [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
09:52:06.0363 0x1064  wercplsupport - ok
09:52:06.0400 0x1064  [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc          C:\Windows\System32\WerSvc.dll
09:52:06.0431 0x1064  WerSvc - ok
09:52:06.0490 0x1064  [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
09:52:06.0494 0x1064  WfpLwf - ok
09:52:06.0526 0x1064  [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
09:52:06.0531 0x1064  WIMMount - ok
09:52:06.0673 0x1064  [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
09:52:06.0746 0x1064  WinDefend - ok
09:52:06.0809 0x1064  WinHttpAutoProxySvc - ok
09:52:06.0882 0x1064  [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
09:52:06.0904 0x1064  Winmgmt - ok
09:52:07.0089 0x1064  [ 1B91CD34EA3A90AB6A4EF0550174F4CC, 5B6618615EBFBA594C945AD35F5C68DA8C6053892B6D12D626BB6120910D80DC ] WinRM           C:\Windows\system32\WsmSvc.dll
09:52:07.0203 0x1064  WinRM - ok
09:52:07.0287 0x1064  [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
09:52:07.0294 0x1064  WinUsb - ok
09:52:07.0392 0x1064  [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc         C:\Windows\System32\wlansvc.dll
09:52:07.0469 0x1064  Wlansvc - ok
09:52:07.0510 0x1064  [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
09:52:07.0514 0x1064  WmiAcpi - ok
09:52:07.0578 0x1064  [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
09:52:07.0591 0x1064  wmiApSrv - ok
09:52:07.0749 0x1064  [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
09:52:07.0838 0x1064  WMPNetworkSvc - ok
09:52:07.0896 0x1064  [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
09:52:07.0919 0x1064  WPCSvc - ok
09:52:07.0958 0x1064  [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
09:52:07.0988 0x1064  WPDBusEnum - ok
09:52:08.0016 0x1064  [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
09:52:08.0021 0x1064  ws2ifsl - ok
09:52:08.0059 0x1064  [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc          C:\Windows\System32\wscsvc.dll
09:52:08.0081 0x1064  wscsvc - ok
09:52:08.0099 0x1064  WSearch - ok
09:52:08.0323 0x1064  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll
09:52:08.0485 0x1064  wuauserv - ok
09:52:08.0541 0x1064  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
09:52:08.0549 0x1064  WudfPf - ok
09:52:08.0595 0x1064  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
09:52:08.0617 0x1064  WUDFRd - ok
09:52:08.0674 0x1064  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
09:52:08.0705 0x1064  wudfsvc - ok
09:52:08.0769 0x1064  [ 3C5E51C05BE9B56EAFF4E388C3AB25E4, 10D9FDEDAB1FB2E76D54661AFA5C1A6B1B0980525F38F5D061537077841C6AEE ] WwanSvc         C:\Windows\System32\wwansvc.dll
09:52:08.0802 0x1064  WwanSvc - ok
09:52:09.0101 0x1064  [ 26B3BA0D9AF3397B8E24ADC8DFDB3534, B21683982F82A9E30B1AE4F1961E480EE6C1F0ED0D0236955A0B7C42819F28E3 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
09:52:09.0279 0x1064  ZeroConfigService - ok
09:52:09.0395 0x1064  ================ Scan global ===============================
09:52:09.0625 0x1064  [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll
09:52:09.0683 0x1064  [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
09:52:09.0760 0x1064  [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
09:52:09.0827 0x1064  [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
09:52:09.0911 0x1064  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\Windows\system32\services.exe
09:52:09.0951 0x1064  [ Global ] - ok
09:52:09.0956 0x1064  ================ Scan MBR ==================================
09:52:09.0974 0x1064  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
09:52:10.0298 0x1064  \Device\Harddisk0\DR0 - ok
09:52:10.0300 0x1064  ================ Scan VBR ==================================
09:52:10.0308 0x1064  [ 61723D22F3E9F4BBCF23FD131BF45E8A ] \Device\Harddisk0\DR0\Partition1
09:52:10.0313 0x1064  \Device\Harddisk0\DR0\Partition1 - ok
09:52:10.0323 0x1064  Waiting for KSN requests completion. In queue: 32
09:52:11.0323 0x1064  Waiting for KSN requests completion. In queue: 32
09:52:12.0323 0x1064  Waiting for KSN requests completion. In queue: 32
09:52:13.0323 0x1064  Waiting for KSN requests completion. In queue: 32
09:52:14.0437 0x1064  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2011.263 ), 0x41000 ( enabled : updated )
09:52:14.0450 0x1064  Win FW state via NFP2: enabled
09:52:21.0765 0x1064  ============================================================
09:52:21.0765 0x1064  Scan finished
09:52:21.0765 0x1064  ============================================================
09:52:21.0797 0x1058  Detected object count: 0
09:52:21.0797 0x1058  Actual detected object count: 0
09:53:25.0652 0x04cc  Deinitialize success



Results from rKill.exe:

Rkill 2.6.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 01/16/2014 10:30:36 AM in x86 mode.
Windows Version: Windows 7 Ultimate Service Pack 1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * No issues found.

Checking Windows Service Integrity:

 * No issues found.

Searching for Missing Digital Signatures:

 * C:\Windows\System32\user32.dll : 811,520 : 04/18/2013 01:38 PM : 7bd7f45ff37fa0669cd32ca0ef46e22c [NoSig]
 +-> C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll : 811,520 : 11/20/2010 09:29 PM : f1dd3acaee5e6b4bbc69bc6df75cef66 [Pos Repl]

Checking HOSTS File:

 * No issues found.

Program finished at: 01/16/2014 10:31:15 AM
Execution time: 0 hours(s), 0 minute(s), and 39 seconds(s)



 



#9 Condobloke

Condobloke

    Outback Aussie @ 54.2101 N, 0.2906 W


  • Members
  • 5,860 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:18 PM

Posted 16 January 2014 - 06:26 AM

 
 

Removal Only
    Please download mbam-clean.exe from  here  to your desktop and save it.
    Please close all open applications and temporarily shutdown your antivirus to avoid any conflicts when running the tool.
    Locate the file mbam-clean.exe and double-click to run it and follow the onscreen prompts.
    It will ask to restart your computer, please allow it to do so very important
    Make sure you have re-enabled your Anti-Virus/Internet-Security applications after the restart

 

Malwarebytes' Anti-Malware
Please download Malwarebytes' Anti-Malware from HERE

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

 

 

Condobloke ...Outback Australian  

 

fed up with Windows antics...??....LINUX IS THE ANSWER....I USE LINUX MINT 18.3  EXCLUSIVELY.

“A man travels the world in search of what he needs and returns home to find it."

It has been said that time heals all wounds. I don't agree. The wounds remain. Time - the mind, protecting its sanity - covers them with some scar tissue and the pain lessens, but it is never gone. Rose Kennedy


#10 novice4

novice4
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Local time:06:18 AM

Posted 17 January 2014 - 08:39 AM

Hi,
Thank you
Here are the results:

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2014.01.17.04

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 11.0.9600.16476
A :: CF19-TOUGHBOOK [administrator]

17/01/2014 13:14:33
mbam-log-2014-01-17 (13-14-33).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 212503
Time elapsed: 14 minute(s), 51 second(s)

Memory Processes Detected: 1
C:\Users\A\Desktop\skypememoryreducer.exe (Trojan.AutoIt) -> 3844 -> Delete on reboot.

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Users\A\Desktop\skypememoryreducer.exe (Trojan.AutoIt) -> Delete on reboot.

(end)
 



#11 Condobloke

Condobloke

    Outback Aussie @ 54.2101 N, 0.2906 W


  • Members
  • 5,860 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:18 PM

Posted 17 January 2014 - 05:42 PM

 
 

You DID reboot after MalwareBytes ??

 

Your install of MBAM had been corrupted by C:\Users\A\Desktop\skypememoryreducer.exe (Trojan.AutoIt)....

Skype memory reducer was on your desktop, which would indicate it was possibly a recent download.

The information below tells you a little about this Trojan.....I will leave it to you to cleanup/change passwords etc on any facebook, twitter, youtube and skype accounts etc etc which you may have.

 

This trojan hijacks your Facebook, Twitter or YouTube account to promote pages. It may post hyperlinks or like pages on Facebook, post comments on YouTube videos, or follow profiles and send direct messages on Twitter without your permission.

It may be installed when you click on a malicious link. When you click on the link you may be asked to run or install a program that looks genuine, such as an Adobe Flash installer

http://www.f-secure.com/v-descs/trojan_w32_autoit.shtml

https://www.virustotal.com/en/file/1ed85aa4232d942f44ba1dfb2bec17ef09b8e1408b3b20c0e77ee1d22d75c2d7/analysis/1297249908/

 

 

 

Please download TFC, or Temp File CleanerTFC, by Old Timer
Usage Instructions:

Download TFC from the download link above and save the file on your desktop.
Close ALL running applications as TFC will terminate them before attempting to clean up the temporary files.
Double-click on the TFC icon.
When the program opens, click on the Start button. TFC will terminate the Explorer process and all running applications and then begin the process of cleaning out all of your temp folders.
When done, press OK and reboot your computer and finish the cleanup.

 

 

 

How is the Computer running now ???

 

 

 

Download  MiniToolBox MiniToolBox, Save it to your desktop and run it.
Close any Firefox browsers you may have open
Checkmark the following boxes:
•Flush DNS
•Report IE Proxy Settings
•Reset IE Proxy Settings
•Report FF Proxy Settings
•Reset FF Proxy Settings
•List content of Hosts
•List IP configuration
•List last 10 Event Viewer log
•List Installed Programs
•List Users, Partitions and Memory size.
•List Minidump Files
 
Click Go and copy / paste the result (Result.txt).

 

Condobloke ...Outback Australian  

 

fed up with Windows antics...??....LINUX IS THE ANSWER....I USE LINUX MINT 18.3  EXCLUSIVELY.

“A man travels the world in search of what he needs and returns home to find it."

It has been said that time heals all wounds. I don't agree. The wounds remain. Time - the mind, protecting its sanity - covers them with some scar tissue and the pain lessens, but it is never gone. Rose Kennedy


#12 novice4

novice4
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Local time:06:18 AM

Posted 18 January 2014 - 05:16 AM

Hi,

 

1.Yes rebooted Malwarebytes,it asked me to do so.

 

2.Ran TFC and rebooted

 

3.Seems a little better, although i have a quick question ,i notice that when i surf pages from the internet,AVAST anti-virus scans that particular page you are on and seems to slow down the browsing until the Avast ball stops turning in the task bar,and also when page is fully finished loading........is that normal for Avast anti virus.?..i cannot remember Avast scanning everything you do,but maybe the this is probably normal.

4..Ran MiniToolBox with these settings (Results below)

•Flush DNS
•Report IE Proxy Settings
•Reset IE Proxy Settings
•Report FF Proxy Settings
•Reset FF Proxy Settings
•List content of Hosts
•List IP configuration
•List last 10 Event Viewer log
•List Installed Programs
•List Users, Partitions and Memory size.
•List Minidump Files

MiniToolBox by Farbar  Version: 18-12-2013
Ran by A (administrator) on 18-01-2014 at 09:44:18
Running from "C:\Users\A\Desktop"
Microsoft Windows 7 Ultimate  Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Intel® PRO/Wireless 3945ABG Network Connection = Wireless Network Connection (Connected)
MAC Bridge Miniport = Network Bridge (Hardware not present)
Realtek RTL8139/810x Family Fast Ethernet NIC = Local Area Connection (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
TeamViewer VPN Adapter = Local Area Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : CF19-TOUGHBOOK
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel® PRO/Wireless 3945ABG Network Connection
   Physical Address. . . . . . . . . : 00-18-DE-C9-83-AB
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::a9e2:81e8:c5f9:3f78%11(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.6(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : 18 January 2014 09:32:17
   Lease Expires . . . . . . . . . . : 19 January 2014 09:32:16
   Default Gateway . . . . . . . . . : fe80::1%11
                                       192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 184555742
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-0B-49-65-B8-00-0B-97-BA-86-56
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   Primary WINS Server . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : TeamViewer VPN Adapter
   Physical Address. . . . . . . . . : 00-FF-BF-C0-11-8C
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Bluetooth Network Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
   Physical Address. . . . . . . . . : 00-03-7A-F0-BC-A5
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{355F3134-3AB2-47CF-A880-422D208382D0}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:38b1:3cfd:3f57:fef9(Preferred)
   Link-local IPv6 Address . . . . . : fe80::38b1:3cfd:3f57:fef9%15(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{BFC0118C-04BF-4A0A-8A2A-E250C9354CF2}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{2171BE9B-A3CD-4DFD-B776-B9DB3835999E}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  UnKnown
Address:  192.168.1.1

Name:    google.com
Addresses:  2a00:1450:4009:807::1004
      173.194.41.103
      173.194.41.110
      173.194.41.105
      173.194.41.101
      173.194.41.104
      173.194.41.99
      173.194.41.96
      173.194.41.97
      173.194.41.102
      173.194.41.100
      173.194.41.98


Pinging google.com [173.194.41.98] with 32 bytes of data:
Reply from 173.194.41.98: bytes=32 time=38ms TTL=55
Reply from 173.194.41.98: bytes=32 time=36ms TTL=55

Ping statistics for 173.194.41.98:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 36ms, Maximum = 38ms, Average = 37ms
Server:  UnKnown
Address:  192.168.1.1

Name:    yahoo.com
Addresses:  98.138.253.109
      98.139.183.24
      206.190.36.45


Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=174ms TTL=42
Reply from 206.190.36.45: bytes=32 time=242ms TTL=42

Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 174ms, Maximum = 242ms, Average = 208ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms


 



#13 Condobloke

Condobloke

    Outback Aussie @ 54.2101 N, 0.2906 W


  • Members
  • 5,860 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:18 PM

Posted 18 January 2014 - 05:38 AM

 
 

1. Good

2.Cool....TFC is a 'keeper'

3.I have no experience of the Avast program...I would imagine that might have something to do with 'sandbox'...

A post in THIS forum will answer that question for you.

4.MiniToolBox log is incomplete. Please ReDo.

 

5.Run  JRT again...

 

Please download Junkware Removal Tool to your desktop.

Shut down your protection software now to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

 

 

 

 

 

Condobloke ...Outback Australian  

 

fed up with Windows antics...??....LINUX IS THE ANSWER....I USE LINUX MINT 18.3  EXCLUSIVELY.

“A man travels the world in search of what he needs and returns home to find it."

It has been said that time heals all wounds. I don't agree. The wounds remain. Time - the mind, protecting its sanity - covers them with some scar tissue and the pain lessens, but it is never gone. Rose Kennedy


#14 novice4

novice4
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Local time:06:18 AM

Posted 19 January 2014 - 06:09 AM

Hi,
 
1.Re-ran MiniToolBox ,looks like as yesterday it is not getting all the results for you .......TOOK A SCREEN SHOT of MiniTooBox settings to show you all the correct check boxes BUT CANNOT PASTE IT HERE FOR SOME REASONS!!
2,.Ran JRT again and posted all results below.

 
MiniToolBox by Farbar  Version: 18-12-2013
Ran by A (administrator) on 19-01-2014 at 10:31:06
Running from "C:\Users\A\Desktop"
Microsoft Windows 7 Ultimate  Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************
========================= Flush DNS: ===================================
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
========================= IE Proxy Settings: ==============================
Proxy is not enabled.
No Proxy Server is set.
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= FF Proxy Settings: ==============================

"Reset FF Proxy Settings": Firefox Proxy settings were reset.
========================= Hosts content: =================================
 
========================= IP Configuration: ================================
Intel® PRO/Wireless 3945ABG Network Connection = Wireless Network Connection (Connected)
MAC Bridge Miniport = Network Bridge (Hardware not present)
Realtek RTL8139/810x Family Fast Ethernet NIC = Local Area Connection (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
TeamViewer VPN Adapter = Local Area Connection 2 (Media disconnected)

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
reset
set global icmpredirects=enabled

popd
# End of IPv4 configuration
 
Windows IP Configuration
   Host Name . . . . . . . . . . . . : CF19-TOUGHBOOK
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
Wireless LAN adapter Wireless Network Connection:
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel® PRO/Wireless 3945ABG Network Connection
   Physical Address. . . . . . . . . : 00-18-DE-C9-83-AB
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::a9e2:81e8:c5f9:3f78%11(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.6(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : 19 January 2014 10:14:30
   Lease Expires . . . . . . . . . . : 20 January 2014 10:14:30
   Default Gateway . . . . . . . . . : fe80::1%11
                                       192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 184555742
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-0B-49-65-B8-00-0B-97-BA-86-56
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   Primary WINS Server . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
Ethernet adapter Local Area Connection 2:
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : TeamViewer VPN Adapter
   Physical Address. . . . . . . . . : 00-FF-BF-C0-11-8C
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
Ethernet adapter Bluetooth Network Connection:
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
   Physical Address. . . . . . . . . : 00-03-7A-F0-BC-A5
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
Tunnel adapter isatap.{355F3134-3AB2-47CF-A880-422D208382D0}:
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Teredo Tunneling Pseudo-Interface:
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:20b4:3f2f:3f57:fef9(Preferred)
   Link-local IPv6 Address . . . . . : fe80::20b4:3f2f:3f57:fef9%15(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Tunnel adapter isatap.{BFC0118C-04BF-4A0A-8A2A-E250C9354CF2}:
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Tunnel adapter isatap.{2171BE9B-A3CD-4DFD-B776-B9DB3835999E}:
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  UnKnown
Address:  192.168.1.1
Name:    google.com
Addresses:  2a00:1450:4009:808::1000
   173.194.41.132
   173.194.41.142
   173.194.41.131
   173.194.41.129
   173.194.41.133
   173.194.41.137
   173.194.41.130
   173.194.41.134
   173.194.41.136
   173.194.41.135
   173.194.41.128

Pinging google.com [173.194.41.128] with 32 bytes of data:
Reply from 173.194.41.128: bytes=32 time=40ms TTL=55
Reply from 173.194.41.128: bytes=32 time=41ms TTL=55
Ping statistics for 173.194.41.128:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 40ms, Maximum = 41ms, Average = 40ms
Server:  UnKnown
Address:  192.168.1.1
Name:    yahoo.com
Addresses:  98.139.183.24
   206.190.36.45
   98.138.253.109

Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=151ms TTL=44
Reply from 98.138.253.109: bytes=32 time=261ms TTL=44
Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 151ms, Maximum = 261ms, Average = 206ms
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms



 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Ultimate x86
Ran by A on 19/01/2014 at 10:41:44.20
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

~~~ Services
 
~~~ Registry Values
 
~~~ Registry Keys
 
~~~ Files
 
~~~ Folders
 
~~~ FireFox
Emptied folder: C:\Users\A\AppData\Roaming\mozilla\firefox\profiles\b8i0rjcb.default-1384697576215\minidumps [14 files]
 
~~~ Event Viewer Logs were cleared
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 19/01/2014 at 10:47:13.25
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



#15 Condobloke

Condobloke

    Outback Aussie @ 54.2101 N, 0.2906 W


  • Members
  • 5,860 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:18 PM

Posted 19 January 2014 - 05:32 PM

Minitoolbox....open the minitoolbox log......Select EDIT, then SELECT ALL,...now Copy and Paste


Condobloke ...Outback Australian  

 

fed up with Windows antics...??....LINUX IS THE ANSWER....I USE LINUX MINT 18.3  EXCLUSIVELY.

“A man travels the world in search of what he needs and returns home to find it."

It has been said that time heals all wounds. I don't agree. The wounds remain. Time - the mind, protecting its sanity - covers them with some scar tissue and the pain lessens, but it is never gone. Rose Kennedy





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users