Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Laptop is acting very strangely....


  • Please log in to reply
19 replies to this topic

#1 Dagrau

Dagrau

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:06:02 AM

Posted 07 May 2014 - 05:54 PM

I have a custom built laptop, it is only two years old and has been working on top speed forever. Recently however, I've noted a few strange things.

 

First of all, there is my Windows theme. It was switched to classic windows theme and won't revert back to the Aero. Another problem is my K9 Web Protection, which Iobit Malware Fighter claims to be a threat called

 
Windows Prime Booster, REG, HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BCKD, 2014846
Misleading.FakeAV, REG, HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bckd&ImagePath, 2014883
 
Which I manually deleted, then freshly re installed a new downloaded version of K9. But I still receive it as a threat.
 
Another problem is gaming, which I have never had a problem with. Time to time I'll kicked off the clients. I've been trying to play on the LOWEST possible graphical settings. Which is strange because my laptop was built for gaming...
 
The final problem I noticed was my Windows active and inactive bars. They've been casually flickering time to time. Also even when there is only one window open.
 
I've tried restoring my system, but the problems persists. I'm thinking I am infected. Is there a possible solution?
 
Here's my computer's specs:
 
OS Name: Microsoft Windows 7 Home Premium
Versio:n 6.1.7601 Service Pack 1 Build 7601
Other OS Description:  Not Available
OS Manufacture:r Microsoft Corporation
System Name: STAPLE-PC
System Manufacturer: PEGATRON CORPORATION
System Model: A15
System Type: x64-based PC
Processor: Intel® Core™ i7-3630QM CPU @ 2.40GHz, 2401 Mhz, 4 Core(s), 8 Logical Processor(s)
BIOS Version/Date American Megatrends Inc. 207, 2012/05/02
SMBIOS Version: 2.7
Windows Directory: C:\Windows
System Directory: C:\Windows\system32
Boot Device: \Device\HarddiskVolume1
Locale:Japan
Hardware Abstraction Layer Version: = "6.1.7601.17514"
User Name: staple-PC\staple
Installed Physical Memory (RAM): 16.0 GB
Total Physical Memory: 15.9 GB
Available Physical Memory: 10.6 GB
Total Virtual Memory :19.8 GB
Available Virtual Memory: 14.1 GB
Page File Space: 3.93 GB
Page File: C:\pagefile.sys
 

Thanks! :)



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,072 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:02 AM

Posted 07 May 2014 - 08:41 PM

Hello, due to that fact that it's (K9) behavior can be seen as intrusive on the system some tools will mark it for removal. You can uncheck at the scan before removing.

Let's run these and see what else may be on here. K9 may get pulled again

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



    Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .
    ADW Cleaner

    Please download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
  • -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on each one and uncheck any items you want to keep (except you cannot uncheck Chrome and Firefox preferences lines).


    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • .
    .
    .
    .
  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Dagrau

Dagrau
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:06:02 AM

Posted 08 May 2014 - 09:32 AM

Thank you for the reply, here are the results from TDSS & JRT

 

 20:24:58.0798 0x3270  TDSS rootkit removing tool 3.0.0.34 Apr 29 2014 18:20:10

20:25:10.0586 0x3270  ============================================================
20:25:10.0586 0x3270  Current date / time: 2014/05/07 20:25:10.0586
20:25:10.0586 0x3270  SystemInfo:
20:25:10.0586 0x3270  
20:25:10.0586 0x3270  OS Version: 6.1.7601 ServicePack: 1.0
20:25:10.0586 0x3270  Product type: Workstation
20:25:10.0587 0x3270  ComputerName: STAPLE-PC
20:25:10.0587 0x3270  UserName: staple
20:25:10.0587 0x3270  Windows directory: C:\Windows
20:25:10.0587 0x3270  System windows directory: C:\Windows
20:25:10.0587 0x3270  Running under WOW64
20:25:10.0587 0x3270  Processor architecture: Intel x64
20:25:10.0587 0x3270  Number of processors: 8
20:25:10.0587 0x3270  Page size: 0x1000
20:25:10.0587 0x3270  Boot type: Normal boot
20:25:10.0587 0x3270  ============================================================
20:25:10.0635 0x3270  KLMD registered as C:\Windows\system32\drivers\52203598.sys
20:25:10.0694 0x3270  System UUID: {B5319906-EDB2-8431-0200-7E197D5061FF}
20:25:11.0022 0x3270  Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:25:11.0028 0x3270  Drive \Device\Harddisk1\DR1 - Size: 0xEF300000 (3.74 Gb), SectorSize: 0x200, Cylinders: 0x1E7, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
20:25:11.0031 0x3270  Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB5E00 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
20:25:11.0410 0x3270  Drive \Device\Harddisk3\DR3 - Size: 0x3B7500000 (14.86 Gb), SectorSize: 0x200, Cylinders: 0x794, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
20:25:11.0412 0x3270  ============================================================
20:25:11.0412 0x3270  \Device\Harddisk0\DR0:
20:25:11.0412 0x3270  MBR partitions:
20:25:11.0412 0x3270  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
20:25:11.0413 0x3270  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xDF61800
20:25:11.0413 0x3270  \Device\Harddisk1\DR1:
20:25:11.0413 0x3270  MBR partitions:
20:25:11.0413 0x3270  \Device\Harddisk1\DR1\Partition1: MBR, Type 0xB, StartLBA 0x20, BlocksNum 0x7797E0
20:25:11.0413 0x3270  \Device\Harddisk2\DR2:
20:25:11.0414 0x3270  MBR partitions:
20:25:11.0414 0x3270  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
20:25:11.0414 0x3270  \Device\Harddisk3\DR3:
20:25:11.0414 0x3270  MBR partitions:
20:25:11.0414 0x3270  \Device\Harddisk3\DR3\Partition1: MBR, Type 0xC, StartLBA 0x2000, BlocksNum 0x1DB8800
20:25:11.0414 0x3270  ============================================================
20:25:11.0416 0x3270  C: <-> \Device\Harddisk0\DR0\Partition2
20:25:11.0464 0x3270  H: <-> \Device\Harddisk2\DR2\Partition1
20:25:11.0464 0x3270  ============================================================
20:25:11.0464 0x3270  Initialize success
20:25:11.0464 0x3270  ============================================================
20:25:15.0256 0x25e8  ============================================================
20:25:15.0256 0x25e8  Scan started
20:25:15.0256 0x25e8  Mode: Manual; 
20:25:15.0256 0x25e8  ============================================================
20:25:15.0256 0x25e8  KSN ping started
20:25:18.0301 0x25e8  KSN ping finished: true
20:25:18.0528 0x25e8  ================ Scan system memory ========================
20:25:18.0528 0x25e8  System memory - ok
20:25:18.0529 0x25e8  ================ Scan services =============================
20:25:18.0571 0x25e8  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
20:25:18.0575 0x25e8  1394ohci - ok
20:25:18.0596 0x25e8  [ ADC420616C501B45D26C0FD3EF1E54E4, 29FC41D40A35AC5476E2A673CE5B12684E0CFA12A1AEBEEBE5883FBA5CA68B67 ] ACDaemon        C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
20:25:18.0599 0x25e8  ACDaemon - ok
20:25:18.0611 0x25e8  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
20:25:18.0617 0x25e8  ACPI - ok
20:25:18.0624 0x25e8  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
20:25:18.0625 0x25e8  AcpiPmi - ok
20:25:18.0631 0x25e8  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:25:18.0633 0x25e8  AdobeARMservice - ok
20:25:18.0660 0x25e8  [ 7C7E868E1D8096ED08D80FF7712BB9D8, EB4438F3CC377728173E018A763F0D0A8D5BBA4A289F554036D06B24030D2D62 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:25:18.0665 0x25e8  AdobeFlashPlayerUpdateSvc - ok
20:25:18.0683 0x25e8  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
20:25:18.0690 0x25e8  adp94xx - ok
20:25:18.0717 0x25e8  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
20:25:18.0723 0x25e8  adpahci - ok
20:25:18.0733 0x25e8  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
20:25:18.0736 0x25e8  adpu320 - ok
20:25:18.0768 0x25e8  [ 9D35F4CD788ED5FF8CC22F89317E7C83, 8A8FEC3A61927B76106E84F53DC6B5B53AC11C18DCECD548D464B47171B75A99 ] AdvancedSystemCareService7 C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
20:25:18.0781 0x25e8  AdvancedSystemCareService7 - ok
20:25:18.0789 0x25e8  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
20:25:18.0792 0x25e8  AeLookupSvc - ok
20:25:18.0807 0x25e8  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\Windows\system32\drivers\afd.sys
20:25:18.0816 0x25e8  AFD - ok
20:25:18.0827 0x25e8  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
20:25:18.0829 0x25e8  agp440 - ok
20:25:18.0836 0x25e8  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
20:25:18.0839 0x25e8  ALG - ok
20:25:18.0858 0x25e8  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
20:25:18.0859 0x25e8  aliide - ok
20:25:18.0871 0x25e8  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
20:25:18.0874 0x25e8  amdide - ok
20:25:18.0887 0x25e8  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
20:25:18.0888 0x25e8  AmdK8 - ok
20:25:18.0893 0x25e8  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
20:25:18.0895 0x25e8  AmdPPM - ok
20:25:18.0920 0x25e8  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
20:25:18.0922 0x25e8  amdsata - ok
20:25:18.0930 0x25e8  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
20:25:18.0934 0x25e8  amdsbs - ok
20:25:18.0944 0x25e8  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
20:25:18.0945 0x25e8  amdxata - ok
20:25:18.0956 0x25e8  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
20:25:18.0957 0x25e8  AppID - ok
20:25:18.0983 0x25e8  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
20:25:18.0984 0x25e8  AppIDSvc - ok
20:25:18.0989 0x25e8  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
20:25:18.0991 0x25e8  Appinfo - ok
20:25:18.0997 0x25e8  [ 4FE5C6D40664AE07BE5105874357D2ED, 70DD05EE80B77EB2F781E0919885D1BBB1119EA1A8955935AF5AECD05E30F14A ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:25:19.0000 0x25e8  Apple Mobile Device - ok
20:25:19.0011 0x25e8  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
20:25:19.0014 0x25e8  arc - ok
20:25:19.0023 0x25e8  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
20:25:19.0025 0x25e8  arcsas - ok
20:25:19.0054 0x25e8  [ EFD89582B55DD32DC79C1A4EB54612A1, 7631F39174E7AE2A162F25D7069123C51274130298A3E5AE10AC1406CD948355 ] ASLDRService    C:\Program Files (x86)\PHotkey\ASLDRSrv.exe
20:25:19.0056 0x25e8  ASLDRService - ok
20:25:19.0080 0x25e8  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
20:25:19.0082 0x25e8  aspnet_state - ok
20:25:19.0087 0x25e8  [ 340B0467E98A8C92697D73034DB4BCB7, 342572B566747A05DA5391CFC027A6703AECCE29C3D288428884D8641A35D0F5 ] aswHwid         C:\Windows\system32\drivers\aswHwid.sys
20:25:19.0089 0x25e8  aswHwid - ok
20:25:19.0114 0x25e8  [ 60DD9BDD4F96FC4A1E4F528BC70EB630, 5F81F2D3873A132F2B52B6026891D95064D59F0E6FA6D3294687AA66602154F7 ] aswKbd          C:\Windows\system32\drivers\aswKbd.sys
20:25:19.0114 0x25e8  aswKbd - ok
20:25:19.0124 0x25e8  [ ED5B09937D559FFA53FC988D20031E98, EC9E50C9BC2184AE93944EA3115A25BADF5FFB91D11776498EBC9A0D60029A84 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
20:25:19.0125 0x25e8  aswMonFlt - ok
20:25:19.0147 0x25e8  [ 5209F2D0CC85FBCF7D00C2865B719EC3, 405F5BBF4A53A7517A4D0D5DEA7C7F82689BC7256C987BF5AD0855246CDB981C ] aswNdisFlt      C:\Windows\system32\DRIVERS\aswNdisFlt.sys
20:25:19.0154 0x25e8  aswNdisFlt - ok
20:25:19.0162 0x25e8  [ 33C77DCB0AEC76E26BD6352A1A5281BB, CEA7BB3407C1F900DE5CB09F42AF7734811F86B7DE0085FADC7AAE8178D59665 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
20:25:19.0164 0x25e8  aswRdr - ok
20:25:19.0186 0x25e8  [ BF5B9E9E97CED45208E498D9FA73688F, BCB2CC516EAD040573D80599C2306ECB26FCCB16A97B940327CD3A3CE9077877 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
20:25:19.0188 0x25e8  aswRvrt - ok
20:25:19.0219 0x25e8  [ 1C159A357210CAB8974D5FBA068DC38F, 6FEBFCDD75F2929E47E979A32834944373EC6A7523D9C4A8722AEBCF6E4B8C8F ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
20:25:19.0234 0x25e8  aswSnx - ok
20:25:19.0255 0x25e8  [ 5545FB5B49268C903F311849DB1942ED, 3C7FDD6A9A8A600F07A475595E48F947C36D9A6DAB6D3D84C44686B5A56FB40F ] aswSP           C:\Windows\system32\drivers\aswSP.sys
20:25:19.0263 0x25e8  aswSP - ok
20:25:19.0281 0x25e8  [ 708689376A3FD6C6897C69D272E19F4B, 8F6151C46D8EE75872EB43E08337C7EC22EE7DD5344EA4DF33F026FE640A1336 ] aswStm          C:\Windows\system32\drivers\aswStm.sys
20:25:19.0284 0x25e8  aswStm - ok
20:25:19.0308 0x25e8  [ F87990FDBDD4DC037343A80BD7E67538, B81B71F65BC23629C7EB79EE7B4DE38BBE155B1FC37EE66D50E2677C6CA50934 ] aswTap          C:\Windows\system32\DRIVERS\aswTap.sys
20:25:19.0310 0x25e8  aswTap - ok
20:25:19.0328 0x25e8  [ 47CBD3F64E412FFAFD93404580A3C7B9, F9B02E232416BAFC21BCBCDC0A3D9E5E855BFAF11F29ED2C4C469692E6688278 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
20:25:19.0332 0x25e8  aswVmm - ok
20:25:19.0338 0x25e8  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
20:25:19.0339 0x25e8  AsyncMac - ok
20:25:19.0364 0x25e8  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
20:25:19.0365 0x25e8  atapi - ok
20:25:19.0371 0x25e8  [ D0B119D6F52BDCA8D204F79D27690209, C36F600A8525A61A7C948B7A93CFD501F1F222A3929446DA58D4D35619E44EB0 ] AthBTPort       C:\Windows\system32\DRIVERS\btath_flt.sys
20:25:19.0372 0x25e8  AthBTPort - ok
20:25:19.0395 0x25e8  [ 86F8A0A8D59D0AE2B1096F3103F0E0AD, CD8372ADDC5F6DDE587339D7F20412FAF74BCC10DCE765DDAE23C45AD242AB73 ] AtherosSvc      C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
20:25:19.0399 0x25e8  AtherosSvc - ok
20:25:19.0480 0x25e8  [ 9650E5EAC2D90B633AB69B7C0933FEEB, 2E3F72BCE720E0DE0AF4C58D9545DCB3D4B286C230671E76AACD4509A4A02980 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
20:25:19.0545 0x25e8  athr - ok
20:25:19.0726 0x25e8  [ 3EFD964D52221360AF0673CD61C2F4F5, 76D636CAF2E4FEDAAC6B0D958865A901340CF836EE4FCE59F1D5291E3BEC9F1E ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
20:25:19.0900 0x25e8  atikmdag - ok
20:25:19.0946 0x25e8  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:25:19.0974 0x25e8  AudioEndpointBuilder - ok
20:25:20.0008 0x25e8  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
20:25:20.0033 0x25e8  AudioSrv - ok
20:25:20.0047 0x25e8  [ 37D17AE2936867F88EB3C4CBCBC6B8A1, E1F4D288CE1E5482A5594C8F9EEDE1E8134466F5E0C7DA32D88985497CD8588B ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
20:25:20.0051 0x25e8  avast! Antivirus - ok
20:25:20.0061 0x25e8  [ 55FF0FFE359702D2E2B99DF5CBB3DD06, DD0E62C38C152338ACB924A69FE9BC72ECF73057679A8DDECA83442A208EF9A5 ] avast! Firewall C:\Program Files\AVAST Software\Avast\afwServ.exe
20:25:20.0066 0x25e8  avast! Firewall - ok
20:25:20.0079 0x25e8  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
20:25:20.0086 0x25e8  AxInstSV - ok
20:25:20.0117 0x25e8  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
20:25:20.0134 0x25e8  b06bdrv - ok
20:25:20.0154 0x25e8  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
20:25:20.0164 0x25e8  b57nd60a - ok
20:25:20.0184 0x25e8  [ C6CD10195F9D303F879147D2CB5CA7AB, 647AE383E27C76539CD88CD21D7C542DE86B73C04E01188597B6877CBA5DCCEE ] bckd            C:\Windows\system32\drivers\bckd.sys
20:25:20.0189 0x25e8  bckd - ok
20:25:20.0308 0x25e8  [ 49ECC740AED507520C596ECD48C12667, ADFCE39104EA1841828207D5C5E4A8EBADC5C6BA2AE94E4BE5D99EE669BF0EC3 ] bckwfs          C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe
20:25:20.0403 0x25e8  bckwfs - ok
20:25:20.0424 0x25e8  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
20:25:20.0431 0x25e8  BDESVC - ok
20:25:20.0441 0x25e8  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
20:25:20.0443 0x25e8  Beep - ok
20:25:20.0482 0x25e8  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
20:25:20.0512 0x25e8  BFE - ok
20:25:20.0555 0x25e8  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\system32\qmgr.dll
20:25:20.0600 0x25e8  BITS - ok
20:25:20.0611 0x25e8  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
20:25:20.0614 0x25e8  blbdrive - ok
20:25:20.0639 0x25e8  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:25:20.0655 0x25e8  Bonjour Service - ok
20:25:20.0669 0x25e8  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
20:25:20.0674 0x25e8  bowser - ok
20:25:20.0683 0x25e8  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
20:25:20.0685 0x25e8  BrFiltLo - ok
20:25:20.0693 0x25e8  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
20:25:20.0694 0x25e8  BrFiltUp - ok
20:25:20.0706 0x25e8  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
20:25:20.0711 0x25e8  BridgeMP - ok
20:25:20.0724 0x25e8  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
20:25:20.0733 0x25e8  Browser - ok
20:25:20.0752 0x25e8  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
20:25:20.0764 0x25e8  Brserid - ok
20:25:20.0776 0x25e8  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
20:25:20.0779 0x25e8  BrSerWdm - ok
20:25:20.0814 0x25e8  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
20:25:20.0816 0x25e8  BrUsbMdm - ok
20:25:20.0825 0x25e8  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
20:25:20.0827 0x25e8  BrUsbSer - ok
20:25:20.0848 0x25e8  [ C05ED3246C06EC56F10D85B0304CD09E, F479ED840D5BA4244391ABBB91D75D77D7A7D3F73F9AD45B7C7A137321B536AE ] BTATH_A2DP      C:\Windows\system32\drivers\btath_a2dp.sys
20:25:20.0861 0x25e8  BTATH_A2DP - ok
20:25:20.0874 0x25e8  [ 2D27F7A831657D63AFC78E5E78DCA83F, 916A7B13A0BBFD62BEF2B124B75FDD675A29D6D939FEA0AD555D5B23DCEECB69 ] btath_avdt      C:\Windows\system32\drivers\btath_avdt.sys
20:25:20.0880 0x25e8  btath_avdt - ok
20:25:20.0889 0x25e8  [ E6B734A37ADE36FE1A77035F4E484C8C, 7F3AB1E0CF9F348633B3B325F5F365CCD4C7FF7E4564BDE02C2DA27A499D0234 ] BTATH_BUS       C:\Windows\system32\DRIVERS\btath_bus.sys
20:25:20.0892 0x25e8  BTATH_BUS - ok
20:25:20.0908 0x25e8  [ FB3833E63FF602B69C2FF085846DCF43, 468BC9580341AD4C65F0BBB3A11F3E39C1DD0F9694D098AB3647A181C03E4E11 ] BTATH_HCRP      C:\Windows\system32\DRIVERS\btath_hcrp.sys
20:25:20.0915 0x25e8  BTATH_HCRP - ok
20:25:20.0927 0x25e8  [ 371A11C1333BA526263A987A93ACDE3D, 80E15B815F2B6F4AFBDDB115C4F54126F5D2796F6ACB387DEA9C4A1C061EB7EB ] BTATH_LWFLT     C:\Windows\system32\DRIVERS\btath_lwflt.sys
20:25:20.0931 0x25e8  BTATH_LWFLT - ok
20:25:21.0075 0x25e8  [ ABCD3C16CA850A7594CEB9AD5D966810, DB0EAF000BB6F12F2AA550B66F5C61E08F2C6E58A18DA40BE69DD2B662D1EC60 ] BTATH_RCP       C:\Windows\system32\DRIVERS\btath_rcp.sys
20:25:21.0088 0x25e8  BTATH_RCP - ok
20:25:21.0148 0x25e8  [ 4FBDD8AF372ED5CB2EA63C0890C62435, 6E73C5F10B0E70A2388FFD933188FBC58FD9F8761070A28A83C6911007658CA3 ] BtFilter        C:\Windows\system32\DRIVERS\btfilter.sys
20:25:21.0170 0x25e8  BtFilter - ok
20:25:21.0183 0x25e8  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
20:25:21.0186 0x25e8  BthEnum - ok
20:25:21.0199 0x25e8  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
20:25:21.0205 0x25e8  BTHMODEM - ok
20:25:21.0218 0x25e8  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
20:25:21.0223 0x25e8  BthPan - ok
20:25:21.0253 0x25e8  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
20:25:21.0273 0x25e8  BTHPORT - ok
20:25:21.0286 0x25e8  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
20:25:21.0291 0x25e8  bthserv - ok
20:25:21.0303 0x25e8  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
20:25:21.0309 0x25e8  BTHUSB - ok
20:25:21.0375 0x25e8  [ 72551A9AE5F68905DFC3CBA0D5242566, 15C273519C3AD1B2AF68F669125AFE607A86A60D680E299631D5E893C3CAA7E7 ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
20:25:21.0430 0x25e8  c2cautoupdatesvc - ok
20:25:21.0510 0x25e8  [ 6B669A00A431FF6CDCE67458933F5F0F, 81419EB18BB4EB96E48C99A1D45B0267E779E135427B3AEC872A1A5DD810B23F ] c2cpnrsvc       C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
20:25:21.0572 0x25e8  c2cpnrsvc - ok
20:25:21.0583 0x25e8  catchme - ok
20:25:21.0602 0x25e8  [ A5C13600F63EB92F8D15123D64BA9895, 16683BDDD32525741FDE4505B9C224382047CC8EE9A7DB35FF0FDF32F7D731F8 ] ccSet_NSM       C:\Windows\system32\drivers\NSMx64\0206000.034\ccSetx64.sys
20:25:21.0610 0x25e8  ccSet_NSM - ok
20:25:21.0624 0x25e8  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
20:25:21.0629 0x25e8  cdfs - ok
20:25:21.0644 0x25e8  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
20:25:21.0650 0x25e8  cdrom - ok
20:25:21.0663 0x25e8  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
20:25:21.0668 0x25e8  CertPropSvc - ok
20:25:21.0678 0x25e8  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
20:25:21.0681 0x25e8  circlass - ok
20:25:21.0703 0x25e8  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
20:25:21.0719 0x25e8  CLFS - ok
20:25:21.0731 0x25e8  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:25:21.0736 0x25e8  clr_optimization_v2.0.50727_32 - ok
20:25:21.0748 0x25e8  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:25:21.0753 0x25e8  clr_optimization_v2.0.50727_64 - ok
20:25:21.0770 0x25e8  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:25:21.0776 0x25e8  clr_optimization_v4.0.30319_32 - ok
20:25:21.0789 0x25e8  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:25:21.0797 0x25e8  clr_optimization_v4.0.30319_64 - ok
20:25:21.0808 0x25e8  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
20:25:21.0810 0x25e8  CmBatt - ok
20:25:21.0820 0x25e8  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
20:25:21.0823 0x25e8  cmdide - ok
20:25:21.0850 0x25e8  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
20:25:21.0867 0x25e8  CNG - ok
20:25:21.0878 0x25e8  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
20:25:21.0880 0x25e8  Compbatt - ok
20:25:21.0890 0x25e8  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
20:25:21.0893 0x25e8  CompositeBus - ok
20:25:21.0901 0x25e8  COMSysApp - ok
20:25:21.0938 0x25e8  [ 815F3180B5117E42E422188E9CCC89C6, 69E539D33F3B9F3562FE4B21D853EEBB15DBD2106509FEBD476D04562F34AC08 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
20:25:21.0950 0x25e8  cphs - ok
20:25:21.0962 0x25e8  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
20:25:21.0964 0x25e8  crcdisk - ok
20:25:21.0984 0x25e8  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
20:25:21.0993 0x25e8  CryptSvc - ok
20:25:22.0032 0x25e8  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
20:25:22.0056 0x25e8  DcomLaunch - ok
20:25:22.0068 0x25e8  [ 7934566D35082C1F80CC032CDEAE56A6, 7ABE7C424D2C895BEE4856E610BDF73E47AC5CB22461633207434D6928BDC381 ] debutfilter     C:\Windows\system32\DRIVERS\debutfilterx64.sys
20:25:22.0070 0x25e8  debutfilter - ok
20:25:22.0091 0x25e8  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
20:25:22.0105 0x25e8  defragsvc - ok
20:25:22.0120 0x25e8  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
20:25:22.0125 0x25e8  DfsC - ok
20:25:22.0170 0x25e8  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
20:25:22.0184 0x25e8  Dhcp - ok
20:25:22.0194 0x25e8  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
20:25:22.0197 0x25e8  discache - ok
20:25:22.0207 0x25e8  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
20:25:22.0211 0x25e8  Disk - ok
20:25:22.0279 0x25e8  [ B64C1F0ADD16BE98CA47EA651402085D, 06CA6840E3DD981561962C150FC64CE19EB0AB577133CF09393B2473C62DC898 ] DisplayFusionService C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe
20:25:22.0333 0x25e8  DisplayFusionService - ok
20:25:22.0352 0x25e8  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
20:25:22.0362 0x25e8  Dnscache - ok
20:25:22.0396 0x25e8  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
20:25:22.0410 0x25e8  dot3svc - ok
20:25:22.0427 0x25e8  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
20:25:22.0439 0x25e8  DPS - ok
20:25:22.0447 0x25e8  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
20:25:22.0449 0x25e8  drmkaud - ok
20:25:22.0497 0x25e8  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
20:25:22.0539 0x25e8  DXGKrnl - ok
20:25:22.0575 0x25e8  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
20:25:22.0583 0x25e8  EapHost - ok
20:25:22.0738 0x25e8  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
20:25:22.0862 0x25e8  ebdrv - ok
20:25:22.0881 0x25e8  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS             C:\Windows\System32\lsass.exe
20:25:22.0887 0x25e8  EFS - ok
20:25:22.0927 0x25e8  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
20:25:22.0953 0x25e8  ehRecvr - ok
20:25:22.0966 0x25e8  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
20:25:22.0972 0x25e8  ehSched - ok
20:25:23.0000 0x25e8  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
20:25:23.0020 0x25e8  elxstor - ok
20:25:23.0029 0x25e8  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
20:25:23.0031 0x25e8  ErrDev - ok
20:25:23.0054 0x25e8  [ A0DD2BA297229D13FAEEDE08998694D6, 5429621983B8FA9EA5347406E69FF181C0BC6482D5758DBA90D31254828075F5 ] ESProtectionDriver C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys
20:25:23.0058 0x25e8  ESProtectionDriver - ok
20:25:23.0102 0x25e8  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
20:25:23.0129 0x25e8  EventSystem - ok
20:25:23.0149 0x25e8  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
20:25:23.0157 0x25e8  exfat - ok
20:25:23.0195 0x25e8  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
20:25:23.0205 0x25e8  fastfat - ok
20:25:23.0248 0x25e8  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
20:25:23.0280 0x25e8  Fax - ok
20:25:23.0293 0x25e8  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
20:25:23.0295 0x25e8  fdc - ok
20:25:23.0320 0x25e8  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
20:25:23.0324 0x25e8  fdPHost - ok
20:25:23.0364 0x25e8  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
20:25:23.0369 0x25e8  FDResPub - ok
20:25:23.0390 0x25e8  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
20:25:23.0395 0x25e8  FileInfo - ok
20:25:23.0411 0x25e8  [ D409D4A4517865131999FAC96D366CBF, 512A80C4B180D5D6DECBAFB831A56C0DC8C5D1CC7E749465C47D29EC4DA45719 ] FileMonitor     C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys
20:25:23.0414 0x25e8  FileMonitor - ok
20:25:23.0427 0x25e8  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
20:25:23.0429 0x25e8  Filetrace - ok
20:25:23.0438 0x25e8  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
20:25:23.0440 0x25e8  flpydisk - ok
20:25:23.0462 0x25e8  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
20:25:23.0473 0x25e8  FltMgr - ok
20:25:23.0527 0x25e8  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
20:25:23.0576 0x25e8  FontCache - ok
20:25:23.0587 0x25e8  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:25:23.0590 0x25e8  FontCache3.0.0.0 - ok
20:25:23.0602 0x25e8  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
20:25:23.0605 0x25e8  FsDepends - ok
20:25:23.0615 0x25e8  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
20:25:23.0618 0x25e8  Fs_Rec - ok
20:25:23.0635 0x25e8  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
20:25:23.0644 0x25e8  fvevol - ok
20:25:23.0654 0x25e8  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
20:25:23.0659 0x25e8  gagp30kx - ok
20:25:23.0676 0x25e8  [ 2973B4EB7BE10A0D491B2037DCAAE88F, 17219885FF89EFD3538C7D780179060E3255B1E0D7BA5DF01AEA737123C07B59 ] Garmin Core Update Service C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
20:25:23.0684 0x25e8  Garmin Core Update Service - ok
20:25:23.0693 0x25e8  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:25:23.0696 0x25e8  GEARAspiWDM - ok
20:25:23.0711 0x25e8  [ 4E1D0A246E10CFDDBF856432418DE404, 17AC5322A50D0914F90F41E9CBFEBE04CDC3BCA1CFAFE8A3F6CADD305738E1AF ] GFNEXSrv        C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
20:25:23.0718 0x25e8  GFNEXSrv - ok
20:25:23.0757 0x25e8  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
20:25:23.0791 0x25e8  gpsvc - ok
20:25:23.0801 0x25e8  [ B9893A68032A6D9ADDB5B98287C630F7, F0280764D7B31F1EA634E91397229B1C064A7C1B3A77A6BBD123CEA74180789F ] grmnusb         C:\Windows\system32\drivers\grmnusb.sys
20:25:23.0803 0x25e8  grmnusb - ok
20:25:23.0815 0x25e8  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:25:23.0821 0x25e8  gupdate - ok
20:25:23.0831 0x25e8  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:25:23.0837 0x25e8  gupdatem - ok
20:25:23.0846 0x25e8  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
20:25:23.0848 0x25e8  hcw85cir - ok
20:25:23.0871 0x25e8  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:25:23.0884 0x25e8  HdAudAddService - ok
20:25:23.0902 0x25e8  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
20:25:23.0908 0x25e8  HDAudBus - ok
20:25:23.0917 0x25e8  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
20:25:23.0919 0x25e8  HidBatt - ok
20:25:23.0933 0x25e8  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
20:25:23.0938 0x25e8  HidBth - ok
20:25:23.0948 0x25e8  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
20:25:23.0951 0x25e8  HidIr - ok
20:25:23.0963 0x25e8  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
20:25:23.0968 0x25e8  hidserv - ok
20:25:23.0977 0x25e8  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
20:25:23.0980 0x25e8  HidUsb - ok
20:25:23.0992 0x25e8  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
20:25:24.0002 0x25e8  hkmsvc - ok
20:25:24.0021 0x25e8  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:25:24.0034 0x25e8  HomeGroupListener - ok
20:25:24.0050 0x25e8  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:25:24.0063 0x25e8  HomeGroupProvider - ok
20:25:24.0074 0x25e8  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
20:25:24.0078 0x25e8  HpSAMD - ok
20:25:24.0121 0x25e8  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
20:25:24.0151 0x25e8  HTTP - ok
20:25:24.0161 0x25e8  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
20:25:24.0163 0x25e8  hwpolicy - ok
20:25:24.0175 0x25e8  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
20:25:24.0180 0x25e8  i8042prt - ok
20:25:24.0216 0x25e8  [ C224331A54571C8C9162F7714400BBBD, C2CA4881ACD46071E67435BE5E3DB133D0743B026FD20D6D6E26B2FE7A03FCAA ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
20:25:24.0236 0x25e8  iaStor - ok
20:25:24.0247 0x25e8  [ 7D4B9A48430ED57ACA6373B71D5904CA, 6ED72DAA7A4951142F036364E8F237E74246EF3E9EA089448DEF15380DAB0DB3 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
20:25:24.0249 0x25e8  IAStorDataMgrSvc - ok
20:25:24.0274 0x25e8  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
20:25:24.0289 0x25e8  iaStorV - ok
20:25:24.0333 0x25e8  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:25:24.0365 0x25e8  idsvc - ok
20:25:24.0606 0x25e8  [ 348214F96642FD4FEF630DE021BA3540, B6A7D2EA41F6866F5AFF5022BB459E5AFF683FF2FF470B84F3E911C8AEC47C30 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
20:25:24.0805 0x25e8  igfx - ok
20:25:24.0827 0x25e8  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
20:25:24.0831 0x25e8  iirsp - ok
20:25:24.0875 0x25e8  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
20:25:24.0912 0x25e8  IKEEXT - ok
20:25:24.0933 0x25e8  [ E38AC5D38C757EE5B6230A0C56791EE4, 78409852567BBA4C4B089C4D55BD53295BC868C098A4F41E370B02D5BFE5C04B ] IMFservice      C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
20:25:24.0946 0x25e8  IMFservice - ok
20:25:25.0155 0x25e8  [ F242E36CDA231701CFA702641C20FAEC, 47350EF8474F83249A9126AB6894145732CA0B68DA2EE001940C9E4AEF128B88 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
20:25:25.0326 0x25e8  IntcAzAudAddService - ok
20:25:25.0357 0x25e8  [ 6C9FFFECA9FED31347D211C5D1FFBD2D, 36CF8B847FAED0D978B3169ED550CC958025902CAC1D7D304E2684B2483E72B8 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
20:25:25.0372 0x25e8  IntcDAud - ok
20:25:25.0421 0x25e8  [ 832CE330DD987227B7DEA8C03F22AEFA, 3DE64D9519D9D865D4C1AA7483D846F0154392B6685BDC451DEC7DA5EA0E2B2E ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
20:25:25.0443 0x25e8  Intel® Capability Licensing Service Interface - ok
20:25:25.0453 0x25e8  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
20:25:25.0455 0x25e8  intelide - ok
20:25:25.0467 0x25e8  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
20:25:25.0471 0x25e8  intelppm - ok
20:25:25.0484 0x25e8  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
20:25:25.0492 0x25e8  IPBusEnum - ok
20:25:25.0503 0x25e8  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:25:25.0507 0x25e8  IpFilterDriver - ok
20:25:25.0537 0x25e8  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
20:25:25.0562 0x25e8  iphlpsvc - ok
20:25:25.0575 0x25e8  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
20:25:25.0580 0x25e8  IPMIDRV - ok
20:25:25.0591 0x25e8  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
20:25:25.0597 0x25e8  IPNAT - ok
20:25:25.0628 0x25e8  [ 0FF335D687C85097725A53458160E81E, BF8BB3C8AF1822BEB5FF5F8008614B982F277D862B16B6516CA91F73D336E9D4 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
20:25:25.0651 0x25e8  iPod Service - ok
20:25:25.0660 0x25e8  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
20:25:25.0663 0x25e8  IRENUM - ok
20:25:25.0673 0x25e8  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
20:25:25.0675 0x25e8  isapnp - ok
20:25:25.0693 0x25e8  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
20:25:25.0704 0x25e8  iScsiPrt - ok
20:25:25.0713 0x25e8  [ 6BCEF45131C8B8E1C558BE540B190B3C, DFFED7FD9DCC15808184E65065DE6138FE010AC01217E5016B2D20A5B89AC570 ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
20:25:25.0716 0x25e8  iusb3hcs - ok
20:25:25.0738 0x25e8  [ F080EADA8715F811B58BD35BB774F2F9, 06D5A70CBA89561A71B9CB64D7A298767F098395411A7022F414C7D0AC89A44D ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
20:25:25.0751 0x25e8  iusb3hub - ok
20:25:25.0796 0x25e8  [ 0F1756D9396740F053221FA6260FCE66, 0B722BF6BCF66BBD49DE0E92555742976AB33319CF504461A50181BF7A77E886 ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
20:25:25.0824 0x25e8  iusb3xhc - ok
20:25:25.0865 0x25e8  [ DBD76BC1D498FE368F2C8CB76C3E00A4, CDFB082B57807CE89509A16D1C8A5BAEEC026EDD7068F5E359AA50557D2525DC ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
20:25:25.0874 0x25e8  jhi_service - ok
20:25:25.0894 0x25e8  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
20:25:25.0898 0x25e8  kbdclass - ok
20:25:25.0908 0x25e8  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
20:25:25.0911 0x25e8  kbdhid - ok
20:25:25.0920 0x25e8  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso          C:\Windows\system32\lsass.exe
20:25:25.0925 0x25e8  KeyIso - ok
20:25:25.0937 0x25e8  [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
20:25:25.0943 0x25e8  KSecDD - ok
20:25:25.0958 0x25e8  [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
20:25:25.0964 0x25e8  KSecPkg - ok
20:25:25.0973 0x25e8  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
20:25:25.0976 0x25e8  ksthunk - ok
20:25:26.0000 0x25e8  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
20:25:26.0019 0x25e8  KtmRm - ok
20:25:26.0037 0x25e8  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
20:25:26.0052 0x25e8  LanmanServer - ok
20:25:26.0064 0x25e8  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:25:26.0078 0x25e8  LanmanWorkstation - ok
20:25:26.0177 0x25e8  [ BEFF149A82F78B648046108EB9D28893, 255851BD47CB0CA2A56442992772E780A3757F569BE6A853AF8588F597F97037 ] LiveUpdateSvc   C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
20:25:26.0258 0x25e8  LiveUpdateSvc - ok
20:25:26.0272 0x25e8  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
20:25:26.0276 0x25e8  lltdio - ok
20:25:26.0296 0x25e8  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
20:25:26.0311 0x25e8  lltdsvc - ok
20:25:26.0320 0x25e8  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
20:25:26.0325 0x25e8  lmhosts - ok
20:25:26.0345 0x25e8  [ 86E4CC39C953D11EF57CF54C4DC78238, 076973CA22E8BA94877241EC39D97612C32F3E744E026FA0E518C4DDE8277A55 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
20:25:26.0355 0x25e8  LMS - ok
20:25:26.0377 0x25e8  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
20:25:26.0383 0x25e8  LSI_FC - ok
20:25:26.0395 0x25e8  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
20:25:26.0400 0x25e8  LSI_SAS - ok
20:25:26.0410 0x25e8  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
20:25:26.0414 0x25e8  LSI_SAS2 - ok
20:25:26.0425 0x25e8  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
20:25:26.0431 0x25e8  LSI_SCSI - ok
20:25:26.0442 0x25e8  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
20:25:26.0449 0x25e8  luafv - ok
20:25:26.0469 0x25e8  [ D8DE00217540D63BE254D74B84F2177D, 7D55322B15BB619D4863275BD926B983037FDC1D9564B54557DA86DEEE930B9A ] MbaeSvc         C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
20:25:26.0481 0x25e8  MbaeSvc - ok
20:25:26.0492 0x25e8  [ 4A1356200B82B852E137B687F03E8054, 54BAA2726BD19B61F694D316C1F0127ABFF66D06913668A2FAF044F09ADC4287 ] mbamchameleon   C:\Windows\system32\drivers\mbamchameleon.sys
20:25:26.0496 0x25e8  mbamchameleon - ok
20:25:26.0505 0x25e8  [ FD5465B876D55534117963FAAA4B9DFC, 63A822A1EEEC42C30CCC9477431E310E3D360489A68BBCD805124681F21C0B6B ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
20:25:26.0508 0x25e8  MBAMProtector - ok
20:25:26.0585 0x25e8  [ 0E08BDD7326E657D59DB40BAD23D8169, 428C6CCCC0BB540DFD35847776140D60C186B9D2D14F0ACCD1A4D42A8877BD98 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
20:25:26.0648 0x25e8  MBAMScheduler - ok
20:25:26.0693 0x25e8  [ A8E7F3DB083EB0839DFC1C763CDD2594, BDF416E360A52130B23B029C89E6406A97FB0516C52C7E63B94CAECEEB431A2E ] MBAMService     C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
20:25:26.0723 0x25e8  MBAMService - ok
20:25:26.0738 0x25e8  [ 6140163BFE9D8F2DFDBA088ED5521C13, B7B501F0D1527A15B1610D133E97AB431574502F0553734009627488D0007595 ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
20:25:26.0743 0x25e8  MBAMSwissArmy - ok
20:25:26.0754 0x25e8  [ C49915271600CFC2305FAA4271D0002F, 8412989C50579C79F27E4F9B178B2FF944C8F221AD70D213279D888F5449F868 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
20:25:26.0759 0x25e8  MBAMWebAccessControl - ok
20:25:26.0772 0x25e8  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
20:25:26.0781 0x25e8  Mcx2Svc - ok
20:25:26.0790 0x25e8  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
20:25:26.0793 0x25e8  megasas - ok
20:25:26.0812 0x25e8  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
20:25:26.0824 0x25e8  MegaSR - ok
20:25:26.0835 0x25e8  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
20:25:26.0838 0x25e8  MEIx64 - ok
20:25:26.0849 0x25e8  Microsoft SharePoint Workspace Audit Service - ok
20:25:26.0861 0x25e8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
20:25:26.0871 0x25e8  MMCSS - ok
20:25:26.0885 0x25e8  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
20:25:26.0888 0x25e8  Modem - ok
20:25:26.0899 0x25e8  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
20:25:26.0902 0x25e8  monitor - ok
20:25:26.0912 0x25e8  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
20:25:26.0915 0x25e8  mouclass - ok
20:25:26.0925 0x25e8  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
20:25:26.0928 0x25e8  mouhid - ok
20:25:26.0940 0x25e8  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
20:25:26.0945 0x25e8  mountmgr - ok
20:25:26.0959 0x25e8  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
20:25:26.0966 0x25e8  mpio - ok
20:25:26.0980 0x25e8  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
20:25:26.0986 0x25e8  mpsdrv - ok
20:25:27.0027 0x25e8  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
20:25:27.0063 0x25e8  MpsSvc - ok
20:25:27.0079 0x25e8  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
20:25:27.0088 0x25e8  MRxDAV - ok
20:25:27.0103 0x25e8  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
20:25:27.0111 0x25e8  mrxsmb - ok
20:25:27.0132 0x25e8  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:25:27.0143 0x25e8  mrxsmb10 - ok
20:25:27.0159 0x25e8  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:25:27.0165 0x25e8  mrxsmb20 - ok
20:25:27.0175 0x25e8  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
20:25:27.0178 0x25e8  msahci - ok
20:25:27.0191 0x25e8  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
20:25:27.0198 0x25e8  msdsm - ok
20:25:27.0210 0x25e8  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
20:25:27.0220 0x25e8  MSDTC - ok
20:25:27.0238 0x25e8  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
20:25:27.0241 0x25e8  Msfs - ok
20:25:27.0249 0x25e8  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
20:25:27.0251 0x25e8  mshidkmdf - ok
20:25:27.0261 0x25e8  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
20:25:27.0264 0x25e8  msisadrv - ok
20:25:27.0280 0x25e8  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
20:25:27.0289 0x25e8  MSiSCSI - ok
20:25:27.0299 0x25e8  msiserver - ok
20:25:27.0309 0x25e8  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
20:25:27.0312 0x25e8  MSKSSRV - ok
20:25:27.0320 0x25e8  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
20:25:27.0322 0x25e8  MSPCLOCK - ok
20:25:27.0334 0x25e8  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
20:25:27.0336 0x25e8  MSPQM - ok
20:25:27.0360 0x25e8  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
20:25:27.0376 0x25e8  MsRPC - ok
20:25:27.0393 0x25e8  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
20:25:27.0397 0x25e8  mssmbios - ok
20:25:27.0406 0x25e8  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
20:25:27.0408 0x25e8  MSTEE - ok
20:25:27.0418 0x25e8  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
20:25:27.0421 0x25e8  MTConfig - ok
20:25:27.0431 0x25e8  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
20:25:27.0435 0x25e8  Mup - ok
20:25:27.0469 0x25e8  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
20:25:27.0494 0x25e8  napagent - ok
20:25:27.0517 0x25e8  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
20:25:27.0529 0x25e8  NativeWifiP - ok
20:25:27.0575 0x25e8  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
20:25:27.0609 0x25e8  NDIS - ok
20:25:27.0621 0x25e8  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
20:25:27.0624 0x25e8  NdisCap - ok
20:25:27.0634 0x25e8  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
20:25:27.0637 0x25e8  NdisTapi - ok
20:25:27.0647 0x25e8  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
20:25:27.0651 0x25e8  Ndisuio - ok
20:25:27.0667 0x25e8  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
20:25:27.0674 0x25e8  NdisWan - ok
20:25:27.0685 0x25e8  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
20:25:27.0690 0x25e8  NDProxy - ok
20:25:27.0701 0x25e8  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
20:25:27.0704 0x25e8  NetBIOS - ok
20:25:27.0722 0x25e8  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
20:25:27.0733 0x25e8  NetBT - ok
20:25:27.0742 0x25e8  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon        C:\Windows\system32\lsass.exe
20:25:27.0748 0x25e8  Netlogon - ok
20:25:27.0770 0x25e8  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
20:25:27.0789 0x25e8  Netman - ok
20:25:27.0811 0x25e8  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:25:27.0819 0x25e8  NetMsmqActivator - ok
20:25:27.0833 0x25e8  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:25:27.0841 0x25e8  NetPipeActivator - ok
20:25:27.0869 0x25e8  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
20:25:27.0891 0x25e8  netprofm - ok
20:25:27.0908 0x25e8  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:25:27.0915 0x25e8  NetTcpActivator - ok
20:25:27.0928 0x25e8  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:25:27.0936 0x25e8  NetTcpPortSharing - ok
20:25:27.0948 0x25e8  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
20:25:27.0952 0x25e8  nfrd960 - ok
20:25:27.0972 0x25e8  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
20:25:27.0988 0x25e8  NlaSvc - ok
20:25:27.0998 0x25e8  [ DE7FCC77F4A503AF4CA6A47D49B3713D, 4BFAA99393F635CD05D91A64DE73EDB5639412C129E049F0FE34F88517A10FC6 ] NPF             C:\Windows\system32\drivers\npf.sys
20:25:28.0002 0x25e8  NPF - ok
20:25:28.0014 0x25e8  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
20:25:28.0017 0x25e8  Npfs - ok
20:25:28.0028 0x25e8  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
20:25:28.0038 0x25e8  nsi - ok
20:25:28.0046 0x25e8  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
20:25:28.0048 0x25e8  nsiproxy - ok
20:25:28.0061 0x25e8  [ 8D11DA92F83D8C8281689739BEF05FD5, AD1D95CE084D1BD8310F6AA1CB27BEA98D9354E334AEC448AD6E6F68B52EEBC7 ] NSM             C:\Program Files (x86)\Norton Family\Engine\2.6.0.52\ccSvcHst.exe
20:25:28.0067 0x25e8  NSM - ok
20:25:28.0151 0x25e8  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
20:25:28.0211 0x25e8  Ntfs - ok
20:25:28.0305 0x25e8  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
20:25:28.0307 0x25e8  Null - ok
20:25:28.0902 0x25e8  [ 12E18E5F438AAD55DAF77E127C0EA25B, E7B2B30B13737F6FD348AB77AABFC942F28B30E989FBE416041E0B78AB285BF8 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:25:29.0441 0x25e8  nvlddmkm - ok
20:25:29.0498 0x25e8  [ 186290C63FEB79C199A620E36705F9EE, 4F3BC97F5EFD779D296487D6A42D381DC20AB7AC098BF577DD7177BAAA33880B ] nvpciflt        C:\Windows\system32\DRIVERS\nvpciflt.sys
20:25:29.0501 0x25e8  nvpciflt - ok
20:25:29.0514 0x25e8  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
20:25:29.0521 0x25e8  nvraid - ok
20:25:29.0536 0x25e8  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
20:25:29.0545 0x25e8  nvstor - ok
20:25:29.0588 0x25e8  [ 33A2052D60D4EA6599CEE1D6853D0A42, 637836DBA5CFA2683DF8C315F049AB53B5F3C79D56B632B6EA3A743C20A1148C ] nvsvc           C:\Windows\system32\nvvsvc.exe
20:25:29.0623 0x25e8  nvsvc - ok
20:25:29.0730 0x25e8  [ FD6F5B42DB429FD1AE1A4483DB4DD2E0, EDFCB9F8E894115F5483E3C62E78DCDC03F2D7E08968F1F1263BCDCB7D06B2FF ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
20:25:29.0820 0x25e8  nvUpdatusService - ok
20:25:29.0844 0x25e8  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
20:25:29.0850 0x25e8  nv_agp - ok
20:25:29.0861 0x25e8  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
20:25:29.0867 0x25e8  ohci1394 - ok
20:25:29.0883 0x25e8  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:25:29.0890 0x25e8  ose - ok
20:25:30.0095 0x25e8  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:25:30.0278 0x25e8  osppsvc - ok
20:25:30.0327 0x25e8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
20:25:30.0346 0x25e8  p2pimsvc - ok
20:25:30.0375 0x25e8  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
20:25:30.0397 0x25e8  p2psvc - ok
20:25:30.0410 0x25e8  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
20:25:30.0415 0x25e8  Parport - ok
20:25:30.0425 0x25e8  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
20:25:30.0430 0x25e8  partmgr - ok
20:25:30.0447 0x25e8  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
20:25:30.0460 0x25e8  PcaSvc - ok
20:25:30.0476 0x25e8  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
20:25:30.0484 0x25e8  pci - ok
20:25:30.0495 0x25e8  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
20:25:30.0498 0x25e8  pciide - ok
20:25:30.0516 0x25e8  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
20:25:30.0525 0x25e8  pcmcia - ok
20:25:30.0538 0x25e8  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
20:25:30.0542 0x25e8  pcw - ok
20:25:30.0580 0x25e8  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
20:25:30.0605 0x25e8  PEAUTH - ok
20:25:30.0620 0x25e8  [ EE926C59CBD4DC4DC9FBB85014A2F1A5, 777459BD30A480E03EA5D0BBA431C2CD573403687FAA0B29F172086A0304E230 ] PEGAGFN         C:\Program Files (x86)\PHotkey\PEGAGFN.sys
20:25:30.0622 0x25e8  PEGAGFN - ok
20:25:30.0657 0x25e8  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
20:25:30.0663 0x25e8  PerfHost - ok
20:25:30.0742 0x25e8  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
20:25:30.0804 0x25e8  pla - ok
20:25:30.0834 0x25e8  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
20:25:30.0855 0x25e8  PlugPlay - ok
20:25:30.0865 0x25e8  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
20:25:30.0872 0x25e8  PNRPAutoReg - ok
20:25:30.0893 0x25e8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
20:25:30.0909 0x25e8  PNRPsvc - ok
20:25:30.0939 0x25e8  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
20:25:30.0965 0x25e8  PolicyAgent - ok
20:25:30.0987 0x25e8  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
20:25:31.0000 0x25e8  Power - ok
20:25:31.0013 0x25e8  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
20:25:31.0018 0x25e8  PptpMiniport - ok
20:25:31.0029 0x25e8  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
20:25:31.0032 0x25e8  Processor - ok
20:25:31.0049 0x25e8  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
20:25:31.0062 0x25e8  ProfSvc - ok
20:25:31.0071 0x25e8  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
20:25:31.0077 0x25e8  ProtectedStorage - ok
20:25:31.0091 0x25e8  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
20:25:31.0098 0x25e8  Psched - ok
20:25:31.0108 0x25e8  [ 87B04878A6D59D6C79251DC960C674C1, 3EB8DB0624E646F0A65D0381408D35CF9FDC5ABFC30DF6431F4070A8EB68447C ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
20:25:31.0113 0x25e8  PxHlpa64 - ok
20:25:31.0184 0x25e8  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
20:25:31.0249 0x25e8  ql2300 - ok
20:25:31.0267 0x25e8  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
20:25:31.0274 0x25e8  ql40xx - ok
20:25:31.0295 0x25e8  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
20:25:31.0405 0x25e8  QWAVE - ok
20:25:31.0419 0x25e8  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
20:25:31.0424 0x25e8  QWAVEdrv - ok
20:25:31.0437 0x25e8  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
20:25:31.0439 0x25e8  RasAcd - ok
20:25:31.0452 0x25e8  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
20:25:31.0455 0x25e8  RasAgileVpn - ok
20:25:31.0468 0x25e8  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
20:25:31.0478 0x25e8  RasAuto - ok
20:25:31.0492 0x25e8  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
20:25:31.0498 0x25e8  Rasl2tp - ok
20:25:31.0519 0x25e8  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
20:25:31.0538 0x25e8  RasMan - ok
20:25:31.0553 0x25e8  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
20:25:31.0559 0x25e8  RasPppoe - ok
20:25:31.0572 0x25e8  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
20:25:31.0577 0x25e8  RasSstp - ok
20:25:31.0597 0x25e8  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
20:25:31.0609 0x25e8  rdbss - ok
20:25:31.0620 0x25e8  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
20:25:31.0623 0x25e8  rdpbus - ok
20:25:31.0632 0x25e8  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
20:25:31.0634 0x25e8  RDPCDD - ok
20:25:31.0650 0x25e8  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
20:25:31.0652 0x25e8  RDPENCDD - ok
20:25:31.0667 0x25e8  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
20:25:31.0669 0x25e8  RDPREFMP - ok
20:25:31.0684 0x25e8  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
20:25:31.0687 0x25e8  RdpVideoMiniport - ok
20:25:31.0703 0x25e8  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
20:25:31.0712 0x25e8  RDPWD - ok
20:25:31.0729 0x25e8  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
20:25:31.0742 0x25e8  rdyboost - ok
20:25:31.0756 0x25e8  [ 5623E2CC4F1F6DE24BE9DB3319E42D23, 2EA009F85804BF2757559DC7EBE4BCB637DE3786795891290F8F99580C32C9ED ] RegFilter       C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys
20:25:31.0758 0x25e8  RegFilter - ok
20:25:31.0773 0x25e8  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
20:25:31.0781 0x25e8  RemoteAccess - ok
20:25:31.0795 0x25e8  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
20:25:31.0807 0x25e8  RemoteRegistry - ok
20:25:31.0823 0x25e8  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
20:25:31.0830 0x25e8  RFCOMM - ok
20:25:31.0840 0x25e8  RimUsb - ok
20:25:31.0855 0x25e8  [ 4AAFFFA67AC4DFA3D9985D78573887E2, A2A4623A1DFA3C1BF0B09390F3731AFF5616BF9E9144F5DEEAA89B37E445D834 ] RimVSerPort     C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
20:25:31.0858 0x25e8  RimVSerPort - ok
20:25:31.0871 0x25e8  [ 388D3DD1A6457280F3BADBA9F3ACD6B1, 5C534EA15195B1301C917904627AF09FE2ABA3FEE1641B5C87E8F3191BC49058 ] ROOTMODEM       C:\Windows\system32\Drivers\RootMdm.sys
20:25:31.0873 0x25e8  ROOTMODEM - ok
20:25:31.0888 0x25e8  [ 83A6C2CAFE236652D1559640594A0EA8, 52360F17C9C70C9CEA3316560B40C4D89FD705ED7E6B6088C99FC54D4CC35EB5 ] rpcapd          C:\Program Files (x86)\WinPcap\rpcapd.exe
20:25:31.0894 0x25e8  rpcapd - ok
20:25:31.0907 0x25e8  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
20:25:31.0916 0x25e8  RpcEptMapper - ok
20:25:31.0924 0x25e8  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
20:25:31.0929 0x25e8  RpcLocator - ok
20:25:31.0957 0x25e8  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
20:25:31.0980 0x25e8  RpcSs - ok
20:25:31.0997 0x25e8  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
20:25:32.0001 0x25e8  rspndr - ok
20:25:32.0021 0x25e8  [ 135A64530D7699AD48F29D73A658DD11, 35838AE8ACFD9047C68DD0C8910557A82998E5CD778D5B98D4767AFA4BCE85BB ] RSUSBSTOR       C:\Windows\system32\Drivers\RtsUStor.sys
20:25:32.0031 0x25e8  RSUSBSTOR - ok
20:25:32.0064 0x25e8  [ 637646C63222E6ADCC19AF89983533E4, 9C40A2705FFC83012CF2C1D80F6DB53A07E86C94239406BE0C1EF1F0A3965844 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
20:25:32.0085 0x25e8  RTL8167 - ok
20:25:32.0096 0x25e8  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs           C:\Windows\system32\lsass.exe
20:25:32.0101 0x25e8  SamSs - ok
20:25:32.0115 0x25e8  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
20:25:32.0121 0x25e8  sbp2port - ok
20:25:32.0136 0x25e8  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
20:25:32.0150 0x25e8  SCardSvr - ok
20:25:32.0159 0x25e8  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
20:25:32.0162 0x25e8  scfilter - ok
20:25:32.0215 0x25e8  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
20:25:32.0268 0x25e8  Schedule - ok
20:25:32.0284 0x25e8  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
20:25:32.0289 0x25e8  SCPolicySvc - ok
20:25:32.0305 0x25e8  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
20:25:32.0318 0x25e8  SDRSVC - ok
20:25:32.0329 0x25e8  [ 6F74BFC2C97498A1C0226878B29CCBA1, 2BD75ED19600F7C9D493AAF2E0AF81E5BEF7BCBB4AC07C213AE7846127485486 ] Seagate Dashboard Services C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
20:25:32.0333 0x25e8  Seagate Dashboard Services - ok
20:25:32.0345 0x25e8  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
20:25:32.0348 0x25e8  secdrv - ok
20:25:32.0359 0x25e8  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
20:25:32.0366 0x25e8  seclogon - ok
20:25:32.0480 0x25e8  [ CF8F0BE4978AD2652368B5CF368E2300, 633CBD2DC2ECF5004F35C47120D269B09A8AABB98ADEF0474AC99D212FCAB278 ] SecureUpdateSvc C:\Program Files (x86)\Secure Speed Dial\IE\SecureUpdate.exe
20:25:32.0569 0x25e8  SecureUpdateSvc - ok
20:25:32.0588 0x25e8  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
20:25:32.0596 0x25e8  SENS - ok
20:25:32.0606 0x25e8  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
20:25:32.0615 0x25e8  SensrSvc - ok
20:25:32.0626 0x25e8  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
20:25:32.0628 0x25e8  Serenum - ok
20:25:32.0644 0x25e8  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
20:25:32.0649 0x25e8  Serial - ok
20:25:32.0658 0x25e8  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
20:25:32.0661 0x25e8  sermouse - ok
20:25:32.0690 0x25e8  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
20:25:32.0700 0x25e8  SessionEnv - ok
20:25:32.0708 0x25e8  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
20:25:32.0711 0x25e8  sffdisk - ok
20:25:32.0721 0x25e8  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
20:25:32.0724 0x25e8  sffp_mmc - ok
20:25:32.0734 0x25e8  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
20:25:32.0736 0x25e8  sffp_sd - ok
20:25:32.0749 0x25e8  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
20:25:32.0751 0x25e8  sfloppy - ok
20:25:32.0774 0x25e8  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
20:25:32.0791 0x25e8  SharedAccess - ok
20:25:32.0817 0x25e8  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:25:32.0840 0x25e8  ShellHWDetection - ok
20:25:32.0854 0x25e8  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
20:25:32.0857 0x25e8  SiSRaid2 - ok
20:25:32.0868 0x25e8  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
20:25:32.0873 0x25e8  SiSRaid4 - ok
20:25:32.0889 0x25e8  [ F5BBEDF602C310B00036EB2DBF4348A5, AC2712E639F0C54BCF00EB4E90E805335871EA27AE8A45DFC53EDF28822318C4 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
20:25:32.0898 0x25e8  SkypeUpdate - ok
20:25:32.0912 0x25e8  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
20:25:32.0917 0x25e8  Smb - ok
20:25:32.0942 0x25e8  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
20:25:32.0950 0x25e8  SNMPTRAP - ok
20:25:32.0959 0x25e8  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
20:25:32.0961 0x25e8  spldr - ok
20:25:32.0992 0x25e8  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
20:25:33.0019 0x25e8  Spooler - ok
20:25:33.0184 0x25e8  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
20:25:33.0317 0x25e8  sppsvc - ok
20:25:33.0340 0x25e8  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
20:25:33.0350 0x25e8  sppuinotify - ok
20:25:33.0379 0x25e8  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
20:25:33.0396 0x25e8  srv - ok
20:25:33.0422 0x25e8  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
20:25:33.0439 0x25e8  srv2 - ok
20:25:33.0457 0x25e8  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
20:25:33.0465 0x25e8  srvnet - ok
20:25:33.0484 0x25e8  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
20:25:33.0497 0x25e8  SSDPSRV - ok
20:25:33.0510 0x25e8  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
20:25:33.0519 0x25e8  SstpSvc - ok
20:25:33.0529 0x25e8  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
20:25:33.0532 0x25e8  stexstor - ok
20:25:33.0562 0x25e8  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
20:25:33.0592 0x25e8  stisvc - ok
20:25:33.0604 0x25e8  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
20:25:33.0606 0x25e8  swenum - ok
20:25:33.0640 0x25e8  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
20:25:33.0659 0x25e8  SwitchBoard - ok
20:25:33.0691 0x25e8  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
20:25:33.0719 0x25e8  swprv - ok
20:25:33.0738 0x25e8  [ F5D6D3B7468C46EA2DDC1D19D2A6DA0F, 90D7AB3F2C32C18BB8A6F0073476755C7A634CC41970D99A4D0E99A864E0EFC1 ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
20:25:33.0747 0x25e8  SymEvent - ok
20:25:33.0767 0x25e8  [ 9BDA9077DDA1E4366283B0E0AB8C7F5E, A7E8C2B3B6C4ADB04F151DC4D162EB50DFD45378F24879A543F243B82994196D ] SYMRDR_{78CA3BF0-9C3B-40e1-B46D-38C877EF059A} C:\Windows\system32\drivers\NSMx64\0206000.034\SymRdrS.SYS
20:25:33.0777 0x25e8  SYMRDR_{78CA3BF0-9C3B-40e1-B46D-38C877EF059A} - ok
20:25:33.0806 0x25e8  [ 2F494CF2EC5DF71465A052CF9A494C06, E2018B28693699291AD384BB4DED666D0B3BE8F35880A945A39EF74DF56A44B0 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
20:25:33.0822 0x25e8  SynTP - ok
20:25:33.0905 0x25e8  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
20:25:33.0981 0x25e8  SysMain - ok
20:25:34.0004 0x25e8  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:25:34.0014 0x25e8  TabletInputService - ok
20:25:34.0310 0x25e8  [ C0255D8E3ABE790694927624603F8F10, C0038659D8F09F728050F800D319DAC245393D01FEEF1D91E4BDA0F55F29E00F ] TabletServiceWacom C:\Windows\system32\Wacom_Tablet.exe
20:25:34.0544 0x25e8  TabletServiceWacom - ok
20:25:34.0575 0x25e8  [ 3C23BE0DAD748BAE77E87F18F34EBA0E, B9F97E2167C7FFBEC1967B415BF1620876CC6D5EC1517CCB8EE6D073656C34A4 ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
20:25:34.0578 0x25e8  tap0901 - ok
20:25:34.0604 0x25e8  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
20:25:34.0622 0x25e8  TapiSrv - ok
20:25:34.0633 0x25e8  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
20:25:34.0642 0x25e8  TBS - ok
20:25:34.0729 0x25e8  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
20:25:34.0798 0x25e8  Tcpip - ok
20:25:34.0889 0x25e8  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
20:25:34.0960 0x25e8  TCPIP6 - ok
20:25:34.0984 0x25e8  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
20:25:34.0987 0x25e8  tcpipreg - ok
20:25:35.0002 0x25e8  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
20:25:35.0005 0x25e8  TDPIPE - ok
20:25:35.0017 0x25e8  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
20:25:35.0020 0x25e8  TDTCP - ok
20:25:35.0034 0x25e8  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
20:25:35.0040 0x25e8  tdx - ok
20:25:35.0051 0x25e8  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
20:25:35.0055 0x25e8  TermDD - ok
20:25:35.0090 0x25e8  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
20:25:35.0123 0x25e8  TermService - ok
20:25:35.0136 0x25e8  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
20:25:35.0145 0x25e8  Themes - ok
20:25:35.0157 0x25e8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
20:25:35.0164 0x25e8  THREADORDER - ok
20:25:35.0179 0x25e8  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
20:25:35.0191 0x25e8  TrkWks - ok
20:25:35.0207 0x25e8  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:25:35.0216 0x25e8  TrustedInstaller - ok
20:25:35.0232 0x25e8  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
20:25:35.0235 0x25e8  tssecsrv - ok
20:25:35.0248 0x25e8  [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
20:25:35.0252 0x25e8  TsUsbFlt - ok
20:25:35.0272 0x25e8  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
20:25:35.0277 0x25e8  TsUsbGD - ok
20:25:35.0292 0x25e8  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
20:25:35.0298 0x25e8  tunnel - ok
20:25:35.0310 0x25e8  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
20:25:35.0314 0x25e8  uagp35 - ok
20:25:35.0337 0x25e8  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
20:25:35.0350 0x25e8  udfs - ok
20:25:35.0375 0x25e8  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
20:25:35.0384 0x25e8  UI0Detect - ok
20:25:35.0396 0x25e8  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
20:25:35.0401 0x25e8  uliagpkx - ok
20:25:35.0412 0x25e8  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
20:25:35.0415 0x25e8  umbus - ok
20:25:35.0426 0x25e8  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
20:25:35.0429 0x25e8  UmPass - ok
20:25:35.0453 0x25e8  [ D80B1075B69B57A3AB78F750CE463ECE, E8435B723C3D9F5B28D5588365E7D6BED298565BCF61240C2B505B1033180DAA ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
20:25:35.0467 0x25e8  UNS - ok
20:25:35.0495 0x25e8  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
20:25:35.0516 0x25e8  upnphost - ok
20:25:35.0527 0x25e8  [ 893A6B67C8AA502648AD946CF50DDFD1, 9480AD8BF791E5912FC89A9F610D5B2E23FD07DF99A15F6844A8854E4ECB4095 ] UrlFilter       C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys
20:25:35.0529 0x25e8  UrlFilter - ok
20:25:35.0548 0x25e8  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
20:25:35.0553 0x25e8  usbaudio - ok
20:25:35.0567 0x25e8  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
20:25:35.0572 0x25e8  usbccgp - ok
20:25:35.0587 0x25e8  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
20:25:35.0606 0x25e8  usbcir - ok
20:25:35.0618 0x25e8  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
20:25:35.0621 0x25e8  usbehci - ok
20:25:35.0645 0x25e8  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
20:25:35.0659 0x25e8  usbhub - ok
20:25:35.0671 0x25e8  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
20:25:35.0674 0x25e8  usbohci - ok
20:25:35.0687 0x25e8  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
20:25:35.0690 0x25e8  usbprint - ok
20:25:35.0705 0x25e8  [ 2C42E595E7E381596B9A14F88F5AE027, 948C2AD7FA0B01184312D1ABE43F2F3D85A934CF0658A8B2BDF9F0919568377B ] usbrndis6       C:\Windows\system32\drivers\usb80236.sys
20:25:35.0708 0x25e8  usbrndis6 - ok
20:25:35.0720 0x25e8  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\drivers\usbscan.sys
20:25:35.0723 0x25e8  usbscan - ok
20:25:35.0736 0x25e8  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:25:35.0741 0x25e8  USBSTOR - ok
20:25:35.0752 0x25e8  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
20:25:35.0755 0x25e8  usbuhci - ok
20:25:35.0778 0x25e8  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
20:25:35.0786 0x25e8  usbvideo - ok
20:25:35.0800 0x25e8  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
20:25:35.0808 0x25e8  UxSms - ok
20:25:35.0822 0x25e8  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc        C:\Windows\system32\lsass.exe
20:25:35.0828 0x25e8  VaultSvc - ok
20:25:35.0841 0x25e8  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
20:25:35.0844 0x25e8  vdrvroot - ok
20:25:35.0876 0x25e8  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
20:25:35.0906 0x25e8  vds - ok
20:25:35.0921 0x25e8  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
20:25:35.0924 0x25e8  vga - ok
20:25:35.0935 0x25e8  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
20:25:35.0938 0x25e8  VgaSave - ok
20:25:35.0958 0x25e8  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
20:25:35.0968 0x25e8  vhdmp - ok
20:25:35.0980 0x25e8  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
20:25:35.0983 0x25e8  viaide - ok
20:25:35.0998 0x25e8  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
20:25:36.0002 0x25e8  volmgr - ok
20:25:36.0034 0x25e8  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
20:25:36.0049 0x25e8  volmgrx - ok
20:25:36.0074 0x25e8  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
20:25:36.0086 0x25e8  volsnap - ok
20:25:36.0106 0x25e8  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
20:25:36.0115 0x25e8  vsmraid - ok
20:25:36.0193 0x25e8  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
20:25:36.0269 0x25e8  VSS - ok
20:25:36.0291 0x25e8  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
20:25:36.0294 0x25e8  vwifibus - ok
20:25:36.0306 0x25e8  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
20:25:36.0310 0x25e8  vwififlt - ok
20:25:36.0322 0x25e8  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
20:25:36.0325 0x25e8  vwifimp - ok
20:25:36.0352 0x25e8  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
20:25:36.0372 0x25e8  W32Time - ok
20:25:36.0392 0x25e8  [ 37E4600E2CDAD3C1A3613A25B97D457C, 8AA9F5FE5530FB144E7DCACAB4D1A815B14AF425EF8955F0B5BA2B528B1C00A7 ] wacmoumonitor   C:\Windows\system32\DRIVERS\wacmoumonitor.sys
20:25:36.0395 0x25e8  wacmoumonitor - ok
20:25:36.0409 0x25e8  [ E04D43C7D1641E95D35CAE6086C7E350, BF08ED680EC835D70C522B91560B8987F206793E8E2987117C1D7B77DEFF8556 ] wacommousefilter C:\Windows\system32\DRIVERS\wacommousefilter.sys
20:25:36.0413 0x25e8  wacommousefilter - ok
20:25:36.0424 0x25e8  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
20:25:36.0426 0x25e8  WacomPen - ok
20:25:36.0438 0x25e8  [ EC1CEB237E365330C1FCFC4876AA0AC0, 9BFF9062AC5E4B9D0C6502D8DE7E59B887903ED29F26157A5F82966932F1EBD0 ] wacomvhid       C:\Windows\system32\DRIVERS\wacomvhid.sys
20:25:36.0440 0x25e8  wacomvhid - ok
20:25:36.0461 0x25e8  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
20:25:36.0467 0x25e8  WANARP - ok
20:25:36.0583 0x25e8  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
20:25:36.0590 0x25e8  Wanarpv6 - ok
20:25:36.0659 0x25e8  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
20:25:36.0709 0x25e8  WatAdminSvc - ok
20:25:36.0788 0x25e8  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
20:25:36.0860 0x25e8  wbengine - ok
20:25:36.0887 0x25e8  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
20:25:36.0901 0x25e8  WbioSrvc - ok
20:25:36.0925 0x25e8  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
20:25:36.0945 0x25e8  wcncsvc - ok
20:25:36.0957 0x25e8  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:25:36.0965 0x25e8  WcsPlugInService - ok
20:25:36.0977 0x25e8  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
20:25:36.0980 0x25e8  Wd - ok
20:25:37.0028 0x25e8  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
20:25:37.0056 0x25e8  Wdf01000 - ok
20:25:37.0074 0x25e8  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
20:25:37.0089 0x25e8  WdiServiceHost - ok
20:25:37.0100 0x25e8  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
20:25:37.0111 0x25e8  WdiSystemHost - ok
20:25:37.0132 0x25e8  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
20:25:37.0148 0x25e8  WebClient - ok
20:25:37.0168 0x25e8  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
20:25:37.0184 0x25e8  Wecsvc - ok
20:25:37.0202 0x25e8  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
20:25:37.0215 0x25e8  wercplsupport - ok
20:25:37.0232 0x25e8  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
20:25:37.0242 0x25e8  WerSvc - ok
20:25:37.0254 0x25e8  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
20:25:37.0257 0x25e8  WfpLwf - ok
20:25:37.0276 0x25e8  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
20:25:37.0279 0x25e8  WIMMount - ok
20:25:37.0292 0x25e8  WinDefend - ok
20:25:37.0323 0x25e8  WinHttpAutoProxySvc - ok
20:25:37.0350 0x25e8  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
20:25:37.0363 0x25e8  Winmgmt - ok
20:25:37.0460 0x25e8  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
20:25:37.0545 0x25e8  WinRM - ok
20:25:37.0579 0x25e8  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
20:25:37.0582 0x25e8  WinUsb - ok
20:25:37.0628 0x25e8  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
20:25:37.0671 0x25e8  Wlansvc - ok
20:25:37.0782 0x25e8  [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:25:37.0863 0x25e8  wlidsvc - ok
20:25:37.0880 0x25e8  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
20:25:37.0883 0x25e8  WmiAcpi - ok
20:25:37.0911 0x25e8  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
20:25:37.0922 0x25e8  wmiApSrv - ok
20:25:37.0934 0x25e8  WMPNetworkSvc - ok
20:25:37.0955 0x25e8  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
20:25:37.0963 0x25e8  WPCSvc - ok
20:25:37.0978 0x25e8  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
20:25:37.0990 0x25e8  WPDBusEnum - ok
20:25:38.0009 0x25e8  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
20:25:38.0012 0x25e8  ws2ifsl - ok
20:25:38.0029 0x25e8  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
20:25:38.0043 0x25e8  wscsvc - ok
20:25:38.0055 0x25e8  [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
20:25:38.0059 0x25e8  WSDPrintDevice - ok
20:25:38.0072 0x25e8  [ 4A2A5C50DD1A63577D3ACA94269FBC7F, F75C1906D431CF871AD954218DF32A0F206E45FF49332DEF9F13C0A36A407047 ] WSDScan         C:\Windows\system32\drivers\WSDScan.sys
20:25:38.0075 0x25e8  WSDScan - ok
20:25:38.0089 0x25e8  WSearch - ok
20:25:38.0210 0x25e8  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
20:25:38.0315 0x25e8  wuauserv - ok
20:25:38.0336 0x25e8  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
20:25:38.0341 0x25e8  WudfPf - ok
20:25:38.0361 0x25e8  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
20:25:38.0370 0x25e8  WUDFRd - ok
20:25:38.0383 0x25e8  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
20:25:38.0395 0x25e8  wudfsvc - ok
20:25:38.0414 0x25e8  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
20:25:38.0430 0x25e8  WwanSvc - ok
20:25:38.0439 0x25e8  X5XSEx_Pr143 - ok
20:25:38.0476 0x25e8  [ B3EEACF62445E24FBB2CD4B0FB4DB026, 2E5B6220094C47754233EDA59E6514CE47AC6C6879F367C72B2C02330EABE8E0 ] yukonw7         C:\Windows\system32\DRIVERS\yk62x64.sys
20:25:38.0490 0x25e8  yukonw7 - ok
20:25:38.0508 0x25e8  [ A5B25E310678175F4779499FFF7D0994, 0CD1886016354AE95EB626CDFC276BA049B3106723E0EC64F39BAE1D1B4A1121 ] ZAtheros Bt&Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
20:25:38.0515 0x25e8  ZAtheros Bt&Wlan Coex Agent - ok
20:25:38.0577 0x25e8  ================ Scan global ===============================
20:25:38.0584 0x25e8  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
20:25:38.0601 0x25e8  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
20:25:38.0628 0x25e8  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
20:25:38.0647 0x25e8  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
20:25:38.0670 0x25e8  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
20:25:38.0687 0x25e8  [ Global ] - ok
20:25:38.0688 0x25e8  ================ Scan MBR ==================================
20:25:38.0692 0x25e8  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:25:38.0786 0x25e8  \Device\Harddisk0\DR0 - ok
20:25:38.0796 0x25e8  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
20:25:38.0803 0x25e8  \Device\Harddisk1\DR1 - ok
20:25:38.0810 0x25e8  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk2\DR2
20:25:38.0821 0x25e8  \Device\Harddisk2\DR2 - ok
20:25:38.0830 0x25e8  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk3\DR3
20:25:38.0836 0x25e8  \Device\Harddisk3\DR3 - ok
20:25:38.0837 0x25e8  ================ Scan VBR ==================================
20:25:38.0843 0x25e8  [ F9541F1C278ED5C893F87E4599E58586 ] \Device\Harddisk0\DR0\Partition1
20:25:38.0846 0x25e8  \Device\Harddisk0\DR0\Partition1 - ok
20:25:38.0853 0x25e8  [ 590FF1DC38B5985C18564E5B5BA3831D ] \Device\Harddisk0\DR0\Partition2
20:25:38.0855 0x25e8  \Device\Harddisk0\DR0\Partition2 - ok
20:25:38.0865 0x25e8  [ 91AC8F8B5252EBC16109422EE1C19656 ] \Device\Harddisk1\DR1\Partition1
20:25:38.0867 0x25e8  \Device\Harddisk1\DR1\Partition1 - ok
20:25:38.0875 0x25e8  [ 52AAE4DCD75F549BE19FE4EF294B2E02 ] \Device\Harddisk2\DR2\Partition1
20:25:39.0302 0x25e8  \Device\Harddisk2\DR2\Partition1 - ok
20:25:39.0312 0x25e8  [ 2B4FD839CF693ED91DC10E605E3E457A ] \Device\Harddisk3\DR3\Partition1
20:25:39.0314 0x25e8  \Device\Harddisk3\DR3\Partition1 - ok
20:25:39.0317 0x25e8  Waiting for KSN requests completion. In queue: 65
20:25:40.0317 0x25e8  Waiting for KSN requests completion. In queue: 65
20:25:41.0317 0x25e8  Waiting for KSN requests completion. In queue: 65
20:25:42.0318 0x25e8  Waiting for KSN requests completion. In queue: 65
20:25:43.0356 0x25e8  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2018.391 ), 0x41000 ( enabled : updated )
20:25:43.0360 0x25e8  FW detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2018.391 ), 0x41010 ( enabled )
20:25:46.0629 0x25e8  ============================================================
20:25:46.0629 0x25e8  Scan finished
20:25:46.0629 0x25e8  ============================================================
20:25:46.0653 0x11f4  Detected object count: 0
20:25:46.0653 0x11f4  Actual detected object count: 0
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by staple on 2014/05/08 at  7:56:04.56
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-433410384-2482180285-3480248971-1001\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011441193}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110211621176}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\Deal Spy_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\Deal Spy_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\PricePeep_BetterInstaller_2012-10-02_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\PricePeep_BetterInstaller_2012-10-02_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011441193}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110211621176}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\Deal Spy_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\Deal Spy_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\PricePeep_BetterInstaller_2012-10-02_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\PricePeep_BetterInstaller_2012-10-02_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{BB6284AE-D698-4485-92E4-99530857848D}
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\Users\staple\AppData\Roaming\yourfiledownloader"
Successfully deleted: [Folder] "C:\Users\staple\appdata\locallow\boost_interprocess"
 
 
 
~~~ Chrome
 
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Google [Blacklisted Policy]
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 2014/05/08 at  8:20:04.41
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 


#4 Dagrau

Dagrau
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:06:02 AM

Posted 08 May 2014 - 11:33 AM

ESET Scan
 
 
C:\Windows\SysWOW64\Adobe\Shockwave 11\gt.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\update[1] a variant of Win32/Toolbar.Perion.G potentially unwanted application
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\update[2] a variant of Win32/Toolbar.Perion.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mozilla Firefox\browser\nsprotector.js.vir Win32/Conduit.SearchProtect.A potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll.vir a variant of Win32/Adware.Yontoo.B application cleaned by deleting - quarantined
C:\Program Files (x86)\HyperCam 2\hctoolbar.exe Win32/Somoto.F potentially unwanted application deleted - quarantined
C:\Program Files (x86)\NCH Software\Debut\debut.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application deleted - quarantined
C:\Program Files (x86)\NCH Software\Debut\debutsetup_v1.70.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application deleted - quarantined
C:\Program Files (x86)\NCH Software\Debut\debutsetup_v1.82.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application deleted - quarantined
C:\Program Files (x86)\NCH Software\Prism\prism.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application deleted - quarantined
C:\Program Files (x86)\NCH Software\Prism\prismsetup_v1.90.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application deleted - quarantined
C:\Program Files (x86)\NCH Software\Recordpad\recordpad.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application deleted - quarantined
C:\Program Files (x86)\NCH Software\Recordpad\recordpadsetup_v4.18.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application deleted - quarantined
C:\Program Files (x86)\NCH Software\Scribe\scribe.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application deleted - quarantined
C:\Program Files (x86)\NCH Software\Scribe\scribesetup_v5.55.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application deleted - quarantined
C:\Program Files (x86)\NCH Software\Switch\switch.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application deleted - quarantined
C:\Program Files (x86)\NCH Software\Switch\switchsetup_v4.35.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application deleted - quarantined
C:\Program Files (x86)\NCH Software\WavePad\wavepad.exe probably a variant of Win32/Toolbar.Conduit.H potentially unwanted application deleted - quarantined
C:\Program Files (x86)\NCH Software\WavePad\wavepadsetup_v5.33.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application deleted - quarantined
C:\Program Files (x86)\NCH Software\WavePad\wavepadsetup_v5.45.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application deleted - quarantined
C:\Program Files (x86)\NCH Software\WavePad\wavepadsetup_v5.48.exe probably a variant of Win32/Toolbar.Conduit.H potentially unwanted application deleted - quarantined
C:\Users\staple\AppData\Local\Installer\Install_17538\dap10i_130ca1714f_setup.exe a variant of Win32/SpeedBit.A potentially unwanted application deleted - quarantined
C:\Users\staple\AppData\Local\Installer\Install_18695\dap10i_130ca1714f_setup.exe a variant of Win32/SpeedBit.A potentially unwanted application deleted - quarantined
C:\Users\staple\Downloads\cbsidlm-cbsi188-Download_App-PBF-75864009.exe a variant of Win32/CNETInstaller.B potentially unwanted application deleted - quarantined
C:\Users\staple\Downloads\ccsetup407.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined
C:\Users\staple\Downloads\ccsetup410.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined
C:\Users\staple\Downloads\ccsetup412pro.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined
C:\Users\staple\Downloads\Install_WinsockxpFix.exe a variant of Win32/InstallCore.BY potentially unwanted application deleted - quarantined
C:\Users\staple\Downloads\iobit-malware-fighter-setup.exe a variant of Win32/Toolbar.Widgi.B potentially unwanted application deleted - quarantined
C:\Users\staple\Downloads\rcsetup151.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined
C:\Windows\System32\Adobe\Shockwave 11\gt.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\update[1] a variant of Win32/Toolbar.Perion.G potentially unwanted application deleted - quarantined
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\update[2] a variant of Win32/Toolbar.Perion.A potentially unwanted application deleted - quarantined
H:\Analysis of Form\Digital Media\veritysetup.exe a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application deleted - quarantined
H:\Fall 2013 Term\Analysis of Form\Digital Media\veritysetup.exe a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application deleted - quarantined
H:\Spring 2014 Term\Figure Modeling\M13\ccsetup413.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined
H:\Spring 2014 Term\Figure Modeling\M8\ccsetup412.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined
H:\Spring 2014 Term\History\M!\SetupImgBurn_2.5.8.0.exe Win32/OpenCandy potentially unsafe application deleted - quarantined
H:\Spring 2014 Term\History\M4\ccsetup411.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined
H:\Spring 2014 Term\History\M4\CR_Downloader_for_grand-theft-auto---chinatown-wars.exe a variant of Win32/InstallCore.JE.gen potentially unwanted application deleted - quarantined


#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,072 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:02 AM

Posted 08 May 2014 - 12:51 PM

OK, that's a lot of spy and adware removed.. Some of them like Sweetpaks may be hiding in your Browser add-ons and extentions and need to be removed or disabled.

See quietman7's post 4 here for help with your browser.

http://www.bleepingcomputer.com/forums/t/513638/malware-or-virus-affecting-my-computer/?hl=%2Bremoval+%2Btool#entry3204205
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 Dagrau

Dagrau
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:06:02 AM

Posted 09 May 2014 - 10:24 AM

How could all of this spywares an adware get into my system? I've got Avast Premier up and running, and scan my computer at least almost everyday...I'm sure I update my old drivers as well....Do you want me to post the logs for these scans as well? 



#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,072 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:02 AM

Posted 09 May 2014 - 10:52 AM

Well much of it came with all the Toolbars you installed. You did not post the MiNItoolbox log so I cannot look at that.
Should be running a lot better now though.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 Dagrau

Dagrau
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:06:02 AM

Posted 09 May 2014 - 10:59 AM

MiniToolBox by Farbar  Version: 23-01-2014
Ran by staple (administrator) on 07-05-2014 at 20:23:04
Running from "C:\Users\staple\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
 
127.0.0.1 localhost
 
========================= IP Configuration: ================================
 
Qualcomm Atheros AR1111 WB-EG Wireless Network Adapter = Wireless Network Connection (Connected)
avast! SecureLine TAP Adapter v3 = Local Area Connection 3 (Hardware not present)
Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : staple-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : domain.actdsltmp
 
Wireless LAN adapter Wireless Network Connection 3:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
   Physical Address. . . . . . . . . : 26-DB-C9-5B-62-FF
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wireless Network Connection:
 
   Connection-specific DNS Suffix  . : domain.actdsltmp
   Description . . . . . . . . . . . : Qualcomm Atheros AR1111 WB-EG Wireless Network Adapter
   Physical Address. . . . . . . . . : 94-DB-C9-5B-62-FF
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::64dd:7:eb21:8d0c%20(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.0.2(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : 2014年5月7日 11:56:55
   Lease Expires . . . . . . . . . . : 2014年5月14日 12:08:45
   Default Gateway . . . . . . . . . : 192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 211082185
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-13-81-93-4C-72-B9-15-A9-B1
   DNS Servers . . . . . . . . . . . : 208.67.222.222
                                       208.67.220.220
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : 4C-72-B9-15-A9-B1
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{4367D4D8-F178-44BC-859A-E060101CAC67}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.domain.actdsltmp:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{B258621E-C521-4F35-84AC-33F54BB57479}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  resolver1.opendns.com
Address:  208.67.222.222
 
Name:    google.com.domain.actdsltmp
Address:  67.215.65.132
 
 
Pinging google.com [74.125.225.193] with 32 bytes of data:
Reply from 74.125.225.193: bytes=32 time=35ms TTL=57
Reply from 74.125.225.193: bytes=32 time=34ms TTL=57
 
Ping statistics for 74.125.225.193:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 34ms, Maximum = 35ms, Average = 34ms
Server:  resolver1.opendns.com
Address:  208.67.222.222
 
Name:    yahoo.com.domain.actdsltmp
Address:  67.215.65.132
 
 
Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=75ms TTL=53
Reply from 98.138.253.109: bytes=32 time=76ms TTL=53
 
Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 75ms, Maximum = 76ms, Average = 75ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 21...26 db c9 5b 62 ff ......Microsoft Virtual WiFi Miniport Adapter #2
 20...94 db c9 5b 62 ff ......Qualcomm Atheros AR1111 WB-EG Wireless Network Adapter
 11...4c 72 b9 15 a9 b1 ......Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
 15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
 17...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1      192.168.0.2     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      169.254.0.0      255.255.0.0         On-link       192.168.0.2    306
  169.254.255.255  255.255.255.255         On-link       192.168.0.2    281
      192.168.0.0    255.255.255.0         On-link       192.168.0.2    281
      192.168.0.2  255.255.255.255         On-link       192.168.0.2    281
    192.168.0.255  255.255.255.255         On-link       192.168.0.2    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.0.2    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.0.2    281
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 20    281 fe80::/64                On-link
 20    281 fe80::64dd:7:eb21:8d0c/128
                                    On-link
  1    306 ff00::/8                 On-link
 20    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog5 10 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog5 10 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (05/07/2014 11:24:38 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/06/2014 09:57:40 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/06/2014 06:35:14 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/05/2014 02:11:08 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/05/2014 02:11:07 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: The data is invalid.
.
 
 
System errors:
=============
Error: (05/07/2014 11:25:44 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)
 
Error: (05/07/2014 11:25:35 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (05/07/2014 11:24:37 AM) (Source: Service Control Manager) (User: )
Description: The X5XSEx_Pr143 service failed to start due to the following error: 
%%3
 
Error: (05/07/2014 11:24:15 AM) (Source: Application Popup) (User: )
Description: Driver ACPI returned invalid ID for a child device (1).
 
Error: (05/06/2014 09:58:49 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)
 
Error: (05/06/2014 09:58:37 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (05/06/2014 09:57:40 PM) (Source: Service Control Manager) (User: )
Description: The X5XSEx_Pr143 service failed to start due to the following error: 
%%3
 
Error: (05/06/2014 09:57:19 PM) (Source: Application Popup) (User: )
Description: Driver ACPI returned invalid ID for a child device (1).
 
Error: (05/06/2014 06:36:16 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)
 
Error: (05/06/2014 06:36:14 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
 
Microsoft Office Sessions:
=========================
Error: (05/07/2014 11:24:38 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/06/2014 09:57:40 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/06/2014 06:35:14 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/05/2014 02:11:08 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/05/2014 02:11:07 PM) (Source: Microsoft-Windows-CAPI2)(User: )
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-04-23 23:48:52.544
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-04-23 23:48:52.498
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
=========================== Installed Programs ============================
 
3DVIA player 5.0.0.20 (Version: 5.0.20)
Adobe Acrobat X Pro - English, Fran軋is, Deutsch (Version: 10.1.9)
Adobe AIR (Version: 4.0.0.1390)
Adobe Bridge CC (64 Bit) (Version: 6.0)
Adobe Community Help (Version: 3.4.980)
Adobe Content Viewer (Version: 1.4.0)
Adobe Creative Cloud (Version: 2.5.0.367)
Adobe Creative Suite 5.5 Master Collection (Version: 5.5)
Adobe Download Assistant (Version: 1.2.3)
Adobe Flash Player 13 ActiveX (Version: 13.0.0.206)
Adobe Flash Player 13 Plugin (Version: 13.0.0.206)
Adobe Illustrator CC (Version: 17.0)
Adobe Media Player (Version: 1.8)
Adobe Photoshop CC (Version: 14.0)
Adobe Shockwave Player 11.6 (Version: 11.6.8.638)
Adobe Story (Version: 1.0.571)
Adobe Widget Browser (Version: 2.0 Build 230)
Adobe Widget Browser (Version: 2.0.230)
Advanced SystemCare 7 (Version: 7.0.5)
Aimersoft DVD Ripper(Build 2.7.3.4)
Apple Application Support (Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
Atheros Bluetooth Suite (64) (Version: 7.4.0.120)
Audacity 2.0.5 (Version: 2.0.5)
avast! Premier (Version: 9.0.2018)
AveoCap (Version: 1.00.0011)
Blender (Version: 2.67b)
Blue Coat K9 Web Protection (Version: 4.4.276)
Bonjour (Version: 3.0.0.10)
Byki (Version: 4.0)
Byki Express (Version: 4.1)
Canon Easy-PhotoPrint EX
Canon Easy-WebPrint EX
Canon IJ Network Scanner Selector EX
Canon IJ Network Tool
Canon MP Navigator EX 5.1
Canon MX430 series MP Drivers
Canon MX430 series On-screen Manual
Canon MX430 series User Registration
Canon My Printer
Canon Solution Menu EX
Canon Speed Dial Utility
CCleaner (Version: 4.13)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
Connectivity Fixer (Version: 1.0.0)
Connectivity Fixer (Version: 1.1.0)
D3DX10 (Version: 15.4.2368.0902)
Debut Video Capture Software (Version: 1.82)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DisplayFusion 5.1 (Version: 5.1.0.0)
DivX Setup (Version: 2.6.1.44)
Elevated Installer (Version: 2.1.13)
EPSON Scan
Express Scribe
Finale NotePad 2012 (Version: 2012..r1.5)
Free Video to MP3 Converter version 5.0.27.717 (Version: 5.0.27.717)
Garmin Express (Version: 2.1.13)
Garmin Express Tray (Version: 2.1.13)
Garmin Update Service (Version: 2.1.13)
GoGear VIBE Device Manager (Version: 01.06)
Google Chrome (Version: 34.0.1847.131)
Google Drive (Version: 1.15.6556.8063)
Google Earth (Version: 7.1.2.2041)
Google Gmail Notifier
Google Update Helper (Version: 1.3.24.7)
HiJackThis (Version: 1.0.0)
ImgBurn (Version: 2.5.8.0)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 8.0.2.1410)
Intel® OpenCL CPU Runtime
Intel® Processor Graphics (Version: 9.17.10.2932)
Intel® Rapid Storage Technology (Version: 11.0.0.1032)
Intel® USB 3.0 eXtensible Host Controller Driver (Version: 1.0.3.214)
IntelR Trusted Connect Service Client (Version: 1.23.605.1)
IObit Malware Fighter (Version: 2.3)
IObit Uninstaller (Version: 3.0.3.1064)
iTunes (Version: 11.0.4.4)
IZArc 4.1.7 (Version: 4.1.7)
Java 7 Update 55 (Version: 7.0.550)
Java Auto Updater (Version: 2.1.9.8)
join.me (Version: 1.9.2.216)
Junk Mail filter update (Version: 16.4.3505.0912)
Latency Optimizer FREE VERSION (Version: 3.1.20)
Little Fighter
Livestream Procaster (Version: 20.3.25)
LMMS 0.4.15 (Version: 0.4.15)
LogonStudio
Malwarebytes Anti-Exploit version 0.10.0.1000 (Version: 0.10.0.1000)
Malwarebytes Anti-Malware version 2.0.1.1004 (Version: 2.0.1.1004)
ManageMyMobile (Version: 1.0)
Media Converter for Philips (Version: 2.5.2.231)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Silverlight (Version: 5.1.30214.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (Version: 11.0.61030.0)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (Version: 11.0.61030)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (Version: 11.0.61030)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (Version: 12.0.21005)
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (Version: 12.0.21005)
Microsoft XNA Framework Redistributable 3.1 (Version: 3.1.10527.0)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000)
Movie Maker (Version: 16.4.3505.0912)
MSRedist (Version: 9.0.30729.4148)
MSRedx64 (Version: 9.0.30729.4148)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSVCRT110 (Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Norton Family (Version: 2.6.0.52)
NVIDIA Control Panel 295.55 (Version: 295.55)
NVIDIA Graphics Driver 295.55 (Version: 295.55)
NVIDIA Install Application (Version: 2.1002.62.312)
NVIDIA Optimus 1.7.12 (Version: 1.7.12)
NVIDIA Update Components (Version: 1.7.12)
OpenDNS Updater 2.2.1 (Version: 2.2.1)
PCSX2 - Playstation 2 Emulator
PDF Settings CC (Version: 12.0)
PDF Settings CS5 (Version: 10.0)
PHotkey (Version: 1.00.0042.19)
Photo Gallery (Version: 16.4.3505.0912)
Prism Video File Converter
PxMergeModule (Version: 1.00.0000)
Qualcomm Atheros Driver Installation Program (Version: 10.0)
QuickTime (Version: 7.74.80.86)
Rainmeter (Version: 2.4 r1678)
Realtek Ethernet Controller Driver (Version: 7.47.714.2011)
Realtek High Definition Audio Driver (Version: 6.0.1.6559)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30127)
RealUpgrade 1.1 (Version: 1.1.0)
RecordPad Sound Recorder
Recuva (Version: 1.51)
RPG MAKER VX Ace (Version: 1.01a)
RPG MAKER VX Ace RTP (Version: 1.00)
RuneScape Launcher 1.2.3 (Version: 1.2.3)
Sculptris Alpha 6 (Version: 0.6)
Seagate Dashboard 2.0 (Version: 2.2.26.0)
SERNハッキング・スクリーンセーバ
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
Skype Click to Call (Version: 7.2.15747.10003)
Skype? 6.11 (Version: 6.11.102)
Splash Lite (Version: 1.8.0)
Surfing Protection (Version: 1.0)
Switch Sound File Converter
swMSM (Version: 12.0.0.1)
Synaptics Pointing Device Driver (Version: 15.3.33.0)
Unity (Version: )
Unity Web Player (Version: )
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition
Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition
Update for Microsoft Visio 2010 (KB2553444) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
UTAU 歌声合成ツール (Version: 1.0.74)
UTAU 歌声合成ツール (Version: 1.1.1801)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Video Screensaver 1.0 (Version: 1.0)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)
VSDC Free Video Editor version 2.1.6.133 (Version: 2.1.6.133)
Wacom Tablet
WavePad Sound Editor (Version: 5.48)
WebTablet IE Plugin (Version: 1.1.0.4)
WebTablet Netscape Plugin (Version: 1.1.0.3)
Winamp (Version: 5.63 )
Winamp Detector Plug-in (Version: 1.0.0.1)
Windows Live Communications Platform (Version: 16.4.3505.0912)
Windows Live Essentials (Version: 16.4.3505.0912)
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)
Windows Live Installer (Version: 16.4.3505.0912)
Windows Live Mail (Version: 16.4.3505.0912)
Windows Live Messenger (Version: 16.4.3505.0912)
Windows Live MIME IFilter (Version: 16.4.3505.0912)
Windows Live Photo Common (Version: 16.4.3505.0912)
Windows Live PIMT Platform (Version: 16.4.3505.0912)
Windows Live SOXE (Version: 16.4.3505.0912)
Windows Live SOXE Definitions (Version: 16.4.3505.0912)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live UX Platform (Version: 16.4.3505.0912)
Windows Live UX Platform Language Pack (Version: 16.4.3505.0912)
Windows Live Writer (Version: 16.4.3505.0912)
Windows Live Writer Resources (Version: 16.4.3505.0912)
Windows Movie Maker 2.6 (Version: 2.6.4037.0)
WinFlash (Version: 2.29.0.4)
WinPcap 4.1.3 (Version: 4.1.0.2980)
Wireshark 1.10.7 (64-bit) (Version: 1.10.7)
World of Warcraft (Version: 5.4.0.17399)
XP TCP/IP Repair 2.2 (Version: 2.2)
セキュリティ タスク マネージャ 1.8g (Version: 1.8g)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 28%
Total physical RAM: 16280.76 MB
Available physical RAM: 11631.89 MB
Total Pagefile: 20301.38 MB
Available Pagefile: 15392.27 MB
Total Virtual: 4095.88 MB
Available Virtual: 3961.89 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:111.69 GB) (Free:8.81 GB) NTFS
2 Drive d: (AVCA_62289B) (CDROM) (Total:1.65 GB) (Free:0 GB) UDF
3 Drive g: (STAPLE) (Removable) (Total:3.74 GB) (Free:0.04 GB) FAT32
4 Drive h: (Seagate Backup Plus Drive) (Fixed) (Total:931.51 GB) (Free:798.66 GB) NTFS
5 Drive i: () (Removable) (Total:14.86 GB) (Free:14.75 GB) FAT32
 
========================= Users: ========================================
 
User accounts for \\STAPLE-PC
 
Administrator            Guest                    staple                   
UpdatusUser              
 
 
**** End of log ****


#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,072 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:02 AM

Posted 09 May 2014 - 01:35 PM

You should add an antimalware like Malwarebytes and free app such as SpywareBlaster


Empty your temp folders using TFC (Temporary File Cleaner)
  • Please download TFC by Old Timer and save it to your desktop.
    alternate download link
  • Save any unsaved work. (TFC will close ALL open programs including your browser!)
  • Double-click on TFC.exe to run it. (If you are using Vista, right-click on the file and choose "Run As Administrator".)
  • Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
  • Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway allowing Windows to load normally (not into Safe Mode) to ensure a complete clean.
How is it now?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 Dagrau

Dagrau
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:06:02 AM

Posted 15 May 2014 - 11:23 AM

Everything is the same :(  

 

Particularly my start menu is still flashing. And my internet keeps losing connection and reconnecting. I'm still really confused.  



#11 Dagrau

Dagrau
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:06:02 AM

Posted 15 May 2014 - 11:34 AM

 Results of screen317's Security Check version 0.99.83  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 10 Out of date!
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
avast! Antivirus   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:`````````
 Java 7 Update 55  
 Adobe Flash Player 13.0.0.214  
 Google Chrome 34.0.1847.116  
 Google Chrome 34.0.1847.131  
````````Process Check: objlist.exe by Laurent````````
 Norton ccSvcHst.exe 
 Malwarebytes Anti-Malware mbam.exe  
 IObit IObit Malware Fighter IMFsrv.exe  
 Malwarebytes Anti-Exploit mbae-svc.exe   
 Malwarebytes Anti-Malware mbamscheduler.exe   
 Malwarebytes Anti-Exploit mbae.exe   
 IObit IObit Malware Fighter IMF.exe  
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast afwServ.exe  
 AVAST Software Avast AvastUI.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 29% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````
 
 
 
These are the security programs I'm using, however I'm not sure where Norton is coming from....MBAM always comes up positive and my active/inactive bar seems to only flash whilst I'm typing, this seems only occur once every 45 secs or so. Also I was able to revert back to Aero theme. 
 
EDIT: Actually rather than typing it seems to flash this seems to happen when I'm idle as well. No icons are disappearing. But rather the title bar will turn bright then return to normal (if you get what I mean), this happens with explorer and any third party software. 

Edited by Dagrau, 15 May 2014 - 11:55 AM.


#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,072 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:02 AM

Posted 15 May 2014 - 02:14 PM

Do you know what these 2 installed apps are ?
SERNハッキング・スクリーンセーバ
セキュリティ タスク マネージャ 1.8g (Version: 1.8g)

If Not uninstall them.

We can try one more thing...

Download Windows Repair (All in One) from this site

Install the program then run it.

NOTE 1. In Windows Vista, 7 and 8 right click on the program, click "Run As Administrator".
NOTE 2. Disable your antivirus program before running Windows Repair.


Go to Step 3 and click on Check button next to 1. See If Check Disk Is Needed.
If the tool that the Check Disk is needed click on Do It button next to 2. Check Disk.
In that case make sure you restart computer.

p22004342.gif


Once the above is done go to Step 4 and allow it to run System File Check by clicking on Do It button:

p22004343.gif


Go to Step 5 and under "System Restore" click on Create button:

p22004346.gif


Go to Start Repairs tab and click Start button.

Leave all checkmarks as they're.
NOTE for Windows 8 users. Reset Registry Permissions is NOT checked by design.

Click on Start button.

p22004347.gif

Post Windows Repair log which is located in the following folder:
64-bit systems - C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\Logs
32-bit systems - C:\Program Files\Tweaking.com\Windows Repair (All in One)\Logs
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 Dagrau

Dagrau
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:06:02 AM

Posted 15 May 2014 - 11:41 PM

I lost my network adapter right after the third step. Unfortunately I couldn't read/remember the instructions and clicked all the boxes is this a bad thing? Right after the scan, I was able to access the internet again...Should I restore and retry with the default checked boxes?

 

 

 
System Variables
--------------------------------------------------------------------------------
OS: Windows 7 Home Premium
OS Architecture: 64-bit
OS Version: 6.1.7601
OS Service Pack: Service Pack 1
Computer Name: STAPLE-PC
Windows Drive: C:\
Windows Path: C:\Windows
Current Profile: C:\Users\staple
Current Profile SID: S-1-5-21-433410384-2482180285-3480248971-1001
Current Profile Classes: S-1-5-21-433410384-2482180285-3480248971-1001_Classes
Profiles Location: C:\Users
Profiles Location 2: C:\Windows\ServiceProfiles
Local Settings AppData: C:\Users\staple\AppData\Local
--------------------------------------------------------------------------------
 
System Information
--------------------------------------------------------------------------------
System Up Time: 0 Days 00:07:16
 
Process Count: 122
Commit Total: 3.10 GB
Commit Limit: 21.49 GB
Commit Peak: 3.24 GB
Handle Count: 30672
Kernel Total: 805.95 MB
Kernel Paged: 609.32 MB
Kernel Non Paged: 196.63 MB
System Cache: 6.86 GB
Thread Count: 1396
--------------------------------------------------------------------------------
 
Memory Before Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 15.90 GB
Memory Used: 2.98 GB(18.7451%)
Memory Avail.: 12.92 GB
--------------------------------------------------------------------------------
 
Cleaning Memory Before Starting Repairs...
 
Memory After Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 15.90 GB
Memory Used: 2.42 GB(15.2256%)
Memory Avail.: 13.48 GB
--------------------------------------------------------------------------------
 
Starting Repairs...
   Start (2014/05/15 22:08:53)
 
01 - Reset Registry Permissions 01/03
   HKEY_CURRENT_USER & Sub Keys
   Start (2014/05/15 22:08:56)
   Running Repair Under Current User Account
   Done (2014/05/15 22:09:39)
 
01 - Reset Registry Permissions 02/03
   HKEY_LOCAL_MACHINE & Sub Keys
   Start (2014/05/15 22:09:39)
   Running Repair Under System Account
   Done (2014/05/15 22:19:59)
 
01 - Reset Registry Permissions 03/03
   HKEY_CLASSES_ROOT & Sub Keys
   Start (2014/05/15 22:19:59)
   Running Repair Under System Account
   Done (2014/05/15 22:22:36)
 
03 - Reset Service Permissions
   Start (2014/05/15 22:22:36)
   Running Repair Under System Account
   Done (2014/05/15 22:22:47)
 
04 - Register System Files
   Start (2014/05/15 22:22:47)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2014/05/15 22:23:12)
 
05 - Repair WMI
   Start (2014/05/15 22:23:12)
 
   Starting Security Center So We Can Export The Security Info.
 
   Exporting Antivirus Info...
   avast! Antivirus Exported.
 
   Exporting AntiSpyware Info...
   Windows Defender Exported.
   IObit Malware Fighter Exported.
   avast! Antivirus Exported.
 
   Exporting 3rd Party Firewall Info...
   avast! Antivirus Exported.
 
   Running Repair Under Current User Account
   Done (2014/05/15 22:24:36)
 
06 - Repair Windows Firewall
   Start (2014/05/15 22:24:36)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2014/05/15 22:25:20)
 
07 - Repair Internet Explorer
   Start (2014/05/15 22:25:20)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2014/05/15 22:25:46)
 
08 - Repair MDAC/MS Jet
   Start (2014/05/15 22:25:46)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2014/05/15 22:25:55)
 
09 - Repair Hosts File
   Start (2014/05/15 22:25:55)
   Running Repair Under System Account
   Done (2014/05/15 22:25:58)
 
10 - Remove Policies Set By Infections
   Start (2014/05/15 22:25:58)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2014/05/15 22:26:02)
 
11 - Repair Start Menu Icons Removed By Infections
   Start (2014/05/15 22:26:02)
   Running Repair Under System Account
   Done (2014/05/15 22:26:05)
 
12 - Repair Icons
   Start (2014/05/15 22:26:05)
   Running Repair Under Current User Account
   Done (2014/05/15 22:26:07)
 
13 - Repair Winsock & DNS Cache
   Start (2014/05/15 22:26:07)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2014/05/15 22:26:24)
 
14 - Remove Temp Files
   Start (2014/05/15 22:26:24)
   Running Repair Under System Account
   Done (2014/05/15 22:26:26)
 
15 - Repair Proxy Settings
   Start (2014/05/15 22:26:27)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2014/05/15 22:26:31)
 
16 - Unhide Non System Files
   Start (2014/05/15 22:26:31)
   C:\ - Total Files Unhidden: 649 - Check Unhidden_Files.txt for list of files unhidden
   H:\ - Total Files Unhidden: 0 - Check Unhidden_Files.txt for list of files unhidden
   Done (2014/05/15 22:29:04)
 
17 - Repair Windows Updates
   Start (2014/05/15 22:29:04)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2014/05/15 22:29:30)
 
18 - Repair CD/DVD Missing/Not Working
   Start (2014/05/15 22:29:30)
   iTunes not found, not applying UpperFilters iTunes Reg Key
   Done (2014/05/15 22:29:30)
 
19 - Repair Volume Shadow Copy Service
   Start (2014/05/15 22:29:30)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2014/05/15 22:29:43)
 
21 - Repair MSI (Windows Installer)
   Start (2014/05/15 22:29:43)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2014/05/15 22:30:00)
 
22 - Repair Windows Snipping Tool
   Start (2014/05/15 22:30:00)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2014/05/15 22:30:05)
 
23.01 - Repair bat Association
   Start (2014/05/15 22:30:05)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2014/05/15 22:30:10)
 
23.02 - Repair cmd Association
   Start (2014/05/15 22:30:10)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2014/05/15 22:30:14)
 
23.03 - Repair com Association
   Start (2014/05/15 22:30:14)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2014/05/15 22:30:19)
 
23.04 - Repair Directory Association
   Start (2014/05/15 22:30:19)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2014/05/15 22:30:24)
 
23.05 - Repair Drive Association
   Start (2014/05/15 22:30:24)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2014/05/15 22:30:28)
 
23.06 - Repair exe Association
   Start (2014/05/15 22:30:28)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2014/05/15 22:30:33)
 
23.07 - Repair Folder Association
   Start (2014/05/15 22:30:33)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2014/05/15 22:30:38)
 
23.08 - Repair inf Association
   Start (2014/05/15 22:30:38)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2014/05/15 22:30:43)
 
23.09 - Repair lnk (Shortcuts) Association
   Start (2014/05/15 22:30:43)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2014/05/15 22:30:47)
 
23.10 - Repair msc Association
   Start (2014/05/15 22:30:47)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2014/05/15 22:30:52)
 
23.11 - Repair reg Association
   Start (2014/05/15 22:30:52)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2014/05/15 22:30:57)
 
23.12 - Repair scr Association
   Start (2014/05/15 22:30:57)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2014/05/15 22:31:01)
 
24 - Repair Windows Safe Mode
   Start (2014/05/15 22:31:01)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2014/05/15 22:31:06)
 
25 - Repair Print Spooler
   Start (2014/05/15 22:31:06)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2014/05/15 22:31:25)
 
26 - Restore Important Windows Services
   Start (2014/05/15 22:31:25)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2014/05/15 22:31:38)
 
27 - Set Windows Services To Default Startup
   Start (2014/05/15 22:31:39)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2014/05/15 22:31:45)
 
Cleaning up empty logs...
 
All Selected Repairs Done.
   Done (2014/05/15 22:31:45)
   Total Repair Time: 00:22:53
 
 
...YOU MUST RESTART YOUR SYSTEM...
   Running Repair Under Current User Account


#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,072 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:02 AM

Posted 16 May 2014 - 01:02 PM

Yes please ..
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#15 Dagrau

Dagrau
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:06:02 AM

Posted 26 May 2014 - 10:10 PM

Really sorry about the long delay, I was very busy last week.
 
System Variables
--------------------------------------------------------------------------------
OS: Windows 7 Home Premium
OS Architecture: 64-bit
OS Version: 6.1.7601
OS Service Pack: Service Pack 1
Computer Name: STAPLE-PC
Windows Drive: C:\
Windows Path: C:\Windows
Current Profile: C:\Users\staple
Current Profile SID: S-1-5-21-433410384-2482180285-3480248971-1001
Current Profile Classes: S-1-5-21-433410384-2482180285-3480248971-1001_Classes
Profiles Location: C:\Users
Profiles Location 2: C:\Windows\ServiceProfiles
Local Settings AppData: C:\Users\staple\AppData\Local
--------------------------------------------------------------------------------
 
System Information
--------------------------------------------------------------------------------
System Up Time: 0 Days 00:05:54
 
Process Count: 107
Commit Total: 2.79 GB
Commit Limit: 25.73 GB
Commit Peak: 3.03 GB
Handle Count: 27078
Kernel Total: 447.33 MB
Kernel Paged: 340.33 MB
Kernel Non Paged: 107.00 MB
System Cache: 1.75 GB
Thread Count: 1314
--------------------------------------------------------------------------------
 
Memory Before Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 15.90 GB
Memory Used: 2.71 GB(17.0712%)
Memory Avail.: 13.19 GB
--------------------------------------------------------------------------------
 
Cleaning Memory Before Starting Repairs...
 
Memory After Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 15.90 GB
Memory Used: 2.42 GB(15.2061%)
Memory Avail.: 13.48 GB
--------------------------------------------------------------------------------
 
Starting Repairs...
   Start (2014/05/25 19:44:06)
 
01 - Reset Registry Permissions 01/03
   HKEY_CURRENT_USER & Sub Keys
   Start (2014/05/25 19:44:08)
   Running Repair Under Current User Account
   Done (2014/05/25 19:44:54)
 
01 - Reset Registry Permissions 02/03
   HKEY_LOCAL_MACHINE & Sub Keys
   Start (2014/05/25 19:44:54)
   Running Repair Under System Account
   Done (2014/05/25 19:54:56)
 
01 - Reset Registry Permissions 03/03
   HKEY_CLASSES_ROOT & Sub Keys
   Start (2014/05/25 19:54:56)
   Running Repair Under System Account
   Done (2014/05/25 19:57:32)
 
03 - Reset Service Permissions
   Start (2014/05/25 19:57:32)
   Running Repair Under System Account
   Done (2014/05/25 19:57:43)
 
04 - Register System Files
   Start (2014/05/25 19:57:43)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2014/05/25 19:58:06)
 
05 - Repair WMI
   Start (2014/05/25 19:58:06)
 
   Starting Security Center So We Can Export The Security Info.
 
   Exporting Antivirus Info...
   avast! Antivirus Exported.
 
   Exporting AntiSpyware Info...
   Windows Defender Exported.
   IObit Malware Fighter Exported.
   avast! Antivirus Exported.
 
   Exporting 3rd Party Firewall Info...
   avast! Antivirus Exported.
 
   Running Repair Under Current User Account
   Done (2014/05/25 19:59:39)
 
06 - Repair Windows Firewall
   Start (2014/05/25 19:59:39)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2014/05/25 20:00:17)
 
07 - Repair Internet Explorer
   Start (2014/05/25 20:00:17)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2014/05/25 20:00:41)
 
08 - Repair MDAC/MS Jet
   Start (2014/05/25 20:00:41)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2014/05/25 20:00:49)
 
09 - Repair Hosts File
   Start (2014/05/25 20:00:49)
   Running Repair Under System Account
   Done (2014/05/25 20:00:52)
 
10 - Remove Policies Set By Infections
   Start (2014/05/25 20:00:52)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2014/05/25 20:00:57)
 
11 - Repair Start Menu Icons Removed By Infections
   Start (2014/05/25 20:00:57)
   Running Repair Under System Account
   Done (2014/05/25 20:00:59)
 
12 - Repair Icons
   Start (2014/05/25 20:00:59)
   Running Repair Under Current User Account
   Done (2014/05/25 20:01:01)
 
13 - Repair Winsock & DNS Cache
   Start (2014/05/25 20:01:01)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2014/05/25 20:01:19)
 
14 - Remove Temp Files
   Start (2014/05/25 20:01:19)
   Running Repair Under System Account
   Done (2014/05/25 20:01:21)
 
15 - Repair Proxy Settings
   Start (2014/05/25 20:01:21)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2014/05/25 20:01:26)
 
16 - Unhide Non System Files
   Start (2014/05/25 20:01:26)
   C:\ - Total Files Unhidden: 14 - Check Unhidden_Files.txt for list of files unhidden
   Done (2014/05/25 20:03:36)
 
17 - Repair Windows Updates
   Start (2014/05/25 20:03:36)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2014/05/25 20:04:00)
 
18 - Repair CD/DVD Missing/Not Working
   Start (2014/05/25 20:04:00)
   iTunes not found, not applying UpperFilters iTunes Reg Key
   Done (2014/05/25 20:04:00)
 
19 - Repair Volume Shadow Copy Service
   Start (2014/05/25 20:04:00)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2014/05/25 20:04:13)
 
21 - Repair MSI (Windows Installer)
   Start (2014/05/25 20:04:13)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2014/05/25 20:04:28)
 
22 - Repair Windows Snipping Tool
   Start (2014/05/25 20:04:28)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2014/05/25 20:04:33)
 
23.01 - Repair bat Association
   Start (2014/05/25 20:04:33)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2014/05/25 20:04:38)
 
23.02 - Repair cmd Association
   Start (2014/05/25 20:04:38)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2014/05/25 20:04:42)
 
23.03 - Repair com Association
   Start (2014/05/25 20:04:42)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2014/05/25 20:04:47)
 
23.04 - Repair Directory Association
   Start (2014/05/25 20:04:47)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2014/05/25 20:04:52)
 
23.05 - Repair Drive Association
   Start (2014/05/25 20:04:52)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2014/05/25 20:04:57)
 
23.06 - Repair exe Association
   Start (2014/05/25 20:04:57)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2014/05/25 20:05:01)
 
23.07 - Repair Folder Association
   Start (2014/05/25 20:05:01)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2014/05/25 20:05:06)
 
23.08 - Repair inf Association
   Start (2014/05/25 20:05:06)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2014/05/25 20:05:11)
 
23.09 - Repair lnk (Shortcuts) Association
   Start (2014/05/25 20:05:11)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2014/05/25 20:05:16)
 
23.10 - Repair msc Association
   Start (2014/05/25 20:05:16)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2014/05/25 20:05:20)
 
23.11 - Repair reg Association
   Start (2014/05/25 20:05:20)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2014/05/25 20:05:25)
 
23.12 - Repair scr Association
   Start (2014/05/25 20:05:25)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2014/05/25 20:05:30)
 
24 - Repair Windows Safe Mode
   Start (2014/05/25 20:05:30)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2014/05/25 20:05:35)
 
25 - Repair Print Spooler
   Start (2014/05/25 20:05:35)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2014/05/25 20:05:52)
 
26 - Restore Important Windows Services
   Start (2014/05/25 20:05:52)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2014/05/25 20:06:05)
 
27 - Set Windows Services To Default Startup
   Start (2014/05/25 20:06:05)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2014/05/25 20:06:10)
 
Cleaning up empty logs...
 
All Selected Repairs Done.
   Done (2014/05/25 20:06:10)
   Total Repair Time: 00:22:06
 
 
...YOU MUST RESTART YOUR SYSTEM...
   Running Repair Under Current User Account





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users