Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Virus keeps on muting/unmuting the system and often makes the system go to sleep


  • Please log in to reply
11 replies to this topic

#1 idea.scotty

idea.scotty

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:09 PM

Posted 14 May 2014 - 02:06 PM

Hi People,

 

I was happily using Windows XP for some time on my old laptop. Recently I plugged in my pen drive in a virus infected system and later the virus got into my laptop. My system kept on shutting down/restarting every 10-15 or sometime 25 mins later. I made backup of the data and formatted the system (only C: was entirely formatted with NTFS) but the virus returned even after formatting the system twice. I also ensured after each format that the first thing was to entirely scan the system with antivirus and anti spyware etc. etc. As nothing cured this I thought maybe upgrading to win7 would help. I formatted the system again with windows 7.

This time the virus was not able to shut down the system but instead it kept on muting/unmuting the system. I would have tolerated this as i am working on excels and word most of the time, but the system now keeps on sleeping suddenly which is a big pain in ***.

Believe me i have tried all possible solutions ranging from killing suspicous process from task bar to deleting possible virus entries in the registry but nothing has worked yet.

Please help me on this :( , currently i am using a trial version of Quick Heal (which did not found anything on scan). Current OS: Win 7 ultimate.



BC AdBot (Login to Remove)

 


m

#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,239 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:39 AM

Posted 14 May 2014 - 02:17 PM

Hello scotty
One thing You need to do is reformat your infected Flash Drive.

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



    Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .
    ADW Cleaner

    Please download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
  • -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on each one and uncheck any items you want to keep (except you cannot uncheck Chrome and Firefox preferences lines).


    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • .
    .
    .
    .
  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 idea.scotty

idea.scotty
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:09 PM

Posted 14 May 2014 - 02:29 PM

Quick Heal deleted MiniToolBok.exe should I continue to disable quick heal and then run it?



#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,239 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:39 AM

Posted 14 May 2014 - 02:55 PM

Yes run Mini .. We made that tool so it is safe.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 idea.scotty

idea.scotty
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:09 PM

Posted 15 May 2014 - 02:20 AM

MiniToolBox by Farbar  Version: 23-01-2014
Ran by kk (administrator) on 15-05-2014 at 01:12:25
Running from "C:\Users\kk\Downloads"
Microsoft Windows 7 Ultimate  Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================



========================= IP Configuration: ================================

Broadcom NetLink ™ Fast Ethernet = Local Area Connection (Connected)
MAC Bridge Miniport = Network Bridge (Connected)
Broadcom 802.11g Network Adapter = Wireless Network Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : Yantra
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Mixed
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Network Bridge:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : MAC Bridge Miniport
   Physical Address. . . . . . . . . : 02-1E-EC-0F-CB-EE
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::44fd:ccc5:e438:5d2a%14(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.34(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : 15 ?? 2014 00:52:58
   Lease Expires . . . . . . . . . . : 18 ?? 2014 01:02:49
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 503455468
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-02-85-23-00-1E-EC-0F-CB-EE
   DNS Servers . . . . . . . . . . . : 218.248.240.180
                                       218.248.255.161
                                       192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{B989FAAA-B189-44E7-813F-E4630976A2E0}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:90d7:1c29:2479:3f57:fedd(Preferred)
   Link-local IPv6 Address . . . . . : fe80::1c29:2479:3f57:fedd%13(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  bgl-svr-cache03.bsnl.net.in
Address:  218.248.240.180

Name:    google.com
Addresses:  2404:6800:4003:c00::66
      74.125.200.100
      74.125.200.101
      74.125.200.102
      74.125.200.113
      74.125.200.138
      74.125.200.139


Pinging google.com [74.125.200.138] with 32 bytes of data:
Reply from 74.125.200.138: bytes=32 time=210ms TTL=44
Reply from 74.125.200.138: bytes=32 time=182ms TTL=44

Ping statistics for 74.125.200.138:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 182ms, Maximum = 210ms, Average = 196ms
Server:  bgl-svr-cache03.bsnl.net.in
Address:  218.248.240.180

Name:    yahoo.com
Addresses:  98.139.183.24
      206.190.36.45
      98.138.253.109


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=726ms TTL=49
Reply from 98.138.253.109: bytes=32 time=440ms TTL=49

Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 440ms, Maximum = 726ms, Average = 583ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 14...02 1e ec 0f cb ee ......MAC Bridge Miniport
  1...........................Software Loopback Interface 1
 15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1     192.168.1.34     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link      192.168.1.34    276
     192.168.1.34  255.255.255.255         On-link      192.168.1.34    276
    192.168.1.255  255.255.255.255         On-link      192.168.1.34    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.1.34    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.1.34    276
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 13     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 13     58 2001::/32                On-link
 13    306 2001:0:9d38:90d7:1c29:2479:3f57:fedd/128
                                    On-link
 14    276 fe80::/64                On-link
 13    306 fe80::/64                On-link
 13    306 fe80::1c29:2479:3f57:fedd/128
                                    On-link
 14    276 fe80::44fd:ccc5:e438:5d2a/128
                                    On-link
  1    306 ff00::/8                 On-link
 13    306 ff00::/8                 On-link
 14    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/15/2014 00:53:38 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/14/2014 03:03:57 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/14/2014 00:20:31 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/13/2014 10:34:48 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/12/2014 09:39:24 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/12/2014 09:11:37 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {31bb80ed-76af-44bc-88e1-20ea11949e0a}

Error: (05/12/2014 08:57:38 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/12/2014 07:17:23 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: The performance counter name string value in the registry is not formatted correctly. The malformed string is 5464. The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values.

Error: (05/12/2014 07:17:20 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (05/12/2014 07:17:20 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: The performance counter name string value in the registry is not formatted correctly. The malformed string is 5464. The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values.


System errors:
=============
Error: (05/15/2014 00:51:59 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 16:49:06 on ?14-?05-?2014 was unexpected.

Error: (05/12/2014 09:13:51 PM) (Source: BridgeMP) (User: )
Description: Bridge [Adapter Broadcom 802.11g Network Adapter]:
The bridge could not determine the network adapter's MAC address. The network adapter will not be used.

Error: (05/12/2014 09:13:47 PM) (Source: BridgeMP) (User: )
Description: Bridge [Adapter Broadcom NetLink ™ Fast Ethernet]:
The bridge could not modify the network adapter's packet filter. The network adapter will not function correctly.

Error: (05/12/2014 09:13:47 PM) (Source: BridgeMP) (User: )
Description: Bridge [Adapter Broadcom NetLink ™ Fast Ethernet]:
The bridge could not determine the network adapter's MAC address. The network adapter will not be used.

Error: (05/12/2014 09:13:47 PM) (Source: BridgeMP) (User: )
Description: Bridge [Adapter Broadcom NetLink ™ Fast Ethernet]:
The bridge could not modify the network adapter's packet filter. The network adapter will not function correctly.

Error: (05/12/2014 08:54:36 PM) (Source: DCOM) (User: )
Description: 1084MSIServer{000C101C-0000-0000-C000-000000000046}

Error: (05/12/2014 07:28:38 PM) (Source: DCOM) (User: )
Description: 1084wuauserv{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (05/12/2014 07:12:16 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (05/12/2014 07:12:16 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (05/12/2014 07:12:16 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068


Microsoft Office Sessions:
=========================
Error: (05/15/2014 00:53:38 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/14/2014 03:03:57 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/14/2014 00:20:31 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/13/2014 10:34:48 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/12/2014 09:39:24 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/12/2014 09:11:37 PM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {31bb80ed-76af-44bc-88e1-20ea11949e0a}

Error: (05/12/2014 08:57:38 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/12/2014 07:17:23 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: 546416581500005615000057150000B8010000

Error: (05/12/2014 07:17:20 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (05/12/2014 07:17:20 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: 54641658150000561500005715000068010000


=========================== Installed Programs ============================

Adobe Flash Player 13 ActiveX (Version: 13.0.0.206)
ALPS Touch Pad Driver
Quick Heal Total Security (Version: 15.00)

========================= Memory info: ===================================

Percentage of memory in use: 73%
Total physical RAM: 2038.43 MB
Available physical RAM: 536.2 MB
Total Pagefile: 4076.86 MB
Available Pagefile: 2357.09 MB
Total Virtual: 2047.88 MB
Available Virtual: 1950.32 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:29.19 GB) (Free:16.59 GB) NTFS
2 Drive d: () (Fixed) (Total:39.06 GB) (Free:0.37 GB) NTFS
3 Drive e: () (Fixed) (Total:39.06 GB) (Free:0.45 GB) NTFS
4 Drive f: () (Fixed) (Total:4.37 GB) (Free:0.18 GB) NTFS

========================= Users: ========================================

User accounts for \\YANTRA

Administrator            Guest                    kk                       


**** End of log ****
 

 

01:15:18.0103 0x0bc4  TDSS rootkit removing tool 3.0.0.34 Apr 29 2014 18:20:10
01:15:23.0812 0x0bc4  ============================================================
01:15:23.0812 0x0bc4  Current date / time: 2014/05/15 01:15:23.0812
01:15:23.0812 0x0bc4  SystemInfo:
01:15:23.0812 0x0bc4  
01:15:23.0812 0x0bc4  OS Version: 6.1.7601 ServicePack: 1.0
01:15:23.0812 0x0bc4  Product type: Workstation
01:15:23.0812 0x0bc4  ComputerName: YANTRA
01:15:23.0812 0x0bc4  UserName: kk
01:15:23.0812 0x0bc4  Windows directory: C:\Windows
01:15:23.0812 0x0bc4  System windows directory: C:\Windows
01:15:23.0812 0x0bc4  Processor architecture: Intel x86
01:15:23.0812 0x0bc4  Number of processors: 2
01:15:23.0812 0x0bc4  Page size: 0x1000
01:15:23.0812 0x0bc4  Boot type: Normal boot
01:15:23.0812 0x0bc4  ============================================================
01:15:25.0526 0x0bc4  KLMD registered as C:\Windows\system32\drivers\61909700.sys
01:15:25.0636 0x0bc4  System UUID: {395490CF-8DFB-6D88-8BDF-D78846E9E741}
01:15:26.0318 0x0bc4  Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
01:15:26.0338 0x0bc4  ============================================================
01:15:26.0338 0x0bc4  \Device\Harddisk0\DR0:
01:15:26.0338 0x0bc4  MBR partitions:
01:15:26.0338 0x0bc4  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
01:15:26.0338 0x0bc4  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A63800
01:15:26.0358 0x0bc4  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x3A9632F, BlocksNum 0x4E1EDEC
01:15:26.0388 0x0bc4  \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x88B515A, BlocksNum 0x4E1EDEC
01:15:26.0398 0x0bc4  \Device\Harddisk0\DR0\Partition5: MBR, Type 0x7, StartLBA 0xD6D3F85, BlocksNum 0x8BB97B
01:15:26.0398 0x0bc4  ============================================================
01:15:26.0458 0x0bc4  C: <-> \Device\Harddisk0\DR0\Partition2
01:15:26.0488 0x0bc4  D: <-> \Device\Harddisk0\DR0\Partition3
01:15:26.0528 0x0bc4  E: <-> \Device\Harddisk0\DR0\Partition4
01:15:26.0588 0x0bc4  F: <-> \Device\Harddisk0\DR0\Partition5
01:15:26.0588 0x0bc4  ============================================================
01:15:26.0588 0x0bc4  Initialize success
01:15:26.0588 0x0bc4  ============================================================
01:15:29.0617 0x0c8c  ============================================================
01:15:29.0617 0x0c8c  Scan started
01:15:29.0617 0x0c8c  Mode: Manual;
01:15:29.0617 0x0c8c  ============================================================
01:15:29.0617 0x0c8c  KSN ping started
01:15:33.0260 0x0c8c  KSN ping finished: true
01:15:33.0975 0x0c8c  ================ Scan system memory ========================
01:15:33.0975 0x0c8c  Scan was interrupted by user!
01:15:34.0035 0x0c8c  AV detected via SS2: Quick Heal Total Security 2014, C:\Program Files\Quick Heal\Quick Heal Total Security\scanner.exe ( 15.0.0.0 ), 0x40000 ( disabled : updated )
01:15:34.0045 0x0c8c  FW detected via SS2: Quick Heal Firewall, C:\Program Files\Quick Heal\Quick Heal Total Security\scanner.exe ( 15.0.0.0 ), 0x41010 ( enabled )
01:15:37.0660 0x0c8c  ============================================================
01:15:37.0660 0x0c8c  Scan finished
01:15:37.0660 0x0c8c  ============================================================
01:15:37.0690 0x0484  Detected object count: 0
01:15:37.0690 0x0484  Actual detected object count: 0
01:16:05.0632 0x176c  ============================================================
01:16:05.0632 0x176c  Scan started
01:16:05.0632 0x176c  Mode: Manual;
01:16:05.0632 0x176c  ============================================================
01:16:05.0632 0x176c  KSN ping started
01:16:09.0017 0x176c  KSN ping finished: true
01:16:09.0337 0x176c  ================ Scan system memory ========================
01:16:09.0337 0x176c  System memory - ok
01:16:09.0347 0x176c  ================ Scan services =============================
01:16:09.0762 0x176c  [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
01:16:09.0772 0x176c  1394ohci - ok
01:16:09.0822 0x176c  [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI            C:\Windows\system32\drivers\ACPI.sys
01:16:09.0842 0x176c  ACPI - ok
01:16:09.0862 0x176c  [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
01:16:09.0862 0x176c  AcpiPmi - ok
01:16:09.0932 0x176c  [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
01:16:09.0942 0x176c  adp94xx - ok
01:16:09.0972 0x176c  [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci         C:\Windows\system32\drivers\adpahci.sys
01:16:09.0992 0x176c  adpahci - ok
01:16:10.0012 0x176c  [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320         C:\Windows\system32\drivers\adpu320.sys
01:16:10.0012 0x176c  adpu320 - ok
01:16:10.0068 0x176c  [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
01:16:10.0071 0x176c  AeLookupSvc - ok
01:16:10.0124 0x176c  [ F81BB7E487EDCEAB630A7EE66CF23913, 7D1638FD7E388EF670FA0A421762E0413351058A20DDF0F9988A383F05395A68 ] AFD             C:\Windows\system32\drivers\afd.sys
01:16:10.0134 0x176c  AFD - ok
01:16:10.0164 0x176c  [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\Windows\system32\drivers\agp440.sys
01:16:10.0174 0x176c  agp440 - ok
01:16:10.0204 0x176c  [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
01:16:10.0204 0x176c  aic78xx - ok
01:16:10.0244 0x176c  [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG             C:\Windows\System32\alg.exe
01:16:10.0244 0x176c  ALG - ok
01:16:10.0264 0x176c  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide          C:\Windows\system32\drivers\aliide.sys
01:16:10.0264 0x176c  aliide - ok
01:16:10.0274 0x176c  [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
01:16:10.0274 0x176c  amdagp - ok
01:16:10.0284 0x176c  [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide          C:\Windows\system32\drivers\amdide.sys
01:16:10.0294 0x176c  amdide - ok
01:16:10.0304 0x176c  [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
01:16:10.0304 0x176c  AmdK8 - ok
01:16:10.0324 0x176c  [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
01:16:10.0324 0x176c  AmdPPM - ok
01:16:10.0344 0x176c  [ E7F4D42D8076EC60E21715CD11743A0D, 91AC020A70964F8783C999BDE8AB8391A3FA3AFC1CD4BC52A43625A2010A53E7 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
01:16:10.0354 0x176c  amdsata - ok
01:16:10.0364 0x176c  [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
01:16:10.0384 0x176c  amdsbs - ok
01:16:10.0394 0x176c  [ 146459D2B08BFDCBFA856D9947043C81, AC7F2069717601F949B0968EA651899D497170A93B84281B66D3CE5C382DDECB ] amdxata         C:\Windows\system32\drivers\amdxata.sys
01:16:10.0394 0x176c  amdxata - ok
01:16:10.0444 0x176c  [ A24BF3622223933D478AF613DF323A57, E91FFD599A0E6361BBB180A763005A454C79FDCC0B471D563A559F161C3634F5 ] ApfiltrService  C:\Windows\system32\DRIVERS\Apfiltr.sys
01:16:10.0444 0x176c  ApfiltrService - ok
01:16:10.0474 0x176c  [ AEA177F783E20150ACE5383EE368DA19, 8FA9EE27AA1F22E8B8FE33A21028CA1E0062BAA95CB132C20D55B98C03B4254F ] AppID           C:\Windows\system32\drivers\appid.sys
01:16:10.0484 0x176c  AppID - ok
01:16:10.0524 0x176c  [ 62A9C86CB6085E20DB4823E4E97826F5, E0F840B49710022C4FB437002AD06F64B0F6B5D628B32D00F2B66765E6B97E4B ] AppIDSvc        C:\Windows\System32\appidsvc.dll
01:16:10.0524 0x176c  AppIDSvc - ok
01:16:10.0534 0x176c  [ FB1959012294D6AD43E5304DF65E3C26, CFE906B07FF71A178CF9C254B056C6F5A303DDC511F0E4E1E75808F1D5326495 ] Appinfo         C:\Windows\System32\appinfo.dll
01:16:10.0534 0x176c  Appinfo - ok
01:16:10.0564 0x176c  [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt         C:\Windows\System32\appmgmts.dll
01:16:10.0564 0x176c  AppMgmt - ok
01:16:10.0574 0x176c  [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc             C:\Windows\system32\drivers\arc.sys
01:16:10.0584 0x176c  arc - ok
01:16:10.0594 0x176c  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas          C:\Windows\system32\drivers\arcsas.sys
01:16:10.0594 0x176c  arcsas - ok
01:16:10.0614 0x176c  [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
01:16:10.0614 0x176c  AsyncMac - ok
01:16:10.0624 0x176c  [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi           C:\Windows\system32\drivers\atapi.sys
01:16:10.0624 0x176c  atapi - ok
01:16:10.0704 0x176c  [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
01:16:10.0724 0x176c  AudioEndpointBuilder - ok
01:16:10.0754 0x176c  [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] Audiosrv        C:\Windows\System32\Audiosrv.dll
01:16:10.0774 0x176c  Audiosrv - ok
01:16:10.0804 0x176c  [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV        C:\Windows\System32\AxInstSV.dll
01:16:10.0804 0x176c  AxInstSV - ok
01:16:10.0864 0x176c  [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv         C:\Windows\system32\drivers\bxvbdx.sys
01:16:10.0874 0x176c  b06bdrv - ok
01:16:10.0924 0x176c  [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
01:16:10.0934 0x176c  b57nd60x - ok
01:16:11.0054 0x176c  [ EB7C2DADF52F50F69F198C14C3556DC1, ABA6964B443B7A041C18E09376AC7F7C87122738BA71328F02510CD1D76ACBB0 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl6.sys
01:16:11.0096 0x176c  BCM43XX - ok
01:16:11.0126 0x176c  [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC          C:\Windows\System32\bdesvc.dll
01:16:11.0136 0x176c  BDESVC - ok
01:16:11.0176 0x176c  [ 1FF00689B5DE2D523CCFD05D8D869840, 694719AC8FB641695A65C7BBFB67C10D60FD0CA1A7E866385555EB4AB0D471C8 ] bdsflt          C:\Windows\system32\DRIVERS\bdsflt.sys
01:16:11.0186 0x176c  bdsflt - ok
01:16:11.0196 0x176c  [ B5BF07A03C91FD570BF9EF35219C1E22, B1BFE1882D3351FAA76A0235BB61DC78E75234AFC25D7B2B7259559AE3B29ADE ] bdsnm           C:\Windows\system32\DRIVERS\bdsnm.sys
01:16:11.0196 0x176c  bdsnm - ok
01:16:11.0236 0x176c  [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep            C:\Windows\system32\drivers\Beep.sys
01:16:11.0236 0x176c  Beep - ok
01:16:11.0481 0x176c  [ 701E44CF79B5C538E8570DA0C37995F0, 75F5E3D5AC09CDCFE66D780830F08EA63D126745AA7294C4EEDD566E2539AF23 ] Behavior Detection System C:\Program Files\Quick Heal\Quick Heal Total Security\bdssvc.exe
01:16:11.0481 0x176c  Behavior Detection System - ok
01:16:11.0561 0x176c  [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE             C:\Windows\System32\bfe.dll
01:16:11.0581 0x176c  BFE - ok
01:16:11.0641 0x176c  [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS            C:\Windows\System32\qmgr.dll
01:16:11.0671 0x176c  BITS - ok
01:16:11.0701 0x176c  [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
01:16:11.0701 0x176c  blbdrive - ok
01:16:11.0721 0x176c  [ FCAFAEF6798D7B51FF029F99A9898961, BFB37686B1386EB883B99DB6AC342C20514939F8B7A5CEC5D63865B3DC2B4D4F ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
01:16:11.0731 0x176c  bowser - ok
01:16:11.0731 0x176c  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
01:16:11.0741 0x176c  BrFiltLo - ok
01:16:11.0751 0x176c  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
01:16:11.0751 0x176c  BrFiltUp - ok
01:16:11.0771 0x176c  [ 77361D72A04F18809D0EFB6CCEB74D4B, 55E7DB65BB29FF421F138CDFF05E5ECFFC7C8862FAA68F6179A3BA9D6B69AE64 ] Bridge          C:\Windows\system32\DRIVERS\bridge.sys
01:16:11.0771 0x176c  Bridge - ok
01:16:11.0791 0x176c  [ 77361D72A04F18809D0EFB6CCEB74D4B, 55E7DB65BB29FF421F138CDFF05E5ECFFC7C8862FAA68F6179A3BA9D6B69AE64 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
01:16:11.0801 0x176c  BridgeMP - ok
01:16:11.0831 0x176c  [ 6E11F33D14D020F58D5E02E4D67DFA19, 9563E4E8CE769B7619745F6F6DE618389A1595785023BF1F295AD8301B27F0AF ] Browser         C:\Windows\System32\browser.dll
01:16:11.0841 0x176c  Browser - ok
01:16:11.0871 0x176c  [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
01:16:11.0891 0x176c  Brserid - ok
01:16:11.0901 0x176c  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
01:16:11.0901 0x176c  BrSerWdm - ok
01:16:11.0911 0x176c  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
01:16:11.0921 0x176c  BrUsbMdm - ok
01:16:11.0931 0x176c  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
01:16:11.0931 0x176c  BrUsbSer - ok
01:16:11.0941 0x176c  [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
01:16:11.0951 0x176c  BTHMODEM - ok
01:16:11.0991 0x176c  [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv         C:\Windows\system32\bthserv.dll
01:16:11.0991 0x176c  bthserv - ok
01:16:12.0021 0x176c  [ AD83697FD1A8C74B2AEF3A3C20394105, 6AE3167D5A25B5B76905EC8645BEDB7951F77280F1D3520F92DB98E0EAA196BC ] catflt          C:\Windows\system32\DRIVERS\catflt.sys
01:16:12.0021 0x176c  catflt - ok
01:16:12.0051 0x176c  [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
01:16:12.0061 0x176c  cdfs - ok
01:16:12.0101 0x176c  [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
01:16:12.0111 0x176c  cdrom - ok
01:16:12.0141 0x176c  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc     C:\Windows\System32\certprop.dll
01:16:12.0141 0x176c  CertPropSvc - ok
01:16:12.0151 0x176c  [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass        C:\Windows\system32\drivers\circlass.sys
01:16:12.0161 0x176c  circlass - ok
01:16:12.0221 0x176c  [ 6D5CAD194143F597C82C81E022B37CE7, 5E85EBDBACFD3F4DFB49548170D6B38D4C1B60E582B32F1E2603776659A9F6C5 ] Cleaning Service C:\PROGRA~1\QUICKH~1\QUICKH~1\ntclnsrv.exe
01:16:12.0221 0x176c  Cleaning Service - ok
01:16:12.0261 0x176c  [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS            C:\Windows\system32\CLFS.sys
01:16:12.0271 0x176c  CLFS - ok
01:16:12.0411 0x176c  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
01:16:12.0411 0x176c  clr_optimization_v2.0.50727_32 - ok
01:16:12.0441 0x176c  [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
01:16:12.0441 0x176c  CmBatt - ok
01:16:12.0471 0x176c  [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
01:16:12.0471 0x176c  cmdide - ok
01:16:12.0501 0x176c  [ 1B675691ED940766149C93E8F4488D68, A55C41B2B343B1CF53D737ED1752D0510052094FFC60FDB833279A8A52398132 ] CNG             C:\Windows\system32\Drivers\cng.sys
01:16:12.0511 0x176c  CNG - ok
01:16:12.0541 0x176c  [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
01:16:12.0541 0x176c  Compbatt - ok
01:16:12.0561 0x176c  [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
01:16:12.0561 0x176c  CompositeBus - ok
01:16:12.0571 0x176c  COMSysApp - ok
01:16:12.0601 0x176c  [ 8C9712ABEF937F1693B41B5733800F15, 1180C0015099ADAA4034287E582F5EEEF92CC27C4365990587FDEFB54CD8A571 ] Core Mail Protection C:\Program Files\Quick Heal\Quick Heal Total Security\EMLPROXY.EXE
01:16:12.0611 0x176c  Core Mail Protection - ok
01:16:12.0661 0x176c  [ 8E42336E65F7F29F6CBD9F225CF17679, EBD613A586F4CC5972EBB5599B1CF692E08AA2BCA62FD0414A72BDE3EEBCB5C3 ] Core Scanning Server C:\Program Files\Quick Heal\Quick Heal Total Security\SAPISSVC.EXE
01:16:12.0661 0x176c  Core Scanning Server - ok
01:16:12.0691 0x176c  [ 8E42336E65F7F29F6CBD9F225CF17679, EBD613A586F4CC5972EBB5599B1CF692E08AA2BCA62FD0414A72BDE3EEBCB5C3 ] Core Scanning ServerEx C:\Program Files\Quick Heal\Quick Heal Total Security\SAPISSVC.EXE
01:16:12.0691 0x176c  Core Scanning ServerEx - ok
01:16:12.0731 0x176c  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
01:16:12.0731 0x176c  crcdisk - ok
01:16:12.0781 0x176c  [ A585BEBF7D054BD9618EDA0922D5484A, 340DF730E88F8B6A4EF542F620EBA2A720546AFAB4DFFA00F066B7610A1026C5 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
01:16:12.0781 0x176c  CryptSvc - ok
01:16:12.0841 0x176c  [ 3C2177A897B4CA2788C6FB0C3FD81D4B, 98575CBD0664586E6211D02E71BDD52CBAA149A1658573550E29E74E5F7B1553 ] CSC             C:\Windows\system32\drivers\csc.sys
01:16:12.0851 0x176c  CSC - ok
01:16:12.0911 0x176c  [ 15F93B37F6801943360D9EB42485D5D3, DD6838C6496CB15F8BB57A6596F6A64ADD9C36B09F062295699131232712B558 ] CscService      C:\Windows\System32\cscsvc.dll
01:16:12.0931 0x176c  CscService - ok
01:16:12.0981 0x176c  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch      C:\Windows\system32\rpcss.dll
01:16:13.0001 0x176c  DcomLaunch - ok
01:16:13.0041 0x176c  [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc       C:\Windows\System32\defragsvc.dll
01:16:13.0051 0x176c  defragsvc - ok
01:16:13.0091 0x176c  [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
01:16:13.0101 0x176c  DfsC - ok
01:16:13.0151 0x176c  [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
01:16:13.0161 0x176c  Dhcp - ok
01:16:13.0171 0x176c  [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache        C:\Windows\system32\drivers\discache.sys
01:16:13.0171 0x176c  discache - ok
01:16:13.0211 0x176c  [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk            C:\Windows\system32\drivers\disk.sys
01:16:13.0211 0x176c  Disk - ok
01:16:13.0241 0x176c  [ 2A958EF85DB1B61FFCA65044FA4BCE9E, C83511685EE1CE85A5ADF9B5BE96C375A521601F66024BDC3EE044C0B6E85D69 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
01:16:13.0241 0x176c  dmvsc - ok
01:16:13.0273 0x176c  [ 2FE30D71919C51131405797620E0A714, 16060DDC32EF95EB6E37B91D50A96AB53CB0DEBB3DFDCB31975D16361092ABA5 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
01:16:13.0283 0x176c  Dnscache - ok
01:16:13.0303 0x176c  [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc         C:\Windows\System32\dot3svc.dll
01:16:13.0313 0x176c  dot3svc - ok
01:16:13.0343 0x176c  [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS             C:\Windows\system32\dps.dll
01:16:13.0353 0x176c  DPS - ok
01:16:13.0383 0x176c  [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
01:16:13.0383 0x176c  drmkaud - ok
01:16:13.0458 0x176c  [ 23F5D28378A160352BA8F817BD8C71CB, 11BF7B7E6276C28EFF74B8AF89B493CBB89B394D2A091708EDA15DA5C342FF19 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
01:16:13.0478 0x176c  DXGKrnl - ok
01:16:13.0518 0x176c  [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost         C:\Windows\System32\eapsvc.dll
01:16:13.0528 0x176c  EapHost - ok
01:16:13.0728 0x176c  [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv           C:\Windows\system32\drivers\evbdx.sys
01:16:13.0908 0x176c  ebdrv - ok
01:16:13.0958 0x176c  [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] EFS             C:\Windows\System32\lsass.exe
01:16:13.0958 0x176c  EFS - ok
01:16:14.0078 0x176c  [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
01:16:14.0108 0x176c  ehRecvr - ok
01:16:14.0132 0x176c  [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched         C:\Windows\ehome\ehsched.exe
01:16:14.0135 0x176c  ehSched - ok
01:16:14.0200 0x176c  [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
01:16:14.0220 0x176c  elxstor - ok
01:16:14.0260 0x176c  [ A17D5A2F199434ED5C1B91FD7964758E, C6C89A30715048691FB5AACF4AE50995BF2E17C919CAFDAFA20C0211A1F51BB7 ] EMLSS           C:\Windows\system32\drivers\emltdi.sys
01:16:14.0260 0x176c  EMLSS - ok
01:16:14.0270 0x176c  [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
01:16:14.0270 0x176c  ErrDev - ok
01:16:14.0330 0x176c  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem     C:\Windows\system32\es.dll
01:16:14.0340 0x176c  EventSystem - ok
01:16:14.0370 0x176c  [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat           C:\Windows\system32\drivers\exfat.sys
01:16:14.0370 0x176c  exfat - ok
01:16:14.0390 0x176c  [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
01:16:14.0390 0x176c  fastfat - ok
01:16:14.0460 0x176c  [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax             C:\Windows\system32\fxssvc.exe
01:16:14.0480 0x176c  Fax - ok
01:16:14.0500 0x176c  [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc             C:\Windows\system32\drivers\fdc.sys
01:16:14.0500 0x176c  fdc - ok
01:16:14.0530 0x176c  [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost         C:\Windows\system32\fdPHost.dll
01:16:14.0540 0x176c  fdPHost - ok
01:16:14.0550 0x176c  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub        C:\Windows\system32\fdrespub.dll
01:16:14.0550 0x176c  FDResPub - ok
01:16:14.0580 0x176c  [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
01:16:14.0580 0x176c  FileInfo - ok
01:16:14.0590 0x176c  [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
01:16:14.0590 0x176c  Filetrace - ok
01:16:14.0600 0x176c  [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
01:16:14.0610 0x176c  flpydisk - ok
01:16:14.0630 0x176c  [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
01:16:14.0640 0x176c  FltMgr - ok
01:16:14.0740 0x176c  [ E12C4928B32ACE04610259647F072635, B71B9C2DF45F33C4DAC88435129B08B0BCDBBE82E8C3AD0A95F00137CC8B619F ] FontCache       C:\Windows\system32\FntCache.dll
01:16:14.0780 0x176c  FontCache - ok
01:16:14.0850 0x176c  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
01:16:14.0850 0x176c  FontCache3.0.0.0 - ok
01:16:14.0900 0x176c  [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
01:16:14.0900 0x176c  FsDepends - ok
01:16:14.0920 0x176c  [ A574B4360E438977038AAE4BF60D79A2, 7255CCDDDAC4853FA72E6487408C4B7390CBA37549CE952929B2A9CF3327C616 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
01:16:14.0920 0x176c  Fs_Rec - ok
01:16:14.0990 0x176c  [ 8A73E79089B282100B9393B644CB853B, 844DC5AADFABBD050B967904B796BA06BFD64C9112616EA26229D084F8B3AD41 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
01:16:15.0000 0x176c  fvevol - ok
01:16:15.0040 0x176c  [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
01:16:15.0040 0x176c  gagp30kx - ok
01:16:15.0160 0x176c  [ 5D6BE3298FE623DEA71F04FDBC161428, 8AF16A3FF8D4A4937AA10F15610C5F3770449BC166AF4BC3E3FB40C6FF144122 ] ggc             C:\Windows\system32\DRIVERS\ggc.sys
01:16:15.0160 0x176c  ggc - ok
01:16:15.0220 0x176c  [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc           C:\Windows\System32\gpsvc.dll
01:16:15.0240 0x176c  gpsvc - ok
01:16:15.0280 0x176c  [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
01:16:15.0280 0x176c  hcw85cir - ok
01:16:15.0330 0x176c  [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
01:16:15.0340 0x176c  HdAudAddService - ok
01:16:15.0380 0x176c  [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
01:16:15.0380 0x176c  HDAudBus - ok
01:16:15.0390 0x176c  [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
01:16:15.0390 0x176c  HidBatt - ok
01:16:15.0410 0x176c  [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth          C:\Windows\system32\drivers\hidbth.sys
01:16:15.0410 0x176c  HidBth - ok
01:16:15.0442 0x176c  [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr           C:\Windows\system32\drivers\hidir.sys
01:16:15.0445 0x176c  HidIr - ok
01:16:15.0487 0x176c  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv         C:\Windows\system32\hidserv.dll
01:16:15.0491 0x176c  hidserv - ok
01:16:15.0512 0x176c  [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
01:16:15.0512 0x176c  HidUsb - ok
01:16:15.0542 0x176c  [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc          C:\Windows\system32\kmsvc.dll
01:16:15.0542 0x176c  hkmsvc - ok
01:16:15.0582 0x176c  [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
01:16:15.0592 0x176c  HomeGroupListener - ok
01:16:15.0632 0x176c  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
01:16:15.0642 0x176c  HomeGroupProvider - ok
01:16:15.0682 0x176c  [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
01:16:15.0682 0x176c  HpSAMD - ok
01:16:15.0712 0x176c  [ 871917B07A141BFF43D76D8844D48106, 30C702008D0EE57D63F74864967DD19A55A268E77E42B5B3CC73037AD51D2987 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
01:16:15.0732 0x176c  HTTP - ok
01:16:15.0742 0x176c  [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
01:16:15.0742 0x176c  hwpolicy - ok
01:16:15.0762 0x176c  [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
01:16:15.0762 0x176c  i8042prt - ok
01:16:15.0792 0x176c  [ A3CAE5D281DB4CFF7CFF8233507EE5AD, 2666107220B9F301193F2CF85A3D6B09E6E42CC150152D10A8886E47A3FD9B0D ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
01:16:15.0802 0x176c  iaStorV - ok
01:16:15.0932 0x176c  [ C521D7EB6497BB1AF6AFA89E322FB43C, BDDCFCBB5B76A9295669B5AC9F732D6127199ED5C300770B554C4E4794F66BB7 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
01:16:15.0962 0x176c  idsvc - ok
01:16:15.0992 0x176c  IEEtwCollectorService - ok
01:16:16.0262 0x176c  [ AD626F6964F4D364D226C39E06872DD3, 5D52F89930BB07D4D2D0FC12143BD233B5D2C238527B3B4CAD74736D1EC84218 ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
01:16:16.0562 0x176c  igfx - ok
01:16:16.0642 0x176c  [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp           C:\Windows\system32\drivers\iirsp.sys
01:16:16.0642 0x176c  iirsp - ok
01:16:16.0772 0x176c  [ F95622F161474511B8D80D6B093AA610, F2320E25EB9B4AA9A8366BD3AA23EABEBE111A5610D3A62EBA47D90427D5BC26 ] IKEEXT          C:\Windows\System32\ikeext.dll
01:16:16.0802 0x176c  IKEEXT - ok
01:16:16.0842 0x176c  [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide        C:\Windows\system32\drivers\intelide.sys
01:16:16.0842 0x176c  intelide - ok
01:16:16.0872 0x176c  [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
01:16:16.0872 0x176c  intelppm - ok
01:16:16.0912 0x176c  [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
01:16:16.0922 0x176c  IPBusEnum - ok
01:16:16.0932 0x176c  [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
01:16:16.0932 0x176c  IpFilterDriver - ok
01:16:16.0982 0x176c  [ 4D65A07B795D6674312F879D09AA7663, 8D72FE0B51A6FF71F85D2602DB3AE91C8749F70869B6789552F047BA81411EDA ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
01:16:17.0002 0x176c  iphlpsvc - ok
01:16:17.0032 0x176c  [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
01:16:17.0032 0x176c  IPMIDRV - ok
01:16:17.0052 0x176c  [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
01:16:17.0052 0x176c  IPNAT - ok
01:16:17.0072 0x176c  [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
01:16:17.0072 0x176c  IRENUM - ok
01:16:17.0082 0x176c  [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
01:16:17.0082 0x176c  isapnp - ok
01:16:17.0112 0x176c  [ CB7A9ABB12B8415BCE5D74994C7BA3AE, 464BFF3F5EEE985BE075E23E1813F5CB82A9A0771A92C6D889B13B867BCDF647 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
01:16:17.0122 0x176c  iScsiPrt - ok
01:16:17.0172 0x176c  [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
01:16:17.0172 0x176c  kbdclass - ok
01:16:17.0192 0x176c  [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
01:16:17.0192 0x176c  kbdhid - ok
01:16:17.0212 0x176c  [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] KeyIso          C:\Windows\system32\lsass.exe
01:16:17.0212 0x176c  KeyIso - ok
01:16:17.0242 0x176c  [ 412CEA1AA78CC02A447F5C9E62B32FF1, E06859E2CE2AFA3CE521851F8810778ED1748B812E601A58786605096AACEA81 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
01:16:17.0242 0x176c  KSecDD - ok
01:16:17.0262 0x176c  [ 26C046977E85B95036453D7B88BA1820, 375B284AFB407CAE417D2090B112A0ED1CCD516ABFDDBFCD5D6AADE859F14ACD ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
01:16:17.0262 0x176c  KSecPkg - ok
01:16:17.0302 0x176c  [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm           C:\Windows\system32\msdtckrm.dll
01:16:17.0322 0x176c  KtmRm - ok
01:16:17.0352 0x176c  [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer    C:\Windows\system32\srvsvc.dll
01:16:17.0362 0x176c  LanmanServer - ok
01:16:17.0392 0x176c  [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
01:16:17.0392 0x176c  LanmanWorkstation - ok
01:16:17.0454 0x176c  [ 69C827F2598C2CE9F66A3048857596C0, B94BCF21A4FBCACD70BA1516A51AA62041187239367F91BB561A335BA1E6F60B ] llio            C:\Windows\system32\DRIVERS\llio.sys
01:16:17.0454 0x176c  llio - ok
01:16:17.0504 0x176c  [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
01:16:17.0504 0x176c  lltdio - ok
01:16:17.0534 0x176c  [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
01:16:17.0544 0x176c  lltdsvc - ok
01:16:17.0554 0x176c  [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts         C:\Windows\System32\lmhsvc.dll
01:16:17.0564 0x176c  lmhosts - ok
01:16:17.0584 0x176c  [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
01:16:17.0594 0x176c  LSI_FC - ok
01:16:17.0604 0x176c  [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
01:16:17.0604 0x176c  LSI_SAS - ok
01:16:17.0614 0x176c  [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
01:16:17.0624 0x176c  LSI_SAS2 - ok
01:16:17.0634 0x176c  [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
01:16:17.0644 0x176c  LSI_SCSI - ok
01:16:17.0654 0x176c  [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv           C:\Windows\system32\drivers\luafv.sys
01:16:17.0664 0x176c  luafv - ok
01:16:17.0694 0x176c  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
01:16:17.0694 0x176c  Mcx2Svc - ok
01:16:17.0704 0x176c  [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas         C:\Windows\system32\drivers\megasas.sys
01:16:17.0714 0x176c  megasas - ok
01:16:17.0744 0x176c  [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
01:16:17.0754 0x176c  MegaSR - ok
01:16:17.0774 0x176c  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS           C:\Windows\system32\mmcss.dll
01:16:17.0774 0x176c  MMCSS - ok
01:16:17.0784 0x176c  [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem           C:\Windows\system32\drivers\modem.sys
01:16:17.0794 0x176c  Modem - ok
01:16:17.0804 0x176c  [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
01:16:17.0814 0x176c  monitor - ok
01:16:17.0824 0x176c  [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
01:16:17.0824 0x176c  mouclass - ok
01:16:17.0874 0x176c  [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
01:16:17.0874 0x176c  mouhid - ok
01:16:17.0884 0x176c  [ FC8771F45ECCCFD89684E38842539B9B, 806DDF2B4830CA866582FE74A521BB7DF26CA0E19013DAF584D3677FB48CC77A ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
01:16:17.0884 0x176c  mountmgr - ok
01:16:17.0914 0x176c  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio            C:\Windows\system32\drivers\mpio.sys
01:16:17.0914 0x176c  mpio - ok
01:16:17.0934 0x176c  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
01:16:17.0944 0x176c  mpsdrv - ok
01:16:17.0984 0x176c  [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc          C:\Windows\system32\mpssvc.dll
01:16:18.0014 0x176c  MpsSvc - ok
01:16:18.0024 0x176c  [ CEB46AB7C01C9F825F8CC6BABC18166A, AA98898204FC58878502C170FE6ED8BA681396DDD8BF3689D0C3642DEA87BEF8 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
01:16:18.0034 0x176c  MRxDAV - ok
01:16:18.0064 0x176c  [ B272B4C3E085EA860C12F2E4FAF2FFA2, DA99D8223D9FB7BFA52E66B73D1E1AA47B76B45A649400F7898E8D65D8672E52 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
01:16:18.0064 0x176c  mrxsmb - ok
01:16:18.0094 0x176c  [ 9AC33EF26C8A3AD0F117D00EB7301D03, 403445B07DC55F9DF98CA11AC87D4231187A2472A4E107786A5845B213355F0A ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
01:16:18.0104 0x176c  mrxsmb10 - ok
01:16:18.0114 0x176c  [ E0ABDB5ED7E199E242A7D028E76C1D3A, 4014A1F0720F6D15A2FB0CF4F1F970595BC29929F92F461CDD68E4513F49563E ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
01:16:18.0124 0x176c  mrxsmb20 - ok
01:16:18.0134 0x176c  [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci          C:\Windows\system32\drivers\msahci.sys
01:16:18.0134 0x176c  msahci - ok
01:16:18.0174 0x176c  [ 646544A6D8040397F8D39D26675A5265, 44AB58D73DEDC985AB492EE4DCD74D99141C911B7A489616015B7496EC99988F ] mscank          C:\Windows\system32\DRIVERS\mscank.sys
01:16:18.0174 0x176c  mscank - ok
01:16:18.0194 0x176c  [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
01:16:18.0194 0x176c  msdsm - ok
01:16:18.0224 0x176c  [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC           C:\Windows\System32\msdtc.exe
01:16:18.0234 0x176c  MSDTC - ok
01:16:18.0244 0x176c  [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs            C:\Windows\system32\drivers\Msfs.sys
01:16:18.0254 0x176c  Msfs - ok
01:16:18.0264 0x176c  [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
01:16:18.0264 0x176c  mshidkmdf - ok
01:16:18.0274 0x176c  [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
01:16:18.0274 0x176c  msisadrv - ok
01:16:18.0314 0x176c  [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
01:16:18.0314 0x176c  MSiSCSI - ok
01:16:18.0324 0x176c  msiserver - ok
01:16:18.0364 0x176c  [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
01:16:18.0364 0x176c  MSKSSRV - ok
01:16:18.0374 0x176c  [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
01:16:18.0374 0x176c  MSPCLOCK - ok
01:16:18.0394 0x176c  [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
01:16:18.0394 0x176c  MSPQM - ok
01:16:18.0404 0x176c  [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
01:16:18.0414 0x176c  MsRPC - ok
01:16:18.0434 0x176c  [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
01:16:18.0434 0x176c  mssmbios - ok
01:16:18.0444 0x176c  [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
01:16:18.0444 0x176c  MSTEE - ok
01:16:18.0474 0x176c  [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
01:16:18.0474 0x176c  MTConfig - ok
01:16:18.0484 0x176c  [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup             C:\Windows\system32\Drivers\mup.sys
01:16:18.0484 0x176c  Mup - ok
01:16:18.0524 0x176c  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent        C:\Windows\system32\qagentRT.dll
01:16:18.0534 0x176c  napagent - ok
01:16:18.0594 0x176c  [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
01:16:18.0604 0x176c  NativeWifiP - ok
01:16:18.0694 0x176c  [ E7C54812A2AAF43316EB6930C1FFA108, C8A6FC1957FA29A3B372132FEA9145538BC767044A11D77316D3D1A3EAA60630 ] NDIS            C:\Windows\system32\drivers\ndis.sys
01:16:18.0784 0x176c  NDIS - ok
01:16:18.0804 0x176c  [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
01:16:18.0804 0x176c  NdisCap - ok
01:16:18.0824 0x176c  [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
01:16:18.0824 0x176c  NdisTapi - ok
01:16:18.0864 0x176c  [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
01:16:18.0864 0x176c  Ndisuio - ok
01:16:18.0874 0x176c  [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
01:16:18.0874 0x176c  NdisWan - ok
01:16:18.0894 0x176c  [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
01:16:18.0894 0x176c  NDProxy - ok
01:16:18.0904 0x176c  [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
01:16:18.0904 0x176c  NetBIOS - ok
01:16:18.0924 0x176c  [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
01:16:18.0934 0x176c  NetBT - ok
01:16:18.0954 0x176c  [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] Netlogon        C:\Windows\system32\lsass.exe
01:16:18.0954 0x176c  Netlogon - ok
01:16:18.0994 0x176c  [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman          C:\Windows\System32\netman.dll
01:16:19.0014 0x176c  Netman - ok
01:16:19.0044 0x176c  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm        C:\Windows\System32\netprofm.dll
01:16:19.0064 0x176c  netprofm - ok
01:16:19.0084 0x176c  [ F476EC40033CDB91EFBE73EB99B8362D, B17535037BC070F9AE1F6B381C2DBEE27658A8FDE15FB0E061F485EA7C7CBE59 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
01:16:19.0094 0x176c  NetTcpPortSharing - ok
01:16:19.0124 0x176c  [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
01:16:19.0124 0x176c  nfrd960 - ok
01:16:19.0154 0x176c  [ 912084381D30D8B89EC4E293053F4710, 99B8CD043DF531D4B9725ED167F63CED220608B2FED3EE8250C217D15762DFD7 ] NlaSvc          C:\Windows\System32\nlasvc.dll
01:16:19.0164 0x176c  NlaSvc - ok
01:16:19.0184 0x176c  [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
01:16:19.0184 0x176c  Npfs - ok
01:16:19.0204 0x176c  [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi             C:\Windows\system32\nsisvc.dll
01:16:19.0208 0x176c  nsi - ok
01:16:19.0226 0x176c  [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
01:16:19.0226 0x176c  nsiproxy - ok
01:16:19.0306 0x176c  [ 33C3093D09017CFE2E219F2472BFF6EB, DE46C7A53C3606F036DED1EE8A81B79CAF3171A7E97DA2F71712E2DA046A262E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
01:16:19.0346 0x176c  Ntfs - ok
01:16:19.0366 0x176c  [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null            C:\Windows\system32\drivers\Null.sys
01:16:19.0366 0x176c  Null - ok
01:16:19.0386 0x176c  [ AF2EEC9580C1D32FB7EAF105D9784061, 6DAAE3BCA048ACD7FFD26A65C793C461933179070F03855FE3DC3C01F968163A ] nvraid          C:\Windows\system32\drivers\nvraid.sys
01:16:19.0396 0x176c  nvraid - ok
01:16:19.0406 0x176c  [ 9283C58EBAA2618F93482EB5DABCEC82, 0BC119D4EAFDEA879E4C1CFBA5402499DBD1970EDF963C6D2034D4867C34D15E ] nvstor          C:\Windows\system32\drivers\nvstor.sys
01:16:19.0416 0x176c  nvstor - ok
01:16:19.0431 0x176c  [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
01:16:19.0434 0x176c  nv_agp - ok
01:16:19.0444 0x176c  [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
01:16:19.0444 0x176c  ohci1394 - ok
01:16:19.0484 0x176c  [ BDA2F8D07B64B7FDB438CD129E126D35, F6BA60B7D6405398D349C16E03E17E5378AC24F254F9DABA4B3D0B3D830B815E ] Online Protection System C:\Program Files\Quick Heal\Quick Heal Total Security\opssvc.exe
01:16:19.0494 0x176c  Online Protection System - ok
01:16:19.0534 0x176c  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
01:16:19.0544 0x176c  p2pimsvc - ok
01:16:19.0574 0x176c  [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc          C:\Windows\system32\p2psvc.dll
01:16:19.0594 0x176c  p2psvc - ok
01:16:19.0604 0x176c  [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport         C:\Windows\system32\drivers\parport.sys
01:16:19.0604 0x176c  Parport - ok
01:16:19.0624 0x176c  [ BF8F6AF06DA75B336F07E23AEF97D93B, 2F2C4314872732550A112BFF2F803484D4A3D697F0D69D352350CE208FD8A1A4 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
01:16:19.0624 0x176c  partmgr - ok
01:16:19.0654 0x176c  [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
01:16:19.0654 0x176c  Parvdm - ok
01:16:19.0664 0x176c  [ 358AB7956D3160000726574083DFC8A6, 6CAFD4D1B8AB8C1D167ADC018985DDAB5AC2CBFFB3434FE6390F14AF50C19025 ] PcaSvc          C:\Windows\System32\pcasvc.dll
01:16:19.0674 0x176c  PcaSvc - ok
01:16:19.0694 0x176c  [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci             C:\Windows\system32\drivers\pci.sys
01:16:19.0694 0x176c  pci - ok
01:16:19.0704 0x176c  [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide          C:\Windows\system32\drivers\pciide.sys
01:16:19.0714 0x176c  pciide - ok
01:16:19.0724 0x176c  [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
01:16:19.0734 0x176c  pcmcia - ok
01:16:19.0754 0x176c  [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw             C:\Windows\system32\drivers\pcw.sys
01:16:19.0754 0x176c  pcw - ok
01:16:19.0804 0x176c  [ 9E0104BA49F4E6973749A02BF41344ED, B32F39F38DB48D77FBA884DEE34112BAB81CCEF5DD2EAAA12D9589D73D2BB116 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
01:16:19.0824 0x176c  PEAUTH - ok
01:16:19.0934 0x176c  [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
01:16:19.0974 0x176c  PeerDistSvc - ok
01:16:20.0094 0x176c  [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla             C:\Windows\system32\pla.dll
01:16:20.0218 0x176c  pla - ok
01:16:20.0286 0x176c  [ 92DC6E68D2C856C5C2F21AE9E22112B8, EFAA27886A05E57E629A9EFC3671D9D64144795EDF55438A676F5B43E59BE3FC ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
01:16:20.0296 0x176c  PlugPlay - ok
01:16:20.0316 0x176c  [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
01:16:20.0326 0x176c  PNRPAutoReg - ok
01:16:20.0346 0x176c  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
01:16:20.0356 0x176c  PNRPsvc - ok
01:16:20.0406 0x176c  [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
01:16:20.0416 0x176c  PolicyAgent - ok
01:16:20.0436 0x176c  [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power           C:\Windows\system32\umpo.dll
01:16:20.0446 0x176c  Power - ok
01:16:20.0486 0x176c  [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
01:16:20.0486 0x176c  PptpMiniport - ok
01:16:20.0506 0x176c  [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor       C:\Windows\system32\drivers\processr.sys
01:16:20.0506 0x176c  Processor - ok
01:16:20.0556 0x176c  [ 43CA4CCC22D52FB58E8988F0198851D0, DF67BD70D9D82677AE61244B4E54677A5008A7F5EB531DF2A7E7D33F1658EA78 ] ProfSvc         C:\Windows\system32\profsvc.dll
01:16:20.0566 0x176c  ProfSvc - ok
01:16:20.0586 0x176c  [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] ProtectedStorage C:\Windows\system32\lsass.exe
01:16:20.0586 0x176c  ProtectedStorage - ok
01:16:20.0616 0x176c  [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
01:16:20.0616 0x176c  Psched - ok
01:16:20.0706 0x176c  [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300          C:\Windows\system32\drivers\ql2300.sys
01:16:20.0756 0x176c  ql2300 - ok
01:16:20.0776 0x176c  [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
01:16:20.0776 0x176c  ql40xx - ok
01:16:20.0816 0x176c  [ CCBA96DDCB3B1C30FCF7036B7D24B7AD, D62E2C8567C1F4193595B50775486FA252E62F64E8C177CDF9E3E2C9F72953F5 ] Quick Update Service C:\Program Files\Quick Heal\Quick Heal Total Security\quhlpsvc.exe
01:16:20.0816 0x176c  Quick Update Service - ok
01:16:20.0866 0x176c  [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE           C:\Windows\system32\qwave.dll
01:16:20.0876 0x176c  QWAVE - ok
01:16:20.0906 0x176c  [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
01:16:20.0906 0x176c  QWAVEdrv - ok
01:16:20.0926 0x176c  [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
01:16:20.0926 0x176c  RasAcd - ok
01:16:20.0966 0x176c  [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
01:16:20.0966 0x176c  RasAgileVpn - ok
01:16:20.0996 0x176c  [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto         C:\Windows\System32\rasauto.dll
01:16:20.0996 0x176c  RasAuto - ok
01:16:21.0016 0x176c  [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
01:16:21.0016 0x176c  Rasl2tp - ok
01:16:21.0046 0x176c  [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan          C:\Windows\System32\rasmans.dll
01:16:21.0056 0x176c  RasMan - ok
01:16:21.0076 0x176c  [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
01:16:21.0076 0x176c  RasPppoe - ok
01:16:21.0096 0x176c  [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
01:16:21.0096 0x176c  RasSstp - ok
01:16:21.0116 0x176c  [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
01:16:21.0126 0x176c  rdbss - ok
01:16:21.0136 0x176c  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
01:16:21.0146 0x176c  rdpbus - ok
01:16:21.0156 0x176c  [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
01:16:21.0156 0x176c  RDPCDD - ok
01:16:21.0176 0x176c  [ B973FCFC50DC1434E1970A146F7E3885, BE797E5F5AE34D37F8DA1134CE94DD14DBE36D2BC405B97E992E2257848B7CA9 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
01:16:21.0186 0x176c  RDPDR - ok
01:16:21.0196 0x176c  [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
01:16:21.0196 0x176c  RDPENCDD - ok
01:16:21.0216 0x176c  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
01:16:21.0216 0x176c  RDPREFMP - ok
01:16:21.0246 0x176c  [ 68A0387F58E226DEEE23D9715955572A, F95BB1D2BB3E79AF47B1C715BB5E3003EEF888AAA963F46F4A2FE8AFBD4F37A4 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
01:16:21.0246 0x176c  RdpVideoMiniport - ok
01:16:21.0276 0x176c  [ 244C83332F44589AE98FC347F11B2693, 857B15FDB1163AD2A6770473E891E2BBCFBD3B9AA6FCC0D31023F9BE536F3B36 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
01:16:21.0286 0x176c  RDPWD - ok
01:16:21.0306 0x176c  [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
01:16:21.0316 0x176c  rdyboost - ok
01:16:21.0346 0x176c  [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess    C:\Windows\System32\mprdim.dll
01:16:21.0356 0x176c  RemoteAccess - ok
01:16:21.0386 0x176c  [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry  C:\Windows\system32\regsvc.dll
01:16:21.0386 0x176c  RemoteRegistry - ok
01:16:21.0416 0x176c  [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
01:16:21.0426 0x176c  RpcEptMapper - ok
01:16:21.0456 0x176c  [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator      C:\Windows\system32\locator.exe
01:16:21.0456 0x176c  RpcLocator - ok
01:16:21.0496 0x176c  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs           C:\Windows\system32\rpcss.dll
01:16:21.0506 0x176c  RpcSs - ok
01:16:21.0546 0x176c  [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
01:16:21.0546 0x176c  rspndr - ok
01:16:21.0566 0x176c  [ 7FA7F2E249A5DCBB7970630E15E1F482, 9633B193F3FDA67BC551C6DCA4788AB83E9F45F77763EE579D02FE5D6B80DEDF ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
01:16:21.0566 0x176c  s3cap - ok
01:16:21.0586 0x176c  [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] SamSs           C:\Windows\system32\lsass.exe
01:16:21.0586 0x176c  SamSs - ok
01:16:21.0606 0x176c  [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
01:16:21.0606 0x176c  sbp2port - ok
01:16:21.0676 0x176c  [ 43106B02F93EA6D0B72CAF415E7935AD, 4148583EA32E2594927331C5DD24CB0F24F6976DE990751BBD8438804E858B26 ] ScanWscS        C:\Program Files\Quick Heal\Quick Heal Total Security\SCANWSCS.EXE
01:16:21.0686 0x176c  ScanWscS - ok
01:16:21.0716 0x176c  [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
01:16:21.0726 0x176c  SCardSvr - ok
01:16:21.0736 0x176c  [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
01:16:21.0746 0x176c  scfilter - ok
01:16:21.0806 0x176c  [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule        C:\Windows\system32\schedsvc.dll
01:16:21.0836 0x176c  Schedule - ok
01:16:21.0856 0x176c  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc     C:\Windows\System32\certprop.dll
01:16:21.0866 0x176c  SCPolicySvc - ok
01:16:21.0916 0x176c  [ DA2DB46D0F2A975FB48693C511107550, 0395A34FC9D7470C1642BFDDE22C0EA0A0777763A54F9A4D8298DF5229A4E637 ] ScSecSvc        C:\Program Files\Quick Heal\Quick Heal Total Security\ScSecSvc.exe
01:16:21.0926 0x176c  ScSecSvc - ok
01:16:21.0966 0x176c  [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
01:16:21.0976 0x176c  SDRSVC - ok
01:16:22.0016 0x176c  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
01:16:22.0016 0x176c  secdrv - ok
01:16:22.0036 0x176c  [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon        C:\Windows\system32\seclogon.dll
01:16:22.0036 0x176c  seclogon - ok
01:16:22.0056 0x176c  [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS            C:\Windows\System32\sens.dll
01:16:22.0066 0x176c  SENS - ok
01:16:22.0076 0x176c  [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
01:16:22.0086 0x176c  SensrSvc - ok
01:16:22.0096 0x176c  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum         C:\Windows\system32\drivers\serenum.sys
01:16:22.0096 0x176c  Serenum - ok
01:16:22.0116 0x176c  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial          C:\Windows\system32\drivers\serial.sys
01:16:22.0116 0x176c  Serial - ok
01:16:22.0126 0x176c  [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse        C:\Windows\system32\drivers\sermouse.sys
01:16:22.0136 0x176c  sermouse - ok
01:16:22.0176 0x176c  [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv      C:\Windows\system32\sessenv.dll
01:16:22.0186 0x176c  SessionEnv - ok
01:16:22.0196 0x176c  [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
01:16:22.0196 0x176c  sffdisk - ok
01:16:22.0206 0x176c  [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
01:16:22.0216 0x176c  sffp_mmc - ok
01:16:22.0230 0x176c  [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
01:16:22.0232 0x176c  sffp_sd - ok
01:16:22.0245 0x176c  [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
01:16:22.0247 0x176c  sfloppy - ok
01:16:22.0288 0x176c  [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
01:16:22.0298 0x176c  SharedAccess - ok
01:16:22.0348 0x176c  [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
01:16:22.0368 0x176c  ShellHWDetection - ok
01:16:22.0388 0x176c  [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp          C:\Windows\system32\drivers\sisagp.sys
01:16:22.0398 0x176c  sisagp - ok
01:16:22.0418 0x176c  [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
01:16:22.0418 0x176c  SiSRaid2 - ok
01:16:22.0428 0x176c  [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
01:16:22.0438 0x176c  SiSRaid4 - ok
01:16:22.0448 0x176c  [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
01:16:22.0448 0x176c  Smb - ok
01:16:22.0548 0x176c  [ 19301C27F3425DC39F6C599F527E507D, 1BCE0369997D223931B692AC5933417A121AA19E8C07479B315B5CC392AC57F8 ] smserial        C:\Windows\system32\DRIVERS\smserial.sys
01:16:22.0588 0x176c  smserial - ok
01:16:22.0638 0x176c  [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
01:16:22.0638 0x176c  SNMPTRAP - ok
01:16:22.0688 0x176c  [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr           C:\Windows\system32\drivers\spldr.sys
01:16:22.0688 0x176c  spldr - ok
01:16:22.0738 0x176c  [ 866A43013535DC8587C258E43579C764, B2BE846B5167A2ECD1E30C69A81385FCC6EAE6033394D08458A5583D311C4D82 ] Spooler         C:\Windows\System32\spoolsv.exe
01:16:22.0748 0x176c  Spooler - ok
01:16:22.0958 0x176c  [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc          C:\Windows\system32\sppsvc.exe
01:16:23.0148 0x176c  sppsvc - ok
01:16:23.0168 0x176c  [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify     C:\Windows\system32\sppuinotify.dll
01:16:23.0178 0x176c  sppuinotify - ok
01:16:23.0218 0x176c  [ 112127C3B2E64D7680CC39CD0A39DD7E, ABE8B868CFE0EF4DAF886517047DBFD5A9C964983FAA499AC086CCD45BA46366 ] srv             C:\Windows\system32\DRIVERS\srv.sys
01:16:23.0228 0x176c  srv - ok
01:16:23.0248 0x176c  [ E5DD784A4EE5EBC72A86C677C988FCDB, 5D54C9AF291F8047DD66C31671F279A5D7EE8BCB5E55640F5F976E16211F59DD ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
01:16:23.0258 0x176c  srv2 - ok
01:16:23.0268 0x176c  [ CDBE627E16CC9E98F343D73F8E81D258, 25A68A6F943FCBA79A0D97ABC5B2EAEEB65C268F1CB2DD445ABF7E2758DF2802 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
01:16:23.0278 0x176c  srvnet - ok
01:16:23.0308 0x176c  [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
01:16:23.0318 0x176c  SSDPSRV - ok
01:16:23.0348 0x176c  [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
01:16:23.0358 0x176c  SstpSvc - ok
01:16:23.0358 0x176c  [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor        C:\Windows\system32\drivers\stexstor.sys
01:16:23.0368 0x176c  stexstor - ok
01:16:23.0410 0x176c  [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc          C:\Windows\System32\wiaservc.dll
01:16:23.0430 0x176c  StiSvc - ok
01:16:23.0470 0x176c  [ 472AF0311073DCECEAA8FA18BA2BDF89, 089414057EB2047E42C96C1ACE79D509967461DC5A4D2836F63C04268637A3FC ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
01:16:23.0470 0x176c  storflt - ok
01:16:23.0490 0x176c  [ DCAFFD62259E0BDB433DD67B5BB37619, CBD12FF9BBF33D18B0F3D322B12EC62E7DF3BF45C6AD43D2E91FF4C4762E05D0 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
01:16:23.0490 0x176c  storvsc - ok
01:16:23.0500 0x176c  [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
01:16:23.0500 0x176c  swenum - ok
01:16:23.0550 0x176c  [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv           C:\Windows\System32\swprv.dll
01:16:23.0560 0x176c  swprv - ok
01:16:23.0570 0x176c  [ F2AD8960812FD111E20E84659EF19D43, FAC91E940D3735738908447E58792C32E6F86427612114A624041B7213831105 ] Synth3dVsc      C:\Windows\system32\drivers\synth3dvsc.sys
01:16:23.0580 0x176c  Synth3dVsc - ok
01:16:23.0660 0x176c  [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain         C:\Windows\system32\sysmain.dll
01:16:23.0700 0x176c  SysMain - ok
01:16:23.0720 0x176c  [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
01:16:23.0730 0x176c  TabletInputService - ok
01:16:23.0770 0x176c  [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv         C:\Windows\System32\tapisrv.dll
01:16:23.0780 0x176c  TapiSrv - ok
01:16:23.0800 0x176c  [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS             C:\Windows\System32\tbssvc.dll
01:16:23.0810 0x176c  TBS - ok
01:16:23.0930 0x176c  [ CA59F7C570AF70BC174F477CFE2D9EE3, F09E4E14207A2AC6957D2C0AC8707D0E356A9087FA6DC703373242D8EEB026BD ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
01:16:23.0980 0x176c  Tcpip - ok
01:16:24.0060 0x176c  [ CA59F7C570AF70BC174F477CFE2D9EE3, F09E4E14207A2AC6957D2C0AC8707D0E356A9087FA6DC703373242D8EEB026BD ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
01:16:24.0100 0x176c  TCPIP6 - ok
01:16:24.0140 0x176c  [ CCA24162E055C3714CE5A88B100C64ED, 9B7712E793B9478BA7A1EF71EA9CC03CCB9C4004C54EAA911F158958519EDCD9 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
01:16:24.0140 0x176c  tcpipreg - ok
01:16:24.0160 0x176c  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
01:16:24.0160 0x176c  TDPIPE - ok
01:16:24.0190 0x176c  [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
01:16:24.0190 0x176c  TDTCP - ok
01:16:24.0210 0x176c  [ B459575348C20E8121D6039DA063C704, 1B4328A9EA39FF5A57F258E02254D04B73455F1DF7C997C13702A8B2F12D0347 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
01:16:24.0210 0x176c  tdx - ok
01:16:24.0220 0x176c  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
01:16:24.0230 0x176c  TermDD - ok
01:16:24.0260 0x176c  [ 052306FD76793D5D5AB5D9891FD1ADBB, A590F01A42EC979664044B811E7C98F58D6A23AA025B5A1DD0E5F63BF70B2649 ] terminpt        C:\Windows\system32\drivers\terminpt.sys
01:16:24.0260 0x176c  terminpt - ok
01:16:24.0312 0x176c  [ 382C804C92811BE57829D8E550A900E2, 5F52C2E7902024CF1C9CC0069F411C3F19CCA3DB209F437FA0F3932D4898EB50 ] TermService     C:\Windows\System32\termsrv.dll
01:16:24.0332 0x176c  TermService - ok
01:16:24.0352 0x176c  [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes          C:\Windows\system32\themeservice.dll
01:16:24.0352 0x176c  Themes - ok
01:16:24.0372 0x176c  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER     C:\Windows\system32\mmcss.dll
01:16:24.0382 0x176c  THREADORDER - ok
01:16:24.0402 0x176c  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks          C:\Windows\System32\trkwks.dll
01:16:24.0412 0x176c  TrkWks - ok
01:16:24.0462 0x176c  [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
01:16:24.0462 0x176c  TrustedInstaller - ok
01:16:24.0492 0x176c  [ 254BB140EEE3C59D6114C1A86B636877, EE09D62E90407A40278F2136F640DAB16A4E2BF57D4FB6E05F92CA9CC9CF57C0 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
01:16:24.0492 0x176c  tssecsrv - ok
01:16:24.0522 0x176c  [ FD1D6C73E6333BE727CBCC6054247654, 6F7B9AE1A5986204DB3348D13B303F30FC17624939DA74D6BD114FAEED0FB30E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
01:16:24.0522 0x176c  TsUsbFlt - ok
01:16:24.0532 0x176c  [ 01246F0BAAD7B68EC0F472AA41E33282, 51F975AF029AD015576FFFA3E88F5DBB8B40C7CD30ECDEDE8AFABCB08C954199 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
01:16:24.0532 0x176c  TsUsbGD - ok
01:16:24.0552 0x176c  [ 045ACB987C650D8186C6B4A692223860, C1CDDF7DABAE531C53290C7C70F35DD65751B399D269711865AD65F9E4E43B0B ] tsusbhub        C:\Windows\system32\drivers\tsusbhub.sys
01:16:24.0562 0x176c  tsusbhub - ok
01:16:24.0592 0x176c  [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
01:16:24.0602 0x176c  tunnel - ok
01:16:24.0622 0x176c  [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
01:16:24.0622 0x176c  uagp35 - ok
01:16:24.0642 0x176c  [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
01:16:24.0652 0x176c  udfs - ok
01:16:24.0707 0x176c  [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect       C:\Windows\system32\UI0Detect.exe
01:16:24.0712 0x176c  UI0Detect - ok
01:16:24.0734 0x176c  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
01:16:24.0734 0x176c  uliagpkx - ok
01:16:24.0754 0x176c  [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
01:16:24.0764 0x176c  umbus - ok
01:16:24.0794 0x176c  [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass          C:\Windows\system32\drivers\umpass.sys
01:16:24.0794 0x176c  UmPass - ok
01:16:24.0824 0x176c  [ 409994A8EACEEE4E328749C0353527A0, FFC57B647147DE2957A7DE4B330CC534DE7AC892A2FCE3BB164F7A516CAB1B56 ] UmRdpService    C:\Windows\System32\umrdp.dll
01:16:24.0834 0x176c  UmRdpService - ok
01:16:24.0874 0x176c  [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost        C:\Windows\System32\upnphost.dll
01:16:24.0884 0x176c  upnphost - ok
01:16:24.0914 0x176c  [ 7E72E7D7E0757D59481D530FD2B0BFAE, 288CAC9F4AC09DEB2B30C6E3A6ACF8D62A75576F62F0EC159D5E1B257419E9DC ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
01:16:24.0914 0x176c  usbccgp - ok
01:16:24.0924 0x176c  [ 04EC7CEC62EC3B6D9354EEE93327FC82, 6CB41D8644618A5F701F6CA91FB65BB94AA83EA48992133B5262DC539B334B2E ] usbcir          C:\Windows\system32\drivers\usbcir.sys
01:16:24.0934 0x176c  usbcir - ok
01:16:24.0954 0x176c  [ CFBCE999C057D78979A181C9C60F208E, D60698EAA8A085214D5945818B0863976CF116EBE523046C344AF4E9392FDF80 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
01:16:24.0954 0x176c  usbehci - ok
01:16:24.0984 0x176c  [ 9D22AAD9AC6A07C691A1113E5F860868, AC34D36DBB5649650FCD873A792CA1387AE841D4C46781C63C0D29834F9B58E9 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
01:16:24.0994 0x176c  usbhub - ok
01:16:25.0004 0x176c  [ A6FB7957EA7AFB1165991E54CE934B74, 1CE83D9E3276AE380F720C7700A17D58A37A2A77FD72DA69EE0C756B88DB3689 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
01:16:25.0014 0x176c  usbohci - ok
01:16:25.0024 0x176c  [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint        C:\Windows\system32\drivers\usbprint.sys
01:16:25.0024 0x176c  usbprint - ok
01:16:25.0044 0x176c  [ BF63EBFC6979FEFB2BC03DF7989A0C1A, AFEF764A3E5D52CDBB5074F0E87F2B5EBCDF8D9B6E8F88EE235602B80145BE31 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
01:16:25.0044 0x176c  USBSTOR - ok
01:16:25.0054 0x176c  [ 78780C3EBCE17405B1CCD07A3A8A7D72, FBFF3111E22EE0B4BCAFA81F89AAE985135BFF48EEFD130C09B49CCF8A9946B9 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
01:16:25.0054 0x176c  usbuhci - ok
01:16:25.0104 0x176c  [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2, F9B72DE82078FDB5551D48988190F46EECA9B99655C591B7865FEA1AFB31F637 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
01:16:25.0114 0x176c  usbvideo - ok
01:16:25.0134 0x176c  [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms           C:\Windows\System32\uxsms.dll
01:16:25.0144 0x176c  UxSms - ok
01:16:25.0164 0x176c  [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] VaultSvc        C:\Windows\system32\lsass.exe
01:16:25.0164 0x176c  VaultSvc - ok
01:16:25.0194 0x176c  [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
01:16:25.0204 0x176c  vdrvroot - ok
01:16:25.0244 0x176c  [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds             C:\Windows\System32\vds.exe
01:16:25.0264 0x176c  vds - ok
01:16:25.0304 0x176c  [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
01:16:25.0304 0x176c  vga - ok
01:16:25.0314 0x176c  [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave         C:\Windows\System32\drivers\vga.sys
01:16:25.0314 0x176c  VgaSave - ok
01:16:25.0324 0x176c  VGPU - ok
01:16:25.0354 0x176c  [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
01:16:25.0354 0x176c  vhdmp - ok
01:16:25.0384 0x176c  [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
01:16:25.0384 0x176c  viaagp - ok
01:16:25.0399 0x176c  [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
01:16:25.0399 0x176c  ViaC7 - ok
01:16:25.0409 0x176c  [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide          C:\Windows\system32\drivers\viaide.sys
01:16:25.0419 0x176c  viaide - ok
01:16:25.0439 0x176c  [ C2F2911156FDC7817C52829C86DA494E, FE499F189B5016FCE0018AA3DE3970B72275B7B15F3D4D608117F6DDEC6B90DC ] vmbus           C:\Windows\system32\drivers\vmbus.sys
01:16:25.0449 0x176c  vmbus - ok
01:16:25.0459 0x176c  [ D4D77455211E204F370D08F4963063CE, 2018B2A84C73E0834200A594C02A9D28C74906F126DAD3CCDDFC9CD9A61669E2 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
01:16:25.0469 0x176c  VMBusHID - ok
01:16:25.0479 0x176c  [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
01:16:25.0479 0x176c  volmgr - ok
01:16:25.0509 0x176c  [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
01:16:25.0519 0x176c  volmgrx - ok
01:16:25.0549 0x176c  [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
01:16:25.0559 0x176c  volsnap - ok
01:16:25.0589 0x176c  [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
01:16:25.0589 0x176c  vsmraid - ok
01:16:25.0669 0x176c  [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS             C:\Windows\system32\vssvc.exe
01:16:25.0709 0x176c  VSS - ok
01:16:25.0729 0x176c  [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
01:16:25.0729 0x176c  vwifibus - ok
01:16:25.0769 0x176c  [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
01:16:25.0769 0x176c  vwififlt - ok
01:16:25.0809 0x176c  [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time         C:\Windows\system32\w32time.dll
01:16:25.0829 0x176c  W32Time - ok
01:16:25.0839 0x176c  [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
01:16:25.0839 0x176c  WacomPen - ok
01:16:25.0869 0x176c  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
01:16:25.0869 0x176c  WANARP - ok
01:16:25.0879 0x176c  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
01:16:25.0889 0x176c  Wanarpv6 - ok
01:16:25.0959 0x176c  [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine        C:\Windows\system32\wbengine.exe
01:16:26.0009 0x176c  wbengine - ok
01:16:26.0029 0x176c  [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
01:16:26.0039 0x176c  WbioSrvc - ok
01:16:26.0069 0x176c  [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc         C:\Windows\System32\wcncsvc.dll
01:16:26.0089 0x176c  wcncsvc - ok
01:16:26.0099 0x176c  [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
01:16:26.0099 0x176c  WcsPlugInService - ok
01:16:26.0139 0x176c  [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd              C:\Windows\system32\drivers\wd.sys
01:16:26.0139 0x176c  Wd - ok
01:16:26.0159 0x176c  [ 9950E3D0F08141C7E89E64456AE7DC73, DE4B96812B305A63F5874BBF2DC40354FB45B3D96C1D33436E677099760BA448 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
01:16:26.0179 0x176c  Wdf01000 - ok
01:16:26.0199 0x176c  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost  C:\Windows\system32\wdi.dll
01:16:26.0209 0x176c  WdiServiceHost - ok
01:16:26.0219 0x176c  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost   C:\Windows\system32\wdi.dll
01:16:26.0229 0x176c  WdiSystemHost - ok
01:16:26.0249 0x176c  [ A9D880F97530D5B8FEE278923349929D, 6A293E2DB9B7C434EA8B4CD4861E11905D46BD60E014AE27B74DC8C4B2DDF834 ] WebClient       C:\Windows\System32\webclnt.dll
01:16:26.0269 0x176c  WebClient - ok
01:16:26.0299 0x176c  [ 8871823A23F5F2D82C4F2A9694D0F384, 8F672AA9F1812C231C07AFEB441C2AFD13AE7FC7F8EBD363E67F6764E55A728D ] webssx          C:\Windows\system32\DRIVERS\webssx.sys
01:16:26.0299 0x176c  webssx - ok
01:16:26.0329 0x176c  [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc          C:\Windows\system32\wecsvc.dll
01:16:26.0339 0x176c  Wecsvc - ok
01:16:26.0359 0x176c  [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
01:16:26.0369 0x176c  wercplsupport - ok
01:16:26.0399 0x176c  [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc          C:\Windows\System32\WerSvc.dll
01:16:26.0399 0x176c  WerSvc - ok
01:16:26.0449 0x176c  [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
01:16:26.0449 0x176c  WfpLwf - ok
01:16:26.0459 0x176c  [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
01:16:26.0459 0x176c  WIMMount - ok
01:16:26.0559 0x176c  [ 3FAE8F94296001C32EAB62CD7D82E0FD, 180FAECC426CF8F46700C855022E5865D528B1A20686F96D11080AB2FE2E0430 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
01:16:26.0579 0x176c  WinDefend - ok
01:16:26.0609 0x176c  WinHttpAutoProxySvc - ok
01:16:26.0739 0x176c  [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
01:16:26.0759 0x176c  Winmgmt - ok
01:16:26.0899 0x176c  [ 1B91CD34EA3A90AB6A4EF0550174F4CC, 5B6618615EBFBA594C945AD35F5C68DA8C6053892B6D12D626BB6120910D80DC ] WinRM           C:\Windows\system32\WsmSvc.dll
01:16:26.0949 0x176c  WinRM - ok
01:16:27.0019 0x176c  [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
01:16:27.0019 0x176c  WinUsb - ok
01:16:27.0089 0x176c  [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc         C:\Windows\System32\wlansvc.dll
01:16:27.0129 0x176c  Wlansvc - ok
01:16:27.0159 0x176c  [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
01:16:27.0159 0x176c  WmiAcpi - ok
01:16:27.0199 0x176c  [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
01:16:27.0199 0x176c  wmiApSrv - ok
01:16:27.0299 0x176c  [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
01:16:27.0339 0x176c  WMPNetworkSvc - ok
01:16:27.0382 0x176c  [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
01:16:27.0384 0x176c  WPCSvc - ok
01:16:27.0394 0x176c  [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
01:16:27.0404 0x176c  WPDBusEnum - ok
01:16:27.0424 0x176c  [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
01:16:27.0434 0x176c  ws2ifsl - ok
01:16:27.0444 0x176c  [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc          C:\Windows\System32\wscsvc.dll
01:16:27.0454 0x176c  wscsvc - ok
01:16:27.0464 0x176c  WSearch - ok
01:16:27.0504 0x176c  [ F2142C0426D425528D8B8E5335DBBA4B, 6F43DF263432CC169D60F3FE3013388C86D41A9186233AA1E40CDD0BDBBA8FD5 ] wsnf            C:\Windows\system32\DRIVERS\wsnf.sys
01:16:27.0514 0x176c  wsnf - ok
01:16:27.0664 0x176c  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll
01:16:27.0734 0x176c  wuauserv - ok
01:16:27.0764 0x176c  [ E714A1C0354636837E20CCBF00888EE7, 0E31F0DB0AA318E3B0DACD26C0D3B11519B42F2A996AE580BE67FA8B3C42C436 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
01:16:27.0764 0x176c  WudfPf - ok
01:16:27.0814 0x176c  [ 1023EE888C9B47178C5293ED5336AB69, 62221C80C3F719A585266247482A64F7CB2F5EF69AFA8FA07D563CA2B0A37561 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
01:16:27.0814 0x176c  WUDFRd - ok
01:16:27.0854 0x176c  [ 8D1E1E529A2C9E9B6A85B55A345F7629, 64B637CFE2AF58A4F7CE6D8C3D603F8EFD527500F7137E0A37840313C712CA93 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
01:16:27.0864 0x176c  wudfsvc - ok
01:16:27.0884 0x176c  [ FF2D745B560F7C71B31F30F4D49F73D2, B2FBF7E5F58E34AC64FE6CF65800F1F07939279203BDE89375FAC92B884A4F37 ] WwanSvc         C:\Windows\System32\wwansvc.dll
01:16:27.0904 0x176c  WwanSvc - ok
01:16:27.0934 0x176c  ================ Scan global ===============================
01:16:27.0964 0x176c  [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll
01:16:27.0994 0x176c  [ 48CB4FDBCAAEAC7BCE2F5941545FF071, B10D33F21A8DD82FF908AA6EB4134663C3A846F0EF990CA878AEE1C4B186811A ] C:\Windows\system32\winsrv.dll
01:16:28.0014 0x176c  [ 48CB4FDBCAAEAC7BCE2F5941545FF071, B10D33F21A8DD82FF908AA6EB4134663C3A846F0EF990CA878AEE1C4B186811A ] C:\Windows\system32\winsrv.dll
01:16:28.0044 0x176c  [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
01:16:28.0084 0x176c  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\Windows\system32\services.exe
01:16:28.0094 0x176c  [ Global ] - ok
01:16:28.0094 0x176c  ================ Scan MBR ==================================
01:16:28.0104 0x176c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
01:16:28.0374 0x176c  \Device\Harddisk0\DR0 - ok
01:16:28.0374 0x176c  ================ Scan VBR ==================================
01:16:28.0374 0x176c  [ 511FA48F1CA794343967D2068F407441 ] \Device\Harddisk0\DR0\Partition1
01:16:28.0384 0x176c  \Device\Harddisk0\DR0\Partition1 - ok
01:16:28.0384 0x176c  [ 94AFD05CCC6949E5B68BBB4891B9C9C2 ] \Device\Harddisk0\DR0\Partition2
01:16:28.0394 0x176c  \Device\Harddisk0\DR0\Partition2 - ok
01:16:28.0394 0x176c  [ 05C74B2CB1EE06724AC44C6D0DD0B1DE ] \Device\Harddisk0\DR0\Partition3
01:16:28.0424 0x176c  \Device\Harddisk0\DR0\Partition3 - ok
01:16:28.0454 0x176c  [ CFF35D7BFC3404F7704D58DAC18BA50A ] \Device\Harddisk0\DR0\Partition4
01:16:28.0454 0x176c  \Device\Harddisk0\DR0\Partition4 - ok
01:16:28.0484 0x176c  [ 066AEB5812FFC2AE70F6E15F4E6CB061 ] \Device\Harddisk0\DR0\Partition5
01:16:28.0484 0x176c  \Device\Harddisk0\DR0\Partition5 - ok
01:16:28.0484 0x176c  Waiting for KSN requests completion. In queue: 323
01:16:29.0489 0x176c  Waiting for KSN requests completion. In queue: 323
01:16:30.0489 0x176c  Waiting for KSN requests completion. In queue: 323
01:16:31.0494 0x176c  Waiting for KSN requests completion. In queue: 323
01:16:32.0494 0x176c  Waiting for KSN requests completion. In queue: 308
01:16:33.0287 0x11b8  Object required for P2P: [ 43106B02F93EA6D0B72CAF415E7935AD ] C:\Program Files\Quick Heal\Quick Heal Total Security\SCANWSCS.EXE
01:16:33.0501 0x176c  Waiting for KSN requests completion. In queue: 120
01:16:34.0501 0x176c  Waiting for KSN requests completion. In queue: 120
01:16:35.0508 0x176c  Waiting for KSN requests completion. In queue: 120
01:16:36.0508 0x176c  Waiting for KSN requests completion. In queue: 120
01:16:37.0513 0x176c  Waiting for KSN requests completion. In queue: 120
01:16:37.0753 0x11b8  Object send P2P result: true
01:16:38.0545 0x176c  AV detected via SS2: Quick Heal Total Security 2014, C:\Program Files\Quick Heal\Quick Heal Total Security\scanner.exe ( 15.0.0.0 ), 0x40000 ( disabled : updated )
01:16:38.0555 0x176c  FW detected via SS2: Quick Heal Firewall, C:\Program Files\Quick Heal\Quick Heal Total Security\scanner.exe ( 15.0.0.0 ), 0x41010 ( enabled )
01:16:42.0137 0x176c  ============================================================
01:16:42.0137 0x176c  Scan finished
01:16:42.0137 0x176c  ============================================================
01:16:42.0157 0x0e64  Detected object count: 0
01:16:42.0157 0x0e64  Actual detected object count: 0
 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Ultimate x86
Ran by kk on Thu 05/15/2014 at  1:33:17.04
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 05/15/2014 at  1:39:55.08
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 

# AdwCleaner v3.208 - Report created 15/05/2014 at 01:25:54
# Updated 11/05/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (32 bits)
# Username : kk - YANTRA
# Running from : C:\Users\kk\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17041


*************************

AdwCleaner[R0].txt - [626 octets] - [15/05/2014 01:21:38]
AdwCleaner[S0].txt - [548 octets] - [15/05/2014 01:25:54]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [607 octets] ##########
 

 

 

 

I am yet to run the online scan as I am on move today with limited access to net. However since morning the system appears to be fine :) , one of your tools might have done the trick or the virus might be still hiding somewhere. Kindly check the log and let me know if any further acton is requied on my behalf. I shall do the ESET online scan as soon possible and keep you posted.



#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,239 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:39 AM

Posted 15 May 2014 - 01:38 PM

Lets see how it is after ESET..
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 idea.scotty

idea.scotty
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:09 PM

Posted 15 May 2014 - 03:04 PM

Okay The Eset scanner took 5hrs 50 mins to complete :o . Finally its over PFB the log:

 

C:\Users\kk\Downloads\spsetup126.exe.part Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined

 

The system seemed to be fine, however it did go to sleep and kept on muting/unmuting the system once today. After the system restart now it is going ok. So anything else that you need me to do meanwhile?
Also one very small thing which I observe is that I can no longer use the mute/unmute button on my laptop still and also I can no longer increase the brightness using the function and the arrow keys (ironically I can decrease it though). I checked for the drivers and they look fine. Again I think this is the same virus at work.
 



#8 idea.scotty

idea.scotty
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:09 PM

Posted 15 May 2014 - 03:09 PM

One more thing that might help you guys. Initially when I found a virus on my pen drive, I isolated a script file and reported the virus to Symantec Security. Please note that this may or may not be the cause of the virus in my laptop. I received the below response:

 

Submission Summary

 

Files Submitted

# Filename MD5 Determination Signature Protection Name RR Seq# 1 aiasfacoiaksf.vbss 0xE62765AC9A743921E3DA61D6C934337E AlreadyDetected VBS.Dunihi N/A

 

 

 

Developer Notes:

aiasfacoiaksf.vbss is detected by Symantec AV products with the latest definitions.

 

 

 

 

Assessment

 

File1: aiasfacoiaksf.vbss  MD5: 0xE62765AC9A743921E3DA61D6C934337E SHA-1: 0xF3CF632ADCE3AD936BFD25F06C2E790E1EC6202F Machine: Machine Determination: AlreadyDetected Submission Detail: This file is detected as VBS.Dunihi with our existing certified LiveUpdate definitions. Signature Protection Name: VBS.Dunihi Live Update Sequence Number: 153652

#9 idea.scotty

idea.scotty
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:09 PM

Posted 16 May 2014 - 11:32 AM

Its still happening the mute unmute thing and this time the laptop restarted :( . Please help.



#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,239 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:39 AM

Posted 16 May 2014 - 12:12 PM

Ok ,I was looking and can't find a fix that we can use here.. We probably will need a custom script.. But now we need a new topic for someone to figure it for you.
Please follow this Preparation Guide, do steps 6,7 and 8 and post in a new topic.
 
Include this link back to here...
http://www.bleepingcomputer.com/forums/t/534336/virus-keeps-on-mutingunmuting-the-system-and-often-makes-the-system-go-to-sleep/#entry3370007

Let me know if all went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 idea.scotty

idea.scotty
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:09 PM

Posted 17 May 2014 - 02:00 PM

Thanks a lot boopme for help i shall do as guided by you. A small question as today my laptop was restarting every time on boot i am formatting it again. Now should i just go ahead and follow the steps to download DDS?



#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,239 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:39 AM

Posted 19 May 2014 - 11:04 AM

If the situation Arises again then yes.. Reformatting will probably fix it.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users